Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
File:                     MBHFvtv0MNvOQcazjxyxJVKrv-k.mft (raw, json)
Hash identifier:          zgqZqjmZmKLobeU3fNHX0+Q/zW8ME79gpw9uknzQ1S4=
Subject key identifier:   AD:86:92:1C:5E:53:E4:22:9E:CC:9F:D8:EF:0F:5E:C4:BE:6E:DF:51
Authority key identifier: 30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9
Certificate issuer:       /CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
Certificate serial:       01992255F8B1819F5795DA765554FD665F18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
Manifest number:          023F
Signing time:             Sun 07 Sep 2025 04:01:23 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:23 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:23 +0000
Files and hashes:         1: MBHFvtv0MNvOQcazjxyxJVKrv-k.crl (hash: 3Fe6CCDpAtxXUtGxowSFFI5tMvT30uq8JkvwsXRmMOo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:f8:b1:81:9f:57:95:da:76:55:54:fd:66:5f:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
        Validity
            Not Before: Sep  7 04:01:23 2025 GMT
            Not After : Sep  8 04:01:23 2025 GMT
        Subject: CN=ad86921c5e53e4229ecc9fd8ef0f5ec4be6edf51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:9e:ac:c4:f4:9a:fe:07:89:32:12:db:bb:ad:
                    cc:03:ba:bb:22:ff:8a:c2:cb:1c:25:78:ca:82:c5:
                    f2:f6:90:1f:a9:fe:c8:de:dd:1c:cc:a0:a1:52:6d:
                    91:4f:8f:50:28:5b:9c:c4:4c:c5:cd:5c:d4:ef:52:
                    f3:1a:50:39:b0:81:1f:26:90:08:23:45:2c:32:aa:
                    be:13:0b:46:f3:9a:d0:ba:3a:74:bf:d5:07:fe:5b:
                    73:a4:6d:02:ee:1f:db:13:c2:b3:2a:8d:d0:ac:e0:
                    30:36:da:75:1c:92:f0:0b:1d:1f:12:3a:96:95:8e:
                    14:83:fa:07:73:1d:59:72:09:fc:1b:a6:85:db:b9:
                    2f:df:cf:06:0d:62:1a:5c:89:9c:4a:ef:a2:ec:0a:
                    f0:94:72:80:4c:f6:e6:59:0e:ca:6f:e7:fd:92:3c:
                    74:d1:11:d0:a8:5f:d1:de:ff:ab:9e:f2:e9:3a:60:
                    2f:93:6b:0e:8d:40:78:29:0a:c8:83:4c:a8:52:1a:
                    c5:4b:ca:a2:24:af:3c:8b:5b:23:a9:49:79:f3:dc:
                    2a:ed:c2:b3:16:ee:3d:9b:57:0d:8a:65:69:3a:ec:
                    b6:5d:7a:72:f8:43:14:97:b1:ed:f5:50:f8:c6:dd:
                    8d:14:f3:59:0f:5c:0d:ae:01:48:01:cf:f1:c8:2c:
                    84:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:86:92:1C:5E:53:E4:22:9E:CC:9F:D8:EF:0F:5E:C4:BE:6E:DF:51
            X509v3 Authority Key Identifier:
                keyid:30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:b3:57:7c:01:05:8e:78:90:9c:9d:5c:0d:09:8f:ac:cb:02:
         99:16:3d:ed:31:4e:00:db:e8:a2:24:7c:c1:34:e4:3c:17:cf:
         ec:b3:a4:1c:c9:1f:bf:7b:0a:2f:81:9c:bb:e2:87:15:20:46:
         47:92:71:6f:9f:24:ae:0a:09:07:15:75:34:80:d1:f8:82:b9:
         ba:92:38:9f:a2:92:3a:b2:09:d5:49:56:00:93:d4:21:42:20:
         50:78:11:52:27:d4:c3:07:21:53:78:70:a6:7c:80:b5:a8:91:
         01:27:00:b1:f4:61:53:13:a8:00:43:1c:6d:93:fc:59:48:e2:
         ff:58:04:52:87:fd:10:ba:11:f0:00:c8:a7:ae:58:c1:58:ab:
         93:7d:dd:18:37:bb:83:f7:76:d7:34:b6:f3:24:8a:16:56:77:
         46:d5:a5:94:a3:59:c7:1e:ef:a7:ba:1c:cb:3a:de:e3:cb:11:
         0b:7c:67:b9:00:46:26:1d:1e:20:90:15:df:a0:1b:a8:22:91:
         fe:8e:08:bb:9b:68:65:de:7d:50:9f:b4:01:81:c8:21:bb:30:
         de:5f:97:b5:e5:47:2a:db:78:d4:91:8d:d9:02:c5:4b:8e:60:
         05:0e:a6:a0:38:cf:7e:49:45:e5:74:48:5c:92:77:30:09:a1:
         04:93:64:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVfixgZ9Xldp2VVT9Zl8YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMTFjNWJlZGJmNDMwZGJjZTQxYzZiMzhmMWNiMTI1NTJh
YmJmZTkwHhcNMjUwOTA3MDQwMTIzWhcNMjUwOTA4MDQwMTIzWjAzMTEwLwYDVQQD
EyhhZDg2OTIxYzVlNTNlNDIyOWVjYzlmZDhlZjBmNWVjNGJlNmVkZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJ6sxPSa/geJMhLbu63MA7q7Iv+K
wsscJXjKgsXy9pAfqf7I3t0czKChUm2RT49QKFucxEzFzVzU71LzGlA5sIEfJpAI
I0UsMqq+EwtG85rQujp0v9UH/ltzpG0C7h/bE8KzKo3QrOAwNtp1HJLwCx0fEjqW
lY4Ug/oHcx1Zcgn8G6aF27kv388GDWIaXImcSu+i7ArwlHKATPbmWQ7Kb+f9kjx0
0RHQqF/R3v+rnvLpOmAvk2sOjUB4KQrIg0yoUhrFS8qiJK88i1sjqUl589wq7cKz
Fu49m1cNimVpOuy2XXpy+EMUl7Ht9VD4xt2NFPNZD1wNrgFIAc/xyCyEjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2GkhxeU+Qinsyf2O8PXsS+bt9RMB8GA1UdIwQY
MBaAFDARxb7b9DDbzkHGs48csSVSq7/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUt
MmQ4M2MwODAwYzBiLzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUtMmQ4M2MwODAwYzBi
LzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACrNXfAEF
jniQnJ1cDQmPrMsCmRY97TFOANvooiR8wTTkPBfP7LOkHMkfv3sKL4Gcu+KHFSBG
R5Jxb58krgoJBxV1NIDR+IK5upI4n6KSOrIJ1UlWAJPUIUIgUHgRUifUwwchU3hw
pnyAtaiRAScAsfRhUxOoAEMcbZP8WUji/1gEUof9ELoR8ADIp65YwVirk33dGDe7
g/d21zS28ySKFlZ3RtWllKNZxx7vp7ocyzre48sRC3xnuQBGJh0eIJAV36AbqCKR
/o4Iu5toZd59UJ+0AYHIIbsw3l+XteVHKtt41JGN2QLFS45gBQ6moDjPfklF5XRI
XJJ3MAmhBJNkFg==
-----END CERTIFICATE-----