Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
File:                     HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft (raw, json)
Hash identifier:          +15qsOgQwzihdMVpMrMWYB+ehapRBbb3J6qUX3aeAtE=
Subject key identifier:   A9:E3:17:26:38:A8:E0:DC:F0:CA:1C:A7:6A:B4:A0:4B:66:AD:F0:BF
Authority key identifier: 1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74
Certificate issuer:       /CN=1c1c754b7a5b541892540d24ab98d31537974574
Certificate serial:       019D9B87D7BE1E6CBE7DD2A152AE6739FEBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
Manifest number:          18C3
Signing time:             Fri 17 Apr 2026 13:01:04 +0000
Manifest this update:     Fri 17 Apr 2026 13:01:04 +0000
Manifest next update:     Sat 18 Apr 2026 13:01:04 +0000
Files and hashes:         1: HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl (hash: 7g/NLqJCVz8nKwonlRwhZnpQH3ETubhysAsTwM+fKKQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:d7:be:1e:6c:be:7d:d2:a1:52:ae:67:39:fe:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1c754b7a5b541892540d24ab98d31537974574
        Validity
            Not Before: Apr 17 13:01:04 2026 GMT
            Not After : Apr 18 13:01:04 2026 GMT
        Subject: CN=a9e3172638a8e0dcf0ca1ca76ab4a04b66adf0bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:d7:9d:08:e9:bc:78:19:60:ef:af:6c:63:6d:
                    51:69:32:51:8a:49:ec:5c:39:1e:f9:6d:a7:54:ea:
                    d5:d3:36:65:77:24:bb:6c:09:1d:d3:50:8a:91:a1:
                    9b:f7:9a:be:0d:f4:91:1b:2d:c2:90:79:47:5b:f7:
                    d8:56:34:87:2f:80:eb:e7:09:70:1b:b7:f5:d8:58:
                    25:b4:1a:ce:f8:ae:87:07:1c:5d:0d:7e:fa:c9:fb:
                    84:02:88:31:16:29:1c:ec:15:5a:20:a7:55:25:29:
                    26:29:2c:8c:19:21:0d:75:9c:f0:26:23:a2:45:e7:
                    fb:c6:f1:a8:ea:fb:33:81:a4:2d:45:6e:cc:2a:54:
                    22:19:04:28:8c:dc:bf:e8:3d:34:3b:d5:50:af:88:
                    b0:23:fa:a3:d4:96:11:09:47:44:e0:20:a4:cc:b6:
                    83:08:28:22:91:04:fc:39:c9:7e:d8:14:6f:47:cf:
                    dc:e1:32:8f:22:51:a4:b9:ba:55:72:a5:f0:b6:82:
                    57:29:ae:04:af:7f:dd:31:47:18:03:bf:4c:fc:ae:
                    87:20:b0:ec:4f:58:4c:2e:73:ba:d4:12:32:c3:9b:
                    67:77:98:8c:06:7f:a9:53:33:11:72:0f:6b:f9:81:
                    6f:06:66:ce:42:37:5e:14:0c:6d:49:73:f7:b8:96:
                    9c:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:E3:17:26:38:A8:E0:DC:F0:CA:1C:A7:6A:B4:A0:4B:66:AD:F0:BF
            X509v3 Authority Key Identifier:
                keyid:1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:c4:48:9a:e5:e4:e7:10:6b:b8:b3:77:d6:55:32:56:f2:77:
         be:cb:d9:30:d4:7f:50:20:ac:4b:3b:01:31:d7:66:4e:5e:74:
         e0:c8:da:8c:be:78:d7:c4:96:d1:61:35:16:f5:7f:5d:84:95:
         b7:92:3a:3c:ef:68:e0:54:f8:1a:6c:95:a4:a5:d9:15:97:38:
         54:ec:2b:63:cd:72:90:d6:15:64:dc:68:2a:16:a5:d6:e1:6e:
         d1:d3:7a:2e:aa:e8:93:50:ce:33:ed:72:18:de:c1:93:21:a3:
         44:aa:25:0c:ce:d6:50:43:34:42:33:1a:f6:5b:fd:dc:23:06:
         bf:36:f8:0f:2a:b8:cd:70:6b:8a:b9:e9:bd:8a:e5:74:90:97:
         03:0a:5a:dc:97:62:91:18:d9:27:7b:bf:84:57:25:5e:5a:50:
         68:b6:e6:7c:6f:eb:b3:62:8c:e9:a2:01:29:1e:da:70:02:79:
         78:63:97:7a:cb:e6:19:df:fb:f4:a1:af:b6:57:a1:5e:65:ad:
         14:26:45:d7:ef:a1:ed:97:67:35:36:b9:c7:f9:c1:3f:ff:8a:
         88:3d:be:b9:38:37:65:cd:42:38:ba:2e:9c:cb:c5:1b:ab:28:
         a0:39:f0:d3:32:7e:66:42:65:ae:e8:aa:59:f2:c6:22:ea:6f:
         2b:6a:4e:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh9e+Hmy+fdKhUq5nOf68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMWM3NTRiN2E1YjU0MTg5MjU0MGQyNGFiOThkMzE1Mzc5
NzQ1NzQwHhcNMjYwNDE3MTMwMTA0WhcNMjYwNDE4MTMwMTA0WjAzMTEwLwYDVQQD
EyhhOWUzMTcyNjM4YThlMGRjZjBjYTFjYTc2YWI0YTA0YjY2YWRmMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtedCOm8eBlg769sY21RaTJRikns
XDke+W2nVOrV0zZldyS7bAkd01CKkaGb95q+DfSRGy3CkHlHW/fYVjSHL4Dr5wlw
G7f12FgltBrO+K6HBxxdDX76yfuEAogxFikc7BVaIKdVJSkmKSyMGSENdZzwJiOi
Ref7xvGo6vszgaQtRW7MKlQiGQQojNy/6D00O9VQr4iwI/qj1JYRCUdE4CCkzLaD
CCgikQT8Ocl+2BRvR8/c4TKPIlGkubpVcqXwtoJXKa4Er3/dMUcYA79M/K6HILDs
T1hMLnO61BIyw5tnd5iMBn+pUzMRcg9r+YFvBmbOQjdeFAxtSXP3uJacBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKnjFyY4qODc8Mocp2q0oEtmrfC/MB8GA1UdIwQY
MBaAFBwcdUt6W1QYklQNJKuY0xU3l0V0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAt
YWEwZjM1ODI0YTI3LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAtYWEwZjM1ODI0YTI3
LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoMRImuXk
5xBruLN31lUyVvJ3vsvZMNR/UCCsSzsBMddmTl504MjajL5418SW0WE1FvV/XYSV
t5I6PO9o4FT4GmyVpKXZFZc4VOwrY81ykNYVZNxoKhal1uFu0dN6Lqrok1DOM+1y
GN7BkyGjRKolDM7WUEM0QjMa9lv93CMGvzb4Dyq4zXBrirnpvYrldJCXAwpa3Jdi
kRjZJ3u/hFclXlpQaLbmfG/rs2KM6aIBKR7acAJ5eGOXesvmGd/79KGvtlehXmWt
FCZF1++h7ZdnNTa5x/nBP/+KiD2+uTg3Zc1COLounMvFG6sooDnw0zJ+ZkJlruiq
WfLGIupvK2pOgg==
-----END CERTIFICATE-----