Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft
File:                     EDfew086MutlAvFmKoKiD4teohw.mft (raw, json)
Hash identifier:          8aaJ+3SgQKeL0SueWoWaOEByGyXmIP4x8q0njm7zBtk=
Subject key identifier:   F4:41:97:A6:83:DC:55:87:9A:14:CA:C7:F9:21:66:40:1E:AC:62:75
Authority key identifier: 10:37:DE:C3:4F:3A:32:EB:65:02:F1:66:2A:82:A2:0F:8B:5E:A2:1C
Certificate issuer:       /CN=1037dec34f3a32eb6502f1662a82a20f8b5ea21c
Certificate serial:       019EBEED3A5D2B8DE965B5896D38535BA6FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EDfew086MutlAvFmKoKiD4teohw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft
Manifest number:          1957
Signing time:             Sat 13 Jun 2026 03:01:18 +0000
Manifest this update:     Sat 13 Jun 2026 03:01:18 +0000
Manifest next update:     Sun 14 Jun 2026 03:01:18 +0000
Files and hashes:         1: EDfew086MutlAvFmKoKiD4teohw.crl (hash: Iyxsl/9M/qxDFBVOKkE2Fc0EB5sbBqp+q2t+pi2vjwo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EDfew086MutlAvFmKoKiD4teohw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:ed:3a:5d:2b:8d:e9:65:b5:89:6d:38:53:5b:a6:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1037dec34f3a32eb6502f1662a82a20f8b5ea21c
        Validity
            Not Before: Jun 13 03:01:18 2026 GMT
            Not After : Jun 14 03:01:18 2026 GMT
        Subject: CN=f44197a683dc55879a14cac7f92166401eac6275
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:9b:55:23:75:89:23:28:7f:7c:c1:9b:99:28:
                    8e:7e:d1:3b:f6:1d:45:ac:15:e6:65:30:34:a9:29:
                    3c:3e:55:cd:53:69:ea:88:f4:a1:4d:27:b2:12:22:
                    4e:60:e7:12:c5:ae:5d:bc:a9:34:c0:ad:b4:54:00:
                    30:bc:ef:e8:3f:fc:c2:f7:87:17:b7:a0:1f:aa:98:
                    b6:9a:f0:e4:3e:4d:09:69:27:51:99:5a:34:02:66:
                    53:f4:9b:6a:a9:20:b9:e9:5e:0e:3f:3a:bc:e5:ab:
                    67:0d:59:82:ba:7e:11:0e:40:46:fb:e9:4f:32:66:
                    08:ae:1b:c1:58:80:b0:94:a1:37:e7:b9:ae:54:94:
                    54:45:c1:2b:b0:14:76:76:88:78:23:a9:dd:f6:97:
                    55:5f:f4:db:88:0b:54:ab:95:b5:28:e6:e1:2a:e3:
                    f6:75:64:88:fe:93:0a:93:49:3f:28:17:f7:72:9e:
                    b7:93:57:dc:a3:ef:7b:cb:4c:6b:f5:91:93:1f:7f:
                    12:0c:01:79:36:f4:7a:d2:db:ca:9f:fd:6e:90:2e:
                    c5:c7:1c:ba:7f:95:fa:25:e6:16:98:b4:4b:83:6a:
                    b1:48:c4:ed:74:ff:59:39:e6:7f:6a:58:e2:5e:e3:
                    d8:23:43:3c:ff:80:4e:ee:04:88:23:30:23:b0:ce:
                    be:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:41:97:A6:83:DC:55:87:9A:14:CA:C7:F9:21:66:40:1E:AC:62:75
            X509v3 Authority Key Identifier:
                keyid:10:37:DE:C3:4F:3A:32:EB:65:02:F1:66:2A:82:A2:0F:8B:5E:A2:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EDfew086MutlAvFmKoKiD4teohw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:46:4d:af:ef:6d:f4:58:89:f9:25:e8:1c:df:c7:9b:d0:f3:
         fb:f6:63:04:09:83:4c:4f:bf:80:b3:60:47:bd:04:77:21:b6:
         76:db:d5:a7:f3:19:08:d2:dd:2c:10:94:9f:3b:23:70:a7:d0:
         c1:cc:1c:7b:c7:e4:7f:1e:86:89:e9:00:ab:02:81:49:5f:43:
         78:2b:1e:b1:2d:0a:84:65:db:46:38:c0:ef:b8:af:cd:b2:0b:
         5f:21:d7:d2:5c:cd:0a:a8:a2:02:a4:7e:dd:41:21:6e:07:9b:
         65:92:42:29:82:cb:a6:d1:dc:5b:36:d3:83:c4:f2:a8:41:c6:
         f5:20:4d:ac:4a:bd:4e:1a:91:ad:46:a0:2e:f1:bd:45:b6:a1:
         15:73:1c:a4:02:bd:15:81:08:9a:fc:24:8e:0c:4f:2a:31:e5:
         ed:50:32:12:56:d1:e0:d7:e4:65:7a:bd:62:b4:da:67:b4:5f:
         f1:6e:87:e3:7c:ef:05:54:53:63:44:f8:38:df:a3:92:a2:6a:
         81:30:2b:aa:30:9f:04:10:a1:3f:32:d8:0a:b5:9e:44:bb:76:
         0d:da:89:6b:b4:05:5e:ce:ae:ef:b0:89:64:14:a7:7a:1e:84:
         4e:65:e3:4c:25:d7:f9:bf:72:5d:c5:70:56:29:93:6c:bb:06:
         e5:01:52:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+7TpdK43pZbWJbThTW6b9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMzdkZWMzNGYzYTMyZWI2NTAyZjE2NjJhODJhMjBmOGI1
ZWEyMWMwHhcNMjYwNjEzMDMwMTE4WhcNMjYwNjE0MDMwMTE4WjAzMTEwLwYDVQQD
EyhmNDQxOTdhNjgzZGM1NTg3OWExNGNhYzdmOTIxNjY0MDFlYWM2Mjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZtVI3WJIyh/fMGbmSiOftE79h1F
rBXmZTA0qSk8PlXNU2nqiPShTSeyEiJOYOcSxa5dvKk0wK20VAAwvO/oP/zC94cX
t6Afqpi2mvDkPk0JaSdRmVo0AmZT9JtqqSC56V4OPzq85atnDVmCun4RDkBG++lP
MmYIrhvBWICwlKE357muVJRURcErsBR2doh4I6nd9pdVX/TbiAtUq5W1KObhKuP2
dWSI/pMKk0k/KBf3cp63k1fco+97y0xr9ZGTH38SDAF5NvR60tvKn/1ukC7Fxxy6
f5X6JeYWmLRLg2qxSMTtdP9ZOeZ/aljiXuPYI0M8/4BO7gSIIzAjsM6+iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPRBl6aD3FWHmhTKx/khZkAerGJ1MB8GA1UdIwQY
MBaAFBA33sNPOjLrZQLxZiqCog+LXqIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRURmZXcwODZNdXRsQXZGbUtvS2lENHRlb2h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iNjgwYWYtZDVhYi00YjJmLWE4Mzct
MGQ0MWE2NGU5MGVjLzEvRURmZXcwODZNdXRsQXZGbUtvS2lENHRlb2h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iNjgwYWYtZDVhYi00YjJmLWE4MzctMGQ0MWE2NGU5MGVj
LzEvRURmZXcwODZNdXRsQXZGbUtvS2lENHRlb2h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIUZNr+9t
9FiJ+SXoHN/Hm9Dz+/ZjBAmDTE+/gLNgR70EdyG2dtvVp/MZCNLdLBCUnzsjcKfQ
wcwce8fkfx6GiekAqwKBSV9DeCsesS0KhGXbRjjA77ivzbILXyHX0lzNCqiiAqR+
3UEhbgebZZJCKYLLptHcWzbTg8TyqEHG9SBNrEq9ThqRrUagLvG9RbahFXMcpAK9
FYEImvwkjgxPKjHl7VAyElbR4NfkZXq9YrTaZ7Rf8W6H43zvBVRTY0T4ON+jkqJq
gTArqjCfBBChPzLYCrWeRLt2DdqJa7QFXs6u77CJZBSneh6ETmXjTCXX+b9yXcVw
VimTbLsG5QFSbw==
-----END CERTIFICATE-----