Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
File:                     CEaS7DDzfffcteR600auvetx_DA.mft (raw, json)
Hash identifier:          WZq54DVvrIvE8fzff29qyDU4HoSihimYUVPgCWDuQJ0=
Subject key identifier:   C3:34:7B:3D:F6:C2:2C:30:A2:22:C5:48:17:C4:D2:5B:B7:84:10:54
Authority key identifier: 08:46:92:EC:30:F3:7D:F7:DC:B5:E4:7A:D3:46:AE:BD:EB:71:FC:30
Certificate issuer:       /CN=084692ec30f37df7dcb5e47ad346aebdeb71fc30
Certificate serial:       019D9B51777119B959D355AF2BBDE589415F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 12:01:40 +0000
Manifest this update:     Fri 17 Apr 2026 12:01:40 +0000
Manifest next update:     Sat 18 Apr 2026 12:01:40 +0000
Files and hashes:         1: CEaS7DDzfffcteR600auvetx_DA.crl (hash: 4rWxEPsMvE/G71Q+0nndLnyNOhUV9RKq/4C3wMh1RWQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:51:77:71:19:b9:59:d3:55:af:2b:bd:e5:89:41:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=084692ec30f37df7dcb5e47ad346aebdeb71fc30
        Validity
            Not Before: Apr 17 12:01:40 2026 GMT
            Not After : Apr 18 12:01:40 2026 GMT
        Subject: CN=c3347b3df6c22c30a222c54817c4d25bb7841054
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:18:32:16:7d:0c:a0:67:0e:40:75:f2:31:9f:
                    6c:1f:38:3f:81:2a:cd:c4:b6:fc:cc:98:30:d6:88:
                    6b:74:f8:3b:3f:17:59:8a:03:e7:f5:3f:29:f7:a0:
                    8d:ea:51:6a:79:e2:ae:25:4a:96:5d:0a:99:e9:51:
                    d1:98:50:d9:4f:58:19:94:08:bb:e9:93:44:1c:28:
                    3f:43:c0:4f:5f:d0:27:48:b4:81:3a:44:b1:ad:8f:
                    cb:97:9b:1d:01:17:94:ab:32:a0:0b:d6:b9:79:9b:
                    7f:00:30:34:79:fe:dc:d8:ed:c9:8b:f9:11:a4:f7:
                    64:7b:c2:3c:8d:93:53:e4:d4:c3:82:c4:16:a7:0c:
                    c7:63:03:ce:fd:c5:a7:24:55:c6:d8:62:82:50:42:
                    0d:87:cf:d0:a7:22:ce:61:d5:60:cc:8e:54:d6:de:
                    9b:25:f5:4f:52:da:8a:ee:b7:8b:ff:bb:2c:2c:07:
                    58:bf:4a:c0:72:1b:7e:ff:32:95:bc:ef:90:18:23:
                    47:3c:bf:bd:94:89:be:7b:f3:24:5a:67:48:b9:09:
                    e4:38:3a:59:4e:50:fb:c3:7b:3d:11:0f:68:5d:ef:
                    ed:65:ae:db:5a:80:62:a1:92:c9:b3:62:07:ac:71:
                    db:08:52:95:7d:86:ba:41:eb:f4:61:0d:fe:56:11:
                    e0:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:34:7B:3D:F6:C2:2C:30:A2:22:C5:48:17:C4:D2:5B:B7:84:10:54
            X509v3 Authority Key Identifier:
                keyid:08:46:92:EC:30:F3:7D:F7:DC:B5:E4:7A:D3:46:AE:BD:EB:71:FC:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:e3:cd:26:30:3f:c7:c9:63:8b:e6:03:d4:65:ae:f6:1f:0a:
         2f:ef:56:a6:4a:f1:2c:14:5a:af:81:94:dc:80:09:bb:3e:61:
         cc:1e:31:2a:bc:17:f3:17:c2:37:17:b2:a0:78:cf:05:a5:73:
         54:f8:f2:f5:5a:00:42:70:04:56:1b:d6:bd:4a:e0:dd:b1:bd:
         65:0d:6e:c5:ef:5a:27:8b:cd:c4:43:e3:bc:21:f6:49:4d:48:
         85:80:d3:b4:4a:11:6b:24:ec:f2:1b:94:d1:ee:b9:3f:ba:42:
         d2:86:6b:97:1f:25:3a:60:43:06:7a:9c:fe:9e:2d:6b:de:6c:
         79:e8:ef:3e:1f:f1:bb:15:75:7f:aa:b3:51:18:15:b4:3d:24:
         07:1a:f7:98:14:09:6e:7e:15:76:b6:be:5a:78:5c:d0:d4:33:
         e8:29:ee:96:54:ea:da:95:35:4a:c4:4d:c1:d2:eb:26:2d:cf:
         8c:b6:3a:b3:d0:59:c7:b7:6f:05:65:24:d3:25:6f:c5:b8:c8:
         ea:23:f6:cc:71:58:37:bb:d4:23:14:9a:a1:38:13:51:2c:9e:
         43:53:96:c4:83:5e:af:c4:b3:ff:a4:e7:a1:cf:2f:66:4f:c6:
         ee:56:77:9f:8f:28:18:21:3c:96:ea:1a:a6:64:ae:44:36:b7:
         10:b7:d1:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUXdxGblZ01WvK73liUFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDY5MmVjMzBmMzdkZjdkY2I1ZTQ3YWQzNDZhZWJkZWI3
MWZjMzAwHhcNMjYwNDE3MTIwMTQwWhcNMjYwNDE4MTIwMTQwWjAzMTEwLwYDVQQD
EyhjMzM0N2IzZGY2YzIyYzMwYTIyMmM1NDgxN2M0ZDI1YmI3ODQxMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBgyFn0MoGcOQHXyMZ9sHzg/gSrN
xLb8zJgw1ohrdPg7PxdZigPn9T8p96CN6lFqeeKuJUqWXQqZ6VHRmFDZT1gZlAi7
6ZNEHCg/Q8BPX9AnSLSBOkSxrY/Ll5sdAReUqzKgC9a5eZt/ADA0ef7c2O3Ji/kR
pPdke8I8jZNT5NTDgsQWpwzHYwPO/cWnJFXG2GKCUEINh8/QpyLOYdVgzI5U1t6b
JfVPUtqK7reL/7ssLAdYv0rAcht+/zKVvO+QGCNHPL+9lIm+e/MkWmdIuQnkODpZ
TlD7w3s9EQ9oXe/tZa7bWoBioZLJs2IHrHHbCFKVfYa6Qev0YQ3+VhHg2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMM0ez32wiwwoiLFSBfE0lu3hBBUMB8GA1UdIwQY
MBaAFAhGkuww83333LXketNGrr3rcfwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8wZmQwMTMtYWI3Zi00NTNjLTkxMjIt
MTEzMzc0YzQ4NzYzLzEvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8wZmQwMTMtYWI3Zi00NTNjLTkxMjItMTEzMzc0YzQ4NzYz
LzEvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeuPNJjA/
x8lji+YD1GWu9h8KL+9WpkrxLBRar4GU3IAJuz5hzB4xKrwX8xfCNxeyoHjPBaVz
VPjy9VoAQnAEVhvWvUrg3bG9ZQ1uxe9aJ4vNxEPjvCH2SU1IhYDTtEoRayTs8huU
0e65P7pC0oZrlx8lOmBDBnqc/p4ta95seejvPh/xuxV1f6qzURgVtD0kBxr3mBQJ
bn4Vdra+Wnhc0NQz6CnullTq2pU1SsRNwdLrJi3PjLY6s9BZx7dvBWUk0yVvxbjI
6iP2zHFYN7vUIxSaoTgTUSyeQ1OWxINer8Sz/6Tnoc8vZk/G7lZ3n48oGCE8luoa
pmSuRDa3ELfRxg==
-----END CERTIFICATE-----