Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
File:                     F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft (raw, json)
Hash identifier:          5RGMCnrnoE86iDb4yJdZmv2bSY8oh7xU4P+9yY75MRA=
Subject key identifier:   A6:8E:7A:3A:29:5B:E8:DB:76:E1:DC:DE:42:18:62:37:94:1B:09:E9
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Certificate issuer:       /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial:       4FB94A7020D58E91831E75FA9F3421A50800A86D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
Manifest number:          023B
Signing time:             Sun 07 Sep 2025 17:27:20 +0000
Manifest this update:     Sun 07 Sep 2025 17:22:20 +0000
Manifest next update:     Mon 08 Sep 2025 20:53:20 +0000
Files and hashes:         1: F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl (hash: d1mTuQ84pruNUJ6CwO1DphNihMGB2Rd+ycmb+/v8t5Y=)
                          2: 326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa (hash: lNHaIlVxi/lYCx53I3+MfwePjUfRoiP0WtejKnMjprU=)
                          3: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (hash: WOAaZY65k+/GoeKbXXymPrZVu7CfbDlQvCXqyS0ZjLA=)
                          4: 326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa (hash: 8/2mbGbaC4ennlzI7y1e8hUNr9fsr7Pr+/K69/OYKQg=)
                          5: 5EB2E5DAD0C6996D0A80A7B90F3A2AA60FB1A7AC.cer (hash: Nz2k0o2IS41o55idTp4HvK3uNxIMYgMNKvrr57G+kIE=)
                          6: 39312e3230372e31332e302f32342d3234203d3e203532313132.roa (hash: +JU+ydXmMjIBHlt1kVXfkJBGqdmH1ATfk8PRfe8t4Rc=)
                          7: 326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa (hash: UQpEpactphMaN3i4tpyR5s9Tmz685dUuNs8hSuG0cJQ=)
                          8: 326131333a393634303a3a2f34342d3434203d3e203532313132.roa (hash: DOR1Pt3ct68s+ey18ZghPrs5rAUoZlIbwxjvP68BE+k=)
                          9: 326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa (hash: OXH7kpuguUKmKnwoouN0IGAOMj3E/W/ffH2kJO7vbOY=)
                          10: 326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa (hash: 894RTKAEh4ciZZOdefpuTBSaNDM2TQpQSdGle6pgy08=)
                          11: 8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer (hash: nYcdq/fifitjvFyPoNBEJvUP1WGfqAJvzv/Dj2Iivv0=)
                          12: 326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa (hash: e3gM8xBShVESXc8MaKIMDq1iDa8wjJWbHPjdOfhPuFQ=)
                          13: 326131333a393634323a3130303a3a2f34382d3438203d3e203438323830.roa (hash: j84/Fm1nc/JJrf9h3dAaKkat+XV/si7APTv6iSnl64I=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 20:53:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:b9:4a:70:20:d5:8e:91:83:1e:75:fa:9f:34:21:a5:08:00:a8:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
        Validity
            Not Before: Sep  7 17:22:20 2025 GMT
            Not After : Sep  8 20:53:20 2025 GMT
        Subject: CN=A68E7A3A295BE8DB76E1DCDE42186237941B09E9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:16:74:1a:fa:b3:d6:5d:b2:6c:b5:61:af:da:
                    ce:8c:ca:01:85:ea:fa:51:f8:61:17:c5:90:1c:70:
                    35:60:42:7b:83:63:84:01:ae:71:a2:60:99:14:05:
                    33:1e:f6:84:09:6f:f9:9c:22:1a:94:74:e7:43:6d:
                    68:74:29:49:85:86:68:b5:f9:a7:77:4e:eb:c4:b9:
                    84:e9:4a:98:84:dc:aa:32:aa:c5:ef:62:ae:23:28:
                    04:58:68:eb:87:83:c6:22:ed:5e:c7:12:26:b8:ab:
                    2a:0e:c4:b7:6a:8d:c4:72:db:a1:67:b3:6e:c3:2a:
                    39:9f:71:6a:a8:67:99:aa:df:c2:3e:d6:b3:3a:85:
                    6c:8f:d1:2d:07:c4:a3:f0:6f:73:59:d3:43:57:5d:
                    b2:31:5e:4b:15:a5:71:fe:bc:88:00:81:f5:17:3f:
                    88:46:67:b9:fa:4e:29:2e:78:ed:28:86:9a:f1:29:
                    7c:86:46:bd:2b:84:75:63:4b:93:71:6e:16:d1:e7:
                    66:4e:5e:33:f5:e7:c9:42:46:68:ad:45:44:56:63:
                    ad:62:cc:a5:68:ba:76:66:2f:a1:f1:0c:3b:5f:96:
                    40:82:e8:96:ad:e7:66:b8:2b:b6:10:fb:f1:49:ce:
                    83:b1:48:33:54:75:e0:66:47:60:09:5c:8b:14:a2:
                    cb:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:8E:7A:3A:29:5B:E8:DB:76:E1:DC:DE:42:18:62:37:94:1B:09:E9
            X509v3 Authority Key Identifier:
                keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:f5:72:fe:74:b2:d8:03:3d:4e:57:f6:33:f7:ff:ad:aa:b1:
         a2:a4:60:75:be:01:ed:4c:4e:c8:10:d5:f3:8f:4e:4f:6c:17:
         b0:98:53:1e:7c:be:41:10:56:7b:e9:3e:c3:86:7e:b4:2f:86:
         cb:da:95:b6:7d:80:21:74:fc:c8:72:28:a2:5a:e7:56:07:b3:
         5e:05:1b:1d:b4:d7:65:0c:19:aa:a8:45:6f:8d:eb:f0:81:87:
         9f:7f:7a:ec:0b:45:49:f4:88:5a:1e:fe:d4:83:f0:a9:bd:71:
         e9:40:7b:9b:fe:e4:c2:a7:3d:95:0c:c3:01:33:b0:4c:63:06:
         9f:19:7b:9b:93:50:e8:f4:71:43:8e:fd:cf:73:80:a1:8b:ac:
         8b:47:9b:f2:a4:b2:95:cd:a4:62:f1:b5:79:9b:16:83:8d:a9:
         34:ad:d3:c0:fd:e8:7f:57:c0:1a:95:05:f8:b6:36:ec:f7:c2:
         5e:ec:95:79:6e:cc:05:b0:e2:6a:b3:17:99:17:ea:f1:03:72:
         d1:70:90:dc:ad:cb:75:31:ca:7e:7e:fd:00:6a:2b:7a:3a:2d:
         2f:08:64:f0:1e:17:ce:ab:eb:c8:91:c3:e5:60:e9:24:2f:d3:
         aa:04:39:7b:b6:62:9f:0d:9b:61:1c:c5:72:3e:c5:a9:ae:fd:
         ef:e2:b1:4b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUT7lKcCDVjpGDHnX6nzQhpQgAqG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNTA5MDcxNzIyMjBaFw0yNTA5MDgyMDUzMjBaMDMxMTAvBgNV
BAMTKEE2OEU3QTNBMjk1QkU4REI3NkUxRENERTQyMTg2MjM3OTQxQjA5RTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmFnQa+rPWXbJstWGv2s6MygGF
6vpR+GEXxZAccDVgQnuDY4QBrnGiYJkUBTMe9oQJb/mcIhqUdOdDbWh0KUmFhmi1
+ad3TuvEuYTpSpiE3KoyqsXvYq4jKARYaOuHg8Yi7V7HEia4qyoOxLdqjcRy26Fn
s27DKjmfcWqoZ5mq38I+1rM6hWyP0S0HxKPwb3NZ00NXXbIxXksVpXH+vIgAgfUX
P4hGZ7n6TikueO0ohprxKXyGRr0rhHVjS5NxbhbR52ZOXjP158lCRmitRURWY61i
zKVounZmL6HxDDtflkCC6Jat52a4K7YQ+/FJzoOxSDNUdeBmR2AJXIsUosuJAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUpo56Oilb6Nt24dzeQhhiN5QbCekwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMzBkZTg0Yi00
MDBhLTRmZDEtYWI4YS1lNzYxNmUyNDViNDkvMC9GMUQwNTcyRkU3Mjk5MUJEMzI4
NTRCQUM3MTY2NzZFQkRBRDIyQUNFLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm/Vy/nSy2AM9Tlf2M/f/
raqxoqRgdb4B7UxOyBDV849OT2wXsJhTHny+QRBWe+k+w4Z+tC+Gy9qVtn2AIXT8
yHIoolrnVgezXgUbHbTXZQwZqqhFb43r8IGHn3967AtFSfSIWh7+1IPwqb1x6UB7
m/7kwqc9lQzDATOwTGMGnxl7m5NQ6PRxQ479z3OAoYusi0eb8qSylc2kYvG1eZsW
g42pNK3TwP3of1fAGpUF+LY27PfCXuyVeW7MBbDiarMXmRfq8QNy0XCQ3K3LdTHK
fn79AGorejotLwhk8B4XzqvryJHD5WDpJC/TqgQ5e7Zinw2bYRzFcj7Fqa797+Kx
Sw==
-----END CERTIFICATE-----