Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft
File:                     cegLwpz58rQKwwJOD3I126LVelQ.mft (raw, json)
Hash identifier:          98UTArmPQOEvt7KpvSD+fRwAS5aLsvRwAyYL70XYzus=
Subject key identifier:   1C:42:BD:35:90:9D:34:6B:5D:0D:06:71:AF:14:3F:75:24:CB:DA:13
Authority key identifier: 71:E8:0B:C2:9C:F9:F2:B4:0A:C3:02:4E:0F:72:35:DB:A2:D5:7A:54
Certificate issuer:       /CN=71e80bc29cf9f2b40ac3024e0f7235dba2d57a54
Certificate serial:       019D3CE67B234B7EA1A45ED8E468343ECEA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cegLwpz58rQKwwJOD3I126LVelQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft
Manifest number:          07E0
Signing time:             Mon 30 Mar 2026 04:00:30 +0000
Manifest this update:     Mon 30 Mar 2026 04:00:30 +0000
Manifest next update:     Tue 31 Mar 2026 04:00:30 +0000
Files and hashes:         1: cegLwpz58rQKwwJOD3I126LVelQ.crl (hash: s8+w8dwXna17JgTLAdBRZv3GTNpeV1WGBng329OxCyI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cegLwpz58rQKwwJOD3I126LVelQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 31 Mar 2026 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3c:e6:7b:23:4b:7e:a1:a4:5e:d8:e4:68:34:3e:ce:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71e80bc29cf9f2b40ac3024e0f7235dba2d57a54
        Validity
            Not Before: Mar 30 04:00:30 2026 GMT
            Not After : Mar 31 04:00:30 2026 GMT
        Subject: CN=1c42bd35909d346b5d0d0671af143f7524cbda13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:97:74:49:7d:8d:d8:04:05:d1:75:e7:7e:c7:
                    41:1e:c9:10:29:cf:58:0f:43:6c:b9:49:70:d0:ff:
                    b1:59:c8:b6:30:9b:a7:90:c8:29:e1:15:84:25:4a:
                    5c:78:d7:db:66:40:52:a1:4d:c3:97:7c:6d:f9:d9:
                    a1:65:7f:e5:05:e4:01:ec:00:b4:2d:8e:1f:8b:22:
                    56:e6:10:2d:17:14:ce:ad:be:71:3a:73:19:7a:28:
                    fe:ab:2a:e7:81:fa:ce:50:4d:7b:e2:fc:be:96:a9:
                    2e:9c:16:01:a6:6c:20:6d:eb:d2:42:fb:6a:e9:a1:
                    ea:56:2d:99:7b:7a:8c:e8:21:a8:28:9d:b3:de:b2:
                    1a:fd:90:60:36:a6:81:fc:90:4b:5c:14:d9:15:d4:
                    5c:85:bb:01:76:91:0d:5a:ee:46:75:21:c6:9c:80:
                    c9:c1:87:db:67:1b:ad:00:e0:b5:ba:3a:db:50:5b:
                    06:f7:11:82:a5:79:26:ed:c1:8d:30:a2:32:be:d6:
                    54:39:44:91:2b:db:bc:02:e4:4c:72:a3:84:7c:e5:
                    aa:92:14:c3:f2:a7:39:9b:2d:86:86:dd:a7:f3:97:
                    ba:a7:fb:f9:2b:af:02:18:92:da:22:ad:f3:64:f2:
                    3c:b9:2b:06:43:4b:a1:31:9b:b0:17:62:0d:ae:0a:
                    47:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:42:BD:35:90:9D:34:6B:5D:0D:06:71:AF:14:3F:75:24:CB:DA:13
            X509v3 Authority Key Identifier:
                keyid:71:E8:0B:C2:9C:F9:F2:B4:0A:C3:02:4E:0F:72:35:DB:A2:D5:7A:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cegLwpz58rQKwwJOD3I126LVelQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:55:ec:29:fa:89:44:64:78:a1:4c:bc:ba:64:56:4b:08:a5:
         e3:26:f2:9a:5e:ef:84:88:ff:07:6b:f2:8e:e6:db:d8:eb:7c:
         f3:97:81:e3:11:96:ae:e2:52:3a:f6:42:ed:79:d3:21:28:00:
         ed:f1:5b:cf:d6:2e:aa:e5:2e:d3:23:1b:ca:0c:d6:ff:93:1a:
         9a:2c:96:39:3c:57:f3:61:9b:ac:be:ea:58:f0:c0:7e:b5:dc:
         97:7d:b4:58:dc:ee:10:f4:87:9a:66:1b:7c:22:65:08:b0:76:
         94:74:51:55:6c:db:a4:2f:e3:5f:55:bb:87:9f:93:83:d3:bc:
         27:fe:f7:36:79:a5:17:95:51:1a:77:28:a1:f7:1f:21:2d:76:
         38:97:69:4f:4c:78:2e:64:48:16:5b:83:5a:f7:12:d7:f2:7f:
         09:ba:6c:00:43:bf:f2:be:b7:4a:0e:af:f0:e3:b0:36:f2:cc:
         c3:2d:69:d9:7a:25:ab:c1:0c:72:2e:8c:42:0b:db:8a:e5:57:
         28:19:2c:af:cd:e1:90:f6:38:01:07:e4:a8:7b:d6:58:2c:5a:
         ac:2c:77:55:d6:66:6a:09:b5:bd:18:c0:e5:0c:22:46:97:a9:
         fa:4e:e1:52:ae:b4:d0:97:c9:ae:cb:6e:71:75:a8:19:37:d7:
         9c:66:28:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ085nsjS36hpF7Y5Gg0Ps6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZTgwYmMyOWNmOWYyYjQwYWMzMDI0ZTBmNzIzNWRiYTJk
NTdhNTQwHhcNMjYwMzMwMDQwMDMwWhcNMjYwMzMxMDQwMDMwWjAzMTEwLwYDVQQD
EygxYzQyYmQzNTkwOWQzNDZiNWQwZDA2NzFhZjE0M2Y3NTI0Y2JkYTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5d0SX2N2AQF0XXnfsdBHskQKc9Y
D0NsuUlw0P+xWci2MJunkMgp4RWEJUpceNfbZkBSoU3Dl3xt+dmhZX/lBeQB7AC0
LY4fiyJW5hAtFxTOrb5xOnMZeij+qyrngfrOUE174vy+lqkunBYBpmwgbevSQvtq
6aHqVi2Ze3qM6CGoKJ2z3rIa/ZBgNqaB/JBLXBTZFdRchbsBdpENWu5GdSHGnIDJ
wYfbZxutAOC1ujrbUFsG9xGCpXkm7cGNMKIyvtZUOUSRK9u8AuRMcqOEfOWqkhTD
8qc5my2Ght2n85e6p/v5K68CGJLaIq3zZPI8uSsGQ0uhMZuwF2INrgpH7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxCvTWQnTRrXQ0Gca8UP3Uky9oTMB8GA1UdIwQY
MBaAFHHoC8Kc+fK0CsMCTg9yNdui1XpUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2VnTHdwejU4clFLd3dKT0QzSTEyNkxWZWxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mNTAzNTMtZjRlOC00ZjYwLWFlMTYt
NzI0NzMwNGZiMTVmLzEvY2VnTHdwejU4clFLd3dKT0QzSTEyNkxWZWxRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mNTAzNTMtZjRlOC00ZjYwLWFlMTYtNzI0NzMwNGZiMTVm
LzEvY2VnTHdwejU4clFLd3dKT0QzSTEyNkxWZWxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK1XsKfqJ
RGR4oUy8umRWSwil4ybyml7vhIj/B2vyjubb2Ot885eB4xGWruJSOvZC7XnTISgA
7fFbz9YuquUu0yMbygzW/5MamiyWOTxX82GbrL7qWPDAfrXcl320WNzuEPSHmmYb
fCJlCLB2lHRRVWzbpC/jX1W7h5+Tg9O8J/73NnmlF5VRGncoofcfIS12OJdpT0x4
LmRIFluDWvcS1/J/CbpsAEO/8r63Sg6v8OOwNvLMwy1p2Xolq8EMci6MQgvbiuVX
KBksr83hkPY4AQfkqHvWWCxarCx3VdZmagm1vRjA5QwiRpep+k7hUq600JfJrstu
cXWoGTfXnGYouQ==
-----END CERTIFICATE-----