Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
File:                     h1bSd2jhHZSgu837P7zXQNRaAPQ.mft (raw, json)
Hash identifier:          DQR5OdPE9g5/oRtELqkrPZ+PmSydxdq/F1EVQonpsGY=
Subject key identifier:   CD:BB:83:27:7B:BD:B8:1C:7B:DE:72:FA:6C:A8:22:B2:10:1B:30:3D
Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
Certificate issuer:       /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Certificate serial:       019CAAFCF73CBD88C54383D7EA67DE38BBBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
Manifest number:          1328
Signing time:             Sun 01 Mar 2026 20:00:30 +0000
Manifest this update:     Sun 01 Mar 2026 20:00:30 +0000
Manifest next update:     Mon 02 Mar 2026 20:00:30 +0000
Files and hashes:         1: h1bSd2jhHZSgu837P7zXQNRaAPQ.crl (hash: 4A3fx9DHd/kzpGWz+G61l6aDGRCezizxxO9mpE99h6s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:fc:f7:3c:bd:88:c5:43:83:d7:ea:67:de:38:bb:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
        Validity
            Not Before: Mar  1 20:00:30 2026 GMT
            Not After : Mar  2 20:00:30 2026 GMT
        Subject: CN=cdbb83277bbdb81c7bde72fa6ca822b2101b303d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:d0:e6:31:1c:69:b4:9e:ef:7d:8e:e7:c7:dc:
                    1e:e2:7c:5f:5c:47:7d:cf:bb:d1:b0:53:09:70:f5:
                    44:75:d5:47:ad:d3:d4:22:4d:f7:f3:e4:0d:21:96:
                    e7:02:aa:02:09:dc:e0:05:32:1a:58:02:72:1e:4c:
                    c6:e9:43:8a:80:a3:9a:07:f6:27:dd:ad:d9:8c:3a:
                    6b:4f:16:a5:d2:06:0f:79:6c:bb:87:30:a2:53:c7:
                    65:0f:76:25:5a:fa:67:a9:9b:68:df:79:c8:2c:c7:
                    d3:89:35:e8:88:6a:e7:e9:c6:ac:49:5a:f1:25:0e:
                    61:5d:18:4e:f9:a5:0a:8b:e9:e2:cb:53:69:97:3e:
                    98:cf:15:95:2d:88:29:88:82:a6:1a:0a:9e:8a:84:
                    ad:45:e4:ea:69:81:b9:61:08:0d:21:3a:77:dd:e1:
                    f3:e8:d9:9b:93:3e:75:eb:f3:c1:2a:02:6b:c7:3c:
                    88:60:c9:c4:9d:c4:2f:c3:e9:6d:3a:7e:d1:a0:14:
                    f3:7c:33:90:78:0e:d0:de:b3:06:80:29:8d:ef:0e:
                    16:00:ad:c2:45:33:3b:21:ac:ab:7d:14:2a:8a:29:
                    02:7d:37:76:32:05:77:90:5c:71:ce:49:14:67:37:
                    a4:3b:3b:65:da:f4:59:48:50:04:91:4a:dd:51:d3:
                    49:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:BB:83:27:7B:BD:B8:1C:7B:DE:72:FA:6C:A8:22:B2:10:1B:30:3D
            X509v3 Authority Key Identifier:
                keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:72:ac:55:40:c2:67:83:6b:19:c4:5e:06:fc:3a:fa:2d:2f:
         6a:59:66:c1:8b:a3:0f:8d:3c:6e:27:53:41:97:64:e5:ca:28:
         f5:dd:45:d6:76:8f:5c:be:ba:25:f9:6c:46:8f:d1:1d:e4:2a:
         bb:a6:82:8e:d4:e8:61:02:c8:43:0d:d7:7b:ab:a0:8f:7d:b7:
         d8:85:6f:a3:f2:6f:7b:f0:3d:43:ed:30:89:bd:9b:14:6d:c3:
         14:04:14:ea:0a:c1:4d:02:77:fb:68:4b:41:74:a7:0d:02:40:
         ba:6a:e6:31:4a:0a:96:60:2e:e5:22:ce:41:b6:cd:f1:5d:8c:
         a2:81:7c:ef:82:8f:72:6b:9f:22:2a:ce:a3:c4:b5:d2:9f:58:
         e3:e9:e0:16:2d:a1:29:71:27:75:9e:e5:50:13:80:0e:33:e0:
         f5:27:65:f4:62:f6:71:89:70:5b:53:1a:3f:54:5b:52:c4:30:
         74:b7:4a:37:cf:be:78:88:2a:32:c3:4a:6f:98:5e:0d:21:eb:
         e3:ca:8e:a3:30:8d:99:85:a3:3e:af:62:95:5c:d0:9e:37:55:
         56:21:6d:64:dc:48:f4:f1:e9:47:b4:66:aa:ac:05:c7:f5:3a:
         c1:12:e2:a7:cf:43:1f:70:b4:ee:c6:b4:1e:32:4c:8e:ec:f2:
         a4:fb:35:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/Pc8vYjFQ4PX6mfeOLu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1
YTAwZjQwHhcNMjYwMzAxMjAwMDMwWhcNMjYwMzAyMjAwMDMwWjAzMTEwLwYDVQQD
EyhjZGJiODMyNzdiYmRiODFjN2JkZTcyZmE2Y2E4MjJiMjEwMWIzMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9DmMRxptJ7vfY7nx9we4nxfXEd9
z7vRsFMJcPVEddVHrdPUIk338+QNIZbnAqoCCdzgBTIaWAJyHkzG6UOKgKOaB/Yn
3a3ZjDprTxal0gYPeWy7hzCiU8dlD3YlWvpnqZto33nILMfTiTXoiGrn6casSVrx
JQ5hXRhO+aUKi+niy1Nplz6YzxWVLYgpiIKmGgqeioStReTqaYG5YQgNITp33eHz
6Nmbkz516/PBKgJrxzyIYMnEncQvw+ltOn7RoBTzfDOQeA7Q3rMGgCmN7w4WAK3C
RTM7IayrfRQqiikCfTd2MgV3kFxxzkkUZzekOztl2vRZSFAEkUrdUdNJSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM27gyd7vbgce95y+myoIrIQGzA9MB8GA1UdIwQY
MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt
YzNhMDJkN2MwNjk3LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3
LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYnKsVUDC
Z4NrGcReBvw6+i0vallmwYujD408bidTQZdk5coo9d1F1naPXL66JflsRo/RHeQq
u6aCjtToYQLIQw3Xe6ugj3232IVvo/Jve/A9Q+0wib2bFG3DFAQU6grBTQJ3+2hL
QXSnDQJAumrmMUoKlmAu5SLOQbbN8V2MooF874KPcmufIirOo8S10p9Y4+ngFi2h
KXEndZ7lUBOADjPg9Sdl9GL2cYlwW1MaP1RbUsQwdLdKN8++eIgqMsNKb5heDSHr
48qOozCNmYWjPq9ilVzQnjdVViFtZNxI9PHpR7RmqqwFx/U6wRLip89DH3C07sa0
HjJMjuzypPs1rA==
-----END CERTIFICATE-----