Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
File:                     GhREUllzKqZzbCSCNEZZR_wjdNA.mft (raw, json)
Hash identifier:          XpOp1+rpC13CnwcHb5OrHjxxsPG2jR+xxAs627Jfv6s=
Subject key identifier:   8E:EA:A9:8F:85:93:6C:33:F5:F1:04:96:EB:7C:E9:E3:1B:75:A3:D4
Authority key identifier: 1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0
Certificate issuer:       /CN=1a14445259732aa6736c248234465947fc2374d0
Certificate serial:       019A4EF55B5F3661B14EC070EC821E080E19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
Manifest number:          0D89
Signing time:             Tue 04 Nov 2025 13:01:33 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:33 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:33 +0000
Files and hashes:         1: GhREUllzKqZzbCSCNEZZR_wjdNA.crl (hash: uINlpjYmQkdK/kXGbrFmWVYNav4PORcanNSRETdyFZI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:5b:5f:36:61:b1:4e:c0:70:ec:82:1e:08:0e:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a14445259732aa6736c248234465947fc2374d0
        Validity
            Not Before: Nov  4 13:01:33 2025 GMT
            Not After : Nov  5 13:01:33 2025 GMT
        Subject: CN=8eeaa98f85936c33f5f10496eb7ce9e31b75a3d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:46:e9:95:0d:48:9d:c5:82:94:36:b2:ff:44:
                    8a:1e:34:ba:30:20:ba:8c:ac:20:fa:21:a9:5c:75:
                    1b:c8:d8:ee:81:03:87:ae:bc:56:4b:38:42:c9:48:
                    dd:23:8c:87:f6:b4:b8:a2:57:c3:71:d0:f6:5f:08:
                    c3:73:35:f7:ff:90:88:d8:66:a4:f2:7b:9f:f2:c7:
                    d7:96:52:ed:09:1c:71:41:b5:65:76:48:6b:ef:09:
                    27:df:35:78:ed:f9:7e:ad:3b:b9:3e:33:f3:3b:2b:
                    4f:78:0a:4c:0a:3a:16:5a:53:44:5b:fd:83:aa:32:
                    fd:35:18:c2:74:c3:a6:70:5d:aa:92:39:67:4a:ae:
                    22:89:9c:60:24:5b:e3:26:8a:d9:b0:49:04:c0:be:
                    05:bb:52:1b:ea:26:3b:f3:f8:82:04:87:04:cc:61:
                    a6:88:52:32:0a:26:5c:4b:84:4a:16:04:52:40:fd:
                    d3:9c:fd:e2:f8:5c:04:88:c9:af:0f:e6:53:e4:4b:
                    18:9d:75:a8:64:08:e4:04:ad:1d:d5:5d:25:70:17:
                    c9:15:98:31:7c:27:03:9a:a5:02:3e:8d:cb:da:5f:
                    c3:08:9b:16:51:d9:e5:92:c2:41:6c:fd:49:3f:45:
                    dd:98:b4:36:23:49:ed:f1:45:0f:88:c9:de:27:90:
                    b5:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:EA:A9:8F:85:93:6C:33:F5:F1:04:96:EB:7C:E9:E3:1B:75:A3:D4
            X509v3 Authority Key Identifier:
                keyid:1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:cf:7e:af:33:cf:ca:78:ca:cd:22:ce:03:a5:4f:9b:28:3b:
         b4:0d:c3:20:af:6c:79:52:19:b4:22:63:70:c8:b2:d9:99:35:
         8d:cd:ee:55:3b:8a:ba:19:5a:d4:c3:7c:02:4b:a2:4e:51:be:
         d6:f1:ca:55:85:e5:57:40:99:ad:5c:7e:8a:25:7c:98:be:29:
         53:78:18:d2:0a:22:a2:13:97:27:2c:09:18:27:21:d2:84:ee:
         2a:0e:8e:ba:4a:b1:79:0d:2a:6d:f1:6a:e5:df:6b:c6:23:03:
         bc:5d:63:ac:5f:51:0e:39:3d:07:73:9f:80:68:95:27:87:1f:
         f4:96:b2:9d:32:83:34:89:68:8e:94:53:2c:f8:6d:a4:3d:6d:
         5b:52:ec:d3:27:76:99:53:ea:6b:9a:60:2b:f7:6c:cb:3f:04:
         88:8d:86:08:cb:43:62:a4:a3:d1:79:2b:80:8b:e1:41:45:f2:
         10:b5:12:b9:7d:4e:1d:91:1d:e1:8f:70:6a:de:c5:bb:9c:0c:
         6a:ac:cf:5c:4b:cf:9d:3d:f7:e9:72:42:c7:b4:00:56:18:f4:
         f4:ed:a9:48:d3:d0:16:6b:29:18:04:a3:23:d5:9d:c3:d1:99:
         ab:c1:7b:2d:11:f2:14:21:0a:6c:38:8f:62:17:a2:5f:15:ab:
         1a:46:f3:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9VtfNmGxTsBw7IIeCA4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTQ0NDUyNTk3MzJhYTY3MzZjMjQ4MjM0NDY1OTQ3ZmMy
Mzc0ZDAwHhcNMjUxMTA0MTMwMTMzWhcNMjUxMTA1MTMwMTMzWjAzMTEwLwYDVQQD
Eyg4ZWVhYTk4Zjg1OTM2YzMzZjVmMTA0OTZlYjdjZTllMzFiNzVhM2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0bplQ1IncWClDay/0SKHjS6MCC6
jKwg+iGpXHUbyNjugQOHrrxWSzhCyUjdI4yH9rS4olfDcdD2XwjDczX3/5CI2Gak
8nuf8sfXllLtCRxxQbVldkhr7wkn3zV47fl+rTu5PjPzOytPeApMCjoWWlNEW/2D
qjL9NRjCdMOmcF2qkjlnSq4iiZxgJFvjJorZsEkEwL4Fu1Ib6iY78/iCBIcEzGGm
iFIyCiZcS4RKFgRSQP3TnP3i+FwEiMmvD+ZT5EsYnXWoZAjkBK0d1V0lcBfJFZgx
fCcDmqUCPo3L2l/DCJsWUdnlksJBbP1JP0XdmLQ2I0nt8UUPiMneJ5C1bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7qqY+Fk2wz9fEElut86eMbdaPUMB8GA1UdIwQY
MBaAFBoURFJZcyqmc2wkgjRGWUf8I3TQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMt
MzgxZjIzZjE4M2Q3LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMtMzgxZjIzZjE4M2Q3
LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUc9+rzPP
ynjKzSLOA6VPmyg7tA3DIK9seVIZtCJjcMiy2Zk1jc3uVTuKuhla1MN8AkuiTlG+
1vHKVYXlV0CZrVx+iiV8mL4pU3gY0goiohOXJywJGCch0oTuKg6OukqxeQ0qbfFq
5d9rxiMDvF1jrF9RDjk9B3OfgGiVJ4cf9JaynTKDNIlojpRTLPhtpD1tW1Ls0yd2
mVPqa5pgK/dsyz8EiI2GCMtDYqSj0XkrgIvhQUXyELUSuX1OHZEd4Y9wat7Fu5wM
aqzPXEvPnT336XJCx7QAVhj09O2pSNPQFmspGASjI9Wdw9GZq8F7LRHyFCEKbDiP
YheiXxWrGkbzgA==
-----END CERTIFICATE-----