Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
File:                     GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft (raw, json)
Hash identifier:          Dy8lfjhUGJR7ZqVgyUQbQT3s08VIgsciKID2RkijTbY=
Subject key identifier:   06:6C:FF:D6:30:BC:86:47:BF:47:91:ED:80:D6:E1:9A:27:C5:BA:FA
Authority key identifier: 18:41:C7:7F:0C:79:9A:C9:C2:71:9D:7F:8C:69:82:C4:31:43:E4:97
Certificate issuer:       /CN=1841c77f0c799ac9c2719d7f8c6982c43143e497
Certificate serial:       019CAAC62A2A8B7772E1394B4CF06A2A58D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
Manifest number:          0B0D
Signing time:             Sun 01 Mar 2026 19:00:39 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:39 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:39 +0000
Files and hashes:         1: GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl (hash: Ar+sVh0CUgFfl7A4FcbBthWQ0GOLZ6/k9UqoMdwnQ8g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:2a:2a:8b:77:72:e1:39:4b:4c:f0:6a:2a:58:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1841c77f0c799ac9c2719d7f8c6982c43143e497
        Validity
            Not Before: Mar  1 19:00:39 2026 GMT
            Not After : Mar  2 19:00:39 2026 GMT
        Subject: CN=066cffd630bc8647bf4791ed80d6e19a27c5bafa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:6a:84:59:a9:eb:bf:55:6b:d6:f9:74:f8:ad:
                    15:a8:00:99:fe:51:c4:10:03:5c:ca:11:aa:31:38:
                    25:24:90:1f:d0:21:3b:18:27:c5:ee:7c:43:9d:9d:
                    33:e8:c5:1e:35:38:35:07:6b:97:6f:35:51:16:71:
                    f2:d2:c6:7d:7a:09:f6:cf:ae:24:4d:22:03:89:63:
                    6a:80:f9:f4:33:1a:48:27:cf:53:d1:e8:ba:f3:92:
                    30:88:22:4e:8c:16:f0:1d:b3:c6:47:eb:df:c2:d2:
                    8c:45:0b:1f:d2:aa:0f:d4:35:10:16:0e:8f:bb:46:
                    0a:72:2b:a6:5f:d6:3b:8d:51:22:a5:49:7e:ed:16:
                    51:d4:2d:69:91:84:1c:59:7c:c5:fc:87:39:83:78:
                    6c:05:56:69:24:a5:0c:d4:4c:7b:9c:8d:a2:a4:78:
                    81:13:83:cb:b5:a2:4a:0b:6f:4d:c4:f1:50:f2:d5:
                    eb:53:80:d2:83:42:fb:15:8d:5f:4b:94:57:8c:04:
                    49:c6:fe:a4:37:b1:4e:01:5c:11:0d:4b:4d:d3:be:
                    43:31:71:2e:bc:8f:8a:88:a6:5d:00:9c:7d:4a:33:
                    b6:00:dc:32:49:cd:39:3d:15:1e:18:e8:a6:35:b8:
                    ac:4e:ce:c7:d6:d6:41:2f:2a:5d:53:8a:16:b7:af:
                    6a:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:6C:FF:D6:30:BC:86:47:BF:47:91:ED:80:D6:E1:9A:27:C5:BA:FA
            X509v3 Authority Key Identifier:
                keyid:18:41:C7:7F:0C:79:9A:C9:C2:71:9D:7F:8C:69:82:C4:31:43:E4:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:67:d2:bb:58:65:ca:d4:4e:c5:35:e8:fa:e4:05:3d:d3:1a:
         9a:6c:9a:d0:0f:e7:73:77:0d:ee:85:b3:9a:57:d6:a6:84:82:
         fd:f9:ea:dc:66:08:fc:e6:5b:ae:77:21:e7:45:eb:53:49:fe:
         b8:59:66:eb:db:29:22:b4:2e:20:55:54:d2:9b:27:83:68:ab:
         bc:d8:3c:50:7e:93:05:6b:8f:95:e9:49:0d:76:9f:52:99:89:
         da:a1:46:d1:b2:54:08:ae:3e:b5:bb:6b:6c:c5:e3:70:ad:7d:
         30:8d:35:65:be:3c:fe:9f:fd:81:92:79:e3:cb:04:c6:b1:07:
         68:39:32:1f:2c:cc:24:5f:48:56:f4:a2:6e:1c:9c:8b:db:43:
         fc:77:7a:35:02:17:4f:1e:b1:3c:cd:2c:ba:0d:46:92:4d:28:
         19:27:ea:5d:4f:5c:d5:51:60:03:38:46:dd:d4:8f:cd:04:9f:
         38:85:34:16:ad:8d:0a:7f:e6:91:fc:e3:77:3c:03:03:42:e5:
         e9:3f:6f:fa:5c:6b:94:6c:88:ab:c4:03:88:2e:89:ce:11:1a:
         95:26:81:ec:e5:11:cd:b7:ba:4e:f7:ae:c1:c0:98:1e:a3:33:
         37:52:5f:12:68:71:da:ee:8e:91:dc:1a:77:33:01:22:5c:d4:
         1f:9f:17:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxioqi3dy4TlLTPBqKljTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDFjNzdmMGM3OTlhYzljMjcxOWQ3ZjhjNjk4MmM0MzE0
M2U0OTcwHhcNMjYwMzAxMTkwMDM5WhcNMjYwMzAyMTkwMDM5WjAzMTEwLwYDVQQD
EygwNjZjZmZkNjMwYmM4NjQ3YmY0NzkxZWQ4MGQ2ZTE5YTI3YzViYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGqEWanrv1Vr1vl0+K0VqACZ/lHE
EANcyhGqMTglJJAf0CE7GCfF7nxDnZ0z6MUeNTg1B2uXbzVRFnHy0sZ9egn2z64k
TSIDiWNqgPn0MxpIJ89T0ei685IwiCJOjBbwHbPGR+vfwtKMRQsf0qoP1DUQFg6P
u0YKciumX9Y7jVEipUl+7RZR1C1pkYQcWXzF/Ic5g3hsBVZpJKUM1Ex7nI2ipHiB
E4PLtaJKC29NxPFQ8tXrU4DSg0L7FY1fS5RXjARJxv6kN7FOAVwRDUtN075DMXEu
vI+KiKZdAJx9SjO2ANwySc05PRUeGOimNbisTs7H1tZBLypdU4oWt69q7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAZs/9YwvIZHv0eR7YDW4Zonxbr6MB8GA1UdIwQY
MBaAFBhBx38MeZrJwnGdf4xpgsQxQ+SXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85ZGNiZDAtNTEzYi00YmViLWIwNjUt
NGU4ZjU5NjBiMTliLzEvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85ZGNiZDAtNTEzYi00YmViLWIwNjUtNGU4ZjU5NjBiMTli
LzEvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARGfSu1hl
ytROxTXo+uQFPdMammya0A/nc3cN7oWzmlfWpoSC/fnq3GYI/OZbrnch50XrU0n+
uFlm69spIrQuIFVU0psng2irvNg8UH6TBWuPlelJDXafUpmJ2qFG0bJUCK4+tbtr
bMXjcK19MI01Zb48/p/9gZJ548sExrEHaDkyHyzMJF9IVvSibhyci9tD/Hd6NQIX
Tx6xPM0sug1Gkk0oGSfqXU9c1VFgAzhG3dSPzQSfOIU0Fq2NCn/mkfzjdzwDA0Ll
6T9v+lxrlGyIq8QDiC6JzhEalSaB7OURzbe6TveuwcCYHqMzN1JfEmhx2u6Okdwa
dzMBIlzUH58XNw==
-----END CERTIFICATE-----