Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
File:                     CEaS7DDzfffcteR600auvetx_DA.mft (raw, json)
Hash identifier:          RAcjGe0SpsgcTzBcHWv5nggbb3RyxzDldEmspE88NVY=
Subject key identifier:   FE:BC:D8:1E:13:3A:0A:51:43:AF:53:69:1F:7B:BC:29:2B:8A:34:F8
Authority key identifier: 08:46:92:EC:30:F3:7D:F7:DC:B5:E4:7A:D3:46:AE:BD:EB:71:FC:30
Certificate issuer:       /CN=084692ec30f37df7dcb5e47ad346aebdeb71fc30
Certificate serial:       019EC0DBAB0052B4EE0337C747F9D844B134
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
Manifest number:          1956
Signing time:             Sat 13 Jun 2026 12:01:22 +0000
Manifest this update:     Sat 13 Jun 2026 12:01:22 +0000
Manifest next update:     Sun 14 Jun 2026 12:01:22 +0000
Files and hashes:         1: CEaS7DDzfffcteR600auvetx_DA.crl (hash: tQnh8qdsQkupO6JxdsEQcWIKUVdbGuQu8tqPWyhQ/8M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 10:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:db:ab:00:52:b4:ee:03:37:c7:47:f9:d8:44:b1:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=084692ec30f37df7dcb5e47ad346aebdeb71fc30
        Validity
            Not Before: Jun 13 12:01:22 2026 GMT
            Not After : Jun 14 12:01:22 2026 GMT
        Subject: CN=febcd81e133a0a5143af53691f7bbc292b8a34f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:40:3d:70:8a:f1:70:90:89:63:37:c2:37:68:
                    a7:51:bc:4e:dc:0f:e5:c7:90:47:88:89:e7:e7:65:
                    e5:70:42:2f:1c:0d:21:46:ac:d3:9a:33:11:55:d5:
                    6f:93:fc:5e:4c:8a:ef:8e:92:fc:f6:b5:12:be:04:
                    6b:39:10:f5:f6:79:17:d1:49:20:d8:f3:eb:27:de:
                    85:fa:94:70:a3:77:59:ec:31:ca:e3:6a:8b:f5:9a:
                    29:d9:7e:67:57:9d:10:d5:c6:9a:0a:88:8c:26:36:
                    fe:ab:56:93:ee:dd:01:a5:af:63:87:e9:ff:36:e9:
                    3f:4c:89:a3:59:bc:ae:dc:f8:07:7b:f6:11:22:d2:
                    9c:85:54:0e:d7:c4:0a:a2:6b:2f:47:e3:2e:cd:09:
                    42:ad:6c:17:5d:69:0c:dc:3f:b4:46:3c:0c:77:01:
                    f3:13:51:d1:f3:44:d6:d3:cc:68:57:8b:8c:3d:7e:
                    44:c6:db:e8:50:cd:4b:e3:74:4b:29:84:e0:f5:f4:
                    c0:e0:b6:01:53:68:ac:78:f2:35:50:dc:84:2d:ee:
                    70:1c:05:b6:bb:0f:4c:49:02:61:50:b9:f8:71:27:
                    02:48:f3:6e:a8:d0:1a:2d:da:7a:73:02:11:67:17:
                    61:01:24:94:68:b4:03:d6:85:e2:63:f4:9e:d8:62:
                    03:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:BC:D8:1E:13:3A:0A:51:43:AF:53:69:1F:7B:BC:29:2B:8A:34:F8
            X509v3 Authority Key Identifier:
                keyid:08:46:92:EC:30:F3:7D:F7:DC:B5:E4:7A:D3:46:AE:BD:EB:71:FC:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:22:f4:00:b4:ae:e8:f2:24:9a:fe:7b:2a:19:72:7b:3c:ec:
         69:2d:e0:26:e8:3c:a3:07:28:9b:df:d0:23:f7:77:f3:3b:d0:
         4b:0d:8e:8d:8a:8f:f7:65:de:13:7e:e2:a8:08:5f:df:c9:e4:
         35:ed:c7:ea:93:cf:0e:f1:40:c8:7b:27:11:27:8b:01:6d:ea:
         c9:96:02:b3:06:48:91:0e:c4:7e:8f:72:ec:63:21:1d:c5:93:
         77:2a:d8:1f:76:9f:e8:08:3c:66:c8:95:f0:7f:32:45:18:fe:
         f4:20:2d:43:fc:c8:de:b9:bf:f2:13:48:13:3a:eb:37:4e:9c:
         78:86:4b:e7:20:0e:2f:b0:43:de:9e:5a:b1:4a:df:6f:ce:3f:
         da:fc:f9:bb:6f:c6:b5:eb:70:20:3c:f8:37:fc:1c:39:e1:fe:
         e7:c5:7d:22:10:85:9c:82:2c:62:92:ea:47:b1:8f:06:34:5e:
         cc:02:52:3e:5d:74:84:52:c0:8d:cb:d7:0f:91:a7:65:4a:4f:
         42:e8:83:9e:71:58:a8:59:06:37:21:28:0f:f1:ed:6a:0d:76:
         65:96:92:cd:ea:fb:5a:f6:15:ee:7b:36:a1:bd:e8:b5:01:2d:
         81:06:12:70:69:46:ef:09:a3:35:98:e4:e2:78:bb:e5:87:19:
         52:07:a1:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7A26sAUrTuAzfHR/nYRLE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDY5MmVjMzBmMzdkZjdkY2I1ZTQ3YWQzNDZhZWJkZWI3
MWZjMzAwHhcNMjYwNjEzMTIwMTIyWhcNMjYwNjE0MTIwMTIyWjAzMTEwLwYDVQQD
EyhmZWJjZDgxZTEzM2EwYTUxNDNhZjUzNjkxZjdiYmMyOTJiOGEzNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkA9cIrxcJCJYzfCN2inUbxO3A/l
x5BHiInn52XlcEIvHA0hRqzTmjMRVdVvk/xeTIrvjpL89rUSvgRrORD19nkX0Ukg
2PPrJ96F+pRwo3dZ7DHK42qL9Zop2X5nV50Q1caaCoiMJjb+q1aT7t0Bpa9jh+n/
Nuk/TImjWbyu3PgHe/YRItKchVQO18QKomsvR+MuzQlCrWwXXWkM3D+0RjwMdwHz
E1HR80TW08xoV4uMPX5ExtvoUM1L43RLKYTg9fTA4LYBU2isePI1UNyELe5wHAW2
uw9MSQJhULn4cScCSPNuqNAaLdp6cwIRZxdhASSUaLQD1oXiY/Se2GIDTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP682B4TOgpRQ69TaR97vCkrijT4MB8GA1UdIwQY
MBaAFAhGkuww83333LXketNGrr3rcfwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8wZmQwMTMtYWI3Zi00NTNjLTkxMjIt
MTEzMzc0YzQ4NzYzLzEvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8wZmQwMTMtYWI3Zi00NTNjLTkxMjItMTEzMzc0YzQ4NzYz
LzEvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMSL0ALSu
6PIkmv57KhlyezzsaS3gJug8owcom9/QI/d38zvQSw2OjYqP92XeE37iqAhf38nk
Ne3H6pPPDvFAyHsnESeLAW3qyZYCswZIkQ7Efo9y7GMhHcWTdyrYH3af6Ag8ZsiV
8H8yRRj+9CAtQ/zI3rm/8hNIEzrrN06ceIZL5yAOL7BD3p5asUrfb84/2vz5u2/G
tetwIDz4N/wcOeH+58V9IhCFnIIsYpLqR7GPBjRezAJSPl10hFLAjcvXD5GnZUpP
QuiDnnFYqFkGNyEoD/Htag12ZZaSzer7WvYV7ns2ob3otQEtgQYScGlG7wmjNZjk
4ni75YcZUgeh1w==
-----END CERTIFICATE-----