Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
File:                     MBHFvtv0MNvOQcazjxyxJVKrv-k.mft (raw, json)
Hash identifier:          TyxoGa2a3PclB1q0xL6KJowwnhArWu0TpFmkMfugleY=
Subject key identifier:   87:1B:4B:56:39:7F:8F:BF:AA:0C:23:6E:2C:F9:A4:E9:96:15:FC:17
Authority key identifier: 30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9
Certificate issuer:       /CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
Certificate serial:       019D3909CB5790169EB631F274E184E80510
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
Manifest number:          045D
Signing time:             Sun 29 Mar 2026 10:00:36 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:36 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:36 +0000
Files and hashes:         1: MBHFvtv0MNvOQcazjxyxJVKrv-k.crl (hash: 1aXNxJsfFapvm3Wlk86x0xeOqdU155qvR7mZ3Le7agU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:cb:57:90:16:9e:b6:31:f2:74:e1:84:e8:05:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
        Validity
            Not Before: Mar 29 10:00:36 2026 GMT
            Not After : Mar 30 10:00:36 2026 GMT
        Subject: CN=871b4b56397f8fbfaa0c236e2cf9a4e99615fc17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:d2:df:36:59:71:17:b4:2a:dc:9b:63:78:87:
                    ae:9d:f3:01:3f:9c:03:0b:f3:81:71:93:12:40:22:
                    38:ab:4d:c5:0d:9b:0f:10:78:9b:c7:d4:01:2e:3f:
                    4e:20:2b:66:c0:99:a6:02:0b:57:9e:07:dc:7f:b2:
                    24:1b:3f:a8:ae:32:9c:74:64:67:3b:96:d7:51:5d:
                    79:58:27:01:38:ec:18:3f:64:05:b8:5f:b8:c7:7a:
                    7e:1f:0e:9f:63:da:c7:77:11:60:97:9b:3b:d8:97:
                    b1:d3:af:11:48:27:da:0c:ee:52:68:5a:60:22:86:
                    eb:ed:7a:c4:4d:0c:a9:cf:f8:a7:2a:f5:fa:18:82:
                    c4:08:a4:4e:45:75:a8:31:36:65:00:c5:f6:59:bd:
                    59:a3:ad:af:23:ce:f6:b8:6a:c7:79:8b:c5:2f:3e:
                    80:ab:79:8b:b3:b3:ca:52:01:11:ae:e0:d7:ed:cf:
                    86:db:eb:4c:ac:d8:bf:20:a8:e8:1c:79:5f:06:dc:
                    16:f7:64:19:0b:c0:83:55:f6:47:0b:2f:79:96:46:
                    0d:75:41:5d:7d:de:fb:3a:4a:79:d0:b2:5a:86:f0:
                    94:db:36:8d:8c:db:cc:29:4e:e6:0b:ca:5f:70:f1:
                    4f:90:14:54:9f:c9:e8:6d:30:34:ed:93:2a:c1:1e:
                    19:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:1B:4B:56:39:7F:8F:BF:AA:0C:23:6E:2C:F9:A4:E9:96:15:FC:17
            X509v3 Authority Key Identifier:
                keyid:30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:43:70:fd:49:05:06:cf:19:68:b8:dd:44:65:90:25:35:fa:
         41:93:e0:2d:93:55:d5:85:bc:c1:df:ef:fb:e4:1f:9e:0b:67:
         91:a2:f8:29:64:ff:9e:a5:72:63:6a:73:2a:45:9e:5b:08:46:
         e7:6d:20:b1:a1:57:1a:e0:2a:83:57:d6:22:85:6e:e9:0c:60:
         26:ee:4a:c0:62:fa:59:b7:3e:8a:f4:f4:84:07:cf:9a:60:5e:
         ec:57:47:36:37:d5:3d:77:0f:03:1a:32:5a:88:71:c6:98:df:
         13:4f:2f:68:92:84:24:d5:cb:10:23:5b:8e:22:46:5c:1e:0e:
         04:0f:fe:25:6f:90:ba:c2:30:37:2a:26:01:ae:0f:ae:e9:21:
         09:1b:23:6d:fb:f6:56:af:d9:9c:b1:d1:67:94:a0:4a:b0:6b:
         e6:e8:78:b8:54:46:a7:41:bd:aa:11:25:6e:d2:ee:31:6f:93:
         64:fe:d0:1a:96:60:c3:cb:07:6b:b1:90:85:46:49:57:21:f3:
         97:ab:b5:75:e2:c9:c6:4a:fa:10:ac:08:82:2a:0e:7d:1f:20:
         ec:7d:53:c6:00:14:05:e8:88:2b:06:30:21:17:88:84:66:ba:
         44:f2:7f:6f:e5:d0:b8:cb:6e:3b:ae:64:cf:8e:14:7f:6b:1f:
         2c:77:d4:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CctXkBaetjHydOGE6AUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMTFjNWJlZGJmNDMwZGJjZTQxYzZiMzhmMWNiMTI1NTJh
YmJmZTkwHhcNMjYwMzI5MTAwMDM2WhcNMjYwMzMwMTAwMDM2WjAzMTEwLwYDVQQD
Eyg4NzFiNGI1NjM5N2Y4ZmJmYWEwYzIzNmUyY2Y5YTRlOTk2MTVmYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09LfNllxF7Qq3JtjeIeunfMBP5wD
C/OBcZMSQCI4q03FDZsPEHibx9QBLj9OICtmwJmmAgtXngfcf7IkGz+orjKcdGRn
O5bXUV15WCcBOOwYP2QFuF+4x3p+Hw6fY9rHdxFgl5s72Jex068RSCfaDO5SaFpg
Iobr7XrETQypz/inKvX6GILECKRORXWoMTZlAMX2Wb1Zo62vI872uGrHeYvFLz6A
q3mLs7PKUgERruDX7c+G2+tMrNi/IKjoHHlfBtwW92QZC8CDVfZHCy95lkYNdUFd
fd77Okp50LJahvCU2zaNjNvMKU7mC8pfcPFPkBRUn8nobTA07ZMqwR4ZZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcbS1Y5f4+/qgwjbiz5pOmWFfwXMB8GA1UdIwQY
MBaAFDARxb7b9DDbzkHGs48csSVSq7/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUt
MmQ4M2MwODAwYzBiLzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUtMmQ4M2MwODAwYzBi
LzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIENw/UkF
Bs8ZaLjdRGWQJTX6QZPgLZNV1YW8wd/v++QfngtnkaL4KWT/nqVyY2pzKkWeWwhG
520gsaFXGuAqg1fWIoVu6QxgJu5KwGL6Wbc+ivT0hAfPmmBe7FdHNjfVPXcPAxoy
WohxxpjfE08vaJKEJNXLECNbjiJGXB4OBA/+JW+QusIwNyomAa4PrukhCRsjbfv2
Vq/ZnLHRZ5SgSrBr5uh4uFRGp0G9qhElbtLuMW+TZP7QGpZgw8sHa7GQhUZJVyHz
l6u1deLJxkr6EKwIgioOfR8g7H1TxgAUBeiIKwYwIReIhGa6RPJ/b+XQuMtuO65k
z44Uf2sfLHfUPQ==
-----END CERTIFICATE-----