Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
File:                     WrJabDkrjmejrSH2D9MxHWt_Hlw.mft (raw, json)
Hash identifier:          +NKPdrPCTwsCEZW9x6f9cpGK5EoPbbrJN7AKV0NYOm8=
Subject key identifier:   92:74:0F:08:54:07:E3:DB:DD:A8:69:B8:F0:0F:84:42:6E:23:18:A2
Authority key identifier: 5A:B2:5A:6C:39:2B:8E:67:A3:AD:21:F6:0F:D3:31:1D:6B:7F:1E:5C
Certificate issuer:       /CN=5ab25a6c392b8e67a3ad21f60fd3311d6b7f1e5c
Certificate serial:       019D38659D9CF2B13949F32F1790F98AC367
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
Manifest number:          112A
Signing time:             Sun 29 Mar 2026 07:01:16 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:16 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:16 +0000
Files and hashes:         1: WrJabDkrjmejrSH2D9MxHWt_Hlw.crl (hash: c6irRuUkATXYspvXzKltN0iXAz54buXaPc0BQiBf5PY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:9d:9c:f2:b1:39:49:f3:2f:17:90:f9:8a:c3:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ab25a6c392b8e67a3ad21f60fd3311d6b7f1e5c
        Validity
            Not Before: Mar 29 07:01:16 2026 GMT
            Not After : Mar 30 07:01:16 2026 GMT
        Subject: CN=92740f085407e3dbdda869b8f00f84426e2318a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:e3:13:00:f8:46:a9:62:26:73:f7:f7:41:67:
                    75:db:0f:41:60:b7:44:23:00:24:a6:ed:30:e0:b1:
                    3b:b3:20:de:6a:2a:9b:a1:29:1a:e2:b0:25:70:5a:
                    4d:0f:70:c2:16:c2:32:be:bc:bc:38:34:cc:2b:ca:
                    1a:a1:ca:c6:ae:26:4f:e3:e7:bb:d6:82:39:66:11:
                    46:31:84:51:df:1f:15:35:6e:dc:63:de:8f:01:c6:
                    43:ee:34:c9:8b:b0:c2:9c:ad:4a:fe:b6:f6:f6:5c:
                    c3:72:f8:be:41:9e:a1:25:7b:f9:43:da:60:ca:5c:
                    04:13:82:2d:23:42:09:84:ce:f9:cf:d1:72:05:7c:
                    09:da:9f:53:ee:b0:e9:d0:43:2e:7b:09:3b:0b:5a:
                    0c:b7:cb:9f:ef:70:9b:3d:d5:a7:9f:21:21:08:f1:
                    06:93:ae:00:31:40:6d:56:65:1a:d1:d4:37:3e:e3:
                    9a:5d:b9:45:99:88:07:bf:ba:c5:ea:5b:cc:e3:9b:
                    66:80:de:bd:8f:8c:79:ce:61:73:b0:96:80:25:f0:
                    b7:11:f0:59:76:d5:a3:3b:49:2f:27:ff:02:21:e7:
                    6d:0f:44:f2:09:ae:94:24:b9:cf:c4:8b:28:76:12:
                    b6:ae:d8:97:9b:1c:89:8e:99:6e:ed:c0:81:0a:36:
                    eb:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:74:0F:08:54:07:E3:DB:DD:A8:69:B8:F0:0F:84:42:6E:23:18:A2
            X509v3 Authority Key Identifier:
                keyid:5A:B2:5A:6C:39:2B:8E:67:A3:AD:21:F6:0F:D3:31:1D:6B:7F:1E:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:4b:5a:42:c8:4f:40:b4:e7:03:9c:ea:68:c8:7e:1d:3b:55:
         f1:ae:7c:7d:a7:fd:5d:10:bb:b6:fe:e3:77:71:d8:1b:80:68:
         2a:fa:4c:46:0b:19:ab:c5:f5:20:5d:55:3f:fc:02:14:27:f8:
         3b:d8:5a:5f:10:96:37:09:9f:f5:f0:8e:3b:c9:1c:25:65:64:
         96:b7:c9:02:4a:22:8b:1e:ff:48:93:31:87:8c:3f:51:a3:8b:
         d3:87:64:be:0b:7f:d7:cd:dd:79:43:f3:f2:0f:22:0d:dd:35:
         d7:42:5d:40:1a:6d:6a:48:0f:b5:5e:b6:d4:6b:82:6f:77:e0:
         d0:6b:26:1b:fa:07:49:63:56:2e:45:65:cb:4a:8f:9e:54:38:
         0d:bd:e6:65:be:8c:3b:f9:4d:db:6f:62:dd:99:5f:82:e3:4b:
         e7:27:a9:43:1c:75:a5:c8:3a:b5:85:ba:41:84:64:b8:94:ab:
         e7:6f:34:45:51:80:7a:e0:8b:5b:f0:3f:a2:86:aa:d5:41:5a:
         c6:1a:a6:b0:ac:2d:f4:37:71:0b:53:5c:8a:fe:df:11:de:19:
         15:f1:65:cb:7a:8a:48:72:59:30:73:09:a4:24:63:f4:e9:0a:
         af:a0:44:99:db:12:0b:9b:78:1f:55:0e:87:38:04:fa:75:34:
         b1:ba:53:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZZ2c8rE5SfMvF5D5isNnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYjI1YTZjMzkyYjhlNjdhM2FkMjFmNjBmZDMzMTFkNmI3
ZjFlNWMwHhcNMjYwMzI5MDcwMTE2WhcNMjYwMzMwMDcwMTE2WjAzMTEwLwYDVQQD
Eyg5Mjc0MGYwODU0MDdlM2RiZGRhODY5YjhmMDBmODQ0MjZlMjMxOGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeMTAPhGqWImc/f3QWd12w9BYLdE
IwAkpu0w4LE7syDeaiqboSka4rAlcFpND3DCFsIyvry8ODTMK8oaocrGriZP4+e7
1oI5ZhFGMYRR3x8VNW7cY96PAcZD7jTJi7DCnK1K/rb29lzDcvi+QZ6hJXv5Q9pg
ylwEE4ItI0IJhM75z9FyBXwJ2p9T7rDp0EMuewk7C1oMt8uf73CbPdWnnyEhCPEG
k64AMUBtVmUa0dQ3PuOaXblFmYgHv7rF6lvM45tmgN69j4x5zmFzsJaAJfC3EfBZ
dtWjO0kvJ/8CIedtD0TyCa6UJLnPxIsodhK2rtiXmxyJjplu7cCBCjbrowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJJ0DwhUB+Pb3ahpuPAPhEJuIxiiMB8GA1UdIwQY
MBaAFFqyWmw5K45no60h9g/TMR1rfx5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84MWY3NmYtZDg3OC00NGExLTgyYzct
MmNjYjVmMGM1ZjZiLzEvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84MWY3NmYtZDg3OC00NGExLTgyYzctMmNjYjVmMGM1ZjZi
LzEvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc0taQshP
QLTnA5zqaMh+HTtV8a58faf9XRC7tv7jd3HYG4BoKvpMRgsZq8X1IF1VP/wCFCf4
O9haXxCWNwmf9fCOO8kcJWVklrfJAkoiix7/SJMxh4w/UaOL04dkvgt/183deUPz
8g8iDd0110JdQBptakgPtV621GuCb3fg0GsmG/oHSWNWLkVly0qPnlQ4Db3mZb6M
O/lN229i3ZlfguNL5yepQxx1pcg6tYW6QYRkuJSr5280RVGAeuCLW/A/ooaq1UFa
xhqmsKwt9DdxC1Nciv7fEd4ZFfFly3qKSHJZMHMJpCRj9OkKr6BEmdsSC5t4H1UO
hzgE+nU0sbpTqg==
-----END CERTIFICATE-----