Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
File:                     MBHFvtv0MNvOQcazjxyxJVKrv-k.mft (raw, json)
Hash identifier:          HJKFfI2ezX5IGnsFw2c1pT2ysk5sxBYtu3yrZZpXObg=
Subject key identifier:   C8:C7:EB:24:98:6B:D0:C9:00:63:21:C1:FB:96:03:06:35:E2:17:93
Authority key identifier: 30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9
Certificate issuer:       /CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
Certificate serial:       01968059388DA9EBFF78FF65833D6215FE64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
Manifest number:          E2
Signing time:             Tue 29 Apr 2025 07:00:52 +0000
Manifest this update:     Tue 29 Apr 2025 07:00:52 +0000
Manifest next update:     Wed 30 Apr 2025 07:00:52 +0000
Files and hashes:         1: MBHFvtv0MNvOQcazjxyxJVKrv-k.crl (hash: HPWWkx0E9ZSKrI8KoMZcJEkL5n2H5l3r8Yq4qosEnwA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 07:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:59:38:8d:a9:eb:ff:78:ff:65:83:3d:62:15:fe:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
        Validity
            Not Before: Apr 29 07:00:52 2025 GMT
            Not After : Apr 30 07:00:52 2025 GMT
        Subject: CN=c8c7eb24986bd0c9006321c1fb96030635e21793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:47:ac:96:93:ca:16:c6:b0:8a:a2:c8:96:62:
                    7e:9b:c5:34:3b:9b:0f:00:f9:de:05:84:45:06:36:
                    e1:f2:c5:9c:a9:b7:92:fc:b3:d5:79:87:84:bf:fc:
                    5c:57:4d:1a:ba:9a:96:00:ef:2e:a8:4d:7f:05:36:
                    42:57:96:c6:1e:a9:b7:f3:a1:65:1f:42:5a:7a:91:
                    7d:e0:8c:37:8b:bc:53:09:18:2a:ad:79:86:2d:28:
                    86:33:61:40:42:67:8c:82:5f:67:5d:5d:45:29:ff:
                    4d:43:5d:38:a2:2c:a1:be:ae:69:65:e7:ea:e4:0d:
                    5c:87:0b:66:d5:79:56:91:80:44:c7:99:22:9b:2d:
                    45:bc:0e:ad:ab:bd:15:db:c2:5a:34:0c:fb:b6:ab:
                    0f:d3:bb:d9:cd:f9:60:be:69:81:c9:65:5c:21:99:
                    ab:2c:25:09:bc:09:1a:2f:39:e3:12:dc:33:44:f2:
                    7f:3d:43:77:4f:87:5e:6c:c7:3e:0a:76:8f:8f:98:
                    06:31:79:f4:44:a8:01:c1:a6:95:b4:b5:cd:04:86:
                    d9:b0:fd:ca:f7:a4:1b:90:a9:ec:30:bc:72:b0:a0:
                    23:c0:55:1f:28:ff:cb:3a:55:fe:ff:8b:a6:16:7a:
                    62:cf:43:5b:cd:5a:5b:ae:e7:49:b8:44:94:26:79:
                    37:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:C7:EB:24:98:6B:D0:C9:00:63:21:C1:FB:96:03:06:35:E2:17:93
            X509v3 Authority Key Identifier:
                keyid:30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:20:3c:2c:e3:09:85:51:e2:c3:fa:6a:c1:f9:9d:18:0b:59:
         4f:e7:78:b3:7a:ae:f0:36:a1:bd:13:b9:49:50:70:52:ab:39:
         7f:4e:4e:e1:b1:5e:f3:6c:e7:3a:7e:e0:1f:b3:12:6e:23:f3:
         16:d2:cc:8b:4e:0c:39:09:67:bc:14:92:cd:a3:1d:a2:7c:95:
         78:e9:cf:58:7a:7c:cc:5d:df:70:64:bf:3b:f6:0e:ae:73:e4:
         75:77:2f:fd:36:33:1e:2c:32:16:0e:b0:32:ee:f1:ce:d0:e6:
         c2:63:70:63:5a:75:42:ab:aa:2e:8d:ee:82:03:1a:44:fa:a4:
         83:ab:c3:06:5d:ef:5a:fc:61:34:36:3a:ce:3d:78:29:db:3c:
         09:c4:db:07:2f:13:48:92:98:1f:0f:32:5a:82:0f:cc:df:28:
         cb:7d:bf:eb:48:be:97:a2:5a:e8:3d:da:94:5b:5d:62:4d:91:
         0c:81:80:f3:ed:e1:b3:8d:ec:99:f1:36:cc:d9:8d:91:a7:ae:
         94:4b:0f:6d:b2:11:f2:cb:83:46:3e:55:88:57:1e:35:e7:ea:
         b1:f5:b4:6e:9e:fa:f6:f6:db:40:45:4a:97:7c:40:54:8e:1d:
         d8:3d:c1:89:40:f1:21:8e:8e:d1:7b:2f:cc:5f:7a:9e:e7:1f:
         1f:d7:0b:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAWTiNqev/eP9lgz1iFf5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMTFjNWJlZGJmNDMwZGJjZTQxYzZiMzhmMWNiMTI1NTJh
YmJmZTkwHhcNMjUwNDI5MDcwMDUyWhcNMjUwNDMwMDcwMDUyWjAzMTEwLwYDVQQD
EyhjOGM3ZWIyNDk4NmJkMGM5MDA2MzIxYzFmYjk2MDMwNjM1ZTIxNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0eslpPKFsawiqLIlmJ+m8U0O5sP
APneBYRFBjbh8sWcqbeS/LPVeYeEv/xcV00aupqWAO8uqE1/BTZCV5bGHqm386Fl
H0JaepF94Iw3i7xTCRgqrXmGLSiGM2FAQmeMgl9nXV1FKf9NQ104oiyhvq5pZefq
5A1chwtm1XlWkYBEx5kimy1FvA6tq70V28JaNAz7tqsP07vZzflgvmmByWVcIZmr
LCUJvAkaLznjEtwzRPJ/PUN3T4debMc+CnaPj5gGMXn0RKgBwaaVtLXNBIbZsP3K
96QbkKnsMLxysKAjwFUfKP/LOlX+/4umFnpiz0NbzVpbrudJuESUJnk3rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMjH6ySYa9DJAGMhwfuWAwY14heTMB8GA1UdIwQY
MBaAFDARxb7b9DDbzkHGs48csSVSq7/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUt
MmQ4M2MwODAwYzBiLzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUtMmQ4M2MwODAwYzBi
LzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJiA8LOMJ
hVHiw/pqwfmdGAtZT+d4s3qu8DahvRO5SVBwUqs5f05O4bFe82znOn7gH7MSbiPz
FtLMi04MOQlnvBSSzaMdonyVeOnPWHp8zF3fcGS/O/YOrnPkdXcv/TYzHiwyFg6w
Mu7xztDmwmNwY1p1QquqLo3uggMaRPqkg6vDBl3vWvxhNDY6zj14Kds8CcTbBy8T
SJKYHw8yWoIPzN8oy32/60i+l6Ja6D3alFtdYk2RDIGA8+3hs43smfE2zNmNkaeu
lEsPbbIR8suDRj5ViFceNefqsfW0bp769vbbQEVKl3xAVI4d2D3BiUDxIY6O0Xsv
zF96nucfH9cLAA==
-----END CERTIFICATE-----