Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
File:                     GHRUZrThRoMLlit0kG2xxtCB_HA.mft (raw, json)
Hash identifier:          tBVdNl9V3ouaTTBskZ/Um2duFbhTEtBqCcRwSTaZNGE=
Subject key identifier:   CF:B6:C7:41:53:06:87:60:1B:58:AA:70:72:95:B6:E8:80:33:A8:6A
Authority key identifier: 18:74:54:66:B4:E1:46:83:0B:96:2B:74:90:6D:B1:C6:D0:81:FC:70
Certificate issuer:       /CN=18745466b4e146830b962b74906db1c6d081fc70
Certificate serial:       019A7225816BE252FE62E58E3841339AEA3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
Manifest number:          16E5
Signing time:             Tue 11 Nov 2025 09:00:51 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:51 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:51 +0000
Files and hashes:         1: GHRUZrThRoMLlit0kG2xxtCB_HA.crl (hash: UMlcuYneZbYRUX/UGttWkMYGUv/bPzM1ZSKLVmffngg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:81:6b:e2:52:fe:62:e5:8e:38:41:33:9a:ea:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18745466b4e146830b962b74906db1c6d081fc70
        Validity
            Not Before: Nov 11 09:00:51 2025 GMT
            Not After : Nov 12 09:00:51 2025 GMT
        Subject: CN=cfb6c741530687601b58aa707295b6e88033a86a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:be:60:16:12:02:d4:1b:46:72:0b:96:03:e6:
                    ed:3c:40:bf:5b:b8:9b:52:70:20:c3:d9:bf:b0:a6:
                    32:86:7d:55:cf:df:85:6d:97:d5:cb:f6:bb:af:3c:
                    4c:b6:9d:cb:bb:44:e7:e3:90:6f:69:e4:f1:a4:8f:
                    03:1d:f7:9e:7a:b9:9f:b6:a1:6e:86:85:d1:7e:81:
                    7f:07:15:74:fe:97:d7:2d:1d:72:b0:44:22:6b:69:
                    a9:77:9e:32:01:44:05:5d:04:a0:f1:37:44:07:f0:
                    f3:eb:b4:5d:25:a9:3a:ed:b8:c5:ae:aa:c1:36:da:
                    11:6e:83:32:39:53:76:5b:f2:c9:2c:55:c3:17:68:
                    aa:1c:56:10:c2:6a:1a:58:cf:c8:47:19:a4:d7:77:
                    1a:f9:da:82:5f:2f:07:58:49:55:26:8a:b3:f4:75:
                    32:6a:99:98:4d:50:88:a8:b3:34:c1:c1:15:86:6f:
                    f9:6b:71:11:10:2b:0e:5b:66:55:61:83:f5:7e:4f:
                    32:48:18:04:5e:40:c4:95:51:78:46:8f:61:30:96:
                    59:2f:05:39:48:8c:e5:ca:d0:2c:28:9e:53:6e:0d:
                    8b:70:7c:74:9c:12:b4:d0:92:e1:07:45:0c:32:e9:
                    0c:07:cc:ea:98:1c:73:c2:0b:46:71:d7:df:bd:ef:
                    d5:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:B6:C7:41:53:06:87:60:1B:58:AA:70:72:95:B6:E8:80:33:A8:6A
            X509v3 Authority Key Identifier:
                keyid:18:74:54:66:B4:E1:46:83:0B:96:2B:74:90:6D:B1:C6:D0:81:FC:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:84:35:5c:6c:3f:3d:a3:85:d1:a0:c7:27:db:2a:7b:c1:08:
         e6:65:9c:0e:aa:2e:84:23:09:f9:4a:5d:6b:6d:fc:03:69:98:
         3e:5d:4e:b4:3c:50:0c:62:c6:67:78:59:df:95:18:b1:fd:d0:
         33:e8:48:50:39:83:08:14:6d:06:e8:fa:a3:13:12:b6:52:98:
         66:45:9b:ce:a4:a0:5e:f9:8a:5a:77:34:03:e2:e1:41:2d:37:
         a3:e0:51:9e:d2:b3:27:d8:e2:df:54:f3:0f:28:5b:c2:df:be:
         f9:6c:0b:d8:b3:a9:91:d0:51:07:c3:0b:79:ac:f7:e9:ac:ae:
         bb:f2:95:0e:98:6a:09:bc:e0:6a:25:da:e5:a9:2a:4f:4f:99:
         76:f6:74:3b:a3:2f:ab:53:62:04:b9:02:7f:93:e5:6c:1d:2f:
         ab:74:44:e4:db:c8:1b:7b:5a:0c:c2:fc:97:12:05:6f:57:68:
         4e:75:af:ef:50:e4:f3:e8:24:33:52:e0:15:70:82:12:df:4d:
         16:f1:59:03:19:fc:c0:93:d4:e0:ce:fb:be:c5:28:2c:1c:0a:
         e7:0e:23:9c:62:c7:78:44:e6:59:2e:e0:18:f7:5f:df:8f:46:
         9c:5a:01:d3:48:37:ed:8c:d6:9b:11:ab:d9:ba:c8:eb:e3:43:
         09:a3:0e:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJYFr4lL+YuWOOEEzmuo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NzQ1NDY2YjRlMTQ2ODMwYjk2MmI3NDkwNmRiMWM2ZDA4
MWZjNzAwHhcNMjUxMTExMDkwMDUxWhcNMjUxMTEyMDkwMDUxWjAzMTEwLwYDVQQD
EyhjZmI2Yzc0MTUzMDY4NzYwMWI1OGFhNzA3Mjk1YjZlODgwMzNhODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA675gFhIC1BtGcguWA+btPEC/W7ib
UnAgw9m/sKYyhn1Vz9+FbZfVy/a7rzxMtp3Lu0Tn45BvaeTxpI8DHfeeermftqFu
hoXRfoF/BxV0/pfXLR1ysEQia2mpd54yAUQFXQSg8TdEB/Dz67RdJak67bjFrqrB
NtoRboMyOVN2W/LJLFXDF2iqHFYQwmoaWM/IRxmk13ca+dqCXy8HWElVJoqz9HUy
apmYTVCIqLM0wcEVhm/5a3ERECsOW2ZVYYP1fk8ySBgEXkDElVF4Ro9hMJZZLwU5
SIzlytAsKJ5Tbg2LcHx0nBK00JLhB0UMMukMB8zqmBxzwgtGcdffve/VeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+2x0FTBodgG1iqcHKVtuiAM6hqMB8GA1UdIwQY
MBaAFBh0VGa04UaDC5YrdJBtscbQgfxwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83Yjk4MWMtMDFlMy00ODk1LWJmMWYt
ZjFmYzA1NDFjNjQ5LzEvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83Yjk4MWMtMDFlMy00ODk1LWJmMWYtZjFmYzA1NDFjNjQ5
LzEvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUoQ1XGw/
PaOF0aDHJ9sqe8EI5mWcDqouhCMJ+Upda238A2mYPl1OtDxQDGLGZ3hZ35UYsf3Q
M+hIUDmDCBRtBuj6oxMStlKYZkWbzqSgXvmKWnc0A+LhQS03o+BRntKzJ9ji31Tz
Dyhbwt+++WwL2LOpkdBRB8MLeaz36ayuu/KVDphqCbzgaiXa5akqT0+ZdvZ0O6Mv
q1NiBLkCf5PlbB0vq3RE5NvIG3taDML8lxIFb1doTnWv71Dk8+gkM1LgFXCCEt9N
FvFZAxn8wJPU4M77vsUoLBwK5w4jnGLHeETmWS7gGPdf349GnFoB00g37YzWmxGr
2brI6+NDCaMOSA==
-----END CERTIFICATE-----