Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
File:                     GhREUllzKqZzbCSCNEZZR_wjdNA.mft (raw, json)
Hash identifier:          ZwlsuTza2QUaQi0LzB8U12Zzb0ClSYChpPmTFkwRKIc=
Subject key identifier:   63:62:81:AB:FC:58:B9:5C:6F:FC:EE:A4:A1:74:F6:69:4D:2F:4F:DC
Authority key identifier: 1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0
Certificate issuer:       /CN=1a14445259732aa6736c248234465947fc2374d0
Certificate serial:       019CAD59F529F8D9E89DBE6E5822746C0531
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
Manifest number:          0EC3
Signing time:             Mon 02 Mar 2026 07:01:19 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:19 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:19 +0000
Files and hashes:         1: GhREUllzKqZzbCSCNEZZR_wjdNA.crl (hash: M0id8Rslr0g5cLGncaWxXKXQByVG7MwnLKbYmqfKr0k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:f5:29:f8:d9:e8:9d:be:6e:58:22:74:6c:05:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a14445259732aa6736c248234465947fc2374d0
        Validity
            Not Before: Mar  2 07:01:19 2026 GMT
            Not After : Mar  3 07:01:19 2026 GMT
        Subject: CN=636281abfc58b95c6ffceea4a174f6694d2f4fdc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:4b:21:2d:57:5f:ba:ef:57:23:4d:b0:a6:de:
                    9b:eb:1f:42:52:1d:ea:08:ae:91:9d:00:dd:d9:a3:
                    a9:f1:58:0c:ca:05:d8:2e:0e:a1:a8:24:83:b6:70:
                    50:0f:a6:4e:d8:ef:a7:bf:e5:5b:7f:ca:a3:bc:2e:
                    d8:25:fc:5b:d7:07:4c:00:55:7f:c5:27:96:b1:6b:
                    16:5b:96:f5:e9:f3:dd:b1:2e:d4:e5:d4:cb:54:5a:
                    65:6a:56:ae:33:53:bf:ed:81:18:b2:34:64:ef:71:
                    24:84:4c:14:6e:f0:cd:d4:0e:6c:36:3c:27:3b:41:
                    1e:c7:ba:a7:f7:d7:cb:20:32:80:3e:2f:8a:93:a9:
                    31:76:c5:d9:22:b3:be:d2:e4:07:cc:aa:19:80:0b:
                    af:0e:4c:6d:82:e2:d3:f7:25:55:63:e9:ca:8a:05:
                    61:cf:a4:2e:97:7d:a4:4d:cb:c7:af:08:6c:5d:d2:
                    19:7a:67:71:8d:aa:7c:49:80:c9:d0:f0:46:8d:08:
                    a2:1c:af:c5:a5:ee:f5:bc:dd:41:fd:9d:f5:a5:8e:
                    75:63:ca:b2:19:a9:cd:96:44:9b:35:c8:3c:bb:3a:
                    1b:c1:8b:76:54:ee:a4:df:9a:0c:bf:58:c5:16:3b:
                    11:c6:6a:d1:1e:fe:ec:25:82:d0:30:af:78:69:de:
                    58:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:62:81:AB:FC:58:B9:5C:6F:FC:EE:A4:A1:74:F6:69:4D:2F:4F:DC
            X509v3 Authority Key Identifier:
                keyid:1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:9e:64:05:19:f2:7c:07:c4:38:28:43:f6:4e:64:b4:2b:ce:
         6f:2a:e5:f7:ab:ab:2b:34:f9:e7:3b:04:fc:57:f6:42:f7:ed:
         5b:c2:e8:8b:b4:ab:2f:0e:93:45:9b:30:94:b4:31:37:b7:ad:
         a6:90:98:6f:58:cc:ae:a7:f7:47:b9:8e:37:09:04:54:06:4e:
         5d:77:f0:9a:56:a8:7d:a0:0f:46:9b:26:8a:b7:6f:b4:af:65:
         87:f3:99:d8:eb:ff:2c:12:dc:99:3e:01:8b:c4:7c:b5:df:39:
         07:bd:3b:06:89:fb:b6:ea:f1:0f:02:e1:a3:a6:7d:f5:89:51:
         25:5f:2f:ff:1c:48:5e:d5:88:7a:24:84:22:11:c4:77:fe:9d:
         2f:63:27:ff:39:65:56:ef:d5:4a:f9:aa:64:f5:8f:e5:68:50:
         04:77:1c:da:94:24:a1:45:a2:50:b0:89:98:a7:60:f3:1f:cf:
         69:66:64:ae:9e:53:1c:20:4a:57:cb:a8:03:4c:c4:c1:d4:7b:
         a5:ab:58:f3:6e:a3:47:f5:59:73:4a:b8:bb:b4:46:9c:b8:cd:
         06:85:e4:9a:a0:af:24:e0:9a:8b:72:17:61:20:e6:d1:3c:45:
         2b:a2:46:e7:c3:15:5b:ad:8d:75:1c:7f:66:af:5c:65:d7:87:
         0e:4e:fb:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWfUp+Nnonb5uWCJ0bAUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTQ0NDUyNTk3MzJhYTY3MzZjMjQ4MjM0NDY1OTQ3ZmMy
Mzc0ZDAwHhcNMjYwMzAyMDcwMTE5WhcNMjYwMzAzMDcwMTE5WjAzMTEwLwYDVQQD
Eyg2MzYyODFhYmZjNThiOTVjNmZmY2VlYTRhMTc0ZjY2OTRkMmY0ZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0shLVdfuu9XI02wpt6b6x9CUh3q
CK6RnQDd2aOp8VgMygXYLg6hqCSDtnBQD6ZO2O+nv+Vbf8qjvC7YJfxb1wdMAFV/
xSeWsWsWW5b16fPdsS7U5dTLVFplalauM1O/7YEYsjRk73EkhEwUbvDN1A5sNjwn
O0Eex7qn99fLIDKAPi+Kk6kxdsXZIrO+0uQHzKoZgAuvDkxtguLT9yVVY+nKigVh
z6Qul32kTcvHrwhsXdIZemdxjap8SYDJ0PBGjQiiHK/Fpe71vN1B/Z31pY51Y8qy
GanNlkSbNcg8uzobwYt2VO6k35oMv1jFFjsRxmrRHv7sJYLQMK94ad5YYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGNigav8WLlcb/zupKF09mlNL0/cMB8GA1UdIwQY
MBaAFBoURFJZcyqmc2wkgjRGWUf8I3TQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMt
MzgxZjIzZjE4M2Q3LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMtMzgxZjIzZjE4M2Q3
LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaZ5kBRny
fAfEOChD9k5ktCvObyrl96urKzT55zsE/Ff2QvftW8Loi7SrLw6TRZswlLQxN7et
ppCYb1jMrqf3R7mONwkEVAZOXXfwmlaofaAPRpsmirdvtK9lh/OZ2Ov/LBLcmT4B
i8R8td85B707Bon7turxDwLho6Z99YlRJV8v/xxIXtWIeiSEIhHEd/6dL2Mn/zll
Vu/VSvmqZPWP5WhQBHcc2pQkoUWiULCJmKdg8x/PaWZkrp5THCBKV8uoA0zEwdR7
patY826jR/VZc0q4u7RGnLjNBoXkmqCvJOCai3IXYSDm0TxFK6JG58MVW62NdRx/
Zq9cZdeHDk77uA==
-----END CERTIFICATE-----