Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
File:                     H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json)
Hash identifier:          +a7Jkadks+xpT489s0icj4YF4iOWN2tqdmn3CKAUcxk=
Subject key identifier:   E6:94:16:F5:89:E1:49:04:02:A4:59:FD:3A:11:D4:9D:B5:B3:62:42
Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2
Certificate issuer:       /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
Certificate serial:       019D26CCEBBBB6120E953308CB7A168A9E03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
Manifest number:          0FFB
Signing time:             Wed 25 Mar 2026 21:00:56 +0000
Manifest this update:     Wed 25 Mar 2026 21:00:56 +0000
Manifest next update:     Thu 26 Mar 2026 21:00:56 +0000
Files and hashes:         1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: XUf3q2aqjCy7i9W/zjlYaISXtehWe7Le6w7yNGdGnS4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 21:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:cc:eb:bb:b6:12:0e:95:33:08:cb:7a:16:8a:9e:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
        Validity
            Not Before: Mar 25 21:00:56 2026 GMT
            Not After : Mar 26 21:00:56 2026 GMT
        Subject: CN=e69416f589e1490402a459fd3a11d49db5b36242
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c6:5a:02:55:82:a2:c5:37:9c:f4:5d:23:9e:
                    b0:8f:1e:30:61:bd:2b:5a:8f:f9:5c:f9:5a:e9:ad:
                    aa:ef:23:97:09:61:01:7b:9f:93:57:bd:82:1f:c9:
                    81:02:50:5a:6f:d2:9e:5a:70:44:cd:05:65:ed:c3:
                    3b:32:b2:35:0d:7f:b6:1e:52:09:89:9a:61:b7:3b:
                    04:d4:24:1f:f5:21:b6:94:32:58:ba:8d:1c:57:b7:
                    bf:d6:4b:d1:62:a2:8d:f8:be:09:c7:87:4b:bd:16:
                    2a:2e:fd:bf:6e:57:b0:1c:fd:74:d9:13:a6:42:eb:
                    f4:27:19:95:db:4d:24:d0:f5:43:6e:9e:46:c6:18:
                    a5:59:e1:12:fe:55:d1:08:93:ff:86:a7:b4:1c:c6:
                    58:fe:d0:b2:28:64:89:6b:89:18:57:fb:da:0f:0c:
                    46:ca:60:f2:d0:ab:54:31:37:3c:75:aa:c5:46:1e:
                    dc:1e:fe:00:8a:5e:06:c9:5a:48:97:5c:ae:20:67:
                    90:be:7c:bb:b4:49:67:74:71:c9:c7:7e:77:ec:c3:
                    9a:33:da:49:45:c6:8c:f4:c6:13:52:70:b6:2c:67:
                    2b:3d:ed:b1:75:30:8b:9d:f8:b1:64:82:a9:88:e0:
                    bc:4c:6a:8c:8a:c5:5a:a2:af:b6:7a:f4:5f:d8:fd:
                    31:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:94:16:F5:89:E1:49:04:02:A4:59:FD:3A:11:D4:9D:B5:B3:62:42
            X509v3 Authority Key Identifier:
                keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:c8:35:31:fa:26:d1:e4:55:96:c8:38:72:b5:df:02:46:22:
         0e:3f:d2:d5:c8:1a:e5:3a:72:4f:2c:df:c0:dc:b9:69:64:e6:
         cc:f1:89:87:41:bf:4c:a4:e9:a2:c2:9a:55:ec:f6:be:bd:57:
         46:5f:04:1d:27:f9:13:30:25:2f:ff:32:8b:92:e6:44:23:28:
         c7:5f:11:30:e1:6f:ad:46:84:61:bf:72:86:c0:15:c7:91:39:
         9d:35:dd:2b:02:9a:ba:27:50:15:d9:89:2e:78:1f:07:b0:fc:
         3f:9a:37:90:cf:c9:5c:12:c9:fc:f1:a1:da:91:61:ca:72:ab:
         61:2d:bd:6a:fa:c2:05:a9:82:8d:08:e8:56:eb:25:dc:19:21:
         4f:c2:09:d7:bf:c7:d5:c6:93:47:2c:bd:ae:e7:d1:3a:cf:a0:
         2f:4e:67:d4:bf:03:77:b4:cf:b8:be:51:ac:a5:b6:22:48:ef:
         be:17:a4:c4:78:5b:17:92:a8:a1:ed:aa:43:81:35:6b:6d:6f:
         91:1c:49:4e:3f:a8:1a:af:40:05:70:63:5d:44:43:25:3f:54:
         48:1a:7c:63:27:62:08:b6:15:e4:41:ab:ab:74:c4:e7:5e:37:
         1a:f5:e1:8c:c2:45:a0:ad:01:4f:0e:65:1a:d6:af:6e:ad:6d:
         d5:17:1b:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzOu7thIOlTMIy3oWip4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi
NTYxZTIwHhcNMjYwMzI1MjEwMDU2WhcNMjYwMzI2MjEwMDU2WjAzMTEwLwYDVQQD
EyhlNjk0MTZmNTg5ZTE0OTA0MDJhNDU5ZmQzYTExZDQ5ZGI1YjM2MjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcZaAlWCosU3nPRdI56wjx4wYb0r
Wo/5XPla6a2q7yOXCWEBe5+TV72CH8mBAlBab9KeWnBEzQVl7cM7MrI1DX+2HlIJ
iZphtzsE1CQf9SG2lDJYuo0cV7e/1kvRYqKN+L4Jx4dLvRYqLv2/blewHP102ROm
Quv0JxmV200k0PVDbp5GxhilWeES/lXRCJP/hqe0HMZY/tCyKGSJa4kYV/vaDwxG
ymDy0KtUMTc8darFRh7cHv4Ail4GyVpIl1yuIGeQvny7tElndHHJx3537MOaM9pJ
RcaM9MYTUnC2LGcrPe2xdTCLnfixZIKpiOC8TGqMisVaoq+2evRf2P0xgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOaUFvWJ4UkEAqRZ/ToR1J21s2JCMB8GA1UdIwQY
MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt
NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll
LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi8g1Mfom
0eRVlsg4crXfAkYiDj/S1cga5TpyTyzfwNy5aWTmzPGJh0G/TKTposKaVez2vr1X
Rl8EHSf5EzAlL/8yi5LmRCMox18RMOFvrUaEYb9yhsAVx5E5nTXdKwKauidQFdmJ
LngfB7D8P5o3kM/JXBLJ/PGh2pFhynKrYS29avrCBamCjQjoVusl3BkhT8IJ17/H
1caTRyy9rufROs+gL05n1L8Dd7TPuL5RrKW2IkjvvhekxHhbF5Kooe2qQ4E1a21v
kRxJTj+oGq9ABXBjXURDJT9USBp8YydiCLYV5EGrq3TE5143GvXhjMJFoK0BTw5l
Gtavbq1t1Rcbog==
-----END CERTIFICATE-----