Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
File:                     h1bSd2jhHZSgu837P7zXQNRaAPQ.mft (raw, json)
Hash identifier:          QE7Ve2OVuSYZJ/aCRg8uE20E72ju1mpoFpwMQJhVydU=
Subject key identifier:   ED:8A:42:74:2A:CA:C4:8F:5A:6B:6B:0C:B6:AD:F5:91:97:22:74:61
Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
Certificate issuer:       /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Certificate serial:       019D37F77DAA858475404741C07A22A2220F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
Manifest number:          1371
Signing time:             Sun 29 Mar 2026 05:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:59 +0000
Files and hashes:         1: h1bSd2jhHZSgu837P7zXQNRaAPQ.crl (hash: Xp8/p2IU1Py8HovwERAseSodJzHPv3TbLu69WBBpnwk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:7d:aa:85:84:75:40:47:41:c0:7a:22:a2:22:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
        Validity
            Not Before: Mar 29 05:00:59 2026 GMT
            Not After : Mar 30 05:00:59 2026 GMT
        Subject: CN=ed8a42742acac48f5a6b6b0cb6adf59197227461
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:1b:47:27:42:91:cd:0e:7d:87:4d:ae:da:8a:
                    ff:75:48:e5:fa:51:dc:17:e9:7b:bd:90:18:86:dd:
                    bc:65:70:77:91:1a:30:22:74:cb:47:50:bc:44:8d:
                    e4:76:4f:9d:b9:ff:05:b9:f7:f9:b1:42:b9:48:0a:
                    2f:d5:78:49:1a:55:99:5f:72:d2:28:bb:f6:5b:d9:
                    56:10:aa:e3:22:f5:3e:79:c8:5e:5c:80:9d:df:f4:
                    df:e0:42:70:d5:dd:38:8c:0b:6b:71:61:d7:ed:15:
                    85:3c:0d:bf:29:5f:34:fe:9e:3f:c1:2c:0d:00:5d:
                    d8:4f:d6:7c:54:6d:c2:e3:05:8a:4c:39:cf:b1:31:
                    14:e8:5d:6c:37:f2:39:e8:c1:fe:cf:09:3a:a5:ec:
                    5d:07:1a:17:18:e6:17:8b:d2:80:b3:14:47:0e:44:
                    a5:01:16:bb:20:9e:04:8a:e1:f0:74:00:28:2c:d9:
                    43:c0:24:d5:f8:53:79:2b:c5:02:b3:61:9b:69:73:
                    25:18:4a:6d:e1:b7:74:e4:85:4a:de:93:3f:68:f1:
                    29:5a:8e:4c:2a:2d:99:1c:87:0e:2e:4d:6e:be:85:
                    2a:12:0b:d2:65:34:dc:49:9b:e7:5b:16:5b:e4:26:
                    fa:17:15:61:b2:83:d5:96:58:1e:79:8e:88:c3:f3:
                    c2:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:8A:42:74:2A:CA:C4:8F:5A:6B:6B:0C:B6:AD:F5:91:97:22:74:61
            X509v3 Authority Key Identifier:
                keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:58:19:19:65:b0:0d:dd:2c:00:7b:76:de:8a:e0:ff:69:73:
         26:bb:42:c5:00:98:36:0e:64:11:16:db:58:57:2b:6c:c4:f1:
         d0:18:98:b6:17:ee:73:b8:a5:52:1f:52:c3:f3:4a:7a:5a:c6:
         f5:dd:07:4e:d7:e0:d0:42:36:eb:40:6c:af:71:6c:a5:af:71:
         f0:86:1b:f0:12:4d:06:98:54:ed:ba:95:95:33:d7:51:25:82:
         de:5e:bc:db:e0:9f:f2:2c:c2:d8:ea:5b:2f:b4:97:ef:b8:b7:
         c2:4d:23:75:74:26:73:c5:a0:fd:dd:d3:39:e0:44:ed:4e:6c:
         f9:ce:bb:e9:b2:5f:a4:6a:ba:03:4e:8e:62:dd:fe:ba:47:5a:
         34:bd:0d:28:04:d3:4f:e9:48:3b:1c:11:59:59:a3:49:1f:87:
         04:ba:e9:8a:fa:26:4d:68:7d:23:e9:5b:63:f2:cb:d6:28:c4:
         68:99:9d:7b:66:80:08:b5:98:02:7f:ca:f3:17:69:eb:e1:27:
         8c:e3:a8:89:73:89:04:fe:83:7e:ff:f5:73:24:12:a4:0e:07:
         dc:52:ef:90:08:73:51:1a:6e:c6:6d:ce:c6:3d:51:b8:bd:66:
         10:b8:83:b8:be:ef:00:19:bf:b6:19:71:fa:d7:a3:20:20:3d:
         be:57:cf:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03932qhYR1QEdBwHoioiIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1
YTAwZjQwHhcNMjYwMzI5MDUwMDU5WhcNMjYwMzMwMDUwMDU5WjAzMTEwLwYDVQQD
EyhlZDhhNDI3NDJhY2FjNDhmNWE2YjZiMGNiNmFkZjU5MTk3MjI3NDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1htHJ0KRzQ59h02u2or/dUjl+lHc
F+l7vZAYht28ZXB3kRowInTLR1C8RI3kdk+duf8Fuff5sUK5SAov1XhJGlWZX3LS
KLv2W9lWEKrjIvU+echeXICd3/Tf4EJw1d04jAtrcWHX7RWFPA2/KV80/p4/wSwN
AF3YT9Z8VG3C4wWKTDnPsTEU6F1sN/I56MH+zwk6pexdBxoXGOYXi9KAsxRHDkSl
ARa7IJ4EiuHwdAAoLNlDwCTV+FN5K8UCs2GbaXMlGEpt4bd05IVK3pM/aPEpWo5M
Ki2ZHIcOLk1uvoUqEgvSZTTcSZvnWxZb5Cb6FxVhsoPVllgeeY6Iw/PCgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2KQnQqysSPWmtrDLat9ZGXInRhMB8GA1UdIwQY
MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt
YzNhMDJkN2MwNjk3LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3
LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoVgZGWWw
Dd0sAHt23org/2lzJrtCxQCYNg5kERbbWFcrbMTx0BiYthfuc7ilUh9Sw/NKelrG
9d0HTtfg0EI260Bsr3Fspa9x8IYb8BJNBphU7bqVlTPXUSWC3l682+Cf8izC2Opb
L7SX77i3wk0jdXQmc8Wg/d3TOeBE7U5s+c676bJfpGq6A06OYt3+ukdaNL0NKATT
T+lIOxwRWVmjSR+HBLrpivomTWh9I+lbY/LL1ijEaJmde2aACLWYAn/K8xdp6+En
jOOoiXOJBP6Dfv/1cyQSpA4H3FLvkAhzURpuxm3Oxj1RuL1mELiDuL7vABm/thlx
+tejICA9vlfP0g==
-----END CERTIFICATE-----