Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
File:                     7HDF2GfeIA8BSGsaiAqUuEldciA.mft (raw, json)
Hash identifier:          9+G6iJSN4m4WExgnWV6pkC+39+T6ex455XM8mOyxfMk=
Subject key identifier:   4F:64:79:04:E4:98:C3:1D:D8:B0:7F:75:CD:59:D7:F2:39:06:65:A1
Authority key identifier: EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20
Certificate issuer:       /CN=ec70c5d867de200f01486b1a880a94b8495d7220
Certificate serial:       019EBE7F6B38D94145AAD6478A108C73B9A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
Manifest number:          121B
Signing time:             Sat 13 Jun 2026 01:01:22 +0000
Manifest this update:     Sat 13 Jun 2026 01:01:22 +0000
Manifest next update:     Sun 14 Jun 2026 01:01:22 +0000
Files and hashes:         1: 7HDF2GfeIA8BSGsaiAqUuEldciA.crl (hash: epK4ZIiL1+CHyQQG/p1WbjGSbM6ewKF8OSor6rHwyIg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7f:6b:38:d9:41:45:aa:d6:47:8a:10:8c:73:b9:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec70c5d867de200f01486b1a880a94b8495d7220
        Validity
            Not Before: Jun 13 01:01:22 2026 GMT
            Not After : Jun 14 01:01:22 2026 GMT
        Subject: CN=4f647904e498c31dd8b07f75cd59d7f2390665a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:11:67:f9:79:a0:fb:d4:2a:ca:a3:0c:19:e3:
                    ea:6d:0c:79:6c:c2:92:1e:68:c8:25:8b:a4:af:23:
                    c8:7b:d5:d2:4b:e7:41:5d:3a:86:43:0f:57:1b:28:
                    8a:98:2d:16:e7:f6:0a:05:c6:ee:f8:2d:a7:51:a0:
                    74:b4:1c:c7:97:55:64:8d:88:2f:fc:66:94:3a:b5:
                    6d:1a:ce:aa:0b:7f:60:a6:fc:1d:69:3d:23:50:9a:
                    7e:e5:f3:80:70:8a:45:67:d0:3a:e7:9a:81:dd:18:
                    72:23:87:47:0d:ba:43:b5:12:27:8f:ba:17:48:b4:
                    24:49:73:29:8f:ba:54:7a:ef:7f:98:cd:06:a2:c6:
                    7a:5d:de:d3:e9:c6:eb:d7:f1:2c:11:21:78:e1:7c:
                    45:f6:34:54:9d:8e:a6:6e:da:9b:ab:0d:28:5c:5a:
                    db:cb:fa:a7:f5:ed:9f:00:ef:69:2d:41:69:4d:97:
                    39:9f:3f:f4:50:92:1c:55:ed:77:3c:9e:4f:86:fe:
                    48:68:94:c9:a6:84:22:04:e6:64:67:d9:92:8e:69:
                    0f:08:39:79:8d:6b:39:01:f5:6b:50:84:b3:71:da:
                    27:12:3f:43:f4:55:99:92:d9:b2:cb:52:41:36:4e:
                    4e:c3:10:90:cb:fb:e1:5a:4b:e0:24:1c:55:2b:b5:
                    f5:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:64:79:04:E4:98:C3:1D:D8:B0:7F:75:CD:59:D7:F2:39:06:65:A1
            X509v3 Authority Key Identifier:
                keyid:EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:2f:10:d0:5d:ca:e6:d5:45:7b:80:eb:a5:49:d6:d2:db:9e:
         b0:f3:c3:e8:5d:25:91:6f:64:c3:74:00:bd:ca:48:75:3f:73:
         0a:f0:eb:f6:85:ef:0f:de:e1:80:88:97:40:05:5c:b4:98:f2:
         52:ce:43:dd:d6:c9:69:04:7b:0b:e8:9c:1f:c5:8d:be:a4:78:
         f5:76:15:19:31:b2:f0:a9:44:00:dd:f5:69:60:80:41:06:17:
         2b:af:91:08:01:4b:85:dd:94:70:3b:b0:ee:9d:b3:35:b8:f2:
         20:2b:fc:8c:da:cc:43:7a:57:e0:a3:7c:56:1b:d6:b8:8e:bd:
         f7:32:a7:00:3f:3a:e4:4b:72:db:c3:b7:84:f2:72:69:39:e2:
         a4:66:0c:06:27:36:e6:db:ea:fb:30:e6:f4:77:95:b4:d4:15:
         94:09:e9:3d:1f:69:c3:88:2f:23:c9:7f:f7:54:52:2d:80:38:
         81:f5:b2:2a:6d:54:01:a0:dc:eb:8e:6b:0d:ef:30:1f:48:f2:
         89:d7:77:46:6c:b8:17:01:85:e7:43:20:ad:9d:15:7c:8c:d0:
         d2:6c:2a:a3:e2:20:bf:fc:06:1a:2d:d3:87:87:78:b2:6f:03:
         a9:c1:1f:d0:ac:d5:a8:1a:8e:48:f8:6c:97:51:84:be:41:34:
         8a:9d:b9:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+f2s42UFFqtZHihCMc7mhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNzBjNWQ4NjdkZTIwMGYwMTQ4NmIxYTg4MGE5NGI4NDk1
ZDcyMjAwHhcNMjYwNjEzMDEwMTIyWhcNMjYwNjE0MDEwMTIyWjAzMTEwLwYDVQQD
Eyg0ZjY0NzkwNGU0OThjMzFkZDhiMDdmNzVjZDU5ZDdmMjM5MDY2NWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hFn+Xmg+9QqyqMMGePqbQx5bMKS
HmjIJYukryPIe9XSS+dBXTqGQw9XGyiKmC0W5/YKBcbu+C2nUaB0tBzHl1VkjYgv
/GaUOrVtGs6qC39gpvwdaT0jUJp+5fOAcIpFZ9A655qB3RhyI4dHDbpDtRInj7oX
SLQkSXMpj7pUeu9/mM0GosZ6Xd7T6cbr1/EsESF44XxF9jRUnY6mbtqbqw0oXFrb
y/qn9e2fAO9pLUFpTZc5nz/0UJIcVe13PJ5Phv5IaJTJpoQiBOZkZ9mSjmkPCDl5
jWs5AfVrUISzcdonEj9D9FWZktmyy1JBNk5OwxCQy/vhWkvgJBxVK7X12wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE9keQTkmMMd2LB/dc1Z1/I5BmWhMB8GA1UdIwQY
MBaAFOxwxdhn3iAPAUhrGogKlLhJXXIgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQt
YzVhZDE1M2MyZDQ2LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQtYzVhZDE1M2MyZDQ2
LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdy8Q0F3K
5tVFe4DrpUnW0tuesPPD6F0lkW9kw3QAvcpIdT9zCvDr9oXvD97hgIiXQAVctJjy
Us5D3dbJaQR7C+icH8WNvqR49XYVGTGy8KlEAN31aWCAQQYXK6+RCAFLhd2UcDuw
7p2zNbjyICv8jNrMQ3pX4KN8VhvWuI699zKnAD865Ety28O3hPJyaTnipGYMBic2
5tvq+zDm9HeVtNQVlAnpPR9pw4gvI8l/91RSLYA4gfWyKm1UAaDc645rDe8wH0jy
idd3Rmy4FwGF50MgrZ0VfIzQ0mwqo+Igv/wGGi3Th4d4sm8DqcEf0KzVqBqOSPhs
l1GEvkE0ip25dQ==
-----END CERTIFICATE-----