Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft
File:                     cegLwpz58rQKwwJOD3I126LVelQ.mft (raw, json)
Hash identifier:          wYuJNlBEojhXUJpiKEXv09zGYTPkikyWNHL6tWo8OCI=
Subject key identifier:   39:FE:F0:6F:16:EB:A6:DB:A9:9B:78:C3:D7:34:13:04:44:DF:A8:BA
Authority key identifier: 71:E8:0B:C2:9C:F9:F2:B4:0A:C3:02:4E:0F:72:35:DB:A2:D5:7A:54
Certificate issuer:       /CN=71e80bc29cf9f2b40ac3024e0f7235dba2d57a54
Certificate serial:       019A725C579ADF0611B16FF6C14784822495
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cegLwpz58rQKwwJOD3I126LVelQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft
Manifest number:          066E
Signing time:             Tue 11 Nov 2025 10:00:45 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:45 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:45 +0000
Files and hashes:         1: cegLwpz58rQKwwJOD3I126LVelQ.crl (hash: IyDzBg+9foWzZNxavGVfQylQiOrMplkPDP2FWQVtBbM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cegLwpz58rQKwwJOD3I126LVelQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:57:9a:df:06:11:b1:6f:f6:c1:47:84:82:24:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71e80bc29cf9f2b40ac3024e0f7235dba2d57a54
        Validity
            Not Before: Nov 11 10:00:45 2025 GMT
            Not After : Nov 12 10:00:45 2025 GMT
        Subject: CN=39fef06f16eba6dba99b78c3d734130444dfa8ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:d8:b4:11:db:e4:09:af:e0:d8:c7:c7:c6:38:
                    bf:b2:6c:5d:99:72:87:b6:a5:16:3b:c6:3c:12:21:
                    38:ce:f4:aa:12:2d:a7:e0:53:2b:85:16:6b:24:48:
                    d0:98:c2:90:2b:56:a1:1d:94:55:1c:f3:52:24:95:
                    98:0d:6d:44:29:ad:30:18:27:08:4a:85:61:c2:36:
                    3d:80:1b:3e:11:9b:ef:e7:0c:c0:04:2d:51:47:5c:
                    3d:8a:6f:06:66:5c:9f:06:88:dc:09:c6:83:90:50:
                    a0:27:ba:ab:f8:3d:16:a1:b9:4f:04:1d:31:6e:d1:
                    f8:11:79:20:a1:5a:05:ae:f1:df:17:a4:43:fb:17:
                    82:07:2a:dc:c6:ba:48:1a:f9:33:f9:09:fa:44:64:
                    cb:45:39:99:77:f6:0c:ed:81:22:79:f7:53:f1:8d:
                    02:64:ec:d3:46:17:0a:16:6e:a0:7c:dc:3d:ac:c0:
                    49:79:9a:7f:4b:59:79:39:85:5b:13:a3:71:c1:40:
                    f9:a2:08:53:d0:70:5d:80:7d:76:56:ef:16:76:96:
                    06:11:e6:eb:dc:c8:c6:0e:27:08:23:2e:02:c2:ea:
                    81:80:d9:9d:e1:8f:44:ea:99:85:e4:f1:48:da:b3:
                    ad:3b:66:50:21:c9:41:db:18:26:aa:49:e7:c5:78:
                    25:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:FE:F0:6F:16:EB:A6:DB:A9:9B:78:C3:D7:34:13:04:44:DF:A8:BA
            X509v3 Authority Key Identifier:
                keyid:71:E8:0B:C2:9C:F9:F2:B4:0A:C3:02:4E:0F:72:35:DB:A2:D5:7A:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cegLwpz58rQKwwJOD3I126LVelQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:38:b0:1d:b5:e5:95:56:86:ea:90:da:62:59:10:94:94:fd:
         1b:81:ee:6b:1f:75:87:95:f8:90:87:f2:2e:05:37:07:4c:e2:
         0a:da:66:55:38:3e:00:01:e3:08:a1:f4:c4:ed:ee:6b:8f:f8:
         b8:70:17:b9:ec:30:3a:1f:26:16:f6:c7:c3:ce:72:10:19:da:
         9a:76:0f:bf:a2:e6:ad:ef:d8:dd:e5:95:26:d2:ea:64:5f:19:
         bc:c1:47:bb:63:44:4f:8d:a2:6b:4a:5d:9f:0e:df:e6:90:30:
         f8:77:7e:53:15:c5:c2:1e:fb:80:81:8e:11:e9:35:4e:52:d2:
         bd:c0:35:58:cc:4d:5b:25:b8:d2:ce:68:67:72:8d:15:56:01:
         a1:39:af:4c:c0:fd:3f:4d:68:50:21:d1:4e:ee:6c:25:ff:1b:
         70:7a:e0:da:0c:68:7c:46:d4:49:72:a2:d7:d8:11:2a:1b:e6:
         be:e8:90:f0:ab:f4:22:3a:31:63:d0:de:f9:9d:94:8c:d5:c9:
         fd:20:8f:37:9a:5a:4c:9b:aa:59:e9:40:0c:e2:ce:b0:c0:00:
         d7:e1:9c:ec:b1:6a:d2:15:0f:2e:10:d6:ad:4e:45:7d:e3:30:
         f4:cd:a4:3d:f7:9d:98:6d:74:77:12:44:4b:12:52:1f:82:76:
         76:1a:49:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXFea3wYRsW/2wUeEgiSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZTgwYmMyOWNmOWYyYjQwYWMzMDI0ZTBmNzIzNWRiYTJk
NTdhNTQwHhcNMjUxMTExMTAwMDQ1WhcNMjUxMTEyMTAwMDQ1WjAzMTEwLwYDVQQD
EygzOWZlZjA2ZjE2ZWJhNmRiYTk5Yjc4YzNkNzM0MTMwNDQ0ZGZhOGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Ni0EdvkCa/g2MfHxji/smxdmXKH
tqUWO8Y8EiE4zvSqEi2n4FMrhRZrJEjQmMKQK1ahHZRVHPNSJJWYDW1EKa0wGCcI
SoVhwjY9gBs+EZvv5wzABC1RR1w9im8GZlyfBojcCcaDkFCgJ7qr+D0WoblPBB0x
btH4EXkgoVoFrvHfF6RD+xeCByrcxrpIGvkz+Qn6RGTLRTmZd/YM7YEiefdT8Y0C
ZOzTRhcKFm6gfNw9rMBJeZp/S1l5OYVbE6NxwUD5oghT0HBdgH12Vu8WdpYGEebr
3MjGDicIIy4CwuqBgNmd4Y9E6pmF5PFI2rOtO2ZQIclB2xgmqknnxXglYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDn+8G8W66bbqZt4w9c0EwRE36i6MB8GA1UdIwQY
MBaAFHHoC8Kc+fK0CsMCTg9yNdui1XpUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2VnTHdwejU4clFLd3dKT0QzSTEyNkxWZWxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mNTAzNTMtZjRlOC00ZjYwLWFlMTYt
NzI0NzMwNGZiMTVmLzEvY2VnTHdwejU4clFLd3dKT0QzSTEyNkxWZWxRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mNTAzNTMtZjRlOC00ZjYwLWFlMTYtNzI0NzMwNGZiMTVm
LzEvY2VnTHdwejU4clFLd3dKT0QzSTEyNkxWZWxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArTiwHbXl
lVaG6pDaYlkQlJT9G4Huax91h5X4kIfyLgU3B0ziCtpmVTg+AAHjCKH0xO3ua4/4
uHAXuewwOh8mFvbHw85yEBnamnYPv6Lmre/Y3eWVJtLqZF8ZvMFHu2NET42ia0pd
nw7f5pAw+Hd+UxXFwh77gIGOEek1TlLSvcA1WMxNWyW40s5oZ3KNFVYBoTmvTMD9
P01oUCHRTu5sJf8bcHrg2gxofEbUSXKi19gRKhvmvuiQ8Kv0IjoxY9De+Z2UjNXJ
/SCPN5paTJuqWelADOLOsMAA1+Gc7LFq0hUPLhDWrU5FfeMw9M2kPfedmG10dxJE
SxJSH4J2dhpJ2Q==
-----END CERTIFICATE-----