Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
File:                     H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json)
Hash identifier:          zRWTG19VhuGacPtO/E9GS/CP4CpUH6r446RdmTvPriI=
Subject key identifier:   D4:F3:72:97:6B:D0:96:18:A9:41:9A:44:E5:3E:11:8A:56:AC:D6:C3
Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2
Certificate issuer:       /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
Certificate serial:       019D98BD56EDF603E2CD0D9A242E8340A923
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
Manifest number:          1036
Signing time:             Fri 17 Apr 2026 00:00:38 +0000
Manifest this update:     Fri 17 Apr 2026 00:00:38 +0000
Manifest next update:     Sat 18 Apr 2026 00:00:38 +0000
Files and hashes:         1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: zBcItxLb+9T1kM7Aox9OWSivXzXGJWqmTk76EHh+vss=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:bd:56:ed:f6:03:e2:cd:0d:9a:24:2e:83:40:a9:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
        Validity
            Not Before: Apr 17 00:00:38 2026 GMT
            Not After : Apr 18 00:00:38 2026 GMT
        Subject: CN=d4f372976bd09618a9419a44e53e118a56acd6c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:be:39:7f:16:fb:7b:7c:c5:0b:6d:53:01:aa:
                    a6:ca:d4:84:94:c9:06:5d:5c:29:71:3e:b9:60:11:
                    4b:39:9c:99:d3:46:f3:81:ac:a1:d1:78:8e:b7:a7:
                    4e:1e:f9:1a:65:7e:31:fa:30:37:ee:76:77:0c:ab:
                    b6:eb:9a:c7:76:15:4e:11:81:85:07:35:af:ba:18:
                    f4:01:88:72:7c:81:c5:57:c9:0e:af:10:4a:78:20:
                    63:d6:6e:05:ce:ad:71:a1:5c:fb:1d:70:4d:35:b6:
                    94:9f:b6:d9:95:08:71:7b:2c:eb:f8:cc:1b:af:7d:
                    27:00:13:43:be:4d:ea:b7:02:9d:d5:1a:07:16:0d:
                    6c:70:7d:70:b7:2a:a2:55:b0:a5:ed:ee:16:80:bf:
                    ba:86:34:6b:a7:6e:02:b2:65:f0:98:e0:fd:f6:e5:
                    1b:da:2f:b0:b9:cc:0b:9d:dc:ba:6b:04:b2:4e:70:
                    f0:e0:b7:0b:e1:78:8a:7d:74:3f:05:84:23:42:e7:
                    97:36:20:83:1c:09:e4:71:47:c9:f7:f2:69:04:05:
                    dc:01:20:8f:8d:d7:f2:28:0a:62:b1:5e:e6:3f:af:
                    7b:e1:94:7d:9e:c5:3d:5d:80:39:1a:bf:7c:c3:fc:
                    56:08:10:e5:2a:c8:9b:a3:88:65:da:3d:95:c5:e5:
                    e1:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:F3:72:97:6B:D0:96:18:A9:41:9A:44:E5:3E:11:8A:56:AC:D6:C3
            X509v3 Authority Key Identifier:
                keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:96:7c:68:b8:d5:9a:8d:7c:be:18:aa:15:64:f0:0f:ad:1c:
         6d:dc:8d:66:55:2b:d0:16:a7:f6:e0:ae:65:9a:8e:1b:f6:59:
         1b:ae:7d:e0:51:7a:38:df:f9:0b:d2:1c:b3:2e:e9:90:30:9b:
         93:f0:8a:d6:a5:8b:88:8c:b8:1e:da:06:a4:eb:4c:50:74:4a:
         15:d3:85:2b:3a:4d:f4:2c:ef:28:48:41:af:6a:4c:9d:fd:56:
         bc:5c:b0:6f:ab:f9:7b:e2:59:db:2d:c3:49:22:8a:a4:32:2b:
         0e:35:82:43:72:0a:b2:41:4f:b8:ff:8d:8a:24:12:67:d2:2e:
         4a:0f:05:a3:2f:e6:7c:4e:36:f9:82:40:87:8b:06:48:95:08:
         d2:4d:32:c2:8c:97:1d:06:da:0a:0c:c7:e4:96:e9:97:41:21:
         1b:6f:2e:2a:b4:74:c9:9f:6f:5f:0f:03:8c:14:28:9e:f6:8b:
         f1:99:a2:8a:6e:dc:f2:5f:85:07:b1:ae:b8:f7:63:98:76:1c:
         30:7d:96:82:36:15:0d:0b:7f:1a:10:a8:30:d7:65:f9:a1:26:
         d9:b8:45:b2:92:72:2a:e1:77:86:24:e9:24:20:4f:02:95:a2:
         4a:04:ed:19:26:b8:4c:9a:ad:f0:cf:fd:14:a1:46:b2:0f:98:
         0d:a9:88:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YvVbt9gPizQ2aJC6DQKkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi
NTYxZTIwHhcNMjYwNDE3MDAwMDM4WhcNMjYwNDE4MDAwMDM4WjAzMTEwLwYDVQQD
EyhkNGYzNzI5NzZiZDA5NjE4YTk0MTlhNDRlNTNlMTE4YTU2YWNkNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwr45fxb7e3zFC21TAaqmytSElMkG
XVwpcT65YBFLOZyZ00bzgayh0XiOt6dOHvkaZX4x+jA37nZ3DKu265rHdhVOEYGF
BzWvuhj0AYhyfIHFV8kOrxBKeCBj1m4Fzq1xoVz7HXBNNbaUn7bZlQhxeyzr+Mwb
r30nABNDvk3qtwKd1RoHFg1scH1wtyqiVbCl7e4WgL+6hjRrp24CsmXwmOD99uUb
2i+wucwLndy6awSyTnDw4LcL4XiKfXQ/BYQjQueXNiCDHAnkcUfJ9/JpBAXcASCP
jdfyKApisV7mP6974ZR9nsU9XYA5Gr98w/xWCBDlKsibo4hl2j2VxeXhTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNTzcpdr0JYYqUGaROU+EYpWrNbDMB8GA1UdIwQY
MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt
NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll
LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeJZ8aLjV
mo18vhiqFWTwD60cbdyNZlUr0Ban9uCuZZqOG/ZZG6594FF6ON/5C9Icsy7pkDCb
k/CK1qWLiIy4HtoGpOtMUHRKFdOFKzpN9CzvKEhBr2pMnf1WvFywb6v5e+JZ2y3D
SSKKpDIrDjWCQ3IKskFPuP+NiiQSZ9IuSg8Foy/mfE42+YJAh4sGSJUI0k0ywoyX
HQbaCgzH5Jbpl0EhG28uKrR0yZ9vXw8DjBQonvaL8Zmiim7c8l+FB7GuuPdjmHYc
MH2WgjYVDQt/GhCoMNdl+aEm2bhFspJyKuF3hiTpJCBPApWiSgTtGSa4TJqt8M/9
FKFGsg+YDamItw==
-----END CERTIFICATE-----