Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
File:                     EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft (raw, json)
Hash identifier:          VeAq3QqEq3aSQ7svfrvRRVB18l7yUkB+IiS06GqGIbQ=
Subject key identifier:   37:DE:4E:1B:E5:1C:15:9A:E2:19:0E:83:DF:3A:68:70:F7:19:3F:61
Authority key identifier: 10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0
Certificate issuer:       /CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
Certificate serial:       019EBEEC833BB58679509E13D4CDB6E150C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
Manifest number:          1955
Signing time:             Sat 13 Jun 2026 03:00:31 +0000
Manifest this update:     Sat 13 Jun 2026 03:00:31 +0000
Manifest next update:     Sun 14 Jun 2026 03:00:31 +0000
Files and hashes:         1: EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl (hash: m+bfAXliLZYJyf07UMDQ/pGXBfvMrV6ibPSqKP3rukM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:ec:83:3b:b5:86:79:50:9e:13:d4:cd:b6:e1:50:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
        Validity
            Not Before: Jun 13 03:00:31 2026 GMT
            Not After : Jun 14 03:00:31 2026 GMT
        Subject: CN=37de4e1be51c159ae2190e83df3a6870f7193f61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:1a:93:80:5d:37:df:9f:44:a4:da:c0:bf:ca:
                    79:e8:5d:3f:d9:09:93:b2:7d:89:3c:2c:e4:ae:42:
                    fa:1d:a7:da:7c:01:fb:cb:bf:3d:a1:19:b8:c9:e5:
                    23:a8:a0:66:14:26:57:c7:b8:01:32:d0:a7:bf:e9:
                    6d:00:af:de:5e:06:4d:96:4e:1f:8f:36:c2:48:b9:
                    61:37:cc:b8:9d:ed:f9:b8:5f:80:34:3b:eb:10:3a:
                    16:72:a8:00:69:24:8b:8d:ec:8c:fd:0c:4f:05:e2:
                    d8:45:05:96:b6:86:cc:1c:19:8f:77:a2:33:12:cd:
                    ee:01:4d:bd:21:9a:8d:c3:f4:4e:64:cd:5b:0b:81:
                    e4:91:3f:85:99:d5:35:eb:07:95:f9:98:57:b5:2f:
                    ae:af:88:5b:14:e3:a6:ed:68:60:ae:f7:df:32:2c:
                    9d:f1:cf:1e:c7:ff:05:fd:bb:bc:06:e4:24:20:50:
                    f5:ed:74:6e:87:e1:0f:1e:5c:35:7b:f7:ab:c6:75:
                    ca:34:f9:20:39:81:73:74:41:c4:eb:21:3d:07:a9:
                    ba:21:a2:a6:4d:93:9f:e0:f3:8b:92:9e:e5:6a:fe:
                    48:2b:55:76:a8:07:00:b2:6f:4d:21:87:8e:19:8e:
                    15:bb:92:97:9a:89:57:67:37:89:94:7b:15:cb:af:
                    b9:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:DE:4E:1B:E5:1C:15:9A:E2:19:0E:83:DF:3A:68:70:F7:19:3F:61
            X509v3 Authority Key Identifier:
                keyid:10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:69:dc:18:ea:b2:ad:25:f7:74:9c:c3:e2:fd:c6:b4:5e:ef:
         de:58:d5:15:e7:5c:36:a8:12:54:20:eb:75:ca:63:35:e8:96:
         23:f4:24:a9:44:e0:f0:1c:f9:56:58:b6:bd:74:ec:de:bc:23:
         0b:5c:32:9b:72:69:98:1e:ac:72:33:fd:dc:96:d3:40:a9:eb:
         ea:8e:8f:82:29:d4:3c:7a:06:09:e7:f0:5c:2d:ed:be:f8:92:
         8e:3c:51:91:00:71:31:87:98:fb:c4:d6:75:05:f2:76:60:20:
         0a:d4:b1:cb:5e:8d:5e:ef:80:0d:ab:c8:2a:53:d4:0f:2e:97:
         bc:ba:76:7f:94:03:05:62:f9:d1:e3:01:cd:cb:0a:d4:0f:9c:
         1d:db:f7:f7:73:e6:98:93:f7:e0:a8:94:26:20:67:60:22:07:
         23:31:46:fc:3b:21:cf:a2:75:de:59:39:ae:10:bb:73:e9:07:
         88:35:93:fb:71:cb:04:c4:fc:c9:4d:7b:7d:1f:ca:42:dc:9f:
         90:c5:0d:ce:00:1c:72:ce:d5:fc:0e:90:01:b6:38:8a:fe:27:
         1e:e7:1e:cd:f3:69:2a:45:53:d2:db:3b:9c:4e:63:6a:d9:ce:
         e8:30:fb:c0:f2:4e:6e:50:6e:e6:23:22:0d:f5:74:7c:06:3c:
         47:c3:66:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+7IM7tYZ5UJ4T1M224VDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzk3ZWI1ZjlhYTlhYmU1MjAwOGNlN2YyMWFiNDRhZmRl
ZWEwZDAwHhcNMjYwNjEzMDMwMDMxWhcNMjYwNjE0MDMwMDMxWjAzMTEwLwYDVQQD
EygzN2RlNGUxYmU1MWMxNTlhZTIxOTBlODNkZjNhNjg3MGY3MTkzZjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRqTgF03359EpNrAv8p56F0/2QmT
sn2JPCzkrkL6HafafAH7y789oRm4yeUjqKBmFCZXx7gBMtCnv+ltAK/eXgZNlk4f
jzbCSLlhN8y4ne35uF+ANDvrEDoWcqgAaSSLjeyM/QxPBeLYRQWWtobMHBmPd6Iz
Es3uAU29IZqNw/ROZM1bC4HkkT+FmdU16weV+ZhXtS+ur4hbFOOm7WhgrvffMiyd
8c8ex/8F/bu8BuQkIFD17XRuh+EPHlw1e/erxnXKNPkgOYFzdEHE6yE9B6m6IaKm
TZOf4POLkp7lav5IK1V2qAcAsm9NIYeOGY4Vu5KXmolXZzeJlHsVy6+5dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfeThvlHBWa4hkOg986aHD3GT9hMB8GA1UdIwQY
MBaAFBB5frX5qpq+UgCM5/IatEr97qDQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEt
OGRiNzA4MzQ3NDM4LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEtOGRiNzA4MzQ3NDM4
LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgGncGOqy
rSX3dJzD4v3GtF7v3ljVFedcNqgSVCDrdcpjNeiWI/QkqUTg8Bz5Vli2vXTs3rwj
C1wym3JpmB6scjP93JbTQKnr6o6PginUPHoGCefwXC3tvviSjjxRkQBxMYeY+8TW
dQXydmAgCtSxy16NXu+ADavIKlPUDy6XvLp2f5QDBWL50eMBzcsK1A+cHdv393Pm
mJP34KiUJiBnYCIHIzFG/Dshz6J13lk5rhC7c+kHiDWT+3HLBMT8yU17fR/KQtyf
kMUNzgAccs7V/A6QAbY4iv4nHucezfNpKkVT0ts7nE5jatnO6DD7wPJOblBu5iMi
DfV0fAY8R8NmIg==
-----END CERTIFICATE-----