Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
File:                     GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft (raw, json)
Hash identifier:          dQqBwWHBFU1X9T3Lc9NfpL9ZS5JrzwPhSETv3xRd09A=
Subject key identifier:   A4:8A:12:76:97:02:E4:18:DA:34:DD:3B:74:80:3C:AB:85:94:97:F4
Authority key identifier: 18:41:C7:7F:0C:79:9A:C9:C2:71:9D:7F:8C:69:82:C4:31:43:E4:97
Certificate issuer:       /CN=1841c77f0c799ac9c2719d7f8c6982c43143e497
Certificate serial:       019A4E4F4642555E43F9949AE1EC3A96676C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
Manifest number:          09D4
Signing time:             Tue 04 Nov 2025 10:00:09 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:09 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:09 +0000
Files and hashes:         1: GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl (hash: sYtD0WrMsmIb391TLvOvtB3oBr+TdsvJGTPVsLHNBio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:46:42:55:5e:43:f9:94:9a:e1:ec:3a:96:67:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1841c77f0c799ac9c2719d7f8c6982c43143e497
        Validity
            Not Before: Nov  4 10:00:09 2025 GMT
            Not After : Nov  5 10:00:09 2025 GMT
        Subject: CN=a48a12769702e418da34dd3b74803cab859497f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:d8:06:ca:98:f1:dd:31:74:12:2c:52:74:ff:
                    0e:2a:02:4c:3e:28:e3:e8:e3:7b:5d:fa:a9:37:dd:
                    98:35:08:b1:38:d3:95:75:33:90:d2:96:da:29:98:
                    e2:71:f2:5a:9c:65:e6:9a:9f:02:f4:28:a1:c9:42:
                    63:ce:d5:c4:61:d5:1f:73:4c:7f:c2:8a:f7:1d:a3:
                    08:3e:b1:95:7c:9f:e9:ef:82:0f:81:dd:01:c3:ed:
                    df:63:2e:c1:d8:74:fc:b9:3d:ac:5c:60:4a:e6:12:
                    da:49:bf:7e:ab:c7:98:d2:af:26:d9:6a:d4:c4:71:
                    a5:97:b9:2e:24:d9:8c:d7:c8:3b:02:ae:2a:cc:0b:
                    7a:8e:3a:66:97:06:52:63:2d:1c:63:a0:96:30:8b:
                    86:18:09:85:92:e3:1b:ac:a8:8f:eb:d3:65:a6:c4:
                    1d:99:bb:f3:6b:e3:b7:d6:d3:7c:02:3d:eb:fe:a1:
                    ed:87:68:85:42:40:63:1f:df:4d:1e:c7:af:ee:93:
                    24:b2:0d:b6:01:ce:9d:a8:a2:53:d8:ad:37:67:73:
                    14:82:bd:56:5f:50:55:e8:cb:56:c3:34:b4:77:10:
                    cb:c0:db:cf:d9:b3:27:48:0b:e7:7a:f0:1e:57:69:
                    55:d1:df:d9:62:63:72:c3:43:ee:76:b0:25:34:ad:
                    a9:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:8A:12:76:97:02:E4:18:DA:34:DD:3B:74:80:3C:AB:85:94:97:F4
            X509v3 Authority Key Identifier:
                keyid:18:41:C7:7F:0C:79:9A:C9:C2:71:9D:7F:8C:69:82:C4:31:43:E4:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:dc:ba:b3:7f:5e:97:85:4c:90:a6:85:f3:9e:62:0c:a2:3b:
         10:fe:24:f2:2e:90:19:b3:60:d7:f3:39:07:f2:d3:ea:e5:6b:
         18:fc:5b:6d:b3:a1:bb:04:09:a3:d2:0b:87:79:56:69:08:d7:
         ad:ed:66:1f:f0:b7:2b:af:b8:13:5b:b1:68:db:82:5e:22:ce:
         fa:3d:78:f7:33:30:a0:18:5a:89:30:37:09:22:2a:f2:16:36:
         fd:e7:73:5c:17:54:ac:bf:08:7c:ae:ce:24:1c:98:81:8f:87:
         a9:b4:fd:7c:a9:81:f2:75:a9:59:39:83:c9:aa:f7:b6:a3:1c:
         16:84:92:a7:19:fd:58:f7:ca:f6:ca:fc:c4:5d:d8:ac:8a:ee:
         09:d8:23:39:32:59:97:dd:86:82:6e:33:63:47:70:69:f1:97:
         cd:ed:37:89:ca:59:4b:7b:9a:b5:36:18:06:b0:a3:0f:64:46:
         dd:6f:b1:57:e4:52:82:b9:af:48:a4:d1:32:ba:81:dd:f6:22:
         01:0d:90:c3:75:00:b6:34:a5:85:5a:60:0a:2a:2a:ea:44:30:
         54:70:55:10:d6:80:8f:25:a8:6e:5b:70:d6:63:3c:57:9b:b1:
         b3:2e:2b:a1:00:a5:5d:6e:b8:59:d8:b9:f0:96:46:6b:21:48:
         77:f5:44:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT0ZCVV5D+ZSa4ew6lmdsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDFjNzdmMGM3OTlhYzljMjcxOWQ3ZjhjNjk4MmM0MzE0
M2U0OTcwHhcNMjUxMTA0MTAwMDA5WhcNMjUxMTA1MTAwMDA5WjAzMTEwLwYDVQQD
EyhhNDhhMTI3Njk3MDJlNDE4ZGEzNGRkM2I3NDgwM2NhYjg1OTQ5N2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9gGypjx3TF0EixSdP8OKgJMPijj
6ON7XfqpN92YNQixONOVdTOQ0pbaKZjicfJanGXmmp8C9CihyUJjztXEYdUfc0x/
wor3HaMIPrGVfJ/p74IPgd0Bw+3fYy7B2HT8uT2sXGBK5hLaSb9+q8eY0q8m2WrU
xHGll7kuJNmM18g7Aq4qzAt6jjpmlwZSYy0cY6CWMIuGGAmFkuMbrKiP69NlpsQd
mbvza+O31tN8Aj3r/qHth2iFQkBjH99NHsev7pMksg22Ac6dqKJT2K03Z3MUgr1W
X1BV6MtWwzS0dxDLwNvP2bMnSAvnevAeV2lV0d/ZYmNyw0PudrAlNK2pzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKSKEnaXAuQY2jTdO3SAPKuFlJf0MB8GA1UdIwQY
MBaAFBhBx38MeZrJwnGdf4xpgsQxQ+SXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85ZGNiZDAtNTEzYi00YmViLWIwNjUt
NGU4ZjU5NjBiMTliLzEvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85ZGNiZDAtNTEzYi00YmViLWIwNjUtNGU4ZjU5NjBiMTli
LzEvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM9y6s39e
l4VMkKaF855iDKI7EP4k8i6QGbNg1/M5B/LT6uVrGPxbbbOhuwQJo9ILh3lWaQjX
re1mH/C3K6+4E1uxaNuCXiLO+j149zMwoBhaiTA3CSIq8hY2/edzXBdUrL8IfK7O
JByYgY+HqbT9fKmB8nWpWTmDyar3tqMcFoSSpxn9WPfK9sr8xF3YrIruCdgjOTJZ
l92Ggm4zY0dwafGXze03icpZS3uatTYYBrCjD2RG3W+xV+RSgrmvSKTRMrqB3fYi
AQ2Qw3UAtjSlhVpgCioq6kQwVHBVENaAjyWobltw1mM8V5uxsy4roQClXW64Wdi5
8JZGayFId/VEBg==
-----END CERTIFICATE-----