Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
File:                     h1bSd2jhHZSgu837P7zXQNRaAPQ.mft (raw, json)
Hash identifier:          wnz4RAIAO80m2qBgZXbLuD7dAOBbXdrvkYltf+vFFzo=
Subject key identifier:   7D:2A:AA:9A:B5:7C:6B:B6:F7:74:22:30:1A:6F:CD:33:27:79:34:FA
Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
Certificate issuer:       /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Certificate serial:       019D2695D1E20AF2DF4321ADFFD7AF249D73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
Manifest number:          1368
Signing time:             Wed 25 Mar 2026 20:00:45 +0000
Manifest this update:     Wed 25 Mar 2026 20:00:45 +0000
Manifest next update:     Thu 26 Mar 2026 20:00:45 +0000
Files and hashes:         1: h1bSd2jhHZSgu837P7zXQNRaAPQ.crl (hash: Jze3K6d8EwL8H9wQpNEWxPKJOKnazVvgzdDZrs4Kr7M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:95:d1:e2:0a:f2:df:43:21:ad:ff:d7:af:24:9d:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
        Validity
            Not Before: Mar 25 20:00:45 2026 GMT
            Not After : Mar 26 20:00:45 2026 GMT
        Subject: CN=7d2aaa9ab57c6bb6f77422301a6fcd33277934fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:85:d9:37:72:12:73:b9:c4:92:6e:2b:49:3d:
                    d1:06:f8:49:1c:21:da:49:31:6a:51:c9:eb:6f:27:
                    bb:03:48:b3:04:24:3c:f8:bb:87:e2:70:2e:75:9b:
                    16:fd:fc:dd:22:2d:9a:c0:54:19:28:84:fd:d8:b5:
                    37:b6:53:33:ff:1a:16:bd:8d:e0:cc:cf:a0:57:85:
                    a3:b1:82:89:36:28:e1:25:c2:52:29:a4:39:46:07:
                    7b:cb:3d:e0:87:f1:89:32:27:89:b3:00:67:10:aa:
                    3d:77:e8:7f:f8:7d:43:63:3f:9c:a4:6f:02:09:b9:
                    ab:60:83:6b:a5:23:45:1b:43:77:91:bf:cd:f2:83:
                    77:4c:f5:65:1a:38:7e:93:e9:58:9a:4b:52:d7:1c:
                    fa:20:b2:d5:70:e5:bf:f4:e2:61:11:54:34:65:7d:
                    e1:5f:64:8c:53:e6:05:f9:3d:a6:1e:c7:f6:26:8c:
                    7a:fd:d5:72:28:40:8c:cb:be:a7:78:4d:63:4e:6a:
                    31:d2:94:cd:f7:00:56:b1:46:1e:03:b4:e6:cd:97:
                    65:b2:2a:06:c1:38:5d:e8:8a:03:67:ea:03:78:ea:
                    31:3d:6b:f4:2d:34:cc:32:2a:fd:62:72:d2:ff:c3:
                    fe:54:84:3b:47:67:2e:32:a1:da:ba:49:05:65:43:
                    c1:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:2A:AA:9A:B5:7C:6B:B6:F7:74:22:30:1A:6F:CD:33:27:79:34:FA
            X509v3 Authority Key Identifier:
                keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:57:95:31:77:83:c3:46:ce:53:d1:70:74:68:63:ad:49:77:
         61:81:22:52:dd:02:38:69:5e:e6:13:02:46:62:b7:c0:c6:9d:
         03:6b:37:3c:ea:8f:9a:26:b9:90:21:87:d6:16:c4:b5:29:ff:
         27:80:b5:8a:84:b8:f9:85:13:ee:f4:f0:c2:c0:6d:ba:e6:08:
         fe:38:e1:ba:00:08:56:4e:38:01:06:22:d2:e5:e0:38:25:63:
         25:54:09:c4:4c:6d:af:9c:f1:e1:8a:f5:2b:40:e9:95:ba:5e:
         1e:9c:dc:1f:49:78:df:c8:95:ff:0f:47:55:19:2a:da:44:1f:
         47:38:8a:6d:ec:ea:7f:f1:5b:22:6c:a9:5f:f6:f7:2b:de:9e:
         2b:9b:ad:8d:be:07:78:e3:60:cd:eb:c3:cb:13:fc:81:a0:45:
         c6:08:ee:c4:33:46:28:9e:e8:b8:af:34:6a:1f:04:48:84:31:
         9b:76:99:bc:03:6c:d7:a4:dc:31:97:64:83:76:22:96:3a:cd:
         02:37:1d:89:80:2b:24:b5:af:de:d7:5f:7b:25:99:aa:a8:c5:
         27:ae:da:85:b4:49:33:b6:61:c6:2e:84:1d:bd:b9:21:a5:c6:
         64:0c:90:7f:37:a3:c7:d9:09:5c:e0:0c:8d:90:c4:f1:a3:15:
         e9:93:97:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mldHiCvLfQyGt/9evJJ1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1
YTAwZjQwHhcNMjYwMzI1MjAwMDQ1WhcNMjYwMzI2MjAwMDQ1WjAzMTEwLwYDVQQD
Eyg3ZDJhYWE5YWI1N2M2YmI2Zjc3NDIyMzAxYTZmY2QzMzI3NzkzNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYXZN3ISc7nEkm4rST3RBvhJHCHa
STFqUcnrbye7A0izBCQ8+LuH4nAudZsW/fzdIi2awFQZKIT92LU3tlMz/xoWvY3g
zM+gV4WjsYKJNijhJcJSKaQ5Rgd7yz3gh/GJMieJswBnEKo9d+h/+H1DYz+cpG8C
CbmrYINrpSNFG0N3kb/N8oN3TPVlGjh+k+lYmktS1xz6ILLVcOW/9OJhEVQ0ZX3h
X2SMU+YF+T2mHsf2Jox6/dVyKECMy76neE1jTmox0pTN9wBWsUYeA7TmzZdlsioG
wThd6IoDZ+oDeOoxPWv0LTTMMir9YnLS/8P+VIQ7R2cuMqHaukkFZUPBMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0qqpq1fGu293QiMBpvzTMneTT6MB8GA1UdIwQY
MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt
YzNhMDJkN2MwNjk3LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3
LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGFeVMXeD
w0bOU9FwdGhjrUl3YYEiUt0COGle5hMCRmK3wMadA2s3POqPmia5kCGH1hbEtSn/
J4C1ioS4+YUT7vTwwsBtuuYI/jjhugAIVk44AQYi0uXgOCVjJVQJxExtr5zx4Yr1
K0DplbpeHpzcH0l438iV/w9HVRkq2kQfRziKbezqf/FbImypX/b3K96eK5utjb4H
eONgzevDyxP8gaBFxgjuxDNGKJ7ouK80ah8ESIQxm3aZvANs16TcMZdkg3YiljrN
AjcdiYArJLWv3tdfeyWZqqjFJ67ahbRJM7Zhxi6EHb25IaXGZAyQfzejx9kJXOAM
jZDE8aMV6ZOXWw==
-----END CERTIFICATE-----