Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
File:                     GhREUllzKqZzbCSCNEZZR_wjdNA.mft (raw, json)
Hash identifier:          0MU88/Z/OKK6wEZ5Enbsd3hUUmh24zV7cDLmhTfq1Vs=
Subject key identifier:   12:13:12:B6:23:A4:F6:04:46:6E:A4:22:7C:0F:CB:1B:78:B2:8D:2C
Authority key identifier: 1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0
Certificate issuer:       /CN=1a14445259732aa6736c248234465947fc2374d0
Certificate serial:       019D3866570094AA084AA3D9426A37766402
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
Manifest number:          0F0B
Signing time:             Sun 29 Mar 2026 07:02:04 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:04 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:04 +0000
Files and hashes:         1: GhREUllzKqZzbCSCNEZZR_wjdNA.crl (hash: Wc+wpSwyt3FADHdUeDAlMdXpeEG+Ub/2enQNW30baUw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:57:00:94:aa:08:4a:a3:d9:42:6a:37:76:64:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a14445259732aa6736c248234465947fc2374d0
        Validity
            Not Before: Mar 29 07:02:04 2026 GMT
            Not After : Mar 30 07:02:04 2026 GMT
        Subject: CN=121312b623a4f604466ea4227c0fcb1b78b28d2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:e1:de:f5:f4:50:f2:01:48:de:07:c7:ff:08:
                    fd:a2:60:02:8b:90:ef:44:77:c2:59:e4:8a:0a:3b:
                    9f:7d:1d:dd:01:da:02:d4:26:45:17:b0:81:b0:72:
                    48:f1:ec:df:8b:87:4c:d8:43:b7:4e:77:71:85:f9:
                    8e:2b:81:a5:a6:9d:fb:45:fa:51:22:cf:03:57:90:
                    83:2b:ab:81:61:5f:6b:44:18:f1:46:eb:52:c9:92:
                    c1:e4:17:7f:57:b7:c5:55:84:33:d8:e7:10:c2:d2:
                    f8:dd:cd:e0:9d:65:26:d3:ab:62:e4:59:ef:d4:bc:
                    01:c3:db:84:19:eb:ce:f1:da:9d:e2:4f:46:f2:28:
                    75:f4:97:df:1b:52:9d:0d:32:2e:ca:a6:82:41:30:
                    44:25:08:23:68:e9:97:8d:81:78:07:65:3c:6c:1b:
                    ef:a8:58:a8:9b:75:98:3c:14:32:a0:f4:dc:ea:95:
                    53:32:97:42:4a:f9:3a:e3:6d:31:cf:8a:25:7f:89:
                    07:02:37:6f:d7:bb:1c:89:47:b2:7b:fe:4b:93:50:
                    ee:40:7a:54:6c:f4:d0:30:37:47:bd:cf:0a:0a:a3:
                    ad:8d:15:e3:0f:29:e1:9a:cf:90:8a:80:b6:70:b8:
                    13:ea:02:60:b7:c0:ef:ed:a9:4c:c6:10:6e:a5:1b:
                    ce:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:13:12:B6:23:A4:F6:04:46:6E:A4:22:7C:0F:CB:1B:78:B2:8D:2C
            X509v3 Authority Key Identifier:
                keyid:1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:3c:ff:7f:4d:99:73:58:06:2a:c3:05:c7:6d:04:97:63:76:
         2e:f4:10:d3:61:2b:c6:c2:af:f8:48:01:4f:40:2f:07:07:ac:
         07:13:8e:3a:b1:b4:9a:4d:5b:e1:93:96:1f:4b:2f:45:c6:42:
         61:69:af:fa:3a:d3:8b:2e:0c:6a:5b:df:f7:83:a2:97:0a:65:
         af:a8:47:c6:b2:22:b4:92:3c:c2:e4:13:20:cc:85:a8:d3:1f:
         b2:d3:ca:37:7a:1e:b5:b7:c4:c9:02:5f:c4:cc:b0:ee:52:18:
         af:6c:c9:41:73:2f:9e:37:c2:de:2b:0b:fb:bf:22:7f:76:f7:
         7f:2c:33:77:96:16:23:e9:5a:1d:5b:c2:27:b0:39:cf:2e:e3:
         07:e9:96:c9:16:5e:c1:16:65:64:d1:05:7a:c9:4c:6c:4f:f2:
         e7:2c:79:a3:b2:f1:8f:a5:4d:69:80:0f:62:c8:23:e1:0e:6a:
         7a:b1:c2:87:63:f2:cb:3a:22:55:77:9c:86:56:78:b7:c9:90:
         51:c6:f5:88:68:2d:2a:6d:6a:68:77:31:65:ee:35:0d:5c:63:
         a4:21:87:37:43:df:81:f4:8b:dc:48:cd:5d:bb:76:e8:71:69:
         e4:09:d8:04:5b:fe:a1:be:9f:75:e0:bb:5a:3d:b1:33:6d:2a:
         26:f0:ce:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZlcAlKoISqPZQmo3dmQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTQ0NDUyNTk3MzJhYTY3MzZjMjQ4MjM0NDY1OTQ3ZmMy
Mzc0ZDAwHhcNMjYwMzI5MDcwMjA0WhcNMjYwMzMwMDcwMjA0WjAzMTEwLwYDVQQD
EygxMjEzMTJiNjIzYTRmNjA0NDY2ZWE0MjI3YzBmY2IxYjc4YjI4ZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+He9fRQ8gFI3gfH/wj9omACi5Dv
RHfCWeSKCjuffR3dAdoC1CZFF7CBsHJI8ezfi4dM2EO3TndxhfmOK4Glpp37RfpR
Is8DV5CDK6uBYV9rRBjxRutSyZLB5Bd/V7fFVYQz2OcQwtL43c3gnWUm06ti5Fnv
1LwBw9uEGevO8dqd4k9G8ih19JffG1KdDTIuyqaCQTBEJQgjaOmXjYF4B2U8bBvv
qFiom3WYPBQyoPTc6pVTMpdCSvk6420xz4olf4kHAjdv17sciUeye/5Lk1DuQHpU
bPTQMDdHvc8KCqOtjRXjDynhms+QioC2cLgT6gJgt8Dv7alMxhBupRvOgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBITErYjpPYERm6kInwPyxt4so0sMB8GA1UdIwQY
MBaAFBoURFJZcyqmc2wkgjRGWUf8I3TQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMt
MzgxZjIzZjE4M2Q3LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMtMzgxZjIzZjE4M2Q3
LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGDz/f02Z
c1gGKsMFx20El2N2LvQQ02ErxsKv+EgBT0AvBwesBxOOOrG0mk1b4ZOWH0svRcZC
YWmv+jrTiy4Malvf94Oilwplr6hHxrIitJI8wuQTIMyFqNMfstPKN3oetbfEyQJf
xMyw7lIYr2zJQXMvnjfC3isL+78if3b3fywzd5YWI+laHVvCJ7A5zy7jB+mWyRZe
wRZlZNEFeslMbE/y5yx5o7Lxj6VNaYAPYsgj4Q5qerHCh2PyyzoiVXechlZ4t8mQ
Ucb1iGgtKm1qaHcxZe41DVxjpCGHN0PfgfSL3EjNXbt26HFp5AnYBFv+ob6fdeC7
Wj2xM20qJvDOdg==
-----END CERTIFICATE-----