Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
File:                     GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft (raw, json)
Hash identifier:          AsH4fborlIKamLFEGzvb3vnTDXOaHNqkljl2FwRVxws=
Subject key identifier:   95:BB:C0:42:C8:1A:BA:4E:F7:BF:CD:08:D5:D9:A0:7B:17:C1:29:10
Authority key identifier: 18:41:C7:7F:0C:79:9A:C9:C2:71:9D:7F:8C:69:82:C4:31:43:E4:97
Certificate issuer:       /CN=1841c77f0c799ac9c2719d7f8c6982c43143e497
Certificate serial:       0197726487E49321F803169277E47C7B6EAB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
Manifest number:          0859
Signing time:             Sun 15 Jun 2025 07:01:20 +0000
Manifest this update:     Sun 15 Jun 2025 07:01:20 +0000
Manifest next update:     Mon 16 Jun 2025 07:01:20 +0000
Files and hashes:         1: GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl (hash: yuNju/sorKo8P13zdr4u2Jf6FahyDcwUWshZOTfQH3o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:72:64:87:e4:93:21:f8:03:16:92:77:e4:7c:7b:6e:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1841c77f0c799ac9c2719d7f8c6982c43143e497
        Validity
            Not Before: Jun 15 07:01:20 2025 GMT
            Not After : Jun 16 07:01:20 2025 GMT
        Subject: CN=95bbc042c81aba4ef7bfcd08d5d9a07b17c12910
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:9a:47:e3:ec:b9:95:79:0a:78:cb:0a:20:d0:
                    d3:b5:80:49:0a:86:2a:65:55:3a:e9:1c:d9:fc:7f:
                    12:cc:e9:64:19:7b:e2:2e:45:0f:fc:40:5f:32:b5:
                    09:33:83:ca:4b:ae:3b:65:30:00:8d:17:30:d1:93:
                    42:20:17:bb:37:d6:be:5f:64:e7:36:3a:0e:1b:34:
                    b2:b3:0f:f9:3e:33:db:3c:1b:04:e7:15:b6:a2:79:
                    55:6c:55:78:b2:e6:0a:4e:59:29:ca:11:b9:ac:77:
                    cd:00:6f:f1:5d:01:ec:fd:ab:45:77:59:4b:2d:72:
                    18:76:28:eb:ce:02:f1:ab:1d:e7:72:ae:f6:c2:5b:
                    21:79:7a:af:52:3f:8d:1c:cb:5f:93:d0:f7:ba:35:
                    e5:f8:b9:50:c2:21:00:4b:8c:32:e0:0b:19:ac:b6:
                    b2:d4:e9:49:5b:20:44:e4:96:bd:f2:72:1a:77:7e:
                    87:8a:6e:60:79:06:37:cf:d2:a6:0e:d7:e7:5f:8b:
                    44:1d:16:7b:a9:a8:b6:c2:fc:43:94:e2:63:3b:7a:
                    63:f0:55:63:6e:56:9d:77:a8:fd:0f:fe:c0:83:f8:
                    5b:c3:5a:95:d9:30:43:36:7a:06:63:46:91:bf:c8:
                    fa:12:e9:9c:09:cc:21:79:7b:9b:59:ed:ac:cf:57:
                    dd:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:BB:C0:42:C8:1A:BA:4E:F7:BF:CD:08:D5:D9:A0:7B:17:C1:29:10
            X509v3 Authority Key Identifier:
                keyid:18:41:C7:7F:0C:79:9A:C9:C2:71:9D:7F:8C:69:82:C4:31:43:E4:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:15:b4:03:db:5e:24:58:8b:91:a5:4d:3e:75:4d:de:08:76:
         5a:e4:16:12:15:0d:2a:cf:f4:b6:ed:48:d3:0f:62:71:d4:2a:
         2c:3e:a5:bf:8c:82:45:9c:19:7d:82:83:d3:ec:0d:32:17:68:
         7d:ac:f0:30:ee:b2:dc:9a:71:de:a3:f2:0b:67:86:fc:22:e8:
         31:d4:2e:ef:82:5b:30:e5:58:89:98:eb:c6:80:e5:cb:b1:5f:
         b4:57:cd:56:6e:8f:50:7b:97:c1:42:c2:13:1f:87:a8:52:62:
         08:4e:5d:ac:92:be:d8:fe:84:66:bf:54:37:b6:84:2c:dd:52:
         bf:65:6e:0d:c7:8b:6b:69:71:0f:9f:33:d3:51:42:a4:02:12:
         13:e8:75:df:bf:24:6c:d3:51:5d:73:24:42:9a:e1:90:17:79:
         b1:a4:6c:0a:23:89:88:a5:b8:09:ac:e6:c5:9f:34:25:e5:9b:
         f8:53:d3:b9:94:d8:1f:cb:b2:22:d3:80:49:da:0f:ea:b0:e3:
         ff:aa:60:c9:3f:47:4b:81:34:09:1b:da:a9:de:b3:60:1a:14:
         28:51:32:75:ab:3a:b9:02:97:cf:b9:b5:63:4a:f2:10:37:17:
         c3:7d:9c:1d:ef:f9:e5:b5:5e:c9:c0:76:89:a9:53:ac:f4:8f:
         c6:54:62:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdyZIfkkyH4AxaSd+R8e26rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDFjNzdmMGM3OTlhYzljMjcxOWQ3ZjhjNjk4MmM0MzE0
M2U0OTcwHhcNMjUwNjE1MDcwMTIwWhcNMjUwNjE2MDcwMTIwWjAzMTEwLwYDVQQD
Eyg5NWJiYzA0MmM4MWFiYTRlZjdiZmNkMDhkNWQ5YTA3YjE3YzEyOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJpH4+y5lXkKeMsKINDTtYBJCoYq
ZVU66RzZ/H8SzOlkGXviLkUP/EBfMrUJM4PKS647ZTAAjRcw0ZNCIBe7N9a+X2Tn
NjoOGzSysw/5PjPbPBsE5xW2onlVbFV4suYKTlkpyhG5rHfNAG/xXQHs/atFd1lL
LXIYdijrzgLxqx3ncq72wlsheXqvUj+NHMtfk9D3ujXl+LlQwiEAS4wy4AsZrLay
1OlJWyBE5Ja98nIad36Him5geQY3z9KmDtfnX4tEHRZ7qai2wvxDlOJjO3pj8FVj
bladd6j9D/7Ag/hbw1qV2TBDNnoGY0aRv8j6EumcCcwheXubWe2sz1fdtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJW7wELIGrpO97/NCNXZoHsXwSkQMB8GA1UdIwQY
MBaAFBhBx38MeZrJwnGdf4xpgsQxQ+SXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85ZGNiZDAtNTEzYi00YmViLWIwNjUt
NGU4ZjU5NjBiMTliLzEvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85ZGNiZDAtNTEzYi00YmViLWIwNjUtNGU4ZjU5NjBiMTli
LzEvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfBW0A9te
JFiLkaVNPnVN3gh2WuQWEhUNKs/0tu1I0w9icdQqLD6lv4yCRZwZfYKD0+wNMhdo
fazwMO6y3Jpx3qPyC2eG/CLoMdQu74JbMOVYiZjrxoDly7FftFfNVm6PUHuXwULC
Ex+HqFJiCE5drJK+2P6EZr9UN7aELN1Sv2VuDceLa2lxD58z01FCpAISE+h1378k
bNNRXXMkQprhkBd5saRsCiOJiKW4CazmxZ80JeWb+FPTuZTYH8uyItOASdoP6rDj
/6pgyT9HS4E0CRvaqd6zYBoUKFEydas6uQKXz7m1Y0ryEDcXw32cHe/55bVeycB2
ialTrPSPxlRirA==
-----END CERTIFICATE-----