Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
File:                     HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft (raw, json)
Hash identifier:          +LlugtB7ES8fXFRLeChNUSThBBt/FvxoSpLw3+vyPIA=
Subject key identifier:   D3:78:CD:D7:95:BA:2C:5A:30:5B:93:AC:CC:FE:9D:2B:99:1C:36:63
Authority key identifier: 1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74
Certificate issuer:       /CN=1c1c754b7a5b541892540d24ab98d31537974574
Certificate serial:       019D371B93222ED672B49A15907F517017F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
Manifest number:          188F
Signing time:             Sun 29 Mar 2026 01:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 01:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 01:00:47 +0000
Files and hashes:         1: HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl (hash: eVTe+SIeoPK+forqtNd1Yt7aqrpiF7amFjLX63mNeJ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:93:22:2e:d6:72:b4:9a:15:90:7f:51:70:17:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1c754b7a5b541892540d24ab98d31537974574
        Validity
            Not Before: Mar 29 01:00:47 2026 GMT
            Not After : Mar 30 01:00:47 2026 GMT
        Subject: CN=d378cdd795ba2c5a305b93acccfe9d2b991c3663
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ac:d3:9c:4d:48:87:61:8f:a9:ff:53:af:aa:
                    35:f0:c5:a6:45:70:89:e6:a5:a4:57:95:96:0a:80:
                    4e:81:4a:a7:4f:52:f7:67:6b:50:92:34:1a:82:60:
                    f3:25:48:13:8e:8b:c9:5d:02:40:9c:a6:b3:cf:09:
                    a0:f1:be:f9:94:a5:d7:6c:8f:0d:64:7a:dc:4f:99:
                    84:45:95:b7:c6:70:c5:33:dc:d9:99:93:58:69:94:
                    8e:57:3d:2f:3c:b6:41:17:1f:3d:a7:19:ac:d7:30:
                    c4:e9:e4:b3:b6:e9:93:d3:63:00:f7:cb:04:bb:fb:
                    29:c2:1d:8c:9b:3d:2e:9a:29:7f:7f:e3:6e:4b:94:
                    9d:5c:0e:8f:5f:12:c6:6e:eb:4c:b4:cd:c1:c0:af:
                    27:87:6b:cc:b8:42:e3:c2:bd:b3:b3:f3:b8:46:91:
                    d0:d4:85:66:7b:e1:dc:e1:d2:1d:6a:d6:be:70:3e:
                    d7:c2:ae:a8:01:c8:dd:79:c3:11:8e:9f:b0:41:09:
                    02:a7:a6:62:10:9a:96:35:0d:6b:c3:72:27:3d:b1:
                    d6:95:ba:dd:56:18:6a:39:9d:e6:b1:2d:e1:dd:d3:
                    43:e6:ab:d6:93:71:47:49:1e:df:1c:df:b8:49:55:
                    bf:de:40:59:8b:ae:27:1e:85:6b:a5:bf:62:a1:49:
                    6a:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:78:CD:D7:95:BA:2C:5A:30:5B:93:AC:CC:FE:9D:2B:99:1C:36:63
            X509v3 Authority Key Identifier:
                keyid:1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:cd:02:97:61:22:49:c9:89:5e:a4:d9:86:60:0a:63:9c:26:
         e1:3b:a1:ae:93:8a:33:84:40:96:0f:d1:67:8e:67:b5:e1:8a:
         ce:28:32:39:85:8e:cb:28:b6:03:15:28:53:4f:4d:01:21:a0:
         01:86:20:b3:ac:cf:21:4e:47:27:9a:78:05:68:e1:7d:be:cd:
         dc:fa:59:85:52:b4:2a:12:c0:47:de:a6:56:13:6b:98:87:0b:
         74:0b:fc:92:8f:b5:a0:5a:7d:7d:3e:8d:5e:19:29:6b:b1:75:
         47:bf:03:df:e1:16:34:0d:a0:dd:ce:e1:69:9c:db:01:e4:7c:
         04:ae:b6:28:f3:7f:e9:37:4a:a1:66:30:a4:c6:96:84:de:52:
         b2:cd:58:f1:f8:8e:ad:9a:35:5b:42:1c:af:66:c8:7b:26:d4:
         f4:97:8a:54:f7:03:87:97:46:91:ee:bb:a3:99:d1:bb:a2:8b:
         6b:37:9e:94:b3:5e:dd:f4:5b:ce:bf:af:6d:a3:41:f2:16:92:
         d5:cc:88:56:5d:d3:d9:5c:62:18:46:a8:af:e7:46:39:61:3d:
         91:7f:2e:73:6a:bc:84:98:e0:81:c1:91:9c:01:88:19:28:e6:
         53:a8:22:b1:43:8e:75:fd:e4:fd:d3:12:42:18:c3:fa:55:db:
         a6:ae:d9:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G5MiLtZytJoVkH9RcBf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMWM3NTRiN2E1YjU0MTg5MjU0MGQyNGFiOThkMzE1Mzc5
NzQ1NzQwHhcNMjYwMzI5MDEwMDQ3WhcNMjYwMzMwMDEwMDQ3WjAzMTEwLwYDVQQD
EyhkMzc4Y2RkNzk1YmEyYzVhMzA1YjkzYWNjY2ZlOWQyYjk5MWMzNjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqazTnE1Ih2GPqf9Tr6o18MWmRXCJ
5qWkV5WWCoBOgUqnT1L3Z2tQkjQagmDzJUgTjovJXQJAnKazzwmg8b75lKXXbI8N
ZHrcT5mERZW3xnDFM9zZmZNYaZSOVz0vPLZBFx89pxms1zDE6eSztumT02MA98sE
u/spwh2Mmz0umil/f+NuS5SdXA6PXxLGbutMtM3BwK8nh2vMuELjwr2zs/O4RpHQ
1IVme+Hc4dIdata+cD7Xwq6oAcjdecMRjp+wQQkCp6ZiEJqWNQ1rw3InPbHWlbrd
VhhqOZ3msS3h3dND5qvWk3FHSR7fHN+4SVW/3kBZi64nHoVrpb9ioUlqlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNN4zdeVuixaMFuTrMz+nSuZHDZjMB8GA1UdIwQY
MBaAFBwcdUt6W1QYklQNJKuY0xU3l0V0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAt
YWEwZjM1ODI0YTI3LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAtYWEwZjM1ODI0YTI3
LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI80Cl2Ei
ScmJXqTZhmAKY5wm4TuhrpOKM4RAlg/RZ45nteGKzigyOYWOyyi2AxUoU09NASGg
AYYgs6zPIU5HJ5p4BWjhfb7N3PpZhVK0KhLAR96mVhNrmIcLdAv8ko+1oFp9fT6N
Xhkpa7F1R78D3+EWNA2g3c7haZzbAeR8BK62KPN/6TdKoWYwpMaWhN5Sss1Y8fiO
rZo1W0Icr2bIeybU9JeKVPcDh5dGke67o5nRu6KLazeelLNe3fRbzr+vbaNB8haS
1cyIVl3T2VxiGEaor+dGOWE9kX8uc2q8hJjggcGRnAGIGSjmU6gisUOOdf3k/dMS
QhjD+lXbpq7ZVg==
-----END CERTIFICATE-----