Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
File:                     GhREUllzKqZzbCSCNEZZR_wjdNA.mft (raw, json)
Hash identifier:          5IHTSOj5QEEbOTg7V5MQzR1r0dWV0q3hsBmVv3wDITI=
Subject key identifier:   D7:50:37:B1:E0:63:79:DB:FB:78:2F:CC:77:71:E3:F0:23:33:D9:15
Authority key identifier: 1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0
Certificate issuer:       /CN=1a14445259732aa6736c248234465947fc2374d0
Certificate serial:       019D98F4DB021B252A1BA6EC0859E611335A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
Manifest number:          0F3D
Signing time:             Fri 17 Apr 2026 01:01:16 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:16 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:16 +0000
Files and hashes:         1: GhREUllzKqZzbCSCNEZZR_wjdNA.crl (hash: loQCTIZqsDRPpXAhWUWuHFXUA/OGIWX0dBBWUU+6SKk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:db:02:1b:25:2a:1b:a6:ec:08:59:e6:11:33:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a14445259732aa6736c248234465947fc2374d0
        Validity
            Not Before: Apr 17 01:01:16 2026 GMT
            Not After : Apr 18 01:01:16 2026 GMT
        Subject: CN=d75037b1e06379dbfb782fcc7771e3f02333d915
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:d2:ad:cf:f7:46:e4:0a:bd:98:19:e3:d1:24:
                    f9:a4:f0:9b:a9:35:4c:a0:27:9a:8f:02:58:53:e7:
                    b2:f6:db:98:78:27:51:30:b0:25:0f:f1:47:f4:b5:
                    53:12:3b:bb:19:76:25:d7:c5:38:d6:4e:f8:00:a8:
                    20:ac:19:a0:44:df:d1:d4:1b:8a:8e:f6:b2:66:8a:
                    c8:67:1c:ff:37:e9:be:f8:9f:98:b3:3d:3e:6a:d4:
                    3a:2d:97:86:39:68:28:72:90:fd:00:b7:14:b4:f9:
                    2a:e4:c3:88:0b:25:c4:15:88:ce:5e:42:3a:62:7a:
                    8c:ec:14:d9:fd:20:f5:2a:28:86:02:7c:48:ee:96:
                    7b:55:c8:96:07:0c:21:06:31:28:d1:85:34:e1:56:
                    0a:f3:07:91:fa:f4:a8:7f:3a:49:8c:10:55:b0:37:
                    f8:63:c7:25:ed:bd:45:46:78:18:74:8c:e0:a4:72:
                    48:19:dd:f9:26:4b:8a:da:28:00:6b:f9:90:2a:8b:
                    0d:61:88:41:3f:4d:aa:46:1e:1a:8e:6e:19:01:ac:
                    2e:3b:40:fd:e0:f6:8a:2a:de:ac:1a:61:a5:57:19:
                    f2:b4:7d:8c:26:7d:73:9e:d0:18:bf:58:c0:41:1a:
                    0d:b3:0a:1d:91:23:02:21:02:51:ff:7b:84:ca:d6:
                    2c:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:50:37:B1:E0:63:79:DB:FB:78:2F:CC:77:71:E3:F0:23:33:D9:15
            X509v3 Authority Key Identifier:
                keyid:1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:78:6d:e3:ce:21:10:a9:f5:e2:54:24:47:54:88:29:9d:37:
         3b:b3:2e:2d:01:49:74:41:f8:ba:0c:71:14:ab:bf:b8:4a:43:
         79:a1:a4:1b:37:c6:00:10:02:7e:96:e9:fd:9b:fa:af:48:a3:
         87:28:9d:b5:3f:b5:50:0a:8d:d1:6f:0d:25:21:79:38:0f:3d:
         ba:fa:d7:14:17:0d:b4:9e:2d:66:fe:30:f0:1f:f5:76:77:69:
         63:27:fe:46:59:ac:a6:8c:6b:4c:0f:82:66:d3:55:52:34:40:
         8f:e5:3e:36:e3:f7:52:e3:1f:d2:64:c7:2f:c6:08:ad:3c:37:
         71:8c:58:b5:63:31:f1:11:ba:50:8a:e2:e2:83:1e:2d:f8:19:
         ef:4e:b1:a3:56:25:fe:29:a8:2d:d0:b6:19:ef:22:d7:42:84:
         ad:0c:61:4d:50:42:0f:13:9c:2d:0b:a4:dd:b4:92:c2:b9:56:
         37:4a:52:b3:07:2a:7e:f2:30:fd:14:bb:ee:3a:1e:9d:6e:73:
         6f:15:00:35:4d:1b:2f:19:ee:14:28:fd:a0:68:d1:c1:97:08:
         ce:b3:e3:88:8b:2f:5d:45:a4:d9:15:3c:54:51:bc:06:eb:7f:
         c1:ae:7b:48:33:20:ee:53:26:d3:68:dd:1d:88:69:c7:fe:2d:
         fa:07:12:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9NsCGyUqG6bsCFnmETNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTQ0NDUyNTk3MzJhYTY3MzZjMjQ4MjM0NDY1OTQ3ZmMy
Mzc0ZDAwHhcNMjYwNDE3MDEwMTE2WhcNMjYwNDE4MDEwMTE2WjAzMTEwLwYDVQQD
EyhkNzUwMzdiMWUwNjM3OWRiZmI3ODJmY2M3NzcxZTNmMDIzMzNkOTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNKtz/dG5Aq9mBnj0ST5pPCbqTVM
oCeajwJYU+ey9tuYeCdRMLAlD/FH9LVTEju7GXYl18U41k74AKggrBmgRN/R1BuK
jvayZorIZxz/N+m++J+Ysz0+atQ6LZeGOWgocpD9ALcUtPkq5MOICyXEFYjOXkI6
YnqM7BTZ/SD1KiiGAnxI7pZ7VciWBwwhBjEo0YU04VYK8weR+vSofzpJjBBVsDf4
Y8cl7b1FRngYdIzgpHJIGd35JkuK2igAa/mQKosNYYhBP02qRh4ajm4ZAawuO0D9
4PaKKt6sGmGlVxnytH2MJn1zntAYv1jAQRoNswodkSMCIQJR/3uEytYsBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNdQN7HgY3nb+3gvzHdx4/AjM9kVMB8GA1UdIwQY
MBaAFBoURFJZcyqmc2wkgjRGWUf8I3TQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMt
MzgxZjIzZjE4M2Q3LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMtMzgxZjIzZjE4M2Q3
LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJXht484h
EKn14lQkR1SIKZ03O7MuLQFJdEH4ugxxFKu/uEpDeaGkGzfGABACfpbp/Zv6r0ij
hyidtT+1UAqN0W8NJSF5OA89uvrXFBcNtJ4tZv4w8B/1dndpYyf+RlmspoxrTA+C
ZtNVUjRAj+U+NuP3UuMf0mTHL8YIrTw3cYxYtWMx8RG6UIri4oMeLfgZ706xo1Yl
/imoLdC2Ge8i10KErQxhTVBCDxOcLQuk3bSSwrlWN0pSswcqfvIw/RS77joenW5z
bxUANU0bLxnuFCj9oGjRwZcIzrPjiIsvXUWk2RU8VFG8But/wa57SDMg7lMm02jd
HYhpx/4t+gcS6g==
-----END CERTIFICATE-----