Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.mft
File:                     WFRbn70B0owOptCPW0cts0-tLqM.mft (raw, json)
Hash identifier:          r6wGl9AUrIMySOT81ndngmdUOj9M8iq1D97QZnQOF3E=
Subject key identifier:   04:3B:4A:E5:20:E4:3B:7E:27:BB:39:4D:68:20:F2:03:91:8D:E9:74
Authority key identifier: 58:54:5B:9F:BD:01:D2:8C:0E:A6:D0:8F:5B:47:2D:B3:4F:AD:2E:A3
Certificate issuer:       /CN=58545b9fbd01d28c0ea6d08f5b472db34fad2ea3
Certificate serial:       019D36E5547C0B58453C326876C232CF233E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WFRbn70B0owOptCPW0cts0-tLqM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.mft
Manifest number:          1854
Signing time:             Sun 29 Mar 2026 00:01:32 +0000
Manifest this update:     Sun 29 Mar 2026 00:01:32 +0000
Manifest next update:     Mon 30 Mar 2026 00:01:32 +0000
Files and hashes:         1: WFRbn70B0owOptCPW0cts0-tLqM.crl (hash: UCDHiPlQ/VlbI+0zTnHprZQfiFA39+HdvayLGRlvMqY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WFRbn70B0owOptCPW0cts0-tLqM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 00:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:36:e5:54:7c:0b:58:45:3c:32:68:76:c2:32:cf:23:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58545b9fbd01d28c0ea6d08f5b472db34fad2ea3
        Validity
            Not Before: Mar 29 00:01:32 2026 GMT
            Not After : Mar 30 00:01:32 2026 GMT
        Subject: CN=043b4ae520e43b7e27bb394d6820f203918de974
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:72:2d:db:e8:9c:ab:a5:c0:ae:10:41:74:f3:
                    e2:f2:00:c1:79:8a:48:03:7f:e7:bf:96:40:d0:06:
                    88:4e:88:db:71:03:cb:35:46:08:5d:c2:8c:3b:7f:
                    27:b1:e5:a3:61:cd:2e:46:91:9a:f3:a8:08:6c:64:
                    ec:88:5a:18:41:e9:28:e3:92:4f:a5:c1:8d:ce:fa:
                    41:f8:39:21:ca:a8:26:3d:49:04:8b:54:37:a2:cd:
                    1d:76:10:dd:05:7f:5a:d4:36:81:cd:58:b5:17:09:
                    e3:fc:dd:23:74:35:a7:75:5a:be:85:60:99:ad:64:
                    57:c2:83:e8:36:a8:e0:6d:81:e5:60:f3:a2:13:04:
                    89:cc:dd:82:ec:4d:53:a2:64:d2:05:66:70:98:a2:
                    75:4d:62:8b:32:03:cf:f0:de:c2:e2:a7:79:9e:54:
                    33:05:30:1b:49:f8:59:e6:19:71:ca:60:de:b5:c0:
                    f5:da:b5:e2:6c:28:38:f2:56:95:bc:db:33:70:93:
                    9b:d9:07:0b:4f:de:3a:63:27:3f:a7:0f:42:1f:a9:
                    1b:df:8a:43:33:18:ca:99:fb:30:03:51:bf:0c:1e:
                    dd:17:8e:dc:48:e3:b4:3e:36:f9:b0:de:58:a4:05:
                    56:b9:d7:0c:88:31:36:16:3a:1b:5b:7b:1e:18:6e:
                    4b:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:3B:4A:E5:20:E4:3B:7E:27:BB:39:4D:68:20:F2:03:91:8D:E9:74
            X509v3 Authority Key Identifier:
                keyid:58:54:5B:9F:BD:01:D2:8C:0E:A6:D0:8F:5B:47:2D:B3:4F:AD:2E:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFRbn70B0owOptCPW0cts0-tLqM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:ad:71:8e:8e:9f:2f:c6:91:a3:00:e1:25:33:65:8e:8f:55:
         df:c7:a8:0a:9c:6e:7b:f4:fa:e3:e5:0b:a7:4d:bc:7b:8a:e8:
         38:73:b7:9a:0f:47:ef:eb:4e:1b:80:7c:89:67:3e:c9:75:c6:
         11:72:bd:28:37:fa:45:27:4e:75:17:2c:e5:5b:3e:e2:5a:8c:
         6e:a2:ab:e3:df:d8:ed:55:87:82:31:be:96:52:0c:18:2c:1c:
         9b:9d:4b:16:cc:53:bf:d4:27:30:f1:c2:db:2f:c4:49:62:0c:
         cb:9f:d2:ea:0c:ff:29:16:52:31:ea:bc:20:b2:4e:65:c0:92:
         22:b5:f1:63:bb:7b:79:4f:55:ef:77:fd:f4:33:fc:3c:e7:25:
         4c:34:0c:d1:af:af:74:3c:5c:94:c9:84:49:e7:d4:db:13:83:
         eb:2b:f9:f0:50:fa:d3:5d:95:99:40:93:09:31:83:9d:4c:c4:
         af:f2:b4:ba:d6:74:90:b4:29:2f:22:ef:5b:da:60:f3:9a:ae:
         a9:b5:f5:7a:7e:6b:8d:de:f3:44:8a:9d:d0:5a:8a:e9:01:b6:
         cd:1a:b5:f1:af:01:99:81:74:d9:ff:24:5c:57:92:df:a8:7a:
         dc:dd:a4:1c:5b:14:8b:28:d0:30:4c:cf:6f:24:84:c5:5c:db:
         23:5f:3b:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ025VR8C1hFPDJodsIyzyM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTQ1YjlmYmQwMWQyOGMwZWE2ZDA4ZjViNDcyZGIzNGZh
ZDJlYTMwHhcNMjYwMzI5MDAwMTMyWhcNMjYwMzMwMDAwMTMyWjAzMTEwLwYDVQQD
EygwNDNiNGFlNTIwZTQzYjdlMjdiYjM5NGQ2ODIwZjIwMzkxOGRlOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXIt2+icq6XArhBBdPPi8gDBeYpI
A3/nv5ZA0AaITojbcQPLNUYIXcKMO38nseWjYc0uRpGa86gIbGTsiFoYQeko45JP
pcGNzvpB+DkhyqgmPUkEi1Q3os0ddhDdBX9a1DaBzVi1Fwnj/N0jdDWndVq+hWCZ
rWRXwoPoNqjgbYHlYPOiEwSJzN2C7E1TomTSBWZwmKJ1TWKLMgPP8N7C4qd5nlQz
BTAbSfhZ5hlxymDetcD12rXibCg48laVvNszcJOb2QcLT946Yyc/pw9CH6kb34pD
MxjKmfswA1G/DB7dF47cSOO0Pjb5sN5YpAVWudcMiDE2FjobW3seGG5LhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQ7SuUg5Dt+J7s5TWgg8gORjel0MB8GA1UdIwQY
MBaAFFhUW5+9AdKMDqbQj1tHLbNPrS6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZSYm43MEIwb3dPcHRDUFcwY3RzMC10THFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85Y2ZjNzktOGJkYS00ODYyLWE3ZDgt
NGY4ZDkzNTVkODYyLzEvV0ZSYm43MEIwb3dPcHRDUFcwY3RzMC10THFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85Y2ZjNzktOGJkYS00ODYyLWE3ZDgtNGY4ZDkzNTVkODYy
LzEvV0ZSYm43MEIwb3dPcHRDUFcwY3RzMC10THFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPa1xjo6f
L8aRowDhJTNljo9V38eoCpxue/T64+ULp028e4roOHO3mg9H7+tOG4B8iWc+yXXG
EXK9KDf6RSdOdRcs5Vs+4lqMbqKr49/Y7VWHgjG+llIMGCwcm51LFsxTv9QnMPHC
2y/ESWIMy5/S6gz/KRZSMeq8ILJOZcCSIrXxY7t7eU9V73f99DP8POclTDQM0a+v
dDxclMmESefU2xOD6yv58FD6012VmUCTCTGDnUzEr/K0utZ0kLQpLyLvW9pg85qu
qbX1en5rjd7zRIqd0FqK6QG2zRq18a8BmYF02f8kXFeS36h63N2kHFsUiyjQMEzP
bySExVzbI187Yg==
-----END CERTIFICATE-----