Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
File:                     MBHFvtv0MNvOQcazjxyxJVKrv-k.mft (raw, json)
Hash identifier:          dxtGc7LcWAkoq22ZXkpzfllrwXro0xxchpohUM3R6j0=
Subject key identifier:   19:FE:22:21:49:6E:C5:8B:CD:D6:39:EF:F2:1C:87:14:A1:BA:63:9A
Authority key identifier: 30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9
Certificate issuer:       /CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
Certificate serial:       0198D51605EA26150860BEA48009613ACBED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
Manifest number:          0217
Signing time:             Sat 23 Aug 2025 04:00:46 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:46 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:46 +0000
Files and hashes:         1: MBHFvtv0MNvOQcazjxyxJVKrv-k.crl (hash: 91A610AnSSxH0ksWp3T6wL2Qz25KG270tycQ4Fbd+vU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:16:05:ea:26:15:08:60:be:a4:80:09:61:3a:cb:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
        Validity
            Not Before: Aug 23 04:00:46 2025 GMT
            Not After : Aug 24 04:00:46 2025 GMT
        Subject: CN=19fe2221496ec58bcdd639eff21c8714a1ba639a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:37:63:b9:4c:f9:3f:e5:00:45:69:ed:e5:fc:
                    1b:36:8a:ea:db:5e:7d:a2:e6:04:5a:50:39:7b:0f:
                    89:d5:74:31:61:3d:bb:ba:33:6a:94:6b:48:ad:d6:
                    ad:c7:1c:e2:73:46:c6:b0:a8:4d:a9:79:1b:32:ec:
                    ff:58:8a:4b:b6:c3:a9:f8:4e:e8:9a:61:b8:b0:aa:
                    20:d6:43:e6:98:2d:8b:06:8d:16:d9:27:c9:38:18:
                    fc:a2:6a:fc:37:a8:65:ba:da:d7:94:e4:51:29:4c:
                    a5:9b:f1:cc:7b:92:dd:5c:d7:65:06:ff:f0:75:3c:
                    52:b8:ad:c8:0d:c8:fa:03:30:57:31:13:34:ca:c6:
                    d9:71:6a:c1:ba:b4:98:c9:c0:63:8c:3f:e8:48:55:
                    42:06:a0:90:13:89:0e:0f:73:0b:78:a6:3e:ed:28:
                    ca:8c:d2:10:ef:2c:ec:a0:0b:91:f4:67:a2:fc:90:
                    92:0f:55:ad:c2:4f:84:5d:11:2f:f8:ae:37:46:72:
                    1c:14:02:bd:b2:07:a2:51:49:6a:a9:c8:4d:6b:b1:
                    01:1b:20:32:1a:81:b6:2a:6c:7e:c1:0a:21:05:a7:
                    e1:ee:97:4e:f2:8a:a2:54:81:23:72:75:4e:95:fa:
                    09:2f:6c:2e:c2:7d:df:e0:15:57:cb:7a:25:d5:8e:
                    50:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:FE:22:21:49:6E:C5:8B:CD:D6:39:EF:F2:1C:87:14:A1:BA:63:9A
            X509v3 Authority Key Identifier:
                keyid:30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:71:17:d6:f8:22:53:0c:62:2c:e3:56:56:d9:8e:ce:38:b5:
         c3:51:99:1a:cf:cf:07:c9:dc:dd:44:66:02:dc:cd:ec:7a:d5:
         24:dc:23:2f:63:61:50:a1:75:a1:30:68:7f:0a:78:0e:83:ab:
         d6:1b:86:9c:b1:8b:1d:13:88:88:4f:d3:ae:96:c1:82:22:d1:
         f9:31:ab:66:1c:06:4d:25:19:ae:68:30:d8:9e:1b:f7:ec:4b:
         06:86:9c:e0:7e:2e:5a:32:54:52:96:2f:ff:77:29:2d:00:4b:
         eb:f9:2a:ae:42:9f:c2:7a:dd:ef:05:f9:a4:c3:b2:fa:a0:78:
         56:89:1b:3e:93:9f:37:cf:36:2a:4c:87:16:39:2f:88:33:1b:
         22:2a:c0:05:28:25:25:0d:74:2b:c4:95:77:1e:28:be:1a:d1:
         d9:ce:1c:d2:28:de:9f:5e:9d:9d:c7:78:9c:54:6b:25:d0:de:
         f2:2d:8a:17:43:58:19:9f:48:26:64:66:c7:60:a7:08:54:0d:
         2e:63:5e:1e:77:ed:30:20:0b:9a:f1:2b:e9:1c:83:5b:82:3c:
         86:4b:65:2b:0a:4e:9d:2b:65:cb:52:38:af:79:af:cf:64:67:
         8d:73:d0:a1:68:dc:e4:7d:64:81:ad:76:f8:5b:f7:fb:74:ea:
         ca:e0:be:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFgXqJhUIYL6kgAlhOsvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMTFjNWJlZGJmNDMwZGJjZTQxYzZiMzhmMWNiMTI1NTJh
YmJmZTkwHhcNMjUwODIzMDQwMDQ2WhcNMjUwODI0MDQwMDQ2WjAzMTEwLwYDVQQD
EygxOWZlMjIyMTQ5NmVjNThiY2RkNjM5ZWZmMjFjODcxNGExYmE2MzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjdjuUz5P+UARWnt5fwbNorq2159
ouYEWlA5ew+J1XQxYT27ujNqlGtIrdatxxzic0bGsKhNqXkbMuz/WIpLtsOp+E7o
mmG4sKog1kPmmC2LBo0W2SfJOBj8omr8N6hlutrXlORRKUylm/HMe5LdXNdlBv/w
dTxSuK3IDcj6AzBXMRM0ysbZcWrBurSYycBjjD/oSFVCBqCQE4kOD3MLeKY+7SjK
jNIQ7yzsoAuR9Gei/JCSD1Wtwk+EXREv+K43RnIcFAK9sgeiUUlqqchNa7EBGyAy
GoG2Kmx+wQohBafh7pdO8oqiVIEjcnVOlfoJL2wuwn3f4BVXy3ol1Y5QNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBn+IiFJbsWLzdY57/IchxShumOaMB8GA1UdIwQY
MBaAFDARxb7b9DDbzkHGs48csSVSq7/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUt
MmQ4M2MwODAwYzBiLzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUtMmQ4M2MwODAwYzBi
LzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXXEX1vgi
UwxiLONWVtmOzji1w1GZGs/PB8nc3URmAtzN7HrVJNwjL2NhUKF1oTBofwp4DoOr
1huGnLGLHROIiE/TrpbBgiLR+TGrZhwGTSUZrmgw2J4b9+xLBoac4H4uWjJUUpYv
/3cpLQBL6/kqrkKfwnrd7wX5pMOy+qB4VokbPpOfN882KkyHFjkviDMbIirABSgl
JQ10K8SVdx4ovhrR2c4c0ijen16dncd4nFRrJdDe8i2KF0NYGZ9IJmRmx2CnCFQN
LmNeHnftMCALmvEr6RyDW4I8hktlKwpOnStly1I4r3mvz2RnjXPQoWjc5H1kga12
+Fv3+3TqyuC+fQ==
-----END CERTIFICATE-----