Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
File:                     7HDF2GfeIA8BSGsaiAqUuEldciA.mft (raw, json)
Hash identifier:          Epqq/ZFyTr/FaRkUNdC9XopCQKggIx6YdnaySyHMTes=
Subject key identifier:   82:45:0C:29:F1:E9:6A:64:B7:F8:0D:DA:7E:F9:E4:76:6B:B8:D0:6C
Authority key identifier: EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20
Certificate issuer:       /CN=ec70c5d867de200f01486b1a880a94b8495d7220
Certificate serial:       019E2F974EA02B28C4581D539B1810C1CCEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
Manifest number:          11D1
Signing time:             Sat 16 May 2026 07:01:45 +0000
Manifest this update:     Sat 16 May 2026 07:01:45 +0000
Manifest next update:     Sun 17 May 2026 07:01:45 +0000
Files and hashes:         1: 7HDF2GfeIA8BSGsaiAqUuEldciA.crl (hash: VYfPdrgUBrOUgDY0HG/fdEXgjYiYpArYK7ASs6FmcEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:97:4e:a0:2b:28:c4:58:1d:53:9b:18:10:c1:cc:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec70c5d867de200f01486b1a880a94b8495d7220
        Validity
            Not Before: May 16 07:01:45 2026 GMT
            Not After : May 17 07:01:45 2026 GMT
        Subject: CN=82450c29f1e96a64b7f80dda7ef9e4766bb8d06c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e6:22:e2:6b:77:57:a4:68:bc:0f:f0:30:4c:
                    c0:d8:76:b1:5e:44:a0:d9:40:84:67:f2:ed:7a:14:
                    8f:bf:e5:a8:50:ff:15:7e:4e:7b:c5:f1:0b:70:31:
                    30:e0:a9:3d:1e:fa:79:11:56:2d:58:58:29:61:ef:
                    c8:16:dc:cf:bd:0d:a5:7d:0f:72:d6:25:0d:64:51:
                    8b:0c:b2:ba:99:87:f2:5e:47:30:4f:b8:22:5d:02:
                    47:e8:0d:ef:b8:18:1f:d9:cf:59:42:c1:c9:a5:99:
                    1a:2b:49:08:d5:15:da:f1:cc:cf:a7:b9:0e:4b:36:
                    25:36:cd:14:e1:5a:e2:8e:1e:d8:d4:b3:fc:2e:d4:
                    ef:c2:5a:55:ad:1e:a2:1a:b6:25:b7:70:8f:99:09:
                    5a:e3:09:9d:cf:23:50:c1:2e:1d:41:0c:3d:83:80:
                    c7:bf:04:1d:f4:de:da:0a:5b:e6:47:94:38:f3:da:
                    83:7f:25:b4:3d:58:34:3d:23:70:0e:eb:13:41:7c:
                    af:c0:fa:47:3c:cf:b5:81:6a:a6:5e:48:25:79:94:
                    3c:df:74:fd:3c:e6:e2:10:13:db:b8:ed:2c:19:8d:
                    89:93:2f:35:b6:ab:c4:87:be:e8:51:73:a9:c6:d7:
                    df:6a:08:e3:69:48:fc:ab:2d:05:34:a3:0e:b9:82:
                    2d:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:45:0C:29:F1:E9:6A:64:B7:F8:0D:DA:7E:F9:E4:76:6B:B8:D0:6C
            X509v3 Authority Key Identifier:
                keyid:EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:bf:ce:a9:04:1c:95:f3:cb:19:93:6b:f1:35:4a:0d:84:5c:
         88:db:27:97:a4:06:6f:50:81:46:46:3b:83:4b:75:7a:1e:b5:
         85:d0:6f:46:b0:9d:3a:68:eb:15:39:c9:d6:4b:b0:c5:31:e5:
         e7:05:5b:3e:a0:22:ce:76:83:68:5e:75:9f:5f:8e:72:81:4e:
         ef:10:0d:a0:1a:c1:97:62:d4:03:1f:59:42:60:ab:91:16:2c:
         7d:3e:f4:94:03:2e:c7:7d:de:03:b2:14:e0:71:95:a1:14:f1:
         51:48:5c:1a:9e:98:d9:5c:e8:ab:a6:75:e9:9b:10:7e:21:d7:
         c1:0d:99:f4:50:3c:8c:9e:c7:bd:99:97:82:3c:61:e0:48:a5:
         85:85:41:ed:f4:d1:75:ca:f8:f0:73:78:27:58:4b:e1:8e:51:
         0e:dd:07:01:e2:9f:ba:08:af:d5:4e:4c:45:b6:ec:15:30:1a:
         fd:66:cc:99:df:84:67:bd:f2:09:64:90:b6:55:32:56:3e:a2:
         a1:f4:2b:e4:9a:4c:e9:a8:60:44:67:09:1f:58:af:0b:1f:8f:
         15:66:c6:02:be:20:08:6e:fe:7b:b5:46:a7:08:c6:d1:dc:8e:
         a1:40:85:b6:5e:0c:29:37:3f:50:f4:d7:c7:61:db:ff:4b:c5:
         a0:bd:c5:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vl06gKyjEWB1TmxgQwczqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNzBjNWQ4NjdkZTIwMGYwMTQ4NmIxYTg4MGE5NGI4NDk1
ZDcyMjAwHhcNMjYwNTE2MDcwMTQ1WhcNMjYwNTE3MDcwMTQ1WjAzMTEwLwYDVQQD
Eyg4MjQ1MGMyOWYxZTk2YTY0YjdmODBkZGE3ZWY5ZTQ3NjZiYjhkMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+Yi4mt3V6RovA/wMEzA2HaxXkSg
2UCEZ/LtehSPv+WoUP8Vfk57xfELcDEw4Kk9Hvp5EVYtWFgpYe/IFtzPvQ2lfQ9y
1iUNZFGLDLK6mYfyXkcwT7giXQJH6A3vuBgf2c9ZQsHJpZkaK0kI1RXa8czPp7kO
SzYlNs0U4Vrijh7Y1LP8LtTvwlpVrR6iGrYlt3CPmQla4wmdzyNQwS4dQQw9g4DH
vwQd9N7aClvmR5Q489qDfyW0PVg0PSNwDusTQXyvwPpHPM+1gWqmXkgleZQ833T9
PObiEBPbuO0sGY2Jky81tqvEh77oUXOpxtffagjjaUj8qy0FNKMOuYItpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIJFDCnx6Wpkt/gN2n755HZruNBsMB8GA1UdIwQY
MBaAFOxwxdhn3iAPAUhrGogKlLhJXXIgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQt
YzVhZDE1M2MyZDQ2LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQtYzVhZDE1M2MyZDQ2
LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdL/OqQQc
lfPLGZNr8TVKDYRciNsnl6QGb1CBRkY7g0t1eh61hdBvRrCdOmjrFTnJ1kuwxTHl
5wVbPqAiznaDaF51n1+OcoFO7xANoBrBl2LUAx9ZQmCrkRYsfT70lAMux33eA7IU
4HGVoRTxUUhcGp6Y2Vzoq6Z16ZsQfiHXwQ2Z9FA8jJ7HvZmXgjxh4EilhYVB7fTR
dcr48HN4J1hL4Y5RDt0HAeKfugiv1U5MRbbsFTAa/WbMmd+EZ73yCWSQtlUyVj6i
ofQr5JpM6ahgRGcJH1ivCx+PFWbGAr4gCG7+e7VGpwjG0dyOoUCFtl4MKTc/UPTX
x2Hb/0vFoL3F+Q==
-----END CERTIFICATE-----