Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
File:                     H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json)
Hash identifier:          j2g0LMNEwZSAhi7gv7eNkzrSYKZ/gk9RaajsJWYRDZI=
Subject key identifier:   B4:E0:B4:B1:33:39:A1:D8:03:30:D4:6D:FF:79:1A:04:A9:89:C3:96
Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2
Certificate issuer:       /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
Certificate serial:       019CAB34ACC7E10C9A82F236F9FF911F28B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
Manifest number:          0FBB
Signing time:             Sun 01 Mar 2026 21:01:21 +0000
Manifest this update:     Sun 01 Mar 2026 21:01:21 +0000
Manifest next update:     Mon 02 Mar 2026 21:01:21 +0000
Files and hashes:         1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: Hvw7sIZdpispZH2iXu6vIwjp1ekECol4ldMSGok13mE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 21:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:34:ac:c7:e1:0c:9a:82:f2:36:f9:ff:91:1f:28:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
        Validity
            Not Before: Mar  1 21:01:21 2026 GMT
            Not After : Mar  2 21:01:21 2026 GMT
        Subject: CN=b4e0b4b13339a1d80330d46dff791a04a989c396
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:1a:ae:62:2d:12:ca:71:e7:08:70:ab:21:76:
                    a4:58:62:b1:d1:2d:37:0b:ec:b4:fa:3c:3c:6c:05:
                    35:48:e8:e7:64:55:3f:f4:22:9c:4d:a9:a3:5f:7e:
                    72:e6:03:f9:f4:3e:5f:fe:dd:7d:b4:39:b8:9e:f3:
                    77:c4:98:74:8e:34:2d:e1:01:1f:8e:90:fa:f7:8d:
                    87:25:e0:81:e2:1d:75:86:ae:34:6d:9d:4c:2d:11:
                    7d:84:fc:4a:30:69:1a:e7:99:4c:08:3b:e7:d6:e9:
                    32:e3:82:7a:1c:5c:f5:cd:3f:bd:02:70:0e:87:3b:
                    11:ab:eb:8e:ed:c0:d8:68:94:7b:c7:86:d8:8d:29:
                    2c:06:bd:97:a9:e5:1a:af:9c:98:5d:f3:ab:9c:8b:
                    67:a5:93:5b:1e:da:6a:97:85:ac:38:f8:0a:5a:82:
                    e7:e0:65:ac:cc:9d:17:bf:15:da:0e:00:82:da:86:
                    75:36:50:58:b9:a8:72:bd:ad:18:ba:65:50:a0:69:
                    42:fc:a6:4b:3a:d0:33:78:07:9e:0b:8c:bd:4c:dc:
                    80:ec:77:3e:f2:52:59:12:a0:5c:e3:f1:ce:d0:9b:
                    d7:31:0d:0c:8a:34:a9:fb:30:29:79:d2:90:39:18:
                    cf:4b:36:d5:08:05:87:be:35:34:a4:b9:53:2c:d6:
                    20:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:E0:B4:B1:33:39:A1:D8:03:30:D4:6D:FF:79:1A:04:A9:89:C3:96
            X509v3 Authority Key Identifier:
                keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:29:75:89:bf:30:59:f7:16:43:b2:91:65:20:f9:35:ea:11:
         0c:cb:4c:7b:2b:41:b4:3c:50:6f:5d:1d:75:c3:1a:59:66:7b:
         4f:4a:17:46:42:cc:fe:ee:6f:03:18:d9:88:5e:93:ac:5a:5c:
         fc:75:d9:56:c4:b3:a2:2d:95:00:0b:c3:18:cd:e6:fe:7d:45:
         55:43:2f:99:47:c8:3e:30:af:f5:1d:64:cb:f8:85:76:ac:61:
         8e:e5:af:78:f8:d4:ba:12:27:15:a0:0c:92:1f:ed:4b:6f:9e:
         4e:b6:03:82:f6:d6:73:ed:90:fb:45:83:cc:9b:be:f9:da:ef:
         98:50:e6:a0:d7:3c:75:f7:5e:7c:d5:25:09:9e:53:fd:ec:4c:
         33:c7:68:e3:78:83:f1:2e:ae:d2:87:19:ea:2d:ee:b7:44:5a:
         65:45:e5:96:be:90:e3:44:4b:ea:0d:d1:2b:b2:ff:cd:e3:70:
         83:78:15:af:43:e8:a9:7a:b4:06:45:eb:02:72:96:68:c2:0e:
         88:d3:1c:71:5a:77:cd:8d:22:fc:cc:cb:0d:91:e9:39:f3:a0:
         4b:b1:01:4d:8d:db:27:d5:5f:ce:c8:fc:f6:4a:4b:24:9d:72:
         5a:87:a8:ce:6b:b1:ac:c5:bc:fd:97:51:fc:01:e6:f7:e5:bc:
         ba:06:4a:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNKzH4QyagvI2+f+RHyixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi
NTYxZTIwHhcNMjYwMzAxMjEwMTIxWhcNMjYwMzAyMjEwMTIxWjAzMTEwLwYDVQQD
EyhiNGUwYjRiMTMzMzlhMWQ4MDMzMGQ0NmRmZjc5MWEwNGE5ODljMzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRquYi0SynHnCHCrIXakWGKx0S03
C+y0+jw8bAU1SOjnZFU/9CKcTamjX35y5gP59D5f/t19tDm4nvN3xJh0jjQt4QEf
jpD6942HJeCB4h11hq40bZ1MLRF9hPxKMGka55lMCDvn1uky44J6HFz1zT+9AnAO
hzsRq+uO7cDYaJR7x4bYjSksBr2XqeUar5yYXfOrnItnpZNbHtpql4WsOPgKWoLn
4GWszJ0XvxXaDgCC2oZ1NlBYuahyva0YumVQoGlC/KZLOtAzeAeeC4y9TNyA7Hc+
8lJZEqBc4/HO0JvXMQ0MijSp+zApedKQORjPSzbVCAWHvjU0pLlTLNYgSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTgtLEzOaHYAzDUbf95GgSpicOWMB8GA1UdIwQY
MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt
NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll
LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAyl1ib8w
WfcWQ7KRZSD5NeoRDMtMeytBtDxQb10ddcMaWWZ7T0oXRkLM/u5vAxjZiF6TrFpc
/HXZVsSzoi2VAAvDGM3m/n1FVUMvmUfIPjCv9R1ky/iFdqxhjuWvePjUuhInFaAM
kh/tS2+eTrYDgvbWc+2Q+0WDzJu++drvmFDmoNc8dfdefNUlCZ5T/exMM8do43iD
8S6u0ocZ6i3ut0RaZUXllr6Q40RL6g3RK7L/zeNwg3gVr0PoqXq0BkXrAnKWaMIO
iNMccVp3zY0i/MzLDZHpOfOgS7EBTY3bJ9Vfzsj89kpLJJ1yWoeozmuxrMW8/ZdR
/AHm9+W8ugZKRg==
-----END CERTIFICATE-----