Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
File:                     EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft (raw, json)
Hash identifier:          VWRrm40aa8XhrCMq/a6VCSrPgGBFYcLUWFHEON5VJQM=
Subject key identifier:   BB:FA:76:23:55:31:E2:ED:86:9C:50:F6:84:57:16:F1:ED:EE:FB:92
Authority key identifier: 10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0
Certificate issuer:       /CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
Certificate serial:       019D97748A969490FB3E890623A518265562
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
Manifest number:          18BC
Signing time:             Thu 16 Apr 2026 18:01:30 +0000
Manifest this update:     Thu 16 Apr 2026 18:01:30 +0000
Manifest next update:     Fri 17 Apr 2026 18:01:30 +0000
Files and hashes:         1: EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl (hash: 35vvPDoL2bW8SR1qqiyBPNkb7q3KaV89pw1a3d6FRSc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 18:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:74:8a:96:94:90:fb:3e:89:06:23:a5:18:26:55:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
        Validity
            Not Before: Apr 16 18:01:30 2026 GMT
            Not After : Apr 17 18:01:30 2026 GMT
        Subject: CN=bbfa76235531e2ed869c50f6845716f1edeefb92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:1e:8e:45:be:c3:10:b5:54:7e:43:7b:93:cc:
                    6d:be:d4:f4:eb:66:7e:44:05:d6:b2:51:eb:f9:9a:
                    80:8b:c0:e3:69:9b:4b:af:4e:82:16:0a:c3:87:39:
                    64:ee:83:42:ba:97:1d:b5:ba:88:08:b5:3b:4b:0b:
                    8d:05:2a:0f:fa:6a:a7:40:65:54:da:68:7a:da:8d:
                    6e:80:dd:8c:e1:e8:13:51:a5:76:3b:3a:74:a4:e0:
                    07:7a:37:39:fa:7e:31:57:58:4a:c9:0c:49:15:4e:
                    91:5b:f2:d9:f8:d3:d8:3e:3a:c6:fb:10:8b:59:1b:
                    39:fa:29:ed:ec:d4:70:eb:5c:78:93:90:9d:6d:b5:
                    dd:f8:26:12:74:32:66:97:d7:d4:12:5e:b9:c6:4f:
                    4d:83:ee:75:1f:f3:1c:3c:18:25:ef:d9:85:dc:77:
                    40:84:58:87:e8:fb:de:52:09:bd:64:ec:8d:5a:1a:
                    a9:82:1f:a6:7f:09:04:cf:e8:3c:42:75:92:6f:59:
                    2d:6a:3a:7a:16:55:31:c9:88:d1:1c:e9:af:3a:9c:
                    de:bb:ef:0f:61:83:42:03:31:52:d3:59:bf:a6:9c:
                    2b:89:dc:09:85:92:8c:8b:23:10:30:91:e3:9b:8a:
                    13:9c:69:3e:79:1a:f2:60:cd:12:4d:da:46:1c:86:
                    9f:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:FA:76:23:55:31:E2:ED:86:9C:50:F6:84:57:16:F1:ED:EE:FB:92
            X509v3 Authority Key Identifier:
                keyid:10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:30:51:99:d9:cb:e1:13:43:01:64:a9:ee:f5:1e:0b:5b:e2:
         60:66:e4:d2:cb:80:89:f6:22:8b:5b:d0:49:29:ce:19:30:b9:
         23:df:83:23:cf:64:54:4d:f1:21:f4:e1:f9:e4:62:77:62:b9:
         e8:da:d9:7d:87:77:a1:1a:8c:33:6d:e7:9e:ca:65:96:61:bf:
         65:a0:92:1b:17:9a:63:39:b8:cf:39:3c:b9:40:d8:9a:dc:98:
         20:ee:b4:f1:c3:46:7f:f1:f0:62:8f:a6:f6:0b:e5:93:07:64:
         98:80:22:51:0c:03:3f:bc:bf:0a:05:24:b6:00:10:cd:e6:48:
         4a:cc:e6:f8:c8:b9:5a:d8:87:bb:31:a6:33:72:52:3f:83:6f:
         b7:12:3c:5f:fb:33:a9:8f:73:ff:5a:fe:05:77:85:79:a3:49:
         03:08:eb:0c:ac:2a:ce:81:4e:f4:a1:9b:7f:df:6e:22:99:d7:
         03:4c:c1:1f:d5:83:9e:fc:d8:06:c0:1c:17:e9:66:19:49:06:
         dd:ee:b2:e9:a6:e1:c5:76:04:93:c5:04:b3:a2:fb:ef:56:2b:
         66:72:87:14:53:e4:66:bb:18:97:31:b0:94:f3:a9:63:20:eb:
         25:e9:62:32:3a:dc:60:d8:af:d1:0a:ff:94:86:0b:1b:4f:a5:
         48:f3:d9:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2XdIqWlJD7PokGI6UYJlViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzk3ZWI1ZjlhYTlhYmU1MjAwOGNlN2YyMWFiNDRhZmRl
ZWEwZDAwHhcNMjYwNDE2MTgwMTMwWhcNMjYwNDE3MTgwMTMwWjAzMTEwLwYDVQQD
EyhiYmZhNzYyMzU1MzFlMmVkODY5YzUwZjY4NDU3MTZmMWVkZWVmYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB6ORb7DELVUfkN7k8xtvtT062Z+
RAXWslHr+ZqAi8DjaZtLr06CFgrDhzlk7oNCupcdtbqICLU7SwuNBSoP+mqnQGVU
2mh62o1ugN2M4egTUaV2Ozp0pOAHejc5+n4xV1hKyQxJFU6RW/LZ+NPYPjrG+xCL
WRs5+int7NRw61x4k5CdbbXd+CYSdDJml9fUEl65xk9Ng+51H/McPBgl79mF3HdA
hFiH6PveUgm9ZOyNWhqpgh+mfwkEz+g8QnWSb1ktajp6FlUxyYjRHOmvOpzeu+8P
YYNCAzFS01m/ppwridwJhZKMiyMQMJHjm4oTnGk+eRryYM0STdpGHIafFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLv6diNVMeLthpxQ9oRXFvHt7vuSMB8GA1UdIwQY
MBaAFBB5frX5qpq+UgCM5/IatEr97qDQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEt
OGRiNzA4MzQ3NDM4LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEtOGRiNzA4MzQ3NDM4
LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACTBRmdnL
4RNDAWSp7vUeC1viYGbk0suAifYii1vQSSnOGTC5I9+DI89kVE3xIfTh+eRid2K5
6NrZfYd3oRqMM23nnspllmG/ZaCSGxeaYzm4zzk8uUDYmtyYIO608cNGf/HwYo+m
9gvlkwdkmIAiUQwDP7y/CgUktgAQzeZISszm+Mi5WtiHuzGmM3JSP4NvtxI8X/sz
qY9z/1r+BXeFeaNJAwjrDKwqzoFO9KGbf99uIpnXA0zBH9WDnvzYBsAcF+lmGUkG
3e6y6abhxXYEk8UEs6L771YrZnKHFFPkZrsYlzGwlPOpYyDrJeliMjrcYNiv0Qr/
lIYLG0+lSPPZWQ==
-----END CERTIFICATE-----