Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
File:                     GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft (raw, json)
Hash identifier:          HTpPKalfsVsQt3w34OKVuYyPsUYD1wvys84pIlFiU64=
Subject key identifier:   F2:00:5A:26:90:0D:36:05:4C:99:B2:A4:1A:2F:8B:7B:E4:75:E0:83
Authority key identifier: 18:41:C7:7F:0C:79:9A:C9:C2:71:9D:7F:8C:69:82:C4:31:43:E4:97
Certificate issuer:       /CN=1841c77f0c799ac9c2719d7f8c6982c43143e497
Certificate serial:       019D984FC8232356DE985E0BBA5C27433EAB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
Manifest number:          0B88
Signing time:             Thu 16 Apr 2026 22:00:58 +0000
Manifest this update:     Thu 16 Apr 2026 22:00:58 +0000
Manifest next update:     Fri 17 Apr 2026 22:00:58 +0000
Files and hashes:         1: GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl (hash: CAaLhzkwkd8QPrF+59OzHQCXPWbwSUflieds01EzezU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:4f:c8:23:23:56:de:98:5e:0b:ba:5c:27:43:3e:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1841c77f0c799ac9c2719d7f8c6982c43143e497
        Validity
            Not Before: Apr 16 22:00:58 2026 GMT
            Not After : Apr 17 22:00:58 2026 GMT
        Subject: CN=f2005a26900d36054c99b2a41a2f8b7be475e083
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:2b:a1:fc:1f:a9:15:15:58:45:bd:fc:d4:b6:
                    2d:e3:7f:09:9a:ff:5c:df:ea:cd:1c:27:2e:6a:d4:
                    66:a0:4b:90:1f:58:18:3f:8a:70:be:59:ab:74:39:
                    9b:ff:fe:f1:9f:14:8f:f3:5e:b5:93:9a:07:2d:fc:
                    2e:8f:28:c1:94:ff:e3:10:4d:c7:c8:b1:2c:5c:2f:
                    b6:d4:9e:e9:5c:63:4f:c7:87:a6:4c:73:49:e8:c4:
                    f0:50:e2:2b:68:52:8e:a7:eb:4c:aa:08:e6:cb:1d:
                    77:5f:39:2b:c5:80:f6:0f:0d:9c:c8:5e:96:2d:a5:
                    9a:26:5c:74:43:c3:4b:e4:46:de:a4:b7:6e:42:8d:
                    c8:cd:5e:34:b4:d7:17:89:93:88:cc:0b:41:b3:c2:
                    8e:9b:de:82:91:da:d6:4e:f1:f0:f0:c4:44:96:87:
                    32:98:61:3c:2c:77:12:b6:50:3d:b7:4d:bf:21:ac:
                    a1:da:01:cc:af:0c:db:9a:d9:42:90:c4:cb:3a:f0:
                    58:2a:eb:e4:1e:fd:4a:0a:aa:0b:9c:8d:42:6f:ad:
                    e9:67:26:58:30:bb:e1:1a:18:05:44:8a:c6:34:c3:
                    b7:66:f3:e2:b9:3d:2a:98:ff:53:58:c5:9a:e1:62:
                    90:77:be:f6:09:18:bd:39:20:8a:b0:e7:42:af:01:
                    2e:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:00:5A:26:90:0D:36:05:4C:99:B2:A4:1A:2F:8B:7B:E4:75:E0:83
            X509v3 Authority Key Identifier:
                keyid:18:41:C7:7F:0C:79:9A:C9:C2:71:9D:7F:8C:69:82:C4:31:43:E4:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:30:97:c7:83:8a:e6:2b:63:0e:9f:73:58:81:c1:3c:c8:fd:
         cc:2b:56:9a:97:db:9a:bd:58:1d:0e:fa:b3:99:bd:22:81:a2:
         52:ef:f6:a3:5a:8f:db:81:77:13:9e:e3:12:0b:e8:aa:16:a1:
         3e:a7:4f:3a:4a:57:9e:8f:2d:9f:27:f0:bb:85:f0:e5:67:22:
         f7:66:03:d3:3d:9e:f5:5b:46:36:d6:21:cf:5c:3c:e4:ef:f4:
         12:91:67:e1:da:bb:c8:65:ba:b7:0e:57:81:07:57:a4:17:f8:
         20:5a:52:50:26:fb:99:be:18:9b:d9:34:cd:d3:88:1b:70:8a:
         d7:94:8b:59:0f:35:99:d9:e8:0e:0d:ab:3f:55:db:cc:ac:07:
         f5:61:f6:37:b7:81:34:ef:39:3a:35:8f:79:61:4a:f1:da:23:
         19:cf:9b:da:3d:c8:1c:12:51:77:a7:fc:f4:26:ff:b8:9a:fc:
         16:d7:1d:33:d2:2d:67:82:ec:d2:cd:23:78:c1:79:83:aa:13:
         31:40:8a:58:27:a2:d0:c4:b4:0c:4d:9c:45:ef:c6:65:6e:07:
         44:7e:a1:25:1b:e8:7f:e8:18:26:92:9c:10:6d:ac:ad:5e:9e:
         85:26:e1:85:66:d3:61:48:75:70:6e:80:57:e1:3c:d7:22:30:
         fd:e6:22:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YT8gjI1bemF4LulwnQz6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDFjNzdmMGM3OTlhYzljMjcxOWQ3ZjhjNjk4MmM0MzE0
M2U0OTcwHhcNMjYwNDE2MjIwMDU4WhcNMjYwNDE3MjIwMDU4WjAzMTEwLwYDVQQD
EyhmMjAwNWEyNjkwMGQzNjA1NGM5OWIyYTQxYTJmOGI3YmU0NzVlMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiuh/B+pFRVYRb381LYt438Jmv9c
3+rNHCcuatRmoEuQH1gYP4pwvlmrdDmb//7xnxSP8161k5oHLfwujyjBlP/jEE3H
yLEsXC+21J7pXGNPx4emTHNJ6MTwUOIraFKOp+tMqgjmyx13XzkrxYD2Dw2cyF6W
LaWaJlx0Q8NL5EbepLduQo3IzV40tNcXiZOIzAtBs8KOm96CkdrWTvHw8MRElocy
mGE8LHcStlA9t02/Iayh2gHMrwzbmtlCkMTLOvBYKuvkHv1KCqoLnI1Cb63pZyZY
MLvhGhgFRIrGNMO3ZvPiuT0qmP9TWMWa4WKQd772CRi9OSCKsOdCrwEuHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIAWiaQDTYFTJmypBovi3vkdeCDMB8GA1UdIwQY
MBaAFBhBx38MeZrJwnGdf4xpgsQxQ+SXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85ZGNiZDAtNTEzYi00YmViLWIwNjUt
NGU4ZjU5NjBiMTliLzEvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85ZGNiZDAtNTEzYi00YmViLWIwNjUtNGU4ZjU5NjBiMTli
LzEvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALzCXx4OK
5itjDp9zWIHBPMj9zCtWmpfbmr1YHQ76s5m9IoGiUu/2o1qP24F3E57jEgvoqhah
PqdPOkpXno8tnyfwu4Xw5Wci92YD0z2e9VtGNtYhz1w85O/0EpFn4dq7yGW6tw5X
gQdXpBf4IFpSUCb7mb4Ym9k0zdOIG3CK15SLWQ81mdnoDg2rP1XbzKwH9WH2N7eB
NO85OjWPeWFK8dojGc+b2j3IHBJRd6f89Cb/uJr8FtcdM9ItZ4Ls0s0jeMF5g6oT
MUCKWCei0MS0DE2cRe/GZW4HRH6hJRvof+gYJpKcEG2srV6ehSbhhWbTYUh1cG6A
V+E81yIw/eYikg==
-----END CERTIFICATE-----