Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
File:                     GHRUZrThRoMLlit0kG2xxtCB_HA.mft (raw, json)
Hash identifier:          HXjw4Ytn1w1NYFP1TbUZPt9Bj9VYM/8NXe/BSx9BS2E=
Subject key identifier:   55:32:4D:E5:56:BA:0B:93:7A:46:17:63:A0:87:24:D4:00:5F:43:77
Authority key identifier: 18:74:54:66:B4:E1:46:83:0B:96:2B:74:90:6D:B1:C6:D0:81:FC:70
Certificate issuer:       /CN=18745466b4e146830b962b74906db1c6d081fc70
Certificate serial:       0199FE4745828230D45E932A4EAE38BBB820
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
Manifest number:          16A9
Signing time:             Sun 19 Oct 2025 21:01:47 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:47 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:47 +0000
Files and hashes:         1: GHRUZrThRoMLlit0kG2xxtCB_HA.crl (hash: Aot4Kgj8IV4AcXhb46cKvRzvBbGlkI8EmpwIBsdr/BY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:47:45:82:82:30:d4:5e:93:2a:4e:ae:38:bb:b8:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18745466b4e146830b962b74906db1c6d081fc70
        Validity
            Not Before: Oct 19 21:01:47 2025 GMT
            Not After : Oct 20 21:01:47 2025 GMT
        Subject: CN=55324de556ba0b937a461763a08724d4005f4377
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:0b:e9:96:97:ba:09:47:a4:64:34:90:30:77:
                    e1:df:b5:0a:ec:20:15:36:4a:3c:4f:bd:a7:68:40:
                    76:4e:b0:7f:d6:e5:24:a2:b1:be:9f:f1:07:8d:99:
                    e2:99:d7:9b:6a:59:a2:38:d5:df:20:80:2c:c6:2a:
                    4e:a2:25:f5:70:d6:1d:27:45:6c:54:8b:d8:ae:7d:
                    bc:af:66:0e:2f:d6:2b:d4:ee:6b:80:bd:83:8a:6e:
                    01:ee:b9:53:14:5c:f4:e7:1d:e8:55:58:ad:b9:81:
                    d5:d3:04:57:94:3f:d1:23:f7:9c:74:34:6a:42:07:
                    85:ae:2d:f4:09:94:0e:57:fc:e4:e3:67:b5:7d:b6:
                    66:09:f3:af:d7:f0:58:d0:32:48:19:81:02:b2:c5:
                    28:05:54:13:29:91:1b:23:68:b0:ce:33:85:61:fa:
                    3b:fe:ba:cc:6c:96:3d:fa:c5:19:f9:72:3e:57:1f:
                    bd:31:4e:d3:b5:1b:f9:c7:c1:00:a9:73:f8:38:2b:
                    97:9c:80:e0:52:fd:b3:33:da:57:4c:a4:f8:06:29:
                    0f:08:b4:a9:dd:df:d1:2c:0a:4d:8b:94:d2:42:8d:
                    d5:e4:d3:79:2c:7f:8f:8f:31:74:f5:9f:c8:d3:3d:
                    65:c4:f9:f9:9c:49:76:aa:4f:e4:4c:3d:47:19:86:
                    0b:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:32:4D:E5:56:BA:0B:93:7A:46:17:63:A0:87:24:D4:00:5F:43:77
            X509v3 Authority Key Identifier:
                keyid:18:74:54:66:B4:E1:46:83:0B:96:2B:74:90:6D:B1:C6:D0:81:FC:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:fd:bf:68:c0:3f:dc:11:88:8f:d3:74:60:c8:29:cd:46:70:
         14:46:f0:36:7f:87:be:27:61:ce:c7:63:b3:7e:62:26:8a:14:
         30:e4:92:f0:74:6e:7f:9b:b0:dd:b8:58:26:63:5b:9e:bc:3e:
         83:9c:73:cb:48:e9:97:d0:2d:5e:78:f1:9d:1e:a4:c1:13:4d:
         62:a1:5b:a5:b7:b7:e1:1a:5f:45:a3:c0:df:c7:a8:59:18:38:
         8e:82:17:76:e4:dc:89:ee:f3:e7:d6:4e:74:c9:d0:17:23:e3:
         f2:b2:19:cd:3d:1a:c5:7d:15:7b:0d:e1:06:a7:d8:7a:35:1a:
         2b:5d:f7:85:2b:52:9d:03:9f:57:90:de:4a:de:81:1a:cd:9f:
         25:67:a1:4c:ad:37:09:20:6a:8c:45:9e:04:09:73:ed:11:ea:
         00:50:d1:cd:44:79:d3:32:6c:29:e5:09:df:ce:e6:fd:2c:2d:
         69:e8:c1:c0:8f:8f:b5:b0:bb:13:c9:71:29:f1:51:76:e7:34:
         46:7c:f9:7e:d5:ee:93:6a:a6:e7:96:7b:a2:89:69:d0:4f:0a:
         a6:f9:f7:05:65:8a:92:a3:d8:00:d5:85:20:fa:f5:4b:9c:6b:
         74:bb:a0:1b:78:46:59:3e:94:27:e7:34:bc:b2:bb:c4:ea:4c:
         41:bd:41:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+R0WCgjDUXpMqTq44u7ggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NzQ1NDY2YjRlMTQ2ODMwYjk2MmI3NDkwNmRiMWM2ZDA4
MWZjNzAwHhcNMjUxMDE5MjEwMTQ3WhcNMjUxMDIwMjEwMTQ3WjAzMTEwLwYDVQQD
Eyg1NTMyNGRlNTU2YmEwYjkzN2E0NjE3NjNhMDg3MjRkNDAwNWY0Mzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowvplpe6CUekZDSQMHfh37UK7CAV
Nko8T72naEB2TrB/1uUkorG+n/EHjZnimdebalmiONXfIIAsxipOoiX1cNYdJ0Vs
VIvYrn28r2YOL9Yr1O5rgL2Dim4B7rlTFFz05x3oVVituYHV0wRXlD/RI/ecdDRq
QgeFri30CZQOV/zk42e1fbZmCfOv1/BY0DJIGYECssUoBVQTKZEbI2iwzjOFYfo7
/rrMbJY9+sUZ+XI+Vx+9MU7TtRv5x8EAqXP4OCuXnIDgUv2zM9pXTKT4BikPCLSp
3d/RLApNi5TSQo3V5NN5LH+PjzF09Z/I0z1lxPn5nEl2qk/kTD1HGYYLLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFUyTeVWuguTekYXY6CHJNQAX0N3MB8GA1UdIwQY
MBaAFBh0VGa04UaDC5YrdJBtscbQgfxwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83Yjk4MWMtMDFlMy00ODk1LWJmMWYt
ZjFmYzA1NDFjNjQ5LzEvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83Yjk4MWMtMDFlMy00ODk1LWJmMWYtZjFmYzA1NDFjNjQ5
LzEvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZv2/aMA/
3BGIj9N0YMgpzUZwFEbwNn+Hvidhzsdjs35iJooUMOSS8HRuf5uw3bhYJmNbnrw+
g5xzy0jpl9AtXnjxnR6kwRNNYqFbpbe34RpfRaPA38eoWRg4joIXduTcie7z59ZO
dMnQFyPj8rIZzT0axX0Vew3hBqfYejUaK133hStSnQOfV5DeSt6BGs2fJWehTK03
CSBqjEWeBAlz7RHqAFDRzUR50zJsKeUJ387m/SwtaejBwI+PtbC7E8lxKfFRduc0
Rnz5ftXuk2qm55Z7oolp0E8Kpvn3BWWKkqPYANWFIPr1S5xrdLugG3hGWT6UJ+c0
vLK7xOpMQb1BmA==
-----END CERTIFICATE-----