Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
File:                     F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft (raw, json)
Hash identifier:          YF/yaSWoM/6l3ArRbzrD2gSWZulxKNhu1f6kQ83O2l0=
Subject key identifier:   CA:9A:7E:C6:92:A0:6C:06:7A:E5:9B:A9:8B:E2:A4:B6:65:35:13:C3
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Certificate issuer:       /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial:       699F3F8F04580B00183A241D6FB1CC668463DB62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
Manifest number:          0272
Signing time:             Sun 19 Oct 2025 13:02:56 +0000
Manifest this update:     Sun 19 Oct 2025 12:57:56 +0000
Manifest next update:     Mon 20 Oct 2025 13:35:56 +0000
Files and hashes:         1: F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl (hash: f+mpjOqaslU79Y50Q90tEjaUD2kia4vN2bXcLsJCgJk=)
                          2: 326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa (hash: 894RTKAEh4ciZZOdefpuTBSaNDM2TQpQSdGle6pgy08=)
                          3: 326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa (hash: 8/2mbGbaC4ennlzI7y1e8hUNr9fsr7Pr+/K69/OYKQg=)
                          4: 326131333a393634323a3130303a3a2f34382d3438203d3e203438323830.roa (hash: j84/Fm1nc/JJrf9h3dAaKkat+XV/si7APTv6iSnl64I=)
                          5: 5EB2E5DAD0C6996D0A80A7B90F3A2AA60FB1A7AC.cer (hash: Nz2k0o2IS41o55idTp4HvK3uNxIMYgMNKvrr57G+kIE=)
                          6: 326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa (hash: lNHaIlVxi/lYCx53I3+MfwePjUfRoiP0WtejKnMjprU=)
                          7: 326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa (hash: e3gM8xBShVESXc8MaKIMDq1iDa8wjJWbHPjdOfhPuFQ=)
                          8: 326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa (hash: OXH7kpuguUKmKnwoouN0IGAOMj3E/W/ffH2kJO7vbOY=)
                          9: 8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer (hash: nYcdq/fifitjvFyPoNBEJvUP1WGfqAJvzv/Dj2Iivv0=)
                          10: 39312e3230372e31332e302f32342d3234203d3e203532313132.roa (hash: +JU+ydXmMjIBHlt1kVXfkJBGqdmH1ATfk8PRfe8t4Rc=)
                          11: 326131333a393634303a3a2f34342d3434203d3e203532313132.roa (hash: DOR1Pt3ct68s+ey18ZghPrs5rAUoZlIbwxjvP68BE+k=)
                          12: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (hash: WOAaZY65k+/GoeKbXXymPrZVu7CfbDlQvCXqyS0ZjLA=)
                          13: 326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa (hash: UQpEpactphMaN3i4tpyR5s9Tmz685dUuNs8hSuG0cJQ=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 13:35:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:9f:3f:8f:04:58:0b:00:18:3a:24:1d:6f:b1:cc:66:84:63:db:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
        Validity
            Not Before: Oct 19 12:57:56 2025 GMT
            Not After : Oct 20 13:35:56 2025 GMT
        Subject: CN=CA9A7EC692A06C067AE59BA98BE2A4B6653513C3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:07:ca:69:99:37:69:72:b8:c0:d2:b6:fc:20:
                    f1:1e:42:b3:af:00:64:76:65:a5:0d:8b:8d:ad:bc:
                    a3:94:e3:33:ff:4e:98:fc:6f:bf:82:80:a4:19:27:
                    88:78:3d:26:ab:e7:94:33:f4:5f:46:2b:e2:28:bb:
                    e8:34:ba:56:c9:6c:e7:9b:8c:7e:26:04:42:2e:b2:
                    c2:28:ff:4d:ab:9a:92:f3:b9:03:6b:03:72:71:01:
                    b3:fa:62:a6:a9:e0:c9:1d:7e:df:f8:ea:24:7a:53:
                    70:a6:83:9c:de:a3:d8:d4:cc:b3:d8:ef:e5:de:a7:
                    39:a3:8e:e2:2b:87:f7:8c:f5:38:62:2e:7b:59:9f:
                    83:e3:85:c8:41:04:a8:13:5f:a9:95:fb:1b:cc:71:
                    d0:87:13:06:71:00:7d:a0:a5:46:a6:4e:6c:28:74:
                    06:47:31:55:c1:79:d5:d7:59:0a:5a:46:0f:75:b1:
                    f6:c7:9d:54:90:06:28:01:75:59:ae:2c:b8:69:cc:
                    c8:88:8f:a2:f2:b9:5a:80:75:ed:57:a0:d5:1a:a7:
                    1d:c1:94:45:e8:81:78:be:93:4d:4e:2f:31:b8:6b:
                    af:df:ea:70:e3:89:fc:08:fd:2b:33:ff:07:91:fe:
                    b1:ff:02:ea:00:82:c3:5a:b7:74:24:82:f3:52:cc:
                    27:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:9A:7E:C6:92:A0:6C:06:7A:E5:9B:A9:8B:E2:A4:B6:65:35:13:C3
            X509v3 Authority Key Identifier:
                keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:3b:98:6f:56:58:e3:33:14:4f:ce:b2:e7:92:3b:0c:e6:1f:
         cd:8c:11:dc:2e:ee:43:d9:19:0a:de:5d:b4:ff:6c:80:b6:97:
         06:df:0a:38:cc:f5:1e:21:7e:17:fb:3a:f3:0b:78:5a:57:4d:
         a1:68:99:97:7b:7a:1b:98:3a:94:5f:cf:83:7c:e7:db:0f:1b:
         97:d8:d8:1a:d0:fc:aa:ed:ad:16:3c:a9:0a:d1:63:8b:f0:c9:
         12:83:bc:49:4d:69:ea:fc:18:4e:50:34:aa:67:af:6a:ee:1a:
         6e:60:28:16:bc:d8:b6:05:ad:d1:b0:54:0b:69:ee:4a:b7:c6:
         bb:96:a1:00:02:69:0c:9e:10:2d:68:93:53:81:47:41:28:2f:
         c8:91:fc:1b:2d:b6:10:7a:2c:9b:2b:cf:55:0b:32:66:2d:89:
         69:50:08:f5:9c:37:aa:0f:19:3e:04:db:70:f6:1f:8d:e2:b2:
         40:aa:2b:fd:02:5a:da:2a:2e:11:2e:6f:06:aa:c4:72:91:2a:
         7e:4b:de:2d:d7:55:df:90:92:69:d5:a0:e7:90:f7:81:ec:99:
         58:78:3e:a4:24:12:c2:99:80:fc:4e:d4:db:66:95:9f:0d:f9:
         48:5f:82:9f:fe:25:b0:2b:ee:bc:c3:f9:ef:11:4f:9c:37:a8:
         86:bb:2b:5b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUaZ8/jwRYCwAYOiQdb7HMZoRj22IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNTEwMTkxMjU3NTZaFw0yNTEwMjAxMzM1NTZaMDMxMTAvBgNV
BAMTKENBOUE3RUM2OTJBMDZDMDY3QUU1OUJBOThCRTJBNEI2NjUzNTEzQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsB8ppmTdpcrjA0rb8IPEeQrOv
AGR2ZaUNi42tvKOU4zP/Tpj8b7+CgKQZJ4h4PSar55Qz9F9GK+Iou+g0ulbJbOeb
jH4mBEIussIo/02rmpLzuQNrA3JxAbP6Yqap4Mkdft/46iR6U3Cmg5zeo9jUzLPY
7+XepzmjjuIrh/eM9ThiLntZn4PjhchBBKgTX6mV+xvMcdCHEwZxAH2gpUamTmwo
dAZHMVXBedXXWQpaRg91sfbHnVSQBigBdVmuLLhpzMiIj6LyuVqAde1XoNUapx3B
lEXogXi+k01OLzG4a6/f6nDjifwI/Ssz/weR/rH/AuoAgsNat3QkgvNSzCdbAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUypp+xpKgbAZ65Zupi+KktmU1E8MwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMzBkZTg0Yi00
MDBhLTRmZDEtYWI4YS1lNzYxNmUyNDViNDkvMC9GMUQwNTcyRkU3Mjk5MUJEMzI4
NTRCQUM3MTY2NzZFQkRBRDIyQUNFLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbjuYb1ZY4zMUT86y55I7
DOYfzYwR3C7uQ9kZCt5dtP9sgLaXBt8KOMz1HiF+F/s68wt4WldNoWiZl3t6G5g6
lF/Pg3zn2w8bl9jYGtD8qu2tFjypCtFji/DJEoO8SU1p6vwYTlA0qmevau4abmAo
FrzYtgWt0bBUC2nuSrfGu5ahAAJpDJ4QLWiTU4FHQSgvyJH8Gy22EHosmyvPVQsy
Zi2JaVAI9Zw3qg8ZPgTbcPYfjeKyQKor/QJa2iouES5vBqrEcpEqfkveLddV35CS
adWg55D3geyZWHg+pCQSwpmA/E7U22aVnw35SF+Cn/4lsCvuvMP57xFPnDeohrsr
Ww==
-----END CERTIFICATE-----