Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
File:                     h1bSd2jhHZSgu837P7zXQNRaAPQ.mft (raw, json)
Hash identifier:          5zn43juMUzyNGmtyUSsHS2pCV019/9IYZsONjMNUa2I=
Subject key identifier:   E7:07:98:D4:64:BF:0A:90:18:A1:81:8B:CA:19:3A:6A:B9:4F:C9:5F
Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
Certificate issuer:       /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Certificate serial:       019D9886D959875C77C9D0992830187B7950
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
Manifest number:          13A3
Signing time:             Thu 16 Apr 2026 23:01:07 +0000
Manifest this update:     Thu 16 Apr 2026 23:01:07 +0000
Manifest next update:     Fri 17 Apr 2026 23:01:07 +0000
Files and hashes:         1: h1bSd2jhHZSgu837P7zXQNRaAPQ.crl (hash: eZrNOpCAFP5BXgKKoLiVH97aBvMoYHalK79ruQbJlqM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:86:d9:59:87:5c:77:c9:d0:99:28:30:18:7b:79:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
        Validity
            Not Before: Apr 16 23:01:07 2026 GMT
            Not After : Apr 17 23:01:07 2026 GMT
        Subject: CN=e70798d464bf0a9018a1818bca193a6ab94fc95f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:c5:34:64:aa:fe:32:ff:09:c1:da:26:f1:a4:
                    25:9b:e8:43:3c:0a:bf:09:e5:75:3c:b5:2b:43:e8:
                    cf:6b:bf:58:81:9f:fd:c5:02:a6:c1:61:d8:d6:53:
                    4f:71:01:5d:36:22:9a:88:57:c5:f9:03:2e:43:5e:
                    50:fc:0f:97:60:b9:bc:49:e2:89:8d:0c:72:74:e4:
                    bb:43:8d:ce:16:a0:61:81:89:31:01:80:77:09:2a:
                    bc:68:db:7e:3c:ab:84:d1:99:10:3a:82:ce:54:47:
                    a3:a5:00:cd:00:60:c3:b3:75:f9:6a:eb:b4:cc:3b:
                    a4:ff:0d:f0:a8:b0:cd:ff:66:b5:39:7e:88:5f:1c:
                    bf:5d:70:70:c3:a1:67:f8:a4:36:72:52:ff:df:f7:
                    c7:c7:68:60:92:fb:83:02:1f:17:a5:db:dd:05:0b:
                    f9:ce:cc:a6:3e:4b:61:08:91:d7:4e:f7:01:64:bd:
                    c0:e1:45:72:9b:15:7e:86:de:0c:5c:81:1e:99:89:
                    b2:d5:6f:71:ad:9b:1a:69:e0:fd:74:e8:bf:d4:b0:
                    31:c0:47:3a:48:0d:72:c0:a6:72:e5:a2:8e:99:32:
                    f2:68:15:a6:ce:77:60:0f:98:35:4e:7b:17:fd:3f:
                    66:a6:7f:2a:fa:0e:22:90:03:9f:90:63:67:b8:ef:
                    b6:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:07:98:D4:64:BF:0A:90:18:A1:81:8B:CA:19:3A:6A:B9:4F:C9:5F
            X509v3 Authority Key Identifier:
                keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:8a:4b:5a:04:e0:f5:b9:81:f1:a9:e1:e6:7d:7e:cb:ba:fa:
         fe:03:7d:26:89:76:26:c4:2a:18:e9:6a:45:d0:01:4b:d1:51:
         2d:bd:dc:54:73:87:0a:a4:f9:c3:ae:60:80:d4:1a:58:c0:e1:
         09:12:cd:5d:fb:b5:38:bb:1e:d1:b7:ad:df:43:14:2f:ab:99:
         60:48:27:5c:6b:09:e5:d4:a2:6d:89:94:af:b3:10:5e:3e:c7:
         94:fb:7b:c1:2b:91:28:e2:f4:8b:a1:67:46:20:6a:12:db:6e:
         8c:74:3c:ce:47:0c:2c:2e:08:e9:44:40:e6:9d:b0:48:83:ca:
         b2:b8:07:27:53:ad:85:a5:df:33:52:2f:80:4d:3e:1d:8e:c2:
         89:b3:56:45:0f:dd:09:b9:1f:27:f9:19:00:e0:80:76:56:f6:
         4b:9f:eb:91:e2:ca:38:53:bc:17:52:5a:76:ef:a0:d1:f2:85:
         60:4b:67:c4:51:5a:3b:fa:24:46:82:2b:89:19:8e:e3:ff:79:
         e3:5e:9a:c2:49:c3:17:75:82:c8:28:dd:eb:8e:1f:52:08:e5:
         bf:3d:5c:0a:5f:50:54:b2:45:45:4d:f8:6e:e0:f3:2f:2f:71:
         92:c8:ee:e3:0c:64:18:72:d7:1d:92:08:50:2a:c9:92:2b:65:
         40:11:30:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YhtlZh1x3ydCZKDAYe3lQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1
YTAwZjQwHhcNMjYwNDE2MjMwMTA3WhcNMjYwNDE3MjMwMTA3WjAzMTEwLwYDVQQD
EyhlNzA3OThkNDY0YmYwYTkwMThhMTgxOGJjYTE5M2E2YWI5NGZjOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMU0ZKr+Mv8Jwdom8aQlm+hDPAq/
CeV1PLUrQ+jPa79YgZ/9xQKmwWHY1lNPcQFdNiKaiFfF+QMuQ15Q/A+XYLm8SeKJ
jQxydOS7Q43OFqBhgYkxAYB3CSq8aNt+PKuE0ZkQOoLOVEejpQDNAGDDs3X5auu0
zDuk/w3wqLDN/2a1OX6IXxy/XXBww6Fn+KQ2clL/3/fHx2hgkvuDAh8XpdvdBQv5
zsymPkthCJHXTvcBZL3A4UVymxV+ht4MXIEemYmy1W9xrZsaaeD9dOi/1LAxwEc6
SA1ywKZy5aKOmTLyaBWmzndgD5g1TnsX/T9mpn8q+g4ikAOfkGNnuO+2RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOcHmNRkvwqQGKGBi8oZOmq5T8lfMB8GA1UdIwQY
MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt
YzNhMDJkN2MwNjk3LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3
LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU4pLWgTg
9bmB8anh5n1+y7r6/gN9Jol2JsQqGOlqRdABS9FRLb3cVHOHCqT5w65ggNQaWMDh
CRLNXfu1OLse0bet30MUL6uZYEgnXGsJ5dSibYmUr7MQXj7HlPt7wSuRKOL0i6Fn
RiBqEttujHQ8zkcMLC4I6URA5p2wSIPKsrgHJ1OthaXfM1IvgE0+HY7CibNWRQ/d
CbkfJ/kZAOCAdlb2S5/rkeLKOFO8F1Jadu+g0fKFYEtnxFFaO/okRoIriRmO4/95
416awknDF3WCyCjd644fUgjlvz1cCl9QVLJFRU34buDzLy9xksju4wxkGHLXHZII
UCrJkitlQBEwDw==
-----END CERTIFICATE-----