Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
File:                     MBHFvtv0MNvOQcazjxyxJVKrv-k.mft (raw, json)
Hash identifier:          pn8EwKmGj8FN39XiVhCHK8N4IGSX+7fAWsDHoGVrFPs=
Subject key identifier:   3B:2D:19:A6:6B:03:7E:80:C8:4E:50:30:36:33:C2:29:48:3C:85:1F
Authority key identifier: 30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9
Certificate issuer:       /CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
Certificate serial:       0196D7408EAE2CF2F5A426D63CE30114ED59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
Manifest number:          010F
Signing time:             Fri 16 May 2025 04:00:54 +0000
Manifest this update:     Fri 16 May 2025 04:00:54 +0000
Manifest next update:     Sat 17 May 2025 04:00:54 +0000
Files and hashes:         1: MBHFvtv0MNvOQcazjxyxJVKrv-k.crl (hash: cnxgsr/tO9J0v8B6nPBx75jHdyOc+axe4PLVc07IJ6s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 17 May 2025 04:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d7:40:8e:ae:2c:f2:f5:a4:26:d6:3c:e3:01:14:ed:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
        Validity
            Not Before: May 16 04:00:54 2025 GMT
            Not After : May 17 04:00:54 2025 GMT
        Subject: CN=3b2d19a66b037e80c84e50303633c229483c851f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:3e:60:c8:db:c7:85:28:b9:ef:97:4c:8a:97:
                    cd:e6:09:45:88:33:8d:a1:ec:56:0b:c3:a7:76:4b:
                    95:ff:63:08:1c:d4:36:6b:98:6d:3c:3a:3a:e4:1e:
                    f2:79:1d:e1:50:ff:ea:3f:26:d8:c1:63:82:10:40:
                    d3:94:ea:c3:2e:bf:d4:e4:9d:c4:5d:d1:1c:82:b0:
                    d6:3c:87:d3:30:7b:79:0f:80:09:a5:8f:98:9f:ea:
                    a8:d2:58:1d:44:61:36:9f:a1:76:30:e8:32:b7:99:
                    72:b7:11:77:7c:90:6e:f8:43:a1:88:85:48:6f:53:
                    54:3b:33:b7:91:79:7e:1e:6c:65:b2:81:cb:13:b5:
                    62:ba:4a:02:1f:f4:d4:af:65:e3:68:a9:ec:f1:5d:
                    d6:09:01:fc:49:01:5a:83:cb:1d:41:d9:d4:a2:29:
                    19:d0:bf:14:a9:0a:23:36:7c:45:d8:de:f9:50:25:
                    5e:25:38:23:b8:a5:97:3d:15:c8:59:85:e8:87:12:
                    13:86:3d:64:e8:ac:60:3d:1f:73:c8:1e:8b:9b:c8:
                    60:cc:42:ba:29:86:b0:ac:2f:43:5a:45:cc:7d:b4:
                    b7:1a:72:89:72:22:1e:c9:bd:62:04:fa:4f:78:10:
                    36:ba:ed:28:0b:5c:23:32:46:94:cc:bc:29:56:ee:
                    4b:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:2D:19:A6:6B:03:7E:80:C8:4E:50:30:36:33:C2:29:48:3C:85:1F
            X509v3 Authority Key Identifier:
                keyid:30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:20:56:0f:12:3e:ea:3c:fb:ce:81:4d:e1:27:82:15:c9:40:
         82:c5:5c:02:e2:64:9a:6b:48:8a:ba:04:eb:3a:11:39:ef:1e:
         8c:6f:2c:44:21:c2:f6:47:44:8b:e5:e8:7e:43:ae:fc:2a:72:
         fb:6b:df:1a:d4:d2:c4:d1:e8:11:f3:50:bd:11:f6:9b:51:98:
         2c:3c:ac:41:e2:d2:f0:fd:d6:c9:3d:39:a8:8c:60:5f:08:9f:
         8a:60:d2:bd:06:78:60:0e:b1:f4:13:d6:db:e7:7e:e4:51:2e:
         bd:d1:7d:88:db:7e:be:d5:28:a7:0c:21:5d:ec:b1:21:8d:46:
         cb:4a:bd:10:ed:04:1b:6a:1e:4a:92:99:d6:0a:26:f5:c1:3f:
         3d:5e:e6:c0:c0:58:f2:12:70:6e:4f:54:3c:87:c3:ab:79:87:
         ab:88:1f:a4:6b:13:66:dd:5a:8e:01:ab:68:dd:82:e4:d5:af:
         b6:a7:f8:9d:71:e7:69:26:e6:93:a6:47:10:99:ab:2b:19:79:
         9e:94:e3:b5:3d:0d:a9:e0:80:2a:8c:f9:26:ec:c7:57:0b:7d:
         b7:c7:f2:24:31:37:9b:bb:8a:30:54:47:81:9c:60:1f:29:df:
         d4:d7:2a:29:28:e2:ed:84:25:e1:d0:8a:44:7f:71:79:76:33:
         ad:8a:60:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbXQI6uLPL1pCbWPOMBFO1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMTFjNWJlZGJmNDMwZGJjZTQxYzZiMzhmMWNiMTI1NTJh
YmJmZTkwHhcNMjUwNTE2MDQwMDU0WhcNMjUwNTE3MDQwMDU0WjAzMTEwLwYDVQQD
EygzYjJkMTlhNjZiMDM3ZTgwYzg0ZTUwMzAzNjMzYzIyOTQ4M2M4NTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT5gyNvHhSi575dMipfN5glFiDON
oexWC8OndkuV/2MIHNQ2a5htPDo65B7yeR3hUP/qPybYwWOCEEDTlOrDLr/U5J3E
XdEcgrDWPIfTMHt5D4AJpY+Yn+qo0lgdRGE2n6F2MOgyt5lytxF3fJBu+EOhiIVI
b1NUOzO3kXl+HmxlsoHLE7ViukoCH/TUr2XjaKns8V3WCQH8SQFag8sdQdnUoikZ
0L8UqQojNnxF2N75UCVeJTgjuKWXPRXIWYXohxIThj1k6KxgPR9zyB6Lm8hgzEK6
KYawrC9DWkXMfbS3GnKJciIeyb1iBPpPeBA2uu0oC1wjMkaUzLwpVu5LiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDstGaZrA36AyE5QMDYzwilIPIUfMB8GA1UdIwQY
MBaAFDARxb7b9DDbzkHGs48csSVSq7/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUt
MmQ4M2MwODAwYzBiLzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUtMmQ4M2MwODAwYzBi
LzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgSBWDxI+
6jz7zoFN4SeCFclAgsVcAuJkmmtIiroE6zoROe8ejG8sRCHC9kdEi+XofkOu/Cpy
+2vfGtTSxNHoEfNQvRH2m1GYLDysQeLS8P3WyT05qIxgXwifimDSvQZ4YA6x9BPW
2+d+5FEuvdF9iNt+vtUopwwhXeyxIY1Gy0q9EO0EG2oeSpKZ1gom9cE/PV7mwMBY
8hJwbk9UPIfDq3mHq4gfpGsTZt1ajgGraN2C5NWvtqf4nXHnaSbmk6ZHEJmrKxl5
npTjtT0NqeCAKoz5JuzHVwt9t8fyJDE3m7uKMFRHgZxgHynf1NcqKSji7YQl4dCK
RH9xeXYzrYpgOw==
-----END CERTIFICATE-----