Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
File:                     EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft (raw, json)
Hash identifier:          1fhhf+/TDAJih2Y948SYbCCod4do47Hsj7HFdcFl5KE=
Subject key identifier:   EF:22:D5:56:D6:C9:21:AD:16:C9:6A:83:94:AE:9A:99:A1:9C:51:39
Authority key identifier: 10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0
Certificate issuer:       /CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
Certificate serial:       019CABD9099F9159C1D58F4D79AFFBC6E55E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
Manifest number:          1842
Signing time:             Mon 02 Mar 2026 00:00:53 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:53 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:53 +0000
Files and hashes:         1: EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl (hash: v8NA8dNlP0RWmfgKY7SPEljVUQONunjFe/EFANOBDyU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:09:9f:91:59:c1:d5:8f:4d:79:af:fb:c6:e5:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
        Validity
            Not Before: Mar  2 00:00:53 2026 GMT
            Not After : Mar  3 00:00:53 2026 GMT
        Subject: CN=ef22d556d6c921ad16c96a8394ae9a99a19c5139
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:b9:3a:80:fa:bd:db:74:f1:4a:92:bc:dd:73:
                    3b:82:b0:61:ec:32:b0:7c:a4:12:69:a6:0b:0d:cf:
                    77:b1:a8:0f:0f:33:a1:c7:e9:31:16:81:f2:ba:e5:
                    0a:ac:af:7f:32:e4:8d:df:52:56:47:e6:4f:82:4b:
                    80:f1:90:4a:4a:c1:18:44:d7:2d:20:f7:57:ad:a8:
                    b2:77:37:a0:bd:d3:2e:72:68:27:9a:9d:bd:80:14:
                    fd:93:7d:c8:db:eb:7b:3d:94:01:a0:61:65:19:ad:
                    34:9b:f0:29:98:ee:09:4f:3e:e2:9c:01:42:3e:65:
                    44:ba:a8:a2:ec:ea:fa:24:35:5b:4b:98:47:a3:31:
                    22:a6:42:ea:5d:d0:01:ed:14:0c:f6:77:a4:5b:1a:
                    fb:d4:89:d0:0f:53:7b:1c:fb:46:1b:a6:30:b8:9d:
                    67:22:b2:de:fa:23:2a:9a:9d:3d:ee:d6:cd:bc:56:
                    25:d2:24:da:8c:53:c9:10:27:92:2f:be:7a:19:3e:
                    10:e3:89:34:b3:aa:54:d8:ab:2a:23:c2:6f:9a:51:
                    05:9b:b5:fd:48:c8:43:f8:b7:9f:0c:44:d9:5a:86:
                    a9:6f:cc:87:b4:4e:93:50:1a:44:ca:d0:b5:b5:40:
                    a1:c7:42:ee:29:2c:fb:2b:86:1a:ca:51:89:39:29:
                    05:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:22:D5:56:D6:C9:21:AD:16:C9:6A:83:94:AE:9A:99:A1:9C:51:39
            X509v3 Authority Key Identifier:
                keyid:10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:4e:b1:80:3b:eb:ae:3c:ab:d6:04:84:e4:b0:d8:48:64:9c:
         42:30:09:a8:41:19:9a:22:2f:28:df:6e:32:61:0b:ff:24:b2:
         8b:d5:ad:83:c5:79:ef:05:61:a2:6a:29:27:ff:40:f0:92:60:
         d8:58:cc:4b:31:62:c7:f0:c9:8e:75:f9:24:7d:7a:2c:e9:c1:
         e8:11:36:1f:c5:26:00:90:cb:cb:fc:05:84:57:ee:03:1f:7e:
         7e:22:f6:ed:e6:6c:3c:fe:e2:6c:e8:0f:f6:48:99:ea:e9:48:
         1e:84:f7:ca:9f:c0:e6:6c:45:cf:d5:72:92:5c:94:30:53:02:
         46:5c:2b:8e:9d:86:3b:f0:15:67:eb:f1:b1:ea:0b:1e:26:42:
         9e:29:01:78:fa:7b:75:87:e8:f1:ff:66:ba:29:42:15:02:82:
         fb:a2:bd:fa:3b:55:12:65:c4:28:10:87:59:82:88:a7:9e:be:
         80:ba:28:78:41:fe:14:7d:3a:7b:d9:28:f7:48:84:fb:13:a0:
         ff:2d:93:58:9c:9c:e5:78:d6:18:de:13:59:d9:de:df:27:71:
         0b:38:ce:5f:fe:f3:8d:64:8c:83:b1:44:ce:03:fb:3f:c0:79:
         86:29:f8:c0:ce:1a:b2:24:45:08:c4:27:c0:1d:54:b4:e3:df:
         c9:4e:0f:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2QmfkVnB1Y9Nea/7xuVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzk3ZWI1ZjlhYTlhYmU1MjAwOGNlN2YyMWFiNDRhZmRl
ZWEwZDAwHhcNMjYwMzAyMDAwMDUzWhcNMjYwMzAzMDAwMDUzWjAzMTEwLwYDVQQD
EyhlZjIyZDU1NmQ2YzkyMWFkMTZjOTZhODM5NGFlOWE5OWExOWM1MTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrk6gPq923TxSpK83XM7grBh7DKw
fKQSaaYLDc93sagPDzOhx+kxFoHyuuUKrK9/MuSN31JWR+ZPgkuA8ZBKSsEYRNct
IPdXraiydzegvdMucmgnmp29gBT9k33I2+t7PZQBoGFlGa00m/ApmO4JTz7inAFC
PmVEuqii7Or6JDVbS5hHozEipkLqXdAB7RQM9nekWxr71InQD1N7HPtGG6YwuJ1n
IrLe+iMqmp097tbNvFYl0iTajFPJECeSL756GT4Q44k0s6pU2KsqI8JvmlEFm7X9
SMhD+LefDETZWoapb8yHtE6TUBpEytC1tUChx0LuKSz7K4YaylGJOSkF+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO8i1VbWySGtFslqg5SumpmhnFE5MB8GA1UdIwQY
MBaAFBB5frX5qpq+UgCM5/IatEr97qDQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEt
OGRiNzA4MzQ3NDM4LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEtOGRiNzA4MzQ3NDM4
LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD06xgDvr
rjyr1gSE5LDYSGScQjAJqEEZmiIvKN9uMmEL/ySyi9Wtg8V57wVhomopJ/9A8JJg
2FjMSzFix/DJjnX5JH16LOnB6BE2H8UmAJDLy/wFhFfuAx9+fiL27eZsPP7ibOgP
9kiZ6ulIHoT3yp/A5mxFz9VyklyUMFMCRlwrjp2GO/AVZ+vxseoLHiZCnikBePp7
dYfo8f9muilCFQKC+6K9+jtVEmXEKBCHWYKIp56+gLooeEH+FH06e9ko90iE+xOg
/y2TWJyc5XjWGN4TWdne3ydxCzjOX/7zjWSMg7FEzgP7P8B5hin4wM4asiRFCMQn
wB1UtOPfyU4Pvg==
-----END CERTIFICATE-----