Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft
File:                     cegLwpz58rQKwwJOD3I126LVelQ.mft (raw, json)
Hash identifier:          jM01E320OeDJxOFUjuqJOhuwqxfPcR80mJ1V2famyCs=
Subject key identifier:   40:DC:74:89:3B:02:1F:4A:4F:3A:88:AD:FE:69:9C:A5:79:8F:CF:10
Authority key identifier: 71:E8:0B:C2:9C:F9:F2:B4:0A:C3:02:4E:0F:72:35:DB:A2:D5:7A:54
Certificate issuer:       /CN=71e80bc29cf9f2b40ac3024e0f7235dba2d57a54
Certificate serial:       019D371B526D18AB99850DF70732410FCD7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cegLwpz58rQKwwJOD3I126LVelQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft
Manifest number:          07DD
Signing time:             Sun 29 Mar 2026 01:00:30 +0000
Manifest this update:     Sun 29 Mar 2026 01:00:30 +0000
Manifest next update:     Mon 30 Mar 2026 01:00:30 +0000
Files and hashes:         1: cegLwpz58rQKwwJOD3I126LVelQ.crl (hash: nJieFIjn/NBZw+HMItZH+yMTm7MMm4w2c9iatKVBqUo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cegLwpz58rQKwwJOD3I126LVelQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:52:6d:18:ab:99:85:0d:f7:07:32:41:0f:cd:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71e80bc29cf9f2b40ac3024e0f7235dba2d57a54
        Validity
            Not Before: Mar 29 01:00:30 2026 GMT
            Not After : Mar 30 01:00:30 2026 GMT
        Subject: CN=40dc74893b021f4a4f3a88adfe699ca5798fcf10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c1:cd:ed:89:be:ad:74:9a:ae:86:82:57:36:
                    9b:f8:85:4d:73:9b:b4:68:0d:16:0f:2a:23:52:7b:
                    53:46:a8:c9:c5:01:de:43:4f:db:f5:7d:3e:73:8b:
                    36:e1:8c:aa:c6:ca:fd:5d:96:74:c0:48:f8:52:c2:
                    a7:4a:4f:01:eb:91:d4:0b:0a:50:47:c9:ba:3a:5a:
                    76:98:cd:4b:42:bd:2c:8d:f8:fa:16:ec:a0:cb:f1:
                    0d:cf:ed:ec:e4:af:c2:8c:46:dc:12:ab:01:65:ed:
                    c1:14:72:86:ad:34:5e:4d:77:5a:09:d9:7a:ed:56:
                    65:e8:ca:44:94:a1:4e:1c:98:4a:f8:9a:5b:79:b5:
                    71:25:c5:03:6d:b1:62:a7:42:90:7b:54:80:63:5e:
                    4b:82:6b:09:31:a0:47:32:6a:02:46:7d:96:67:f4:
                    1a:63:88:8f:cd:7d:41:08:0f:50:ae:4a:9a:dd:55:
                    b8:24:36:52:fc:b2:04:b7:23:25:25:e6:af:6b:51:
                    a4:ea:77:dc:dd:5d:ab:cd:68:5b:7c:ae:fc:5c:b0:
                    81:8f:a7:4d:5f:55:e8:b6:55:c6:50:95:d0:3f:60:
                    ea:de:57:21:5f:d5:84:90:f8:f8:26:fa:12:69:d3:
                    77:c5:8b:ca:f1:38:a3:41:f0:86:f9:91:ce:82:bd:
                    b2:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:DC:74:89:3B:02:1F:4A:4F:3A:88:AD:FE:69:9C:A5:79:8F:CF:10
            X509v3 Authority Key Identifier:
                keyid:71:E8:0B:C2:9C:F9:F2:B4:0A:C3:02:4E:0F:72:35:DB:A2:D5:7A:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cegLwpz58rQKwwJOD3I126LVelQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:ae:a2:91:9d:18:e7:4e:38:9a:c3:71:2d:d6:13:4f:01:54:
         38:d0:e6:69:88:e5:61:94:cd:43:c0:03:a2:37:d8:cb:01:02:
         75:e2:fe:a4:1a:e2:41:fa:c2:bf:fa:bf:e1:0b:a1:b8:33:ba:
         16:90:31:2e:aa:36:a7:f5:5e:f4:92:30:2b:71:58:3f:9a:96:
         e4:f5:e3:92:24:aa:13:e6:b6:db:05:4d:bf:63:59:03:44:95:
         a6:67:ca:63:20:02:c8:86:63:fb:5b:02:69:00:bf:eb:ed:7c:
         21:c6:ee:7f:aa:ef:02:0f:6e:b1:ef:47:8d:f4:e1:90:f0:fc:
         5f:de:d5:ea:05:c1:f8:e5:1f:30:1b:87:41:77:ae:2e:a4:6a:
         56:8f:0a:f7:0d:50:68:ce:24:8e:a3:01:43:50:75:8b:9d:f6:
         c5:cb:36:23:61:bd:ac:3d:aa:d9:e6:22:76:2c:81:41:3d:6f:
         67:66:b9:88:bf:0d:11:6e:15:8f:a5:28:12:9d:a2:93:98:75:
         9f:36:34:7b:9b:91:8b:cd:ea:c0:1e:3b:18:ee:53:80:23:ac:
         67:d1:8d:bd:81:1a:21:68:d6:b2:c8:03:14:eb:3c:e7:9f:af:
         5c:b8:9d:e3:25:55:30:c6:0e:a7:0e:56:1b:2b:ca:55:71:27:
         02:36:24:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G1JtGKuZhQ33BzJBD818MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZTgwYmMyOWNmOWYyYjQwYWMzMDI0ZTBmNzIzNWRiYTJk
NTdhNTQwHhcNMjYwMzI5MDEwMDMwWhcNMjYwMzMwMDEwMDMwWjAzMTEwLwYDVQQD
Eyg0MGRjNzQ4OTNiMDIxZjRhNGYzYTg4YWRmZTY5OWNhNTc5OGZjZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsHN7Ym+rXSaroaCVzab+IVNc5u0
aA0WDyojUntTRqjJxQHeQ0/b9X0+c4s24Yyqxsr9XZZ0wEj4UsKnSk8B65HUCwpQ
R8m6Olp2mM1LQr0sjfj6Fuygy/ENz+3s5K/CjEbcEqsBZe3BFHKGrTReTXdaCdl6
7VZl6MpElKFOHJhK+JpbebVxJcUDbbFip0KQe1SAY15LgmsJMaBHMmoCRn2WZ/Qa
Y4iPzX1BCA9Qrkqa3VW4JDZS/LIEtyMlJeava1Gk6nfc3V2rzWhbfK78XLCBj6dN
X1XotlXGUJXQP2Dq3lchX9WEkPj4JvoSadN3xYvK8TijQfCG+ZHOgr2yjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDcdIk7Ah9KTzqIrf5pnKV5j88QMB8GA1UdIwQY
MBaAFHHoC8Kc+fK0CsMCTg9yNdui1XpUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2VnTHdwejU4clFLd3dKT0QzSTEyNkxWZWxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mNTAzNTMtZjRlOC00ZjYwLWFlMTYt
NzI0NzMwNGZiMTVmLzEvY2VnTHdwejU4clFLd3dKT0QzSTEyNkxWZWxRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mNTAzNTMtZjRlOC00ZjYwLWFlMTYtNzI0NzMwNGZiMTVm
LzEvY2VnTHdwejU4clFLd3dKT0QzSTEyNkxWZWxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ66ikZ0Y
5044msNxLdYTTwFUONDmaYjlYZTNQ8ADojfYywECdeL+pBriQfrCv/q/4QuhuDO6
FpAxLqo2p/Ve9JIwK3FYP5qW5PXjkiSqE+a22wVNv2NZA0SVpmfKYyACyIZj+1sC
aQC/6+18Icbuf6rvAg9use9HjfThkPD8X97V6gXB+OUfMBuHQXeuLqRqVo8K9w1Q
aM4kjqMBQ1B1i532xcs2I2G9rD2q2eYidiyBQT1vZ2a5iL8NEW4Vj6UoEp2ik5h1
nzY0e5uRi83qwB47GO5TgCOsZ9GNvYEaIWjWssgDFOs855+vXLid4yVVMMYOpw5W
GyvKVXEnAjYk/Q==
-----END CERTIFICATE-----