Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
File:                     CEaS7DDzfffcteR600auvetx_DA.mft (raw, json)
Hash identifier:          mbOsaLQdeouCQyTu7NgYXxt1Z4WX0u++oZ4Xz5iZYyM=
Subject key identifier:   EA:4E:51:00:F2:A9:9F:A7:FD:17:B4:56:6D:24:EB:37:F0:4E:8F:D9
Authority key identifier: 08:46:92:EC:30:F3:7D:F7:DC:B5:E4:7A:D3:46:AE:BD:EB:71:FC:30
Certificate issuer:       /CN=084692ec30f37df7dcb5e47ad346aebdeb71fc30
Certificate serial:       019A4D738F0037EEA21374E59D3078FED327
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
Manifest number:          1708
Signing time:             Tue 04 Nov 2025 06:00:10 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:10 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:10 +0000
Files and hashes:         1: CEaS7DDzfffcteR600auvetx_DA.crl (hash: UU5p0zGNwip5MblrmCBHs+VY8lW38XFAa5MlY5xRyNU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:73:8f:00:37:ee:a2:13:74:e5:9d:30:78:fe:d3:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=084692ec30f37df7dcb5e47ad346aebdeb71fc30
        Validity
            Not Before: Nov  4 06:00:10 2025 GMT
            Not After : Nov  5 06:00:10 2025 GMT
        Subject: CN=ea4e5100f2a99fa7fd17b4566d24eb37f04e8fd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:09:11:0d:89:e2:bb:95:8b:45:1f:64:c6:1b:
                    3e:ac:3c:a5:ab:e8:a0:b5:82:fa:a3:a3:24:e8:a8:
                    2c:83:a7:b3:b7:cc:9a:0c:a0:e0:80:2e:a2:7a:ae:
                    97:39:60:6e:5e:57:62:0f:23:a3:11:29:8b:0e:16:
                    25:31:d4:85:25:f3:29:74:58:11:a5:f7:08:91:14:
                    06:ed:d6:df:75:d2:55:ce:6d:9a:9f:4a:8e:47:b0:
                    77:58:5c:d4:6d:cd:3e:b5:f8:0a:94:31:67:e0:98:
                    4b:25:c0:ad:b7:ef:7d:a1:47:c0:7f:c6:e3:62:b0:
                    60:be:f0:ad:e0:85:f1:f5:f7:88:20:3d:51:8a:6f:
                    6b:84:f9:02:12:ad:2d:e1:ce:c8:f6:c5:7a:56:a0:
                    86:01:ca:2a:5f:8b:0a:9f:87:3a:4b:a3:83:59:9a:
                    44:7e:0b:5d:f5:41:78:d4:2b:9c:55:ca:e4:b9:ce:
                    bc:b2:3a:92:58:25:12:c6:7e:17:12:74:32:8c:c5:
                    f5:4a:d2:00:6f:e9:81:0b:95:49:cd:31:d1:29:be:
                    62:2a:3b:9b:48:77:d4:58:85:2d:8d:f7:3a:56:7d:
                    f0:37:e2:4f:cb:39:86:24:c3:88:54:91:a0:d3:78:
                    82:54:b0:1c:b7:08:66:5a:cc:b8:fd:48:b9:b2:24:
                    11:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:4E:51:00:F2:A9:9F:A7:FD:17:B4:56:6D:24:EB:37:F0:4E:8F:D9
            X509v3 Authority Key Identifier:
                keyid:08:46:92:EC:30:F3:7D:F7:DC:B5:E4:7A:D3:46:AE:BD:EB:71:FC:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:71:58:50:03:48:92:c1:ce:40:12:b2:33:70:d3:57:30:b5:
         30:33:5b:7a:de:48:e5:a2:8d:ba:12:d3:a6:2c:df:28:ab:7b:
         c4:6c:6a:fe:dd:6e:07:b3:e5:67:51:30:9f:8c:30:76:6f:97:
         cc:94:19:a3:22:16:07:da:54:2f:9f:d0:6e:91:05:95:eb:6f:
         8f:96:48:b9:83:39:23:e3:0f:9e:54:bf:bb:f7:1e:51:05:97:
         e6:91:5d:e8:e6:84:10:0a:01:01:11:e6:fe:78:49:a2:f9:a9:
         39:e5:87:6e:f7:a8:d9:89:a9:6d:85:f5:68:00:30:98:58:0a:
         e1:88:a1:72:de:4e:e3:2a:f1:7b:31:53:67:b7:da:29:6f:63:
         de:4c:72:04:07:8d:b7:95:39:52:a5:97:d6:b3:ac:bd:c6:56:
         47:98:e6:18:29:9f:b7:b8:da:c7:86:07:ec:fe:75:0b:ff:cb:
         e7:42:d8:94:dc:ec:c4:2c:9b:48:26:71:b1:e4:cd:d2:cf:f2:
         9e:00:c1:8e:a7:79:a7:fe:b9:35:db:ee:af:4d:57:f8:be:ae:
         dc:03:45:fc:58:0d:3f:4b:ec:a1:f5:ec:01:ec:49:a6:10:11:
         ed:e5:22:ca:f8:6e:da:fe:ad:b6:e7:6f:62:82:0b:8d:75:93:
         03:a4:89:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc48AN+6iE3TlnTB4/tMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDY5MmVjMzBmMzdkZjdkY2I1ZTQ3YWQzNDZhZWJkZWI3
MWZjMzAwHhcNMjUxMTA0MDYwMDEwWhcNMjUxMTA1MDYwMDEwWjAzMTEwLwYDVQQD
EyhlYTRlNTEwMGYyYTk5ZmE3ZmQxN2I0NTY2ZDI0ZWIzN2YwNGU4ZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwkRDYniu5WLRR9kxhs+rDylq+ig
tYL6o6Mk6Kgsg6ezt8yaDKDggC6ieq6XOWBuXldiDyOjESmLDhYlMdSFJfMpdFgR
pfcIkRQG7dbfddJVzm2an0qOR7B3WFzUbc0+tfgKlDFn4JhLJcCtt+99oUfAf8bj
YrBgvvCt4IXx9feIID1Rim9rhPkCEq0t4c7I9sV6VqCGAcoqX4sKn4c6S6ODWZpE
fgtd9UF41CucVcrkuc68sjqSWCUSxn4XEnQyjMX1StIAb+mBC5VJzTHRKb5iKjub
SHfUWIUtjfc6Vn3wN+JPyzmGJMOIVJGg03iCVLActwhmWsy4/Ui5siQR4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOpOUQDyqZ+n/Re0Vm0k6zfwTo/ZMB8GA1UdIwQY
MBaAFAhGkuww83333LXketNGrr3rcfwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8wZmQwMTMtYWI3Zi00NTNjLTkxMjIt
MTEzMzc0YzQ4NzYzLzEvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8wZmQwMTMtYWI3Zi00NTNjLTkxMjItMTEzMzc0YzQ4NzYz
LzEvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT3FYUANI
ksHOQBKyM3DTVzC1MDNbet5I5aKNuhLTpizfKKt7xGxq/t1uB7PlZ1Ewn4wwdm+X
zJQZoyIWB9pUL5/QbpEFletvj5ZIuYM5I+MPnlS/u/ceUQWX5pFd6OaEEAoBARHm
/nhJovmpOeWHbveo2YmpbYX1aAAwmFgK4Yihct5O4yrxezFTZ7faKW9j3kxyBAeN
t5U5UqWX1rOsvcZWR5jmGCmft7jax4YH7P51C//L50LYlNzsxCybSCZxseTN0s/y
ngDBjqd5p/65Ndvur01X+L6u3ANF/FgNP0vsofXsAexJphAR7eUiyvhu2v6ttudv
YoILjXWTA6SJgQ==
-----END CERTIFICATE-----