Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
File:                     7HDF2GfeIA8BSGsaiAqUuEldciA.mft (raw, json)
Hash identifier:          SvNynig6kwo8floRfG6O54KlbFkfgRNtrqWEdKlu8gI=
Subject key identifier:   E5:C6:CA:30:6C:DD:15:B3:C4:D0:A0:EF:3C:7B:BD:85:A6:64:9B:3F
Authority key identifier: EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20
Certificate issuer:       /CN=ec70c5d867de200f01486b1a880a94b8495d7220
Certificate serial:       019D386649271D678D661E4BB7993D7DA1A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
Manifest number:          1151
Signing time:             Sun 29 Mar 2026 07:02:00 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:00 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:00 +0000
Files and hashes:         1: 7HDF2GfeIA8BSGsaiAqUuEldciA.crl (hash: WQFd4t1Y5r7iyQ7PjyXNzWSA3gbph6M+jcn6l5TVqHQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:49:27:1d:67:8d:66:1e:4b:b7:99:3d:7d:a1:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec70c5d867de200f01486b1a880a94b8495d7220
        Validity
            Not Before: Mar 29 07:02:00 2026 GMT
            Not After : Mar 30 07:02:00 2026 GMT
        Subject: CN=e5c6ca306cdd15b3c4d0a0ef3c7bbd85a6649b3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:3a:87:3b:ea:cd:42:71:07:2e:9b:39:3a:71:
                    43:9a:67:e3:61:ec:b7:bc:58:57:cd:6c:d8:9f:99:
                    bc:27:42:23:c8:88:26:28:19:dd:59:93:f4:d4:3f:
                    61:fc:81:d5:30:81:ff:ec:1a:91:8d:e4:2d:44:79:
                    5b:32:f0:0f:46:d0:53:96:9e:48:96:4d:b7:29:37:
                    26:15:55:8f:ec:68:84:9b:f7:d2:0d:27:6c:52:5a:
                    b8:6e:c6:a5:3f:92:5e:96:2c:1b:f9:7b:68:36:52:
                    f1:22:86:e9:6a:88:d1:7d:e3:44:00:7f:aa:5f:f9:
                    02:26:7f:2b:70:98:c2:03:24:8d:2f:20:2a:62:ed:
                    e6:f7:f7:45:71:7f:97:74:f1:13:3e:55:76:69:42:
                    93:e5:22:54:e0:24:ec:4a:1b:15:f3:7e:6b:ad:90:
                    dd:d0:b3:69:31:f1:98:6c:e9:16:83:7f:14:d2:f3:
                    f3:77:72:ad:10:86:d1:7d:84:51:c3:65:bd:b9:d7:
                    79:94:e2:bb:7a:33:10:e0:cf:f3:96:c1:f0:a2:3f:
                    ab:7e:e9:6e:df:2d:b6:a6:a9:5f:2f:5e:d7:72:e1:
                    27:c1:20:8f:79:14:82:a5:a9:b7:32:a5:02:b3:32:
                    87:b5:fb:00:10:8c:6b:f9:89:96:29:f5:3f:95:46:
                    b1:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:C6:CA:30:6C:DD:15:B3:C4:D0:A0:EF:3C:7B:BD:85:A6:64:9B:3F
            X509v3 Authority Key Identifier:
                keyid:EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:19:68:cd:71:86:d1:b5:0c:9b:5d:f7:36:18:fd:53:af:7e:
         38:3c:53:13:84:ed:ae:8f:2b:99:e3:90:69:75:b4:d1:4e:b4:
         f8:46:ea:0e:e3:8f:bb:50:67:bc:45:f5:ba:14:98:b6:63:3c:
         61:c2:5c:21:f1:4f:e9:f4:3d:f7:9f:5f:67:30:ce:e6:a1:59:
         1a:c5:15:6b:f6:ab:01:c2:00:63:25:f7:f2:f0:fb:d2:e1:48:
         9c:63:32:17:ab:3d:2e:a5:ef:40:e7:6a:2b:03:fd:b4:80:11:
         63:5f:8a:42:b0:c0:7b:51:cf:9e:c0:48:a2:17:ae:4c:ae:40:
         93:51:28:66:77:59:19:79:8b:77:e4:73:7e:e1:75:c8:b7:53:
         02:52:a5:51:a1:2c:cb:08:d7:93:c5:66:56:d1:0e:ac:6f:66:
         93:3d:a0:3f:3b:3e:22:65:69:f6:2f:d0:94:18:a2:c1:a5:44:
         d9:d0:73:ec:6a:1a:4a:c1:25:e2:66:98:85:41:f8:72:4c:dd:
         ad:63:66:c9:05:9a:4a:b4:ad:6d:32:70:c2:c3:da:cc:73:d9:
         da:54:05:0b:08:33:3e:89:ad:e7:65:38:1f:bb:a8:dc:6d:cf:
         81:e2:ee:25:78:aa:2e:34:c8:ae:33:53:3e:f6:76:46:c5:fc:
         f9:1b:b3:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZkknHWeNZh5Lt5k9faGmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNzBjNWQ4NjdkZTIwMGYwMTQ4NmIxYTg4MGE5NGI4NDk1
ZDcyMjAwHhcNMjYwMzI5MDcwMjAwWhcNMjYwMzMwMDcwMjAwWjAzMTEwLwYDVQQD
EyhlNWM2Y2EzMDZjZGQxNWIzYzRkMGEwZWYzYzdiYmQ4NWE2NjQ5YjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzqHO+rNQnEHLps5OnFDmmfjYey3
vFhXzWzYn5m8J0IjyIgmKBndWZP01D9h/IHVMIH/7BqRjeQtRHlbMvAPRtBTlp5I
lk23KTcmFVWP7GiEm/fSDSdsUlq4bsalP5Jeliwb+XtoNlLxIobpaojRfeNEAH+q
X/kCJn8rcJjCAySNLyAqYu3m9/dFcX+XdPETPlV2aUKT5SJU4CTsShsV835rrZDd
0LNpMfGYbOkWg38U0vPzd3KtEIbRfYRRw2W9udd5lOK7ejMQ4M/zlsHwoj+rfulu
3y22pqlfL17XcuEnwSCPeRSCpam3MqUCszKHtfsAEIxr+YmWKfU/lUaxMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOXGyjBs3RWzxNCg7zx7vYWmZJs/MB8GA1UdIwQY
MBaAFOxwxdhn3iAPAUhrGogKlLhJXXIgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQt
YzVhZDE1M2MyZDQ2LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQtYzVhZDE1M2MyZDQ2
LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFBlozXGG
0bUMm133Nhj9U69+ODxTE4Ttro8rmeOQaXW00U60+EbqDuOPu1BnvEX1uhSYtmM8
YcJcIfFP6fQ9959fZzDO5qFZGsUVa/arAcIAYyX38vD70uFInGMyF6s9LqXvQOdq
KwP9tIARY1+KQrDAe1HPnsBIoheuTK5Ak1EoZndZGXmLd+RzfuF1yLdTAlKlUaEs
ywjXk8VmVtEOrG9mkz2gPzs+ImVp9i/QlBiiwaVE2dBz7GoaSsEl4maYhUH4ckzd
rWNmyQWaSrStbTJwwsPazHPZ2lQFCwgzPomt52U4H7uo3G3PgeLuJXiqLjTIrjNT
PvZ2RsX8+Ruzaw==
-----END CERTIFICATE-----