Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
File:                     MBHFvtv0MNvOQcazjxyxJVKrv-k.mft (raw, json)
Hash identifier:          cHOMuJkTwRPue7nFMbPvuLZ2oZHxmsvd4uCFzgjx3fo=
Subject key identifier:   49:1B:00:32:A5:93:7C:7C:25:E4:CC:04:24:FC:28:E8:65:20:A6:A3
Authority key identifier: 30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9
Certificate issuer:       /CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
Certificate serial:       019A725CD746531F14120D8F56626C3CD651
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
Manifest number:          02ED
Signing time:             Tue 11 Nov 2025 10:01:18 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:18 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:18 +0000
Files and hashes:         1: MBHFvtv0MNvOQcazjxyxJVKrv-k.crl (hash: g63vBMRc0zENs4I1Wya5LtgBma+EcqEwOi6GV8boyto=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:d7:46:53:1f:14:12:0d:8f:56:62:6c:3c:d6:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
        Validity
            Not Before: Nov 11 10:01:18 2025 GMT
            Not After : Nov 12 10:01:18 2025 GMT
        Subject: CN=491b0032a5937c7c25e4cc0424fc28e86520a6a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:55:ae:41:34:be:86:43:00:4e:13:fc:b5:be:
                    e3:28:9b:54:56:3d:d3:06:66:83:bc:da:01:3f:31:
                    a0:7b:fc:11:86:75:ec:93:b5:32:46:e7:0f:cb:39:
                    8a:50:72:89:15:f4:d7:26:7c:5f:7d:20:41:58:02:
                    d9:75:e3:37:be:b7:13:ed:59:f1:18:1d:65:1a:ce:
                    88:3f:25:31:91:17:95:50:5b:82:ca:2c:82:7a:59:
                    90:a1:43:56:b1:92:ba:d3:0e:3e:ed:b0:10:6d:f2:
                    9b:0f:63:72:ae:0b:fa:38:07:7d:1f:6f:09:69:46:
                    15:0d:31:00:87:d2:3c:5a:5d:17:fc:4d:27:0e:13:
                    ba:06:e6:2b:26:a3:e7:a6:f9:bd:aa:e3:f6:25:94:
                    c2:03:41:9b:42:c9:5a:29:84:50:f4:7f:5e:b8:03:
                    b8:85:6a:13:01:8c:1d:ba:3d:53:db:f1:8f:a0:11:
                    d0:ed:bb:85:ee:f2:a2:02:e5:91:3c:02:19:ea:d2:
                    e5:ab:1c:a3:9b:52:68:15:02:4b:ba:28:bf:fc:68:
                    b6:15:50:69:2e:b7:0d:88:86:c1:03:5b:0b:cb:c8:
                    83:6c:83:93:c9:a6:3f:b9:0e:8f:c1:a8:d2:71:ed:
                    f2:36:cd:4c:ba:86:77:57:93:f9:e0:a9:bc:f4:bd:
                    d2:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:1B:00:32:A5:93:7C:7C:25:E4:CC:04:24:FC:28:E8:65:20:A6:A3
            X509v3 Authority Key Identifier:
                keyid:30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:8c:23:cd:58:31:54:ca:5d:61:b3:37:02:39:d8:1f:7c:c3:
         ed:51:ab:c2:04:8f:e9:64:7f:57:61:55:f3:85:0c:f0:0c:55:
         f0:a1:38:d9:73:14:b5:98:cd:55:62:bd:b5:38:91:be:f8:1c:
         60:8b:f8:ba:2c:c3:4d:20:55:c5:d0:ba:b6:22:f0:7e:fe:9f:
         75:8c:f7:b3:24:e8:26:c7:33:a8:01:51:94:41:e7:5e:96:d6:
         54:51:e1:30:ee:e5:e6:42:21:15:17:83:14:01:dc:0c:18:8f:
         03:03:42:e4:9f:b5:2a:5d:b6:05:35:02:8d:51:01:43:3d:70:
         a5:b7:fb:f7:4f:fa:8c:19:8a:33:71:a3:46:89:ad:94:67:da:
         9f:ce:b1:41:68:c9:f0:33:7a:c3:be:03:b4:61:bb:12:c3:7a:
         29:2a:85:cd:d5:60:dd:7e:49:07:a0:05:e4:e2:7a:d7:d0:f3:
         9a:35:15:66:10:9f:b4:f3:d4:ba:3a:37:b1:6e:8c:44:95:51:
         a5:48:df:f5:b4:ec:7a:99:86:9f:c5:f5:7b:32:c4:39:24:5e:
         e8:56:8b:b8:0d:76:ca:5b:73:4b:19:9c:6e:0f:b0:c7:a6:31:
         36:8c:50:ef:7d:df:dd:95:c1:e4:be:c8:19:2c:10:44:2a:f1:
         6b:46:1d:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXNdGUx8UEg2PVmJsPNZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMTFjNWJlZGJmNDMwZGJjZTQxYzZiMzhmMWNiMTI1NTJh
YmJmZTkwHhcNMjUxMTExMTAwMTE4WhcNMjUxMTEyMTAwMTE4WjAzMTEwLwYDVQQD
Eyg0OTFiMDAzMmE1OTM3YzdjMjVlNGNjMDQyNGZjMjhlODY1MjBhNmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VWuQTS+hkMAThP8tb7jKJtUVj3T
BmaDvNoBPzGge/wRhnXsk7UyRucPyzmKUHKJFfTXJnxffSBBWALZdeM3vrcT7Vnx
GB1lGs6IPyUxkReVUFuCyiyCelmQoUNWsZK60w4+7bAQbfKbD2Nyrgv6OAd9H28J
aUYVDTEAh9I8Wl0X/E0nDhO6BuYrJqPnpvm9quP2JZTCA0GbQslaKYRQ9H9euAO4
hWoTAYwduj1T2/GPoBHQ7buF7vKiAuWRPAIZ6tLlqxyjm1JoFQJLuii//Gi2FVBp
LrcNiIbBA1sLy8iDbIOTyaY/uQ6PwajSce3yNs1MuoZ3V5P54Km89L3StwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEkbADKlk3x8JeTMBCT8KOhlIKajMB8GA1UdIwQY
MBaAFDARxb7b9DDbzkHGs48csSVSq7/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUt
MmQ4M2MwODAwYzBiLzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUtMmQ4M2MwODAwYzBi
LzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYIwjzVgx
VMpdYbM3AjnYH3zD7VGrwgSP6WR/V2FV84UM8AxV8KE42XMUtZjNVWK9tTiRvvgc
YIv4uizDTSBVxdC6tiLwfv6fdYz3syToJsczqAFRlEHnXpbWVFHhMO7l5kIhFReD
FAHcDBiPAwNC5J+1Kl22BTUCjVEBQz1wpbf790/6jBmKM3GjRomtlGfan86xQWjJ
8DN6w74DtGG7EsN6KSqFzdVg3X5JB6AF5OJ619DzmjUVZhCftPPUujo3sW6MRJVR
pUjf9bTsepmGn8X1ezLEOSRe6FaLuA12yltzSxmcbg+wx6YxNoxQ733f3ZXB5L7I
GSwQRCrxa0Yd9w==
-----END CERTIFICATE-----