Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
File:                     EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft (raw, json)
Hash identifier:          HhUBYOxKHmP04191x4oC+SUIFj4O+MhWYAH81i3PNdc=
Subject key identifier:   14:98:B0:06:A3:A6:5F:9F:99:06:14:CC:3D:B5:C0:FE:CD:D4:87:A8
Authority key identifier: 10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0
Certificate issuer:       /CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
Certificate serial:       019D38D2BEFE358C1E48C780CEBCBD004456
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 09:00:28 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:28 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:28 +0000
Files and hashes:         1: EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl (hash: jJwtJfe6FLCYu8wmHcckhGMLlglRYLmdwFLsnqRx5yM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:be:fe:35:8c:1e:48:c7:80:ce:bc:bd:00:44:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
        Validity
            Not Before: Mar 29 09:00:28 2026 GMT
            Not After : Mar 30 09:00:28 2026 GMT
        Subject: CN=1498b006a3a65f9f990614cc3db5c0fecdd487a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:83:be:55:46:6d:0e:78:7f:98:2a:6d:77:24:
                    32:43:f6:e8:98:a1:00:ce:02:f4:7a:d0:fb:65:d1:
                    ee:67:99:47:95:6b:72:03:08:d5:d7:40:e8:f2:30:
                    a4:f3:94:66:fa:f9:38:d8:1e:c6:08:66:47:47:2c:
                    01:b2:a3:8e:d9:2a:b8:60:f7:9f:19:3d:58:95:0d:
                    04:55:d6:26:b4:6c:ca:89:0d:8a:41:20:b5:f9:48:
                    7f:95:ff:fd:ab:7a:88:3a:61:1f:bc:66:64:c4:4e:
                    23:03:d1:2d:22:1c:ca:34:ba:e8:6b:f0:91:6c:2a:
                    c2:6d:32:24:b1:cc:f8:b3:b1:55:89:f9:5b:5c:e0:
                    be:70:58:17:32:42:aa:e2:ec:6f:da:17:d0:ca:bf:
                    0a:7d:14:14:9c:9b:b4:c6:83:9b:46:e1:dc:c9:a8:
                    07:60:11:10:10:9c:4d:5c:a6:c6:28:d8:c4:4b:8a:
                    54:cb:d0:a0:9c:f9:4e:04:a0:e6:21:ea:39:7d:b3:
                    4e:10:fb:78:9b:f3:9d:9d:9f:d3:32:36:57:90:37:
                    a3:5d:0f:65:1d:3b:32:00:49:a2:1e:7c:66:54:ee:
                    65:5f:79:80:83:ce:72:75:cd:23:46:b2:ad:fc:7d:
                    84:17:d0:17:2c:c3:0a:ed:3a:d8:3f:d8:c0:c9:62:
                    b0:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:98:B0:06:A3:A6:5F:9F:99:06:14:CC:3D:B5:C0:FE:CD:D4:87:A8
            X509v3 Authority Key Identifier:
                keyid:10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:aa:1e:35:c0:f6:26:ce:92:db:f7:c0:22:3e:e0:b4:2c:e7:
         c8:b4:a6:15:f4:fa:55:a5:2b:37:45:87:0a:89:a6:c9:38:4f:
         cc:25:9c:98:05:1e:c2:e2:6d:cd:88:e1:65:f7:c1:b3:59:9f:
         aa:d0:67:7e:77:1d:ba:82:67:cc:f1:14:41:ca:c5:1c:37:0b:
         8b:fa:bb:43:3b:dc:00:93:db:90:0a:a3:6a:97:19:13:c4:5b:
         0d:37:f8:48:7e:ea:90:fc:fd:58:d8:03:fc:5f:eb:27:36:ad:
         c1:70:27:a7:cd:ec:c7:85:83:d0:ab:09:6b:0e:43:b2:64:94:
         9c:3a:48:9e:05:01:12:8f:5c:b9:dc:a8:84:66:ee:e1:60:6e:
         05:d9:09:9c:ba:89:88:ee:e0:1e:24:09:78:eb:1d:98:38:75:
         cf:12:bc:28:b7:c4:ae:5a:68:17:21:a3:f2:9a:d7:51:d0:df:
         57:97:f9:6a:5c:51:9a:e9:89:d0:98:5b:cf:f0:bc:94:0a:22:
         2e:53:bc:d9:ef:0b:97:bb:5b:21:d6:b9:02:93:d4:bf:ac:07:
         9f:38:c4:4c:bd:91:04:af:e2:0e:57:bd:28:a1:a6:cb:36:1b:
         ad:30:31:f4:47:65:06:c4:13:97:e6:f5:1b:89:b8:90:07:95:
         cd:f6:23:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040r7+NYweSMeAzry9AERWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzk3ZWI1ZjlhYTlhYmU1MjAwOGNlN2YyMWFiNDRhZmRl
ZWEwZDAwHhcNMjYwMzI5MDkwMDI4WhcNMjYwMzMwMDkwMDI4WjAzMTEwLwYDVQQD
EygxNDk4YjAwNmEzYTY1ZjlmOTkwNjE0Y2MzZGI1YzBmZWNkZDQ4N2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4O+VUZtDnh/mCptdyQyQ/bomKEA
zgL0etD7ZdHuZ5lHlWtyAwjV10Do8jCk85Rm+vk42B7GCGZHRywBsqOO2Sq4YPef
GT1YlQ0EVdYmtGzKiQ2KQSC1+Uh/lf/9q3qIOmEfvGZkxE4jA9EtIhzKNLroa/CR
bCrCbTIkscz4s7FViflbXOC+cFgXMkKq4uxv2hfQyr8KfRQUnJu0xoObRuHcyagH
YBEQEJxNXKbGKNjES4pUy9CgnPlOBKDmIeo5fbNOEPt4m/OdnZ/TMjZXkDejXQ9l
HTsyAEmiHnxmVO5lX3mAg85ydc0jRrKt/H2EF9AXLMMK7TrYP9jAyWKwPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSYsAajpl+fmQYUzD21wP7N1IeoMB8GA1UdIwQY
MBaAFBB5frX5qpq+UgCM5/IatEr97qDQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEt
OGRiNzA4MzQ3NDM4LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEtOGRiNzA4MzQ3NDM4
LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG6oeNcD2
Js6S2/fAIj7gtCznyLSmFfT6VaUrN0WHCommyThPzCWcmAUewuJtzYjhZffBs1mf
qtBnfncduoJnzPEUQcrFHDcLi/q7QzvcAJPbkAqjapcZE8RbDTf4SH7qkPz9WNgD
/F/rJzatwXAnp83sx4WD0KsJaw5DsmSUnDpIngUBEo9cudyohGbu4WBuBdkJnLqJ
iO7gHiQJeOsdmDh1zxK8KLfErlpoFyGj8prXUdDfV5f5alxRmumJ0Jhbz/C8lAoi
LlO82e8Ll7tbIda5ApPUv6wHnzjETL2RBK/iDle9KKGmyzYbrTAx9EdlBsQTl+b1
G4m4kAeVzfYjqA==
-----END CERTIFICATE-----