Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
File:                     HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft (raw, json)
Hash identifier:          A7NHpk3A0VygnY5G7WYCM6vTsWiFMdkpzKfuZF9oR5o=
Subject key identifier:   D7:D6:E7:17:1F:71:BF:9F:1F:DF:99:D5:C5:2A:C1:78:29:95:9F:0B
Authority key identifier: 1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74
Certificate issuer:       /CN=1c1c754b7a5b541892540d24ab98d31537974574
Certificate serial:       019CADFEBCB17FE346BA8A5BA410CFB89EA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
Manifest number:          1848
Signing time:             Mon 02 Mar 2026 10:01:18 +0000
Manifest this update:     Mon 02 Mar 2026 10:01:18 +0000
Manifest next update:     Tue 03 Mar 2026 10:01:18 +0000
Files and hashes:         1: HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl (hash: /OZjsMyYmstIrkr1Tuft9A0x8mT2Y/uUku5/HNzwH8o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:fe:bc:b1:7f:e3:46:ba:8a:5b:a4:10:cf:b8:9e:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1c754b7a5b541892540d24ab98d31537974574
        Validity
            Not Before: Mar  2 10:01:18 2026 GMT
            Not After : Mar  3 10:01:18 2026 GMT
        Subject: CN=d7d6e7171f71bf9f1fdf99d5c52ac17829959f0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:0f:6f:1a:b2:d6:49:00:89:ea:af:2f:a0:bf:
                    f3:91:2d:e6:89:b7:c5:94:30:e1:47:ff:bc:88:06:
                    82:4d:a9:54:76:ca:20:ce:f2:0e:48:15:be:7d:24:
                    75:b0:d1:f8:79:36:ce:ca:5f:07:fa:f4:ca:9b:59:
                    d6:ad:01:18:21:90:31:aa:48:ca:65:83:1b:e5:9c:
                    6f:79:d7:8d:e2:1c:99:76:8c:7d:90:d0:ea:32:03:
                    db:95:fe:e2:b3:ca:70:d3:da:0c:e0:4f:5e:e7:36:
                    5d:c0:89:7a:a6:ad:f1:54:d2:ee:8b:41:78:f5:2f:
                    41:37:24:a5:06:0b:06:d2:7d:3b:28:4c:bb:71:a2:
                    06:e4:f3:81:47:07:90:a8:1f:14:19:b7:27:f5:2b:
                    85:0c:19:e6:54:26:8b:0d:a1:46:59:78:a8:42:c8:
                    85:cd:f3:7d:94:b4:15:66:35:5e:09:82:98:4e:df:
                    f3:db:b4:82:b2:a8:fd:3b:77:59:45:36:e7:69:06:
                    7a:c9:72:2b:f1:0c:77:f1:ce:32:8e:61:20:8c:e5:
                    dc:e7:5b:b9:b9:c5:63:d6:45:c5:46:80:ca:8f:ca:
                    d6:0a:15:2c:70:d4:de:af:cc:bb:06:f9:6b:85:55:
                    61:71:34:26:ed:31:16:1b:c4:22:05:fb:4c:21:64:
                    e8:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:D6:E7:17:1F:71:BF:9F:1F:DF:99:D5:C5:2A:C1:78:29:95:9F:0B
            X509v3 Authority Key Identifier:
                keyid:1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:1e:1c:7b:6b:4f:75:b3:42:01:53:62:23:cf:19:b9:b4:3c:
         03:8a:e6:a3:07:13:75:99:fa:d6:bf:73:b4:cf:22:be:47:13:
         ea:9a:ce:13:1a:ce:51:09:56:41:ec:ce:f4:2f:4d:bd:8d:7f:
         c3:5d:13:32:31:c1:d9:0a:57:ac:28:b8:07:97:b6:a9:bb:8a:
         95:16:7d:b3:84:9d:d3:84:fe:b6:ff:bf:e2:6c:d7:93:37:9d:
         bc:bc:a4:ed:6e:11:42:8b:5b:9b:b5:fa:17:46:34:8e:ba:ff:
         64:63:6e:41:8a:13:7a:22:0b:46:80:d3:7e:c6:2a:3c:5a:94:
         95:8f:ed:91:ea:f7:c6:53:56:ce:53:17:75:ba:73:ca:aa:0e:
         e8:bb:73:5f:ae:62:c8:48:78:0c:6e:49:5b:1e:7a:c5:68:4e:
         6f:5e:de:65:34:d7:7b:c9:f7:d3:61:75:07:c8:d4:8a:69:45:
         96:dd:58:18:08:ad:14:61:58:11:58:49:a0:b3:0f:66:91:c7:
         fd:8b:5a:b1:d2:da:c7:e3:98:d3:9c:0c:e9:48:bd:ba:27:30:
         32:97:a5:6e:ac:98:3b:79:f5:21:b0:da:ff:a8:45:93:cd:04:
         9e:b8:99:cf:d2:94:1e:0f:04:84:6f:fd:61:54:1e:2e:0b:a8:
         82:c4:ce:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/ryxf+NGuopbpBDPuJ6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMWM3NTRiN2E1YjU0MTg5MjU0MGQyNGFiOThkMzE1Mzc5
NzQ1NzQwHhcNMjYwMzAyMTAwMTE4WhcNMjYwMzAzMTAwMTE4WjAzMTEwLwYDVQQD
EyhkN2Q2ZTcxNzFmNzFiZjlmMWZkZjk5ZDVjNTJhYzE3ODI5OTU5ZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyA9vGrLWSQCJ6q8voL/zkS3mibfF
lDDhR/+8iAaCTalUdsogzvIOSBW+fSR1sNH4eTbOyl8H+vTKm1nWrQEYIZAxqkjK
ZYMb5ZxvedeN4hyZdox9kNDqMgPblf7is8pw09oM4E9e5zZdwIl6pq3xVNLui0F4
9S9BNySlBgsG0n07KEy7caIG5POBRweQqB8UGbcn9SuFDBnmVCaLDaFGWXioQsiF
zfN9lLQVZjVeCYKYTt/z27SCsqj9O3dZRTbnaQZ6yXIr8Qx38c4yjmEgjOXc51u5
ucVj1kXFRoDKj8rWChUscNTer8y7BvlrhVVhcTQm7TEWG8QiBftMIWToKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNfW5xcfcb+fH9+Z1cUqwXgplZ8LMB8GA1UdIwQY
MBaAFBwcdUt6W1QYklQNJKuY0xU3l0V0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAt
YWEwZjM1ODI0YTI3LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAtYWEwZjM1ODI0YTI3
LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQh4ce2tP
dbNCAVNiI88ZubQ8A4rmowcTdZn61r9ztM8ivkcT6prOExrOUQlWQezO9C9NvY1/
w10TMjHB2QpXrCi4B5e2qbuKlRZ9s4Sd04T+tv+/4mzXkzedvLyk7W4RQotbm7X6
F0Y0jrr/ZGNuQYoTeiILRoDTfsYqPFqUlY/tker3xlNWzlMXdbpzyqoO6LtzX65i
yEh4DG5JWx56xWhOb17eZTTXe8n302F1B8jUimlFlt1YGAitFGFYEVhJoLMPZpHH
/YtasdLax+OY05wM6Ui9uicwMpelbqyYO3n1IbDa/6hFk80EnriZz9KUHg8EhG/9
YVQeLguogsTOrQ==
-----END CERTIFICATE-----