Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
File:                     CEaS7DDzfffcteR600auvetx_DA.mft (raw, json)
Hash identifier:          KRDu52eOoGNArYSYe17xmbjNhlme+8ZCwDk76Se/+Lw=
Subject key identifier:   9F:15:8E:09:64:82:09:49:83:E3:A3:16:B7:A7:D9:40:B9:2D:DC:B0
Authority key identifier: 08:46:92:EC:30:F3:7D:F7:DC:B5:E4:7A:D3:46:AE:BD:EB:71:FC:30
Certificate issuer:       /CN=084692ec30f37df7dcb5e47ad346aebdeb71fc30
Certificate serial:       019CABD91D759883F3A1154A8AF65A4B7B3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
Manifest number:          1842
Signing time:             Mon 02 Mar 2026 00:00:58 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:58 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:58 +0000
Files and hashes:         1: CEaS7DDzfffcteR600auvetx_DA.crl (hash: ih+d0QlztzyhDFp/AnQ3ijKjEL/slGzmLxLjqS5zPBA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:1d:75:98:83:f3:a1:15:4a:8a:f6:5a:4b:7b:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=084692ec30f37df7dcb5e47ad346aebdeb71fc30
        Validity
            Not Before: Mar  2 00:00:58 2026 GMT
            Not After : Mar  3 00:00:58 2026 GMT
        Subject: CN=9f158e096482094983e3a316b7a7d940b92ddcb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:7b:4f:d2:f2:df:10:05:0b:0b:9c:80:36:83:
                    a8:c1:d9:af:22:2c:2f:b2:64:44:3c:d6:47:18:95:
                    18:cf:7e:d4:0e:09:aa:a7:50:a2:34:fa:75:58:d6:
                    a1:7f:e7:d4:07:0e:eb:d0:6d:06:59:be:c8:7a:ce:
                    f5:98:91:65:34:c2:92:41:e4:f0:62:83:b7:47:bd:
                    4e:c2:23:cc:72:57:b9:88:47:a4:22:ab:8a:21:38:
                    95:e6:a1:c7:91:07:3c:ac:81:38:91:b1:19:12:0e:
                    07:9f:a1:63:fc:dc:ee:21:0b:a4:aa:d1:c0:fe:26:
                    b9:6b:08:b8:6c:03:c2:10:e8:2c:3b:cc:a2:54:43:
                    76:ae:de:28:39:c6:e6:0b:76:dc:16:b0:ea:c2:b6:
                    da:e8:88:0b:96:9c:1f:68:a3:d1:bc:ea:23:43:90:
                    74:1e:6b:92:18:a3:57:53:86:49:fd:32:1f:d0:4d:
                    53:62:e6:65:4d:4a:f8:3d:0e:66:71:a5:3e:0d:4e:
                    e7:66:f0:bd:48:b5:1e:d3:aa:99:1d:90:e9:d6:5f:
                    64:81:33:d8:93:b7:c1:07:72:4d:56:35:5e:ad:34:
                    6c:c4:b8:f2:dd:39:52:bb:b8:4f:56:d7:02:d5:fc:
                    a5:db:04:f4:d3:5b:8c:64:f7:60:98:bb:3e:8d:b9:
                    f6:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:15:8E:09:64:82:09:49:83:E3:A3:16:B7:A7:D9:40:B9:2D:DC:B0
            X509v3 Authority Key Identifier:
                keyid:08:46:92:EC:30:F3:7D:F7:DC:B5:E4:7A:D3:46:AE:BD:EB:71:FC:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:6d:9d:76:8a:80:52:45:d4:b5:73:55:83:e6:19:d5:5d:f6:
         07:6e:8f:d7:7d:2a:46:e2:5c:d4:1c:44:d0:d6:b0:cc:2c:73:
         8b:8c:72:15:8d:cf:17:0b:6f:04:76:c7:6f:62:ab:31:4b:d5:
         03:fc:14:08:09:0d:59:65:4f:0e:64:30:6e:a6:8c:d2:d2:9b:
         0a:23:59:47:80:7b:b1:87:cc:ba:27:b8:5f:1d:11:84:bf:25:
         79:da:04:a1:fb:66:88:c3:33:0b:28:be:b7:7a:93:06:df:bc:
         ca:d8:83:42:c5:b5:10:57:3f:9f:42:22:78:48:d9:78:80:84:
         22:7b:4d:53:e2:a8:5e:9c:12:95:9d:3f:57:c5:66:2a:e5:97:
         e5:a2:d7:a8:a1:f1:e3:0f:bf:58:7d:22:34:3d:e5:bc:52:0c:
         ea:a5:a5:67:5d:04:9e:0c:fa:64:69:cf:f7:fb:bb:37:f4:9c:
         5e:75:73:c2:54:99:55:a0:61:d4:37:e8:1c:52:67:24:35:fb:
         1a:9d:75:c3:f0:e4:de:03:88:c2:23:f6:f1:88:49:9f:b3:7d:
         5e:a5:8b:10:ea:12:32:18:fa:f1:8a:fa:e4:f6:54:6c:a3:70:
         44:2f:f3:16:bf:fd:1f:45:7a:17:f1:9c:e3:2a:02:c3:df:15:
         25:0c:ad:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2R11mIPzoRVKivZaS3s9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDY5MmVjMzBmMzdkZjdkY2I1ZTQ3YWQzNDZhZWJkZWI3
MWZjMzAwHhcNMjYwMzAyMDAwMDU4WhcNMjYwMzAzMDAwMDU4WjAzMTEwLwYDVQQD
Eyg5ZjE1OGUwOTY0ODIwOTQ5ODNlM2EzMTZiN2E3ZDk0MGI5MmRkY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03tP0vLfEAULC5yANoOowdmvIiwv
smREPNZHGJUYz37UDgmqp1CiNPp1WNahf+fUBw7r0G0GWb7Ies71mJFlNMKSQeTw
YoO3R71OwiPMcle5iEekIquKITiV5qHHkQc8rIE4kbEZEg4Hn6Fj/NzuIQukqtHA
/ia5awi4bAPCEOgsO8yiVEN2rt4oOcbmC3bcFrDqwrba6IgLlpwfaKPRvOojQ5B0
HmuSGKNXU4ZJ/TIf0E1TYuZlTUr4PQ5mcaU+DU7nZvC9SLUe06qZHZDp1l9kgTPY
k7fBB3JNVjVerTRsxLjy3TlSu7hPVtcC1fyl2wT001uMZPdgmLs+jbn2mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8VjglkgglJg+OjFren2UC5LdywMB8GA1UdIwQY
MBaAFAhGkuww83333LXketNGrr3rcfwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8wZmQwMTMtYWI3Zi00NTNjLTkxMjIt
MTEzMzc0YzQ4NzYzLzEvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8wZmQwMTMtYWI3Zi00NTNjLTkxMjItMTEzMzc0YzQ4NzYz
LzEvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgG2ddoqA
UkXUtXNVg+YZ1V32B26P130qRuJc1BxE0NawzCxzi4xyFY3PFwtvBHbHb2KrMUvV
A/wUCAkNWWVPDmQwbqaM0tKbCiNZR4B7sYfMuie4Xx0RhL8ledoEoftmiMMzCyi+
t3qTBt+8ytiDQsW1EFc/n0IieEjZeICEIntNU+KoXpwSlZ0/V8VmKuWX5aLXqKHx
4w+/WH0iND3lvFIM6qWlZ10Engz6ZGnP9/u7N/ScXnVzwlSZVaBh1DfoHFJnJDX7
Gp11w/Dk3gOIwiP28YhJn7N9XqWLEOoSMhj68Yr65PZUbKNwRC/zFr/9H0V6F/Gc
4yoCw98VJQyt6w==
-----END CERTIFICATE-----