Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
File:                     EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft (raw, json)
Hash identifier:          dQcltg+KDh+02VA96qC7z0GeMrkG+eMkV/pBnqRbXg8=
Subject key identifier:   B9:56:E0:DD:20:C1:4C:A9:3E:E4:1B:64:10:3A:C0:CE:78:6F:0B:D9
Authority key identifier: 10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0
Certificate issuer:       /CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
Certificate serial:       019A72266F31E06B150B72C69D8641D01908
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 09:01:52 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:52 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:52 +0000
Files and hashes:         1: EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl (hash: 5ZkaiONf3h5hETYkclFiPrx4uLW0oXX9VDoY1tbzIlw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:6f:31:e0:6b:15:0b:72:c6:9d:86:41:d0:19:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
        Validity
            Not Before: Nov 11 09:01:52 2025 GMT
            Not After : Nov 12 09:01:52 2025 GMT
        Subject: CN=b956e0dd20c14ca93ee41b64103ac0ce786f0bd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:0b:69:99:cf:1e:fe:5f:04:cf:4f:5b:d9:13:
                    7e:8e:bf:1e:64:80:0c:35:23:b5:98:f9:7f:02:b0:
                    f8:e5:34:7f:71:6f:ac:36:8e:91:55:55:da:b4:aa:
                    54:89:60:8f:7b:82:ff:22:a4:57:a6:6b:2e:1b:1f:
                    af:06:b7:68:8b:f5:77:1f:6c:e8:b0:51:ac:8b:39:
                    e1:61:6f:1a:64:e8:a1:95:cc:65:1e:12:91:c4:9a:
                    aa:9c:11:eb:45:19:28:38:0e:d1:50:88:58:44:72:
                    e4:17:27:77:0d:ad:93:be:17:e3:9a:7d:bc:ca:4d:
                    b7:75:af:fd:13:bf:6a:82:0c:1a:16:10:da:f1:66:
                    40:29:49:0c:09:91:7e:17:0d:89:f6:53:4e:ec:e6:
                    e3:3e:17:d4:05:89:1d:3a:25:5f:d6:71:1f:9b:05:
                    e8:2d:ea:3d:59:57:e0:14:32:fb:f9:82:ed:cc:bb:
                    54:3c:7c:35:76:31:c8:54:87:36:06:06:18:ce:1d:
                    7e:ca:25:33:7a:01:5a:f1:f4:9d:4e:c0:93:cc:81:
                    df:b8:e6:80:2c:20:ac:92:2c:6a:99:eb:69:4a:75:
                    50:26:70:5a:38:20:b3:a8:ae:5b:d3:0d:2d:99:66:
                    79:5b:f4:ab:cc:27:d5:04:ff:6e:3b:c2:3a:25:e5:
                    ec:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:56:E0:DD:20:C1:4C:A9:3E:E4:1B:64:10:3A:C0:CE:78:6F:0B:D9
            X509v3 Authority Key Identifier:
                keyid:10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:60:34:c6:d7:a1:c1:02:f7:fd:ba:6f:3d:0a:d0:59:69:5a:
         50:ad:3b:d2:bd:0b:ca:fd:52:09:82:52:fe:07:5c:3d:b0:82:
         0f:da:07:7c:64:23:e8:9c:74:0c:4a:34:e8:8e:86:e6:25:21:
         94:e3:e1:e6:b1:29:c5:f9:4b:ed:ed:46:b7:82:6f:77:82:06:
         06:7a:de:bc:f6:b6:02:8a:44:ee:0f:db:a9:72:11:77:3a:3e:
         23:a7:85:55:ca:10:03:6d:eb:94:3d:9d:44:88:af:c7:09:29:
         e6:a8:c8:cd:7f:d8:04:17:44:23:14:30:6d:53:3f:be:84:78:
         1c:6d:20:10:a6:29:b0:79:a6:2f:4c:c4:ba:82:61:f9:ea:56:
         86:ff:c5:b6:f7:32:44:6d:a2:79:4f:08:ce:ca:a0:8c:d8:ec:
         1c:07:bd:fe:05:db:62:f4:02:c4:91:b7:ba:09:6c:e7:de:01:
         6f:27:c5:35:29:97:69:ff:47:c4:85:94:05:3a:41:df:6b:4b:
         51:7f:b3:0c:2e:f2:dd:48:8d:fc:e4:d1:1f:2b:90:f7:9c:2f:
         66:37:dd:70:94:9a:06:cb:74:da:b0:23:55:31:50:5a:23:73:
         6c:66:f8:59:8f:e6:03:6d:2c:81:87:d8:88:1f:00:c0:e5:7e:
         9e:84:f2:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJm8x4GsVC3LGnYZB0BkIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzk3ZWI1ZjlhYTlhYmU1MjAwOGNlN2YyMWFiNDRhZmRl
ZWEwZDAwHhcNMjUxMTExMDkwMTUyWhcNMjUxMTEyMDkwMTUyWjAzMTEwLwYDVQQD
EyhiOTU2ZTBkZDIwYzE0Y2E5M2VlNDFiNjQxMDNhYzBjZTc4NmYwYmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wtpmc8e/l8Ez09b2RN+jr8eZIAM
NSO1mPl/ArD45TR/cW+sNo6RVVXatKpUiWCPe4L/IqRXpmsuGx+vBrdoi/V3H2zo
sFGsiznhYW8aZOihlcxlHhKRxJqqnBHrRRkoOA7RUIhYRHLkFyd3Da2Tvhfjmn28
yk23da/9E79qggwaFhDa8WZAKUkMCZF+Fw2J9lNO7ObjPhfUBYkdOiVf1nEfmwXo
Leo9WVfgFDL7+YLtzLtUPHw1djHIVIc2BgYYzh1+yiUzegFa8fSdTsCTzIHfuOaA
LCCskixqmetpSnVQJnBaOCCzqK5b0w0tmWZ5W/SrzCfVBP9uO8I6JeXsBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlW4N0gwUypPuQbZBA6wM54bwvZMB8GA1UdIwQY
MBaAFBB5frX5qpq+UgCM5/IatEr97qDQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEt
OGRiNzA4MzQ3NDM4LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEtOGRiNzA4MzQ3NDM4
LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT2A0xteh
wQL3/bpvPQrQWWlaUK070r0Lyv1SCYJS/gdcPbCCD9oHfGQj6Jx0DEo06I6G5iUh
lOPh5rEpxflL7e1Gt4Jvd4IGBnrevPa2AopE7g/bqXIRdzo+I6eFVcoQA23rlD2d
RIivxwkp5qjIzX/YBBdEIxQwbVM/voR4HG0gEKYpsHmmL0zEuoJh+epWhv/Ftvcy
RG2ieU8IzsqgjNjsHAe9/gXbYvQCxJG3ugls594BbyfFNSmXaf9HxIWUBTpB32tL
UX+zDC7y3UiN/OTRHyuQ95wvZjfdcJSaBst02rAjVTFQWiNzbGb4WY/mA20sgYfY
iB8AwOV+noTy3g==
-----END CERTIFICATE-----