Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
File:                     7HDF2GfeIA8BSGsaiAqUuEldciA.mft (raw, json)
Hash identifier:          vh2vbj2bfzfgo3mX92hqT/bKWuAbA5rfa29u1JIyKP4=
Subject key identifier:   13:98:98:C5:AC:D3:9F:6B:73:F2:D4:BE:FB:55:49:0D:78:6C:3C:6D
Authority key identifier: EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20
Certificate issuer:       /CN=ec70c5d867de200f01486b1a880a94b8495d7220
Certificate serial:       019D98F44EA3A73767C699F32C779A24D257
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
Manifest number:          1183
Signing time:             Fri 17 Apr 2026 01:00:40 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:40 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:40 +0000
Files and hashes:         1: 7HDF2GfeIA8BSGsaiAqUuEldciA.crl (hash: Xh2sVhuRCuewrSTxCTaHdMj/GUbxHuWDbCoLFbU2DEo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:4e:a3:a7:37:67:c6:99:f3:2c:77:9a:24:d2:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec70c5d867de200f01486b1a880a94b8495d7220
        Validity
            Not Before: Apr 17 01:00:40 2026 GMT
            Not After : Apr 18 01:00:40 2026 GMT
        Subject: CN=139898c5acd39f6b73f2d4befb55490d786c3c6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f7:99:1b:ab:e4:1c:eb:fb:54:02:c0:5a:4b:
                    a6:4b:1a:da:d2:50:df:cb:89:63:f0:4a:eb:85:87:
                    91:6b:c9:93:c0:16:72:e6:80:aa:2f:95:d9:70:76:
                    fc:2c:af:9e:90:b9:6f:8d:12:01:54:d5:35:b3:34:
                    ee:bc:5f:3a:30:b3:ad:4f:45:5f:63:37:09:12:26:
                    fa:d0:d5:2b:a1:5d:3c:e2:47:f8:20:71:a0:5c:8c:
                    14:51:74:b3:35:57:b1:75:29:08:fd:db:0e:49:93:
                    d5:f8:a6:3d:01:bf:8d:e4:d0:58:8d:f3:eb:af:b1:
                    89:72:76:20:80:96:67:c8:6c:f8:d6:ff:42:f8:75:
                    1a:9a:67:31:ea:53:27:4c:a4:71:34:42:95:88:c6:
                    32:cc:b5:0b:3e:29:a4:aa:a3:4d:66:24:ec:75:d0:
                    01:bd:d6:30:d7:44:a0:b0:8f:56:aa:1d:5d:a7:23:
                    95:e3:55:31:4a:24:db:83:40:8c:6f:ac:5a:ae:ca:
                    bc:0a:99:25:17:74:94:b6:ad:cb:19:bb:f9:68:75:
                    eb:89:42:b0:e0:68:4b:f4:c9:6c:cf:96:ac:14:74:
                    82:e8:fa:b8:c1:cc:71:a5:8f:c6:51:d2:aa:02:8e:
                    d5:b3:e4:dd:d2:55:5f:fa:05:a0:56:ae:76:84:08:
                    2a:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:98:98:C5:AC:D3:9F:6B:73:F2:D4:BE:FB:55:49:0D:78:6C:3C:6D
            X509v3 Authority Key Identifier:
                keyid:EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:a0:8e:f7:7a:c7:8c:64:22:c5:9d:62:98:eb:67:d4:88:a2:
         a7:54:23:5b:95:10:74:07:40:0f:b2:67:c7:48:17:ed:0f:df:
         0b:4e:4e:52:da:d9:b7:c3:4a:ed:80:68:59:50:a5:1f:60:bd:
         79:bb:d4:79:c5:15:10:10:f6:8e:03:2f:f1:da:4e:c3:9d:9c:
         92:de:9d:e6:a9:db:78:62:a6:7f:a7:74:a0:1a:66:e0:9b:80:
         4a:08:bb:d7:c2:92:ae:5d:11:91:a6:2b:3a:8c:b8:f0:b3:7c:
         60:64:ca:f0:28:87:c3:f0:56:ae:4b:76:d1:0d:1c:10:b4:32:
         2a:7e:fd:65:f0:51:c9:b0:74:71:cb:f9:0b:15:8c:47:a0:18:
         9c:0b:9a:9d:df:40:ab:72:f5:e5:72:47:f1:8c:b0:bb:72:aa:
         b2:27:36:86:36:10:26:16:73:d4:ae:05:3c:07:1d:df:7e:78:
         52:37:79:a1:b4:55:e6:5f:0e:51:09:66:43:55:83:10:d8:55:
         8e:ad:3c:f3:4a:16:72:9a:1e:66:67:bc:0a:d2:75:c7:63:c4:
         cc:bd:2e:9c:56:7a:d5:14:21:b4:69:c1:56:a0:09:34:c1:61:
         8a:04:f0:be:82:a0:d2:5d:47:90:9a:6c:b9:f6:9f:28:a3:06:
         dc:da:82:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9E6jpzdnxpnzLHeaJNJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNzBjNWQ4NjdkZTIwMGYwMTQ4NmIxYTg4MGE5NGI4NDk1
ZDcyMjAwHhcNMjYwNDE3MDEwMDQwWhcNMjYwNDE4MDEwMDQwWjAzMTEwLwYDVQQD
EygxMzk4OThjNWFjZDM5ZjZiNzNmMmQ0YmVmYjU1NDkwZDc4NmMzYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPeZG6vkHOv7VALAWkumSxra0lDf
y4lj8ErrhYeRa8mTwBZy5oCqL5XZcHb8LK+ekLlvjRIBVNU1szTuvF86MLOtT0Vf
YzcJEib60NUroV084kf4IHGgXIwUUXSzNVexdSkI/dsOSZPV+KY9Ab+N5NBYjfPr
r7GJcnYggJZnyGz41v9C+HUammcx6lMnTKRxNEKViMYyzLULPimkqqNNZiTsddAB
vdYw10SgsI9Wqh1dpyOV41UxSiTbg0CMb6xarsq8CpklF3SUtq3LGbv5aHXriUKw
4GhL9Mlsz5asFHSC6Pq4wcxxpY/GUdKqAo7Vs+Td0lVf+gWgVq52hAgqJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOYmMWs059rc/LUvvtVSQ14bDxtMB8GA1UdIwQY
MBaAFOxwxdhn3iAPAUhrGogKlLhJXXIgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQt
YzVhZDE1M2MyZDQ2LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQtYzVhZDE1M2MyZDQ2
LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkKCO93rH
jGQixZ1imOtn1Iiip1QjW5UQdAdAD7Jnx0gX7Q/fC05OUtrZt8NK7YBoWVClH2C9
ebvUecUVEBD2jgMv8dpOw52ckt6d5qnbeGKmf6d0oBpm4JuASgi718KSrl0RkaYr
Ooy48LN8YGTK8CiHw/BWrkt20Q0cELQyKn79ZfBRybB0ccv5CxWMR6AYnAuand9A
q3L15XJH8Yywu3Kqsic2hjYQJhZz1K4FPAcd3354Ujd5obRV5l8OUQlmQ1WDENhV
jq0880oWcpoeZme8CtJ1x2PEzL0unFZ61RQhtGnBVqAJNMFhigTwvoKg0l1HkJps
ufafKKMG3NqCaQ==
-----END CERTIFICATE-----