Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
File:                     GhREUllzKqZzbCSCNEZZR_wjdNA.mft (raw, json)
Hash identifier:          G0oyHJPmSTTfSEmmbSS4gzUN7JIbvIhFlwN1gqqjqR4=
Subject key identifier:   68:D4:53:DC:62:11:9A:7C:15:E6:B8:7A:04:D3:76:D4:5D:9C:3C:FE
Authority key identifier: 1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0
Certificate issuer:       /CN=1a14445259732aa6736c248234465947fc2374d0
Certificate serial:       019748559048787035F9EABB76D17CC60827
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
Manifest number:          0BF8
Signing time:             Sat 07 Jun 2025 03:00:56 +0000
Manifest this update:     Sat 07 Jun 2025 03:00:56 +0000
Manifest next update:     Sun 08 Jun 2025 03:00:56 +0000
Files and hashes:         1: GhREUllzKqZzbCSCNEZZR_wjdNA.crl (hash: sSwoxW1Nh6aryIf4ffUUG8zf7BXh0ZoDjV49z5pGKU0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 03:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:55:90:48:78:70:35:f9:ea:bb:76:d1:7c:c6:08:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a14445259732aa6736c248234465947fc2374d0
        Validity
            Not Before: Jun  7 03:00:56 2025 GMT
            Not After : Jun  8 03:00:56 2025 GMT
        Subject: CN=68d453dc62119a7c15e6b87a04d376d45d9c3cfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:9d:76:d8:29:50:f3:c7:f6:d0:87:75:45:60:
                    c8:d2:50:f6:13:3f:a1:3d:53:93:95:22:bf:21:8c:
                    2b:52:80:16:69:7b:dc:06:40:1b:e4:cc:17:60:a3:
                    41:98:4b:fc:32:19:f7:2f:39:4e:cf:f7:e9:d7:f1:
                    57:ab:b6:50:72:aa:cb:43:7a:9c:bf:a3:1f:08:8d:
                    8c:93:5f:f6:1c:b1:f5:30:6e:26:04:86:f2:50:b8:
                    c9:86:54:98:60:b7:ea:2c:29:ec:94:a8:46:e3:d4:
                    fd:53:14:19:95:11:8d:9a:3f:8e:51:01:b8:e9:b5:
                    30:c8:82:0a:89:fb:dd:aa:99:79:dc:5f:12:a2:da:
                    ab:78:76:45:af:c8:ce:5e:16:11:31:6f:bc:ee:e3:
                    97:28:07:50:47:fe:87:f9:21:8c:b0:95:14:c6:6e:
                    76:0d:ab:2e:b1:30:a1:3e:fd:60:82:1c:ec:eb:83:
                    99:e3:83:e3:87:f4:fa:57:d0:fc:d0:46:22:ec:ee:
                    5b:d0:8b:e5:18:9c:23:33:94:ab:b9:36:00:ad:b7:
                    8a:1f:f4:18:6d:b3:b5:fe:c5:aa:c3:e4:be:83:0d:
                    3b:f4:3c:d1:9a:50:72:e7:ca:37:bc:6a:81:6b:92:
                    56:0f:40:0b:2a:a7:06:0c:ce:27:b9:93:39:ee:02:
                    2a:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:D4:53:DC:62:11:9A:7C:15:E6:B8:7A:04:D3:76:D4:5D:9C:3C:FE
            X509v3 Authority Key Identifier:
                keyid:1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:ca:74:38:ad:61:f4:94:ba:60:45:7f:b0:dc:5d:5b:41:eb:
         68:b3:ab:74:c1:66:ca:6f:41:e5:d5:2e:e3:1c:89:83:a0:eb:
         32:98:a6:29:48:22:ef:be:0a:91:bb:79:bf:f4:a2:20:c0:8c:
         08:52:26:e7:a6:4f:e8:5f:90:86:c0:5c:91:f7:46:d5:cf:d7:
         7f:95:96:64:4f:dc:19:7b:f2:49:91:39:a9:c6:c7:db:cc:c5:
         fa:08:b3:2f:9e:59:a8:d2:63:12:e4:29:0f:bf:5a:3e:5b:23:
         ae:e5:38:e3:d5:83:aa:a9:11:84:eb:03:f1:80:37:b2:6c:85:
         49:07:ce:25:3a:cf:65:2e:38:c3:b8:84:a2:c0:16:94:60:e8:
         79:a8:d2:73:f2:ab:f5:99:5f:56:de:94:07:19:84:7c:92:a7:
         82:6d:f4:81:c8:7f:18:74:84:49:0d:92:b7:74:62:78:57:b5:
         28:b5:a0:30:f0:0f:ba:6f:89:e9:ee:63:31:1a:53:8a:07:e7:
         dd:84:9f:2a:fb:36:71:27:db:b5:07:44:b2:65:43:3d:40:32:
         4a:82:d4:07:e2:ad:56:b5:80:4d:73:f2:79:ac:af:8f:02:3b:
         21:66:29:b4:b8:61:cf:a2:d9:0f:03:57:5e:c7:ec:eb:9b:11:
         79:95:15:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIVZBIeHA1+eq7dtF8xggnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTQ0NDUyNTk3MzJhYTY3MzZjMjQ4MjM0NDY1OTQ3ZmMy
Mzc0ZDAwHhcNMjUwNjA3MDMwMDU2WhcNMjUwNjA4MDMwMDU2WjAzMTEwLwYDVQQD
Eyg2OGQ0NTNkYzYyMTE5YTdjMTVlNmI4N2EwNGQzNzZkNDVkOWMzY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5122ClQ88f20Id1RWDI0lD2Ez+h
PVOTlSK/IYwrUoAWaXvcBkAb5MwXYKNBmEv8Mhn3LzlOz/fp1/FXq7ZQcqrLQ3qc
v6MfCI2Mk1/2HLH1MG4mBIbyULjJhlSYYLfqLCnslKhG49T9UxQZlRGNmj+OUQG4
6bUwyIIKifvdqpl53F8SotqreHZFr8jOXhYRMW+87uOXKAdQR/6H+SGMsJUUxm52
DasusTChPv1gghzs64OZ44Pjh/T6V9D80EYi7O5b0IvlGJwjM5SruTYArbeKH/QY
bbO1/sWqw+S+gw079DzRmlBy58o3vGqBa5JWD0ALKqcGDM4nuZM57gIq1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGjUU9xiEZp8Fea4egTTdtRdnDz+MB8GA1UdIwQY
MBaAFBoURFJZcyqmc2wkgjRGWUf8I3TQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMt
MzgxZjIzZjE4M2Q3LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMtMzgxZjIzZjE4M2Q3
LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACMp0OK1h
9JS6YEV/sNxdW0HraLOrdMFmym9B5dUu4xyJg6DrMpimKUgi774Kkbt5v/SiIMCM
CFIm56ZP6F+QhsBckfdG1c/Xf5WWZE/cGXvySZE5qcbH28zF+gizL55ZqNJjEuQp
D79aPlsjruU449WDqqkRhOsD8YA3smyFSQfOJTrPZS44w7iEosAWlGDoeajSc/Kr
9ZlfVt6UBxmEfJKngm30gch/GHSESQ2St3RieFe1KLWgMPAPum+J6e5jMRpTigfn
3YSfKvs2cSfbtQdEsmVDPUAySoLUB+KtVrWATXPyeayvjwI7IWYptLhhz6LZDwNX
Xsfs65sReZUVUg==
-----END CERTIFICATE-----