Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
File:                     MBHFvtv0MNvOQcazjxyxJVKrv-k.mft (raw, json)
Hash identifier:          HyLN/eIX8c5i0TrpEOw1BXVx07zuUra12x2S356Yu9Y=
Subject key identifier:   E7:E8:3D:17:6C:AF:2B:85:1A:6E:E7:B0:68:E3:13:68:00:1D:41:18
Authority key identifier: 30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9
Certificate issuer:       /CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
Certificate serial:       01974EFBF59743955929E48A125BEBEE83A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
Manifest number:          014D
Signing time:             Sun 08 Jun 2025 10:00:24 +0000
Manifest this update:     Sun 08 Jun 2025 10:00:24 +0000
Manifest next update:     Mon 09 Jun 2025 10:00:24 +0000
Files and hashes:         1: MBHFvtv0MNvOQcazjxyxJVKrv-k.crl (hash: F3td0kcE4aYdZqQegJs1OhjDEuoP2ZQo883742fw77A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:fb:f5:97:43:95:59:29:e4:8a:12:5b:eb:ee:83:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
        Validity
            Not Before: Jun  8 10:00:24 2025 GMT
            Not After : Jun  9 10:00:24 2025 GMT
        Subject: CN=e7e83d176caf2b851a6ee7b068e31368001d4118
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:7f:4c:5f:0e:eb:a5:4e:9e:26:45:0a:27:77:
                    0e:8c:46:a5:92:4f:da:2a:7b:49:8c:84:47:a2:ee:
                    eb:bc:f7:d8:0a:97:ae:42:81:11:f9:9f:07:b0:d7:
                    0d:68:1a:4d:90:46:b9:65:2c:ec:44:9c:fd:c8:39:
                    6f:ac:98:12:f9:89:38:d4:fc:ed:5f:30:b6:af:3e:
                    00:1b:5b:ed:a6:2a:2b:54:c9:76:14:45:53:b1:d7:
                    1b:e4:e2:16:e2:64:c0:40:38:5c:37:db:00:ac:9c:
                    59:fa:ee:77:78:4f:df:4e:e6:eb:84:f4:71:02:50:
                    56:a8:2a:46:63:5b:ca:c1:a9:46:fd:73:bb:4c:ca:
                    c3:ad:d7:29:22:35:8d:5f:0f:b6:61:61:05:ee:53:
                    db:69:b6:2b:4d:96:4a:e6:27:0b:7e:ad:31:27:70:
                    53:e9:de:0e:fd:95:c8:3c:c3:29:52:a2:3f:8c:9a:
                    05:ab:07:79:f5:78:cc:ab:dd:4a:07:fb:49:cc:1a:
                    2d:3c:f4:22:15:a3:b8:22:d0:f0:06:1f:e6:2a:dc:
                    aa:fb:e6:99:1f:9b:f2:ff:0f:19:55:56:c9:7b:0d:
                    01:ac:04:e6:7b:19:65:12:0b:41:56:a0:07:c2:8c:
                    8c:1e:f3:39:1b:17:d7:d8:d5:23:53:a3:b9:a0:37:
                    12:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:E8:3D:17:6C:AF:2B:85:1A:6E:E7:B0:68:E3:13:68:00:1D:41:18
            X509v3 Authority Key Identifier:
                keyid:30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:07:fd:ee:69:74:07:68:f7:62:92:ee:4e:9d:f1:85:96:83:
         be:b1:ab:b5:88:65:37:ea:5d:52:a4:ec:0e:83:e2:f9:86:42:
         bb:5c:66:5e:41:b1:3f:aa:8c:52:99:ed:ca:35:bf:03:4d:6e:
         4d:e7:cc:49:d8:77:e4:df:3a:20:36:86:92:64:b6:82:e8:2d:
         d5:84:26:fd:7b:06:47:6c:f8:97:b2:e2:63:92:49:79:d2:96:
         6d:3c:02:fd:6b:68:c4:ac:a0:07:c5:e3:69:79:4b:35:10:0b:
         e5:ac:cb:ce:01:69:3b:07:f5:44:6e:c3:96:49:c8:b6:da:32:
         aa:5d:73:d4:e1:78:f1:3b:a3:6d:c0:56:41:a8:a2:1c:6c:2a:
         17:af:c0:7b:e9:9a:21:60:9d:6e:0c:55:1c:72:e8:17:a8:23:
         46:d9:52:15:b8:89:52:35:f1:6e:7a:e7:2d:23:99:9a:bd:38:
         15:0b:c4:1f:ef:82:1e:43:bd:ac:a3:00:67:31:4c:e1:07:16:
         5b:8c:ff:fa:a3:52:0c:95:02:a9:a9:f2:39:e3:d6:e7:ae:59:
         af:53:ff:80:f0:9b:6f:15:d2:d8:9f:aa:a9:d8:18:bc:14:99:
         06:13:18:63:35:4c:4f:19:53:f0:c8:26:7c:3c:a2:95:38:2b:
         e7:a0:a3:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdO+/WXQ5VZKeSKElvr7oOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMTFjNWJlZGJmNDMwZGJjZTQxYzZiMzhmMWNiMTI1NTJh
YmJmZTkwHhcNMjUwNjA4MTAwMDI0WhcNMjUwNjA5MTAwMDI0WjAzMTEwLwYDVQQD
EyhlN2U4M2QxNzZjYWYyYjg1MWE2ZWU3YjA2OGUzMTM2ODAwMWQ0MTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA439MXw7rpU6eJkUKJ3cOjEalkk/a
KntJjIRHou7rvPfYCpeuQoER+Z8HsNcNaBpNkEa5ZSzsRJz9yDlvrJgS+Yk41Pzt
XzC2rz4AG1vtpiorVMl2FEVTsdcb5OIW4mTAQDhcN9sArJxZ+u53eE/fTubrhPRx
AlBWqCpGY1vKwalG/XO7TMrDrdcpIjWNXw+2YWEF7lPbabYrTZZK5icLfq0xJ3BT
6d4O/ZXIPMMpUqI/jJoFqwd59XjMq91KB/tJzBotPPQiFaO4ItDwBh/mKtyq++aZ
H5vy/w8ZVVbJew0BrATmexllEgtBVqAHwoyMHvM5GxfX2NUjU6O5oDcSgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfoPRdsryuFGm7nsGjjE2gAHUEYMB8GA1UdIwQY
MBaAFDARxb7b9DDbzkHGs48csSVSq7/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUt
MmQ4M2MwODAwYzBiLzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUtMmQ4M2MwODAwYzBi
LzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXgf97ml0
B2j3YpLuTp3xhZaDvrGrtYhlN+pdUqTsDoPi+YZCu1xmXkGxP6qMUpntyjW/A01u
TefMSdh35N86IDaGkmS2gugt1YQm/XsGR2z4l7LiY5JJedKWbTwC/WtoxKygB8Xj
aXlLNRAL5azLzgFpOwf1RG7DlknIttoyql1z1OF48TujbcBWQaiiHGwqF6/Ae+ma
IWCdbgxVHHLoF6gjRtlSFbiJUjXxbnrnLSOZmr04FQvEH++CHkO9rKMAZzFM4QcW
W4z/+qNSDJUCqanyOePW565Zr1P/gPCbbxXS2J+qqdgYvBSZBhMYYzVMTxlT8Mgm
fDyilTgr56Cj0g==
-----END CERTIFICATE-----