Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
File:                     EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft (raw, json)
Hash identifier:          zrP3wu4Vin45ZUV5TY6Huv/s5ZqRbPb+q7NEA10aKlc=
Subject key identifier:   24:61:67:F6:C4:89:95:D3:11:B1:98:51:49:01:4E:B1:41:7B:ED:35
Authority key identifier: 10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0
Certificate issuer:       /CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
Certificate serial:       01987450268BF72443682A2B8D1D7D4912C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
Manifest number:          1613
Signing time:             Mon 04 Aug 2025 09:01:06 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:06 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:06 +0000
Files and hashes:         1: EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl (hash: G7HddqpVpPsnIn9qkCyjvt7aKl4mWO0I8D4n91j23ys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:26:8b:f7:24:43:68:2a:2b:8d:1d:7d:49:12:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
        Validity
            Not Before: Aug  4 09:01:06 2025 GMT
            Not After : Aug  5 09:01:06 2025 GMT
        Subject: CN=246167f6c48995d311b1985149014eb1417bed35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:2c:6a:ba:02:e6:c9:a1:ea:f9:11:ae:8c:98:
                    e5:e2:e3:5f:2d:91:33:59:27:3d:15:5a:8c:5e:57:
                    30:f1:1b:78:50:d3:82:06:8a:df:f9:b2:18:31:4c:
                    c6:f4:e6:d5:cf:7e:7e:e9:b7:f5:1a:f6:da:d9:68:
                    d7:fb:bc:a6:b0:2c:13:96:c8:e3:a4:dc:a7:0a:3b:
                    73:f9:56:83:78:c3:8b:c4:ad:b0:ad:d0:07:dd:dd:
                    42:d9:7f:80:e2:66:f8:15:54:2e:c0:88:d4:76:b9:
                    6e:48:a3:a1:b6:55:99:dc:e8:81:ab:1c:a0:27:2e:
                    f4:a6:dd:6d:d5:73:bd:6c:3c:d5:83:3b:97:0c:37:
                    99:82:7f:eb:17:9b:a5:85:a1:ad:43:28:70:44:6c:
                    c5:80:58:e5:88:3a:cf:bb:37:b8:e0:ad:33:00:a0:
                    91:1a:04:c3:8c:6f:32:cd:b8:a4:71:b1:ef:2b:75:
                    c4:e5:fc:5a:64:81:e8:9a:4b:e6:4d:bc:a3:82:21:
                    c3:a7:61:cd:5a:1b:f9:1e:50:44:e7:0a:bf:89:11:
                    e2:ee:92:dc:c8:72:c3:88:8a:07:14:15:06:da:ac:
                    9b:30:6a:14:28:cc:34:86:88:63:48:86:db:32:e6:
                    ef:e0:07:5b:5f:9d:50:37:85:fc:ba:56:ee:84:52:
                    47:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:61:67:F6:C4:89:95:D3:11:B1:98:51:49:01:4E:B1:41:7B:ED:35
            X509v3 Authority Key Identifier:
                keyid:10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:ec:80:73:e5:d7:ae:5d:45:e7:c0:52:e0:f4:8c:cc:81:6f:
         18:56:38:b3:c7:15:a3:ce:3c:01:95:2d:b3:56:6e:6a:32:86:
         9d:e9:d8:77:42:94:b3:6f:3e:f0:ae:a0:30:e5:23:3d:36:dd:
         66:6a:e7:67:78:4a:f4:25:d5:d5:45:d1:6d:fa:44:26:61:f9:
         21:c1:72:6b:84:15:d6:19:bb:a4:d4:3d:5f:31:3d:d7:df:27:
         25:28:2c:dd:0d:a4:35:9c:28:b6:fc:c2:ef:04:32:e5:f2:63:
         48:4a:f9:57:cf:f2:75:34:45:aa:98:0e:50:ed:4c:da:bb:e7:
         63:53:99:62:56:d4:2c:4a:a3:0d:44:eb:bb:95:c1:19:3e:bb:
         8c:0e:c5:7e:77:98:97:91:23:71:7c:7c:5a:4c:d3:e5:ab:d6:
         a7:49:c4:15:48:5d:b3:f3:5b:a8:cc:6e:44:21:81:74:4a:4a:
         fc:50:53:c1:8e:cf:53:c4:3b:fd:e3:a8:3c:9f:bb:ca:1a:3b:
         6e:8f:b5:00:b1:0f:ec:91:56:9e:24:9d:46:58:fb:d6:e7:29:
         c0:6d:41:15:fc:25:03:0e:6f:9e:4a:2b:91:a6:db:e7:6e:f0:
         b5:f8:47:70:8c:df:03:4c:a3:70:02:d5:00:63:e3:fa:e4:bd:
         66:f2:5a:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UCaL9yRDaCorjR19SRLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzk3ZWI1ZjlhYTlhYmU1MjAwOGNlN2YyMWFiNDRhZmRl
ZWEwZDAwHhcNMjUwODA0MDkwMTA2WhcNMjUwODA1MDkwMTA2WjAzMTEwLwYDVQQD
EygyNDYxNjdmNmM0ODk5NWQzMTFiMTk4NTE0OTAxNGViMTQxN2JlZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CxqugLmyaHq+RGujJjl4uNfLZEz
WSc9FVqMXlcw8Rt4UNOCBorf+bIYMUzG9ObVz35+6bf1Gvba2WjX+7ymsCwTlsjj
pNynCjtz+VaDeMOLxK2wrdAH3d1C2X+A4mb4FVQuwIjUdrluSKOhtlWZ3OiBqxyg
Jy70pt1t1XO9bDzVgzuXDDeZgn/rF5ulhaGtQyhwRGzFgFjliDrPuze44K0zAKCR
GgTDjG8yzbikcbHvK3XE5fxaZIHomkvmTbyjgiHDp2HNWhv5HlBE5wq/iRHi7pLc
yHLDiIoHFBUG2qybMGoUKMw0hohjSIbbMubv4AdbX51QN4X8ulbuhFJHPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCRhZ/bEiZXTEbGYUUkBTrFBe+01MB8GA1UdIwQY
MBaAFBB5frX5qpq+UgCM5/IatEr97qDQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEt
OGRiNzA4MzQ3NDM4LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEtOGRiNzA4MzQ3NDM4
LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO+yAc+XX
rl1F58BS4PSMzIFvGFY4s8cVo848AZUts1ZuajKGnenYd0KUs28+8K6gMOUjPTbd
ZmrnZ3hK9CXV1UXRbfpEJmH5IcFya4QV1hm7pNQ9XzE9198nJSgs3Q2kNZwotvzC
7wQy5fJjSEr5V8/ydTRFqpgOUO1M2rvnY1OZYlbULEqjDUTru5XBGT67jA7FfneY
l5EjcXx8WkzT5avWp0nEFUhds/NbqMxuRCGBdEpK/FBTwY7PU8Q7/eOoPJ+7yho7
bo+1ALEP7JFWniSdRlj71ucpwG1BFfwlAw5vnkorkabb527wtfhHcIzfA0yjcALV
AGPj+uS9ZvJa0Q==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:05:47 2025 by rpki-client