Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
File:                     H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json)
Hash identifier:          tWG+CXGtjf7vbWxA8hQXwKiFyEM8Bd/3qYh7IoplGXE=
Subject key identifier:   A4:AE:7B:00:29:3B:E7:71:6D:87:3E:15:DB:E3:A0:18:2A:45:5D:40
Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2
Certificate issuer:       /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
Certificate serial:       019D3A1C903B97FFD587BE40E8753ED346E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
Manifest number:          1005
Signing time:             Sun 29 Mar 2026 15:00:43 +0000
Manifest this update:     Sun 29 Mar 2026 15:00:43 +0000
Manifest next update:     Mon 30 Mar 2026 15:00:43 +0000
Files and hashes:         1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: 8L8RgZSoiWrGwS3jYHaQA2rlTSs7pcrcA/7YFmuDn4M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 15:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:1c:90:3b:97:ff:d5:87:be:40:e8:75:3e:d3:46:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
        Validity
            Not Before: Mar 29 15:00:43 2026 GMT
            Not After : Mar 30 15:00:43 2026 GMT
        Subject: CN=a4ae7b00293be7716d873e15dbe3a0182a455d40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:41:ab:26:fd:a1:a4:94:30:89:bd:fa:60:6c:
                    c4:a4:40:f1:92:97:85:c6:8e:3d:a0:cf:b7:54:30:
                    8f:e1:e0:c0:1b:43:8d:ea:8a:b3:3e:92:2c:8c:1e:
                    e7:fe:60:f8:e3:c2:05:2a:09:29:79:c7:c1:af:fc:
                    93:4d:e1:0b:84:0e:73:6f:47:98:11:05:20:a3:c4:
                    cb:86:8a:12:95:67:c7:ed:2c:55:ea:dc:0e:f9:dc:
                    8f:e7:1f:00:02:34:64:cd:66:96:10:70:13:c1:ee:
                    34:78:a9:19:6f:6b:a7:d7:7c:80:72:e9:d4:c1:aa:
                    b0:52:61:a3:1b:7c:71:4f:fa:92:0f:3c:b2:3a:83:
                    2e:5d:ef:77:5d:e8:ac:c4:7b:58:c9:1f:a1:4d:da:
                    68:6d:68:bd:8d:28:62:b5:fa:02:ef:ed:15:63:b7:
                    1d:0f:cc:ec:20:88:46:89:b2:24:f1:53:6a:8c:0c:
                    0a:2f:3c:82:55:eb:a2:f8:2a:e5:67:78:0d:f9:1e:
                    de:be:51:c0:1f:55:1b:9c:25:8f:9e:a7:8e:89:6e:
                    2b:8c:fb:09:3d:66:01:c9:fd:3a:c0:84:48:33:48:
                    91:ab:17:4c:c1:00:18:f8:d9:6c:93:73:c0:55:95:
                    a0:51:b5:d9:5e:c8:92:47:30:33:0b:52:9f:1b:b7:
                    79:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:AE:7B:00:29:3B:E7:71:6D:87:3E:15:DB:E3:A0:18:2A:45:5D:40
            X509v3 Authority Key Identifier:
                keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:3f:e4:f3:30:04:96:fd:f3:2c:17:43:d7:d8:cb:d3:b0:ac:
         cd:54:97:c6:76:33:0f:4d:1f:c0:1a:d5:62:3c:79:2b:81:08:
         56:d0:55:8d:fb:16:17:4a:bd:df:95:20:19:c2:36:86:6e:a2:
         16:52:61:b8:2a:c8:cc:62:06:2e:82:f0:d2:c6:3f:29:13:3b:
         08:03:85:0e:1e:63:df:14:57:eb:ba:4f:16:9d:90:13:fe:b9:
         19:52:a7:bf:17:32:a0:c0:b6:3b:d2:88:94:9e:ad:96:32:07:
         1f:1b:d9:1b:00:bc:39:64:77:3d:60:d8:f3:bb:e9:0b:40:38:
         c7:0d:81:aa:2d:30:ec:4d:bd:79:a0:8b:14:44:1f:de:e1:79:
         1e:d0:b7:24:9b:4e:cd:b0:f3:aa:ab:db:db:8c:e3:08:50:65:
         ce:2d:d0:de:70:8a:10:35:41:f3:e4:ff:fd:07:39:06:33:16:
         a3:89:20:27:92:e5:60:e6:a4:d4:1d:1a:19:a3:5e:c4:02:f9:
         28:44:e2:e7:ce:b3:b1:31:b6:5c:6e:1a:78:5c:67:d0:b0:f3:
         04:bc:62:76:7e:57:48:74:cb:45:49:e7:9f:3c:1d:ee:d3:98:
         99:22:64:4b:fe:b5:61:4f:d8:d4:57:3e:c7:fb:ce:b5:e9:88:
         8d:b3:41:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HJA7l//Vh75A6HU+00bkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi
NTYxZTIwHhcNMjYwMzI5MTUwMDQzWhcNMjYwMzMwMTUwMDQzWjAzMTEwLwYDVQQD
EyhhNGFlN2IwMDI5M2JlNzcxNmQ4NzNlMTVkYmUzYTAxODJhNDU1ZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0GrJv2hpJQwib36YGzEpEDxkpeF
xo49oM+3VDCP4eDAG0ON6oqzPpIsjB7n/mD448IFKgkpecfBr/yTTeELhA5zb0eY
EQUgo8TLhooSlWfH7SxV6twO+dyP5x8AAjRkzWaWEHATwe40eKkZb2un13yAcunU
waqwUmGjG3xxT/qSDzyyOoMuXe93XeisxHtYyR+hTdpobWi9jShitfoC7+0VY7cd
D8zsIIhGibIk8VNqjAwKLzyCVeui+CrlZ3gN+R7evlHAH1UbnCWPnqeOiW4rjPsJ
PWYByf06wIRIM0iRqxdMwQAY+Nlsk3PAVZWgUbXZXsiSRzAzC1KfG7d5ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKSuewApO+dxbYc+FdvjoBgqRV1AMB8GA1UdIwQY
MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt
NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll
LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADj/k8zAE
lv3zLBdD19jL07CszVSXxnYzD00fwBrVYjx5K4EIVtBVjfsWF0q935UgGcI2hm6i
FlJhuCrIzGIGLoLw0sY/KRM7CAOFDh5j3xRX67pPFp2QE/65GVKnvxcyoMC2O9KI
lJ6tljIHHxvZGwC8OWR3PWDY87vpC0A4xw2Bqi0w7E29eaCLFEQf3uF5HtC3JJtO
zbDzqqvb24zjCFBlzi3Q3nCKEDVB8+T//Qc5BjMWo4kgJ5LlYOak1B0aGaNexAL5
KETi586zsTG2XG4aeFxn0LDzBLxidn5XSHTLRUnnnzwd7tOYmSJkS/61YU/Y1Fc+
x/vOtemIjbNBJg==
-----END CERTIFICATE-----