Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
File:                     EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft (raw, json)
Hash identifier:          tlbEtrF5CYP+h1z7lO2GhG8ffHfn6JhPnooLqrnH6rM=
Subject key identifier:   59:2C:CB:FB:87:EC:11:45:36:E4:39:29:14:3E:41:9D:FE:F9:CA:60
Authority key identifier: 10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0
Certificate issuer:       /CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
Certificate serial:       0199240D147B98145606C9F9DF56F454BF5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 12:01:00 +0000
Manifest this update:     Sun 07 Sep 2025 12:01:00 +0000
Manifest next update:     Mon 08 Sep 2025 12:01:00 +0000
Files and hashes:         1: EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl (hash: 4mHurOCNOHBukoAhHUHvGE4PwSdAynJk9lZv/G1RUss=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0d:14:7b:98:14:56:06:c9:f9:df:56:f4:54:bf:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
        Validity
            Not Before: Sep  7 12:01:00 2025 GMT
            Not After : Sep  8 12:01:00 2025 GMT
        Subject: CN=592ccbfb87ec114536e43929143e419dfef9ca60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:9f:e5:16:0a:3f:80:6d:35:b2:c9:8b:8b:5e:
                    a3:ac:51:16:40:7b:6a:51:90:55:1c:78:7c:cc:05:
                    9c:7b:d4:f6:d2:2e:d0:37:43:69:a2:80:f1:00:8e:
                    bd:4c:c5:9f:31:7a:be:b2:32:35:de:d2:85:14:78:
                    18:08:4c:7c:ff:41:e6:85:c8:c4:19:aa:7e:90:d7:
                    b6:20:5c:99:79:ac:b0:fe:b7:e4:4f:d2:39:77:46:
                    32:46:eb:da:c4:4b:43:09:85:d2:b5:8c:25:90:6a:
                    b6:e6:c5:c8:00:24:86:7f:63:e3:72:db:31:e1:e7:
                    06:df:e5:44:d5:df:8c:d8:5a:4e:b8:fe:72:19:31:
                    36:5e:97:8d:53:84:21:ad:9f:d1:d1:67:f0:7a:1b:
                    14:9c:77:b7:88:3c:40:4e:ba:a1:9a:c6:6a:6f:56:
                    72:bf:7e:c3:56:ef:4e:40:b5:af:65:1a:ca:f1:a9:
                    d2:62:fa:97:a5:50:fe:99:31:13:65:38:ee:d1:47:
                    4f:7d:f9:b7:31:37:be:67:0d:44:76:3e:b5:88:3c:
                    31:e0:e6:75:38:45:5b:b0:90:39:ff:c0:18:f4:ab:
                    4e:b2:dc:1b:30:a6:b1:b5:0a:1c:ff:38:e8:16:c6:
                    5c:13:0f:d1:f9:a2:a3:0c:b7:6f:9f:06:40:03:c8:
                    30:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:2C:CB:FB:87:EC:11:45:36:E4:39:29:14:3E:41:9D:FE:F9:CA:60
            X509v3 Authority Key Identifier:
                keyid:10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:c2:82:63:72:4b:69:ab:7f:38:4f:93:9f:ae:dd:b2:bf:f3:
         30:51:c0:da:06:fd:62:1a:27:7c:03:73:61:dd:72:7c:aa:11:
         24:b6:2a:64:aa:98:2c:29:d6:a0:0d:32:e0:b2:ce:a9:94:7f:
         fc:c2:96:f1:8b:4a:20:02:64:bf:61:ce:e4:55:4a:4d:4f:f3:
         95:4d:3e:2d:3e:a3:d5:5e:cc:fd:e4:67:9f:e3:84:26:d4:62:
         ef:8f:e0:e0:ca:50:67:96:2c:be:20:c7:65:ea:13:32:9c:54:
         6b:b6:ea:5c:69:71:1c:ef:8f:22:2d:66:83:1e:e5:6d:a6:9a:
         8e:e7:99:da:76:ba:a9:11:aa:6c:53:92:8a:56:1a:ac:1e:13:
         77:6c:70:44:7c:24:ba:8d:ae:81:04:d5:cc:36:6e:4c:00:44:
         1e:3d:a1:15:22:0c:66:42:b0:c6:aa:e7:f5:b0:fc:8f:16:e8:
         7e:13:2c:98:ea:2a:b3:23:7d:f3:bf:7b:1d:61:6b:55:01:16:
         6f:f7:c4:ca:17:29:4f:18:85:80:58:cc:58:71:63:4e:88:dd:
         e6:f8:43:97:da:1b:f6:e1:0e:06:ec:84:48:4f:f2:0b:c7:bc:
         a9:30:19:bb:6c:5f:49:38:99:7a:2c:db:3a:ee:8e:ea:2e:38:
         0b:a7:ff:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDRR7mBRWBsn531b0VL9dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzk3ZWI1ZjlhYTlhYmU1MjAwOGNlN2YyMWFiNDRhZmRl
ZWEwZDAwHhcNMjUwOTA3MTIwMTAwWhcNMjUwOTA4MTIwMTAwWjAzMTEwLwYDVQQD
Eyg1OTJjY2JmYjg3ZWMxMTQ1MzZlNDM5MjkxNDNlNDE5ZGZlZjljYTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5/lFgo/gG01ssmLi16jrFEWQHtq
UZBVHHh8zAWce9T20i7QN0NpooDxAI69TMWfMXq+sjI13tKFFHgYCEx8/0HmhcjE
Gap+kNe2IFyZeayw/rfkT9I5d0YyRuvaxEtDCYXStYwlkGq25sXIACSGf2Pjctsx
4ecG3+VE1d+M2FpOuP5yGTE2XpeNU4QhrZ/R0WfwehsUnHe3iDxATrqhmsZqb1Zy
v37DVu9OQLWvZRrK8anSYvqXpVD+mTETZTju0UdPffm3MTe+Zw1Edj61iDwx4OZ1
OEVbsJA5/8AY9KtOstwbMKaxtQoc/zjoFsZcEw/R+aKjDLdvnwZAA8gwUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFksy/uH7BFFNuQ5KRQ+QZ3++cpgMB8GA1UdIwQY
MBaAFBB5frX5qpq+UgCM5/IatEr97qDQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEt
OGRiNzA4MzQ3NDM4LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEtOGRiNzA4MzQ3NDM4
LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE8KCY3JL
aat/OE+Tn67dsr/zMFHA2gb9YhonfANzYd1yfKoRJLYqZKqYLCnWoA0y4LLOqZR/
/MKW8YtKIAJkv2HO5FVKTU/zlU0+LT6j1V7M/eRnn+OEJtRi74/g4MpQZ5YsviDH
ZeoTMpxUa7bqXGlxHO+PIi1mgx7lbaaajueZ2na6qRGqbFOSilYarB4Td2xwRHwk
uo2ugQTVzDZuTABEHj2hFSIMZkKwxqrn9bD8jxbofhMsmOoqsyN98797HWFrVQEW
b/fEyhcpTxiFgFjMWHFjTojd5vhDl9ob9uEOBuyESE/yC8e8qTAZu2xfSTiZeizb
Ou6O6i44C6f/yg==
-----END CERTIFICATE-----