Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
File:                     F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft (raw, json)
Hash identifier:          A+DdeMshSXeAA855aowuWxYMiFgpQqV3H4r38l0/pz8=
Subject key identifier:   4B:2C:0D:BF:23:19:44:93:46:49:F0:8F:4C:C3:A7:6C:89:37:97:5C
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Certificate issuer:       /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial:       08DFC654C3C0AE67351B391BB2005EA2B254C922
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
Manifest number:          0226
Signing time:             Fri 22 Aug 2025 23:56:51 +0000
Manifest this update:     Fri 22 Aug 2025 23:51:51 +0000
Manifest next update:     Sun 24 Aug 2025 01:46:51 +0000
Files and hashes:         1: 326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa (hash: 8/2mbGbaC4ennlzI7y1e8hUNr9fsr7Pr+/K69/OYKQg=)
                          2: 326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa (hash: OXH7kpuguUKmKnwoouN0IGAOMj3E/W/ffH2kJO7vbOY=)
                          3: 326131333a393634323a3130303a3a2f34382d3438203d3e203438323830.roa (hash: j84/Fm1nc/JJrf9h3dAaKkat+XV/si7APTv6iSnl64I=)
                          4: 5EB2E5DAD0C6996D0A80A7B90F3A2AA60FB1A7AC.cer (hash: Nz2k0o2IS41o55idTp4HvK3uNxIMYgMNKvrr57G+kIE=)
                          5: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (hash: WOAaZY65k+/GoeKbXXymPrZVu7CfbDlQvCXqyS0ZjLA=)
                          6: 326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa (hash: 894RTKAEh4ciZZOdefpuTBSaNDM2TQpQSdGle6pgy08=)
                          7: 326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa (hash: e3gM8xBShVESXc8MaKIMDq1iDa8wjJWbHPjdOfhPuFQ=)
                          8: F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl (hash: 5oamGENWqpV8dPqb98iz9lRk/NI6VMPqtwMsq0mOfJQ=)
                          9: 326131333a393634303a3a2f34342d3434203d3e203532313132.roa (hash: DOR1Pt3ct68s+ey18ZghPrs5rAUoZlIbwxjvP68BE+k=)
                          10: 39312e3230372e31332e302f32342d3234203d3e203532313132.roa (hash: +JU+ydXmMjIBHlt1kVXfkJBGqdmH1ATfk8PRfe8t4Rc=)
                          11: 326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa (hash: lNHaIlVxi/lYCx53I3+MfwePjUfRoiP0WtejKnMjprU=)
                          12: 8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer (hash: nYcdq/fifitjvFyPoNBEJvUP1WGfqAJvzv/Dj2Iivv0=)
                          13: 326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa (hash: UQpEpactphMaN3i4tpyR5s9Tmz685dUuNs8hSuG0cJQ=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:46:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:df:c6:54:c3:c0:ae:67:35:1b:39:1b:b2:00:5e:a2:b2:54:c9:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
        Validity
            Not Before: Aug 22 23:51:51 2025 GMT
            Not After : Aug 24 01:46:51 2025 GMT
        Subject: CN=4B2C0DBF231944934649F08F4CC3A76C8937975C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:19:cc:a6:a6:c1:b6:50:e1:35:7d:b4:8a:af:
                    b6:a6:23:ef:8b:22:ce:ae:b0:bf:0a:53:8e:29:f2:
                    80:c1:fa:60:6d:79:81:01:73:d8:e2:51:e8:37:2c:
                    4e:a6:4b:46:bf:2e:bf:cb:78:ce:09:f7:1f:8e:00:
                    fe:02:8d:f1:36:b2:3b:b0:6e:26:19:b1:4c:6e:6e:
                    3b:9f:e7:62:b7:29:f8:d4:84:ed:2e:9d:fd:89:bc:
                    24:fe:e8:dc:d9:06:c6:c4:75:25:4f:93:89:b1:ce:
                    0a:b9:4b:f3:1f:be:4f:f3:03:78:77:c9:d0:78:0c:
                    fb:5f:15:fa:82:a3:bd:dc:91:b0:ed:d3:48:c9:a2:
                    91:51:bf:62:14:37:47:76:6a:3a:62:8f:ad:ee:65:
                    0d:ca:30:3d:41:a7:5c:78:36:5a:a2:9e:00:34:87:
                    5e:71:c5:2c:4a:6a:6c:0d:96:b0:01:83:b7:10:2e:
                    c6:ed:fc:7e:cb:be:24:db:e5:5f:fa:53:b8:4d:06:
                    bf:ae:ed:14:73:f3:f1:7d:95:e2:c6:66:9b:c0:ca:
                    1d:08:72:c9:b8:c7:00:81:fb:2d:6c:84:d6:a9:23:
                    87:28:8e:ce:22:6e:3d:c1:de:a7:47:e7:32:72:4b:
                    86:cc:4c:a2:96:ff:96:31:1c:7e:c7:67:2a:1e:6f:
                    b0:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:2C:0D:BF:23:19:44:93:46:49:F0:8F:4C:C3:A7:6C:89:37:97:5C
            X509v3 Authority Key Identifier:
                keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:01:93:7f:84:cc:cc:1c:9e:4c:c0:f3:13:a6:cd:df:e3:58:
         88:38:59:ce:b1:6f:4b:62:7f:de:78:14:67:ea:a1:c2:4a:c1:
         41:ff:27:45:b6:5a:27:de:4b:3c:e3:71:17:6b:05:19:1f:ef:
         76:66:f0:9b:4f:c9:6d:2a:60:72:c6:86:8d:78:58:b7:46:4a:
         81:f7:7b:0a:23:c7:28:0e:70:bd:4b:8b:31:1d:da:98:1b:64:
         66:da:2c:fd:19:66:e1:47:5a:0f:4f:2d:29:0e:98:e4:ef:00:
         11:22:c1:0f:26:a3:f9:94:71:ed:79:0a:2a:77:e9:22:6b:e4:
         6d:a8:d2:44:81:a1:c4:07:3d:87:bc:dc:f1:04:e4:13:2c:f8:
         80:ed:79:14:01:81:00:00:62:af:c8:a0:c2:9a:31:86:9c:27:
         3e:71:1c:f3:b1:09:f9:0f:48:48:ae:f6:52:bd:f4:36:00:67:
         8c:4e:0b:00:62:b2:10:16:73:bb:04:0d:44:83:75:67:08:e3:
         3f:85:f7:85:4b:c7:c6:0c:6f:d5:c1:ed:82:dc:1a:ce:f3:b6:
         c6:f6:b6:c4:4e:bb:fb:9c:77:38:1f:24:9c:b3:c0:4f:2b:99:
         99:3b:d3:5f:9f:9a:01:93:ca:55:ff:27:d4:e6:0a:77:01:85:
         01:13:74:64
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUCN/GVMPArmc1GzkbsgBeorJUySIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNTA4MjIyMzUxNTFaFw0yNTA4MjQwMTQ2NTFaMDMxMTAvBgNV
BAMTKDRCMkMwREJGMjMxOTQ0OTM0NjQ5RjA4RjRDQzNBNzZDODkzNzk3NUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0GcympsG2UOE1fbSKr7amI++L
Is6usL8KU44p8oDB+mBteYEBc9jiUeg3LE6mS0a/Lr/LeM4J9x+OAP4CjfE2sjuw
biYZsUxubjuf52K3KfjUhO0unf2JvCT+6NzZBsbEdSVPk4mxzgq5S/Mfvk/zA3h3
ydB4DPtfFfqCo73ckbDt00jJopFRv2IUN0d2ajpij63uZQ3KMD1Bp1x4NlqingA0
h15xxSxKamwNlrABg7cQLsbt/H7LviTb5V/6U7hNBr+u7RRz8/F9leLGZpvAyh0I
csm4xwCB+y1shNapI4cojs4ibj3B3qdH5zJyS4bMTKKW/5YxHH7HZyoeb7BxAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUSywNvyMZRJNGSfCPTMOnbIk3l1wwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMzBkZTg0Yi00
MDBhLTRmZDEtYWI4YS1lNzYxNmUyNDViNDkvMC9GMUQwNTcyRkU3Mjk5MUJEMzI4
NTRCQUM3MTY2NzZFQkRBRDIyQUNFLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARQGTf4TMzByeTMDzE6bN
3+NYiDhZzrFvS2J/3ngUZ+qhwkrBQf8nRbZaJ95LPONxF2sFGR/vdmbwm0/JbSpg
csaGjXhYt0ZKgfd7CiPHKA5wvUuLMR3amBtkZtos/Rlm4UdaD08tKQ6Y5O8AESLB
Dyaj+ZRx7XkKKnfpImvkbajSRIGhxAc9h7zc8QTkEyz4gO15FAGBAABir8igwpox
hpwnPnEc87EJ+Q9ISK72Ur30NgBnjE4LAGKyEBZzuwQNRIN1ZwjjP4X3hUvHxgxv
1cHtgtwazvO2xva2xE67+5x3OB8knLPATyuZmTvTX5+aAZPKVf8n1OYKdwGFARN0
ZA==
-----END CERTIFICATE-----