Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft
File:                     WKNa-48AdsEVWKz_QGPy9YooF8o.mft (raw, json)
Hash identifier:          jZcV+OkONsakwOn1WvrZgB9Do0DLM8g1UAnvXDSYD0E=
Subject key identifier:   12:14:7C:77:09:A5:72:CD:E5:D9:B3:0D:1A:59:67:32:63:03:6A:32
Authority key identifier: 58:A3:5A:FB:8F:00:76:C1:15:58:AC:FF:40:63:F2:F5:8A:28:17:CA
Certificate issuer:       /CN=58a35afb8f0076c11558acff4063f2f58a2817ca
Certificate serial:       019D39408618A02329563BD8A4FC3F6966C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WKNa-48AdsEVWKz_QGPy9YooF8o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft
Manifest number:          0676
Signing time:             Sun 29 Mar 2026 11:00:23 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:23 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:23 +0000
Files and hashes:         1: WKNa-48AdsEVWKz_QGPy9YooF8o.crl (hash: u9NejwUQInCyiYxw62ltroJECYxFyxypiNcZVSnA67A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WKNa-48AdsEVWKz_QGPy9YooF8o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:86:18:a0:23:29:56:3b:d8:a4:fc:3f:69:66:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58a35afb8f0076c11558acff4063f2f58a2817ca
        Validity
            Not Before: Mar 29 11:00:23 2026 GMT
            Not After : Mar 30 11:00:23 2026 GMT
        Subject: CN=12147c7709a572cde5d9b30d1a59673263036a32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:78:0a:d2:8a:61:63:cc:ea:9d:65:ad:93:ba:
                    77:1c:96:79:85:d2:54:65:aa:bd:fb:8f:8e:77:7e:
                    c0:a4:db:d7:17:2f:37:b2:4f:43:a7:33:c4:52:0e:
                    3b:4f:5f:f0:d3:92:89:bb:66:b8:c5:3b:5d:95:1c:
                    47:22:6b:df:6d:4f:5f:ac:f0:81:41:38:ef:9c:fe:
                    47:55:8a:19:8e:22:a9:59:af:90:95:a8:ab:60:79:
                    0a:df:15:62:6b:62:1b:bf:3c:91:5e:df:79:8d:00:
                    9b:a8:76:e0:fa:55:75:ea:15:d3:f2:94:75:e0:97:
                    ea:fe:95:82:c2:05:6d:e0:3c:a7:96:b6:06:47:7e:
                    4b:cd:d5:9d:6c:c6:1d:92:51:d5:5c:0f:c5:7b:75:
                    e1:9c:e9:a8:9c:ae:05:3b:1e:4e:e2:48:99:20:cb:
                    f5:c4:a1:97:38:b8:95:e7:f1:d5:09:39:7e:b6:df:
                    93:5a:14:91:ca:db:0d:51:2e:62:51:ee:70:e7:ed:
                    dd:1d:bc:72:6f:23:b4:4f:08:51:78:85:f3:54:a1:
                    aa:4b:e1:ca:d9:8c:ec:55:cc:b1:61:df:48:f0:d5:
                    fd:7c:3f:cb:d9:fb:7d:19:e9:d2:94:ee:47:69:b5:
                    30:6d:ff:21:6c:5e:6d:2a:34:6b:97:3e:45:3f:88:
                    9d:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:14:7C:77:09:A5:72:CD:E5:D9:B3:0D:1A:59:67:32:63:03:6A:32
            X509v3 Authority Key Identifier:
                keyid:58:A3:5A:FB:8F:00:76:C1:15:58:AC:FF:40:63:F2:F5:8A:28:17:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WKNa-48AdsEVWKz_QGPy9YooF8o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:34:c0:9c:d1:22:37:b9:73:af:87:ff:40:1b:f0:1d:88:c8:
         07:46:9e:e9:3f:41:2d:40:bf:f2:93:3b:be:a7:97:b4:c1:8e:
         76:00:3d:79:05:e5:80:57:c4:61:5d:9e:f8:dc:23:b8:96:0f:
         2f:45:3c:81:c1:e4:81:ae:9b:63:28:08:35:49:56:e3:fb:8d:
         08:26:fa:b0:30:1e:f2:42:a5:cf:c7:b6:67:3b:c3:67:d1:83:
         58:53:54:05:3a:5c:ba:7b:1a:ec:af:a3:46:78:98:e4:2a:ba:
         18:98:07:dd:7d:d1:29:b3:04:75:dd:80:c6:12:cd:3b:38:8f:
         c3:91:23:b5:7e:b4:a8:c5:16:cc:a2:16:05:3f:5a:1e:b8:8f:
         b4:6a:e6:de:6a:bf:c6:16:45:cf:72:61:0a:6d:8c:4d:2a:94:
         9c:bd:5a:01:0c:15:36:0b:fb:f9:58:c9:b4:88:04:00:96:c3:
         d9:ff:69:f6:be:3a:27:0e:1a:ad:a0:4d:ce:f9:ab:77:35:0d:
         9b:a8:62:cb:04:f1:18:0c:12:d4:1a:c1:b6:51:82:0d:1c:d9:
         7e:a1:ac:96:31:0c:f2:c5:84:4e:19:37:a9:af:49:b3:45:0c:
         77:62:b5:22:ab:72:b3:c8:d6:82:d3:89:9a:c7:ee:90:de:7c:
         3d:98:98:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QIYYoCMpVjvYpPw/aWbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YTM1YWZiOGYwMDc2YzExNTU4YWNmZjQwNjNmMmY1OGEy
ODE3Y2EwHhcNMjYwMzI5MTEwMDIzWhcNMjYwMzMwMTEwMDIzWjAzMTEwLwYDVQQD
EygxMjE0N2M3NzA5YTU3MmNkZTVkOWIzMGQxYTU5NjczMjYzMDM2YTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3gK0ophY8zqnWWtk7p3HJZ5hdJU
Zaq9+4+Od37ApNvXFy83sk9DpzPEUg47T1/w05KJu2a4xTtdlRxHImvfbU9frPCB
QTjvnP5HVYoZjiKpWa+QlairYHkK3xVia2IbvzyRXt95jQCbqHbg+lV16hXT8pR1
4Jfq/pWCwgVt4DynlrYGR35LzdWdbMYdklHVXA/Fe3XhnOmonK4FOx5O4kiZIMv1
xKGXOLiV5/HVCTl+tt+TWhSRytsNUS5iUe5w5+3dHbxybyO0TwhReIXzVKGqS+HK
2YzsVcyxYd9I8NX9fD/L2ft9GenSlO5HabUwbf8hbF5tKjRrlz5FP4idQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIUfHcJpXLN5dmzDRpZZzJjA2oyMB8GA1UdIwQY
MBaAFFijWvuPAHbBFVis/0Bj8vWKKBfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0tOYS00OEFkc0VWV0t6X1FHUHk5WW9vRjhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMjdiM2EtM2NlYy00MTM5LTg3ZTgt
MzUxOGQ4MDZmZmMzLzEvV0tOYS00OEFkc0VWV0t6X1FHUHk5WW9vRjhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMjdiM2EtM2NlYy00MTM5LTg3ZTgtMzUxOGQ4MDZmZmMz
LzEvV0tOYS00OEFkc0VWV0t6X1FHUHk5WW9vRjhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOzTAnNEi
N7lzr4f/QBvwHYjIB0ae6T9BLUC/8pM7vqeXtMGOdgA9eQXlgFfEYV2e+NwjuJYP
L0U8gcHkga6bYygINUlW4/uNCCb6sDAe8kKlz8e2ZzvDZ9GDWFNUBTpcunsa7K+j
RniY5Cq6GJgH3X3RKbMEdd2AxhLNOziPw5EjtX60qMUWzKIWBT9aHriPtGrm3mq/
xhZFz3JhCm2MTSqUnL1aAQwVNgv7+VjJtIgEAJbD2f9p9r46Jw4araBNzvmrdzUN
m6hiywTxGAwS1BrBtlGCDRzZfqGsljEM8sWEThk3qa9Js0UMd2K1Iqtys8jWgtOJ
msfukN58PZiYUg==
-----END CERTIFICATE-----