Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
File:                     MBHFvtv0MNvOQcazjxyxJVKrv-k.mft (raw, json)
Hash identifier:          SFc3pldcKuyxGdQkhwo5ezZLCJpIhtr43wQlfP9RQx8=
Subject key identifier:   BB:0A:32:C0:15:74:7B:AF:01:2D:C8:36:F1:1E:B4:15:9A:00:93:D8
Authority key identifier: 30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9
Certificate issuer:       /CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
Certificate serial:       0199FC8F574034C6B94C848B33926DC2DB01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
Manifest number:          02B0
Signing time:             Sun 19 Oct 2025 13:01:16 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:16 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:16 +0000
Files and hashes:         1: MBHFvtv0MNvOQcazjxyxJVKrv-k.crl (hash: +70tjKjgrTriaIDWn6YT9jPb7mJNzJpxEqCkk5PuvRA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:57:40:34:c6:b9:4c:84:8b:33:92:6d:c2:db:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
        Validity
            Not Before: Oct 19 13:01:16 2025 GMT
            Not After : Oct 20 13:01:16 2025 GMT
        Subject: CN=bb0a32c015747baf012dc836f11eb4159a0093d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:14:c0:5e:3d:5b:df:19:7d:7c:a5:91:08:04:
                    4b:b8:1a:02:3a:eb:b8:a0:0c:0e:48:1f:26:cc:c0:
                    ab:25:23:9f:66:74:7b:f9:e4:d1:73:06:6e:9c:bc:
                    ca:e8:a6:31:af:5a:ea:48:b7:a8:ff:c5:37:93:c3:
                    33:46:20:5b:13:03:4b:09:e1:f2:91:9a:85:2f:58:
                    dd:de:34:b9:89:3a:eb:f5:7e:4f:1b:a3:ec:33:ed:
                    fe:9e:74:56:72:11:b4:52:89:50:97:fa:20:84:f9:
                    c9:56:79:d3:00:40:29:f6:2a:fa:3c:3b:7d:71:37:
                    7d:45:17:a6:23:14:8e:62:8e:f6:c6:56:61:9d:c7:
                    ca:90:31:01:ee:32:ca:2b:e4:9c:74:e6:ea:07:df:
                    40:ab:25:ad:c8:ac:2c:91:62:e5:9c:be:39:a0:bf:
                    06:5d:05:32:b2:5e:ff:b9:46:78:71:a7:ca:23:c8:
                    ea:94:a9:84:1f:a7:10:1b:40:4e:0d:73:1f:55:b5:
                    55:c2:a5:e2:8e:6e:0d:b9:d5:a7:49:78:81:65:ce:
                    2c:b1:36:b2:6a:ed:f9:0f:0b:cf:fd:94:59:70:83:
                    07:81:1d:f2:21:9e:4b:42:c8:be:40:dc:52:14:d5:
                    98:33:a5:19:87:af:21:ed:94:3e:6a:06:6e:c3:1e:
                    24:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:0A:32:C0:15:74:7B:AF:01:2D:C8:36:F1:1E:B4:15:9A:00:93:D8
            X509v3 Authority Key Identifier:
                keyid:30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:2c:53:3d:c7:e0:f7:3e:f8:8a:96:de:55:51:4e:32:e6:ee:
         0e:fd:cf:2a:02:e7:9a:e0:1b:4a:0b:6d:53:dc:13:be:22:70:
         fe:39:66:04:8d:9b:be:f4:8d:dc:b3:8c:cf:39:8d:73:8b:ff:
         e3:dd:fa:c1:09:26:3e:5c:a6:eb:3a:91:c9:d1:e7:cf:f9:29:
         18:c5:2d:26:ec:23:99:8c:a0:e3:99:b4:12:07:e7:b1:dd:44:
         86:61:ea:7c:65:19:2b:75:99:a3:85:1e:a2:d8:f4:57:d5:4f:
         38:c0:f7:33:13:de:dc:11:86:b5:a0:ba:ad:3a:82:09:da:6f:
         c5:c3:e7:75:94:cd:1b:09:0c:85:a4:24:24:fb:89:72:a5:6d:
         07:07:d2:d4:61:cc:7a:6b:6a:c6:38:94:8c:c3:1d:cd:e1:40:
         d8:e7:7b:e4:ec:2b:8c:e0:cd:b7:12:74:62:32:34:3b:8f:93:
         80:af:9b:5b:d9:18:62:cb:f7:af:59:16:d8:3a:11:11:d6:30:
         29:0a:bf:6e:93:f4:2b:64:a6:7a:bd:9b:1b:70:02:aa:dd:a5:
         10:b4:f7:f1:03:ee:46:46:a1:5a:d0:76:52:a1:4e:ac:41:3b:
         71:91:4c:9d:2d:94:8d:98:33:75:77:70:ea:9d:3e:8f:c7:7b:
         dd:b4:a9:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j1dANMa5TISLM5JtwtsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMTFjNWJlZGJmNDMwZGJjZTQxYzZiMzhmMWNiMTI1NTJh
YmJmZTkwHhcNMjUxMDE5MTMwMTE2WhcNMjUxMDIwMTMwMTE2WjAzMTEwLwYDVQQD
EyhiYjBhMzJjMDE1NzQ3YmFmMDEyZGM4MzZmMTFlYjQxNTlhMDA5M2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphTAXj1b3xl9fKWRCARLuBoCOuu4
oAwOSB8mzMCrJSOfZnR7+eTRcwZunLzK6KYxr1rqSLeo/8U3k8MzRiBbEwNLCeHy
kZqFL1jd3jS5iTrr9X5PG6PsM+3+nnRWchG0UolQl/oghPnJVnnTAEAp9ir6PDt9
cTd9RRemIxSOYo72xlZhncfKkDEB7jLKK+ScdObqB99AqyWtyKwskWLlnL45oL8G
XQUysl7/uUZ4cafKI8jqlKmEH6cQG0BODXMfVbVVwqXijm4NudWnSXiBZc4ssTay
au35DwvP/ZRZcIMHgR3yIZ5LQsi+QNxSFNWYM6UZh68h7ZQ+agZuwx4k7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLsKMsAVdHuvAS3INvEetBWaAJPYMB8GA1UdIwQY
MBaAFDARxb7b9DDbzkHGs48csSVSq7/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUt
MmQ4M2MwODAwYzBiLzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUtMmQ4M2MwODAwYzBi
LzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQCxTPcfg
9z74ipbeVVFOMubuDv3PKgLnmuAbSgttU9wTviJw/jlmBI2bvvSN3LOMzzmNc4v/
4936wQkmPlym6zqRydHnz/kpGMUtJuwjmYyg45m0Egfnsd1EhmHqfGUZK3WZo4Ue
otj0V9VPOMD3MxPe3BGGtaC6rTqCCdpvxcPndZTNGwkMhaQkJPuJcqVtBwfS1GHM
emtqxjiUjMMdzeFA2Od75OwrjODNtxJ0YjI0O4+TgK+bW9kYYsv3r1kW2DoREdYw
KQq/bpP0K2Smer2bG3ACqt2lELT38QPuRkahWtB2UqFOrEE7cZFMnS2UjZgzdXdw
6p0+j8d73bSpbw==
-----END CERTIFICATE-----