Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
File:                     WAFhHoC63kAvvWDnhvNPtxctIlo.mft (raw, json)
Hash identifier:          cgxstW4p442Sd9atnnixYVKOuoqy0F3VNSFBdLcBapQ=
Subject key identifier:   A7:D1:1A:AD:12:6B:2C:4B:FC:CB:3F:67:BA:1D:F1:4F:2A:EC:BD:8D
Authority key identifier: 58:01:61:1E:80:BA:DE:40:2F:BD:60:E7:86:F3:4F:B7:17:2D:22:5A
Certificate issuer:       /CN=5801611e80bade402fbd60e786f34fb7172d225a
Certificate serial:       019A72936BFFAEFD11DFD93573DDFF597FEF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
Manifest number:          147F
Signing time:             Tue 11 Nov 2025 11:00:55 +0000
Manifest this update:     Tue 11 Nov 2025 11:00:55 +0000
Manifest next update:     Wed 12 Nov 2025 11:00:55 +0000
Files and hashes:         1: WAFhHoC63kAvvWDnhvNPtxctIlo.crl (hash: 2O4n+fn8Cx0y+M97GIQL18ERD7pjctKW6F97DgBKX34=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:6b:ff:ae:fd:11:df:d9:35:73:dd:ff:59:7f:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5801611e80bade402fbd60e786f34fb7172d225a
        Validity
            Not Before: Nov 11 11:00:55 2025 GMT
            Not After : Nov 12 11:00:55 2025 GMT
        Subject: CN=a7d11aad126b2c4bfccb3f67ba1df14f2aecbd8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:05:82:ca:fe:55:01:2b:ae:a9:9e:16:14:7f:
                    55:d3:db:42:ad:3d:fa:6e:a2:c9:c9:91:83:e1:81:
                    f4:93:09:93:8b:4d:e5:0e:32:15:4b:1d:f2:00:57:
                    fd:8a:c6:92:22:6d:7e:46:fb:48:76:3f:14:d6:56:
                    bc:e0:99:33:b5:b3:a8:4c:05:57:52:86:4f:3c:bf:
                    7d:78:3b:09:8e:6d:43:6b:62:f5:b9:70:07:20:a9:
                    45:2c:2d:49:3d:58:63:d6:72:90:44:96:be:05:4d:
                    e5:26:54:56:84:f0:e1:ca:d0:e7:e0:50:69:2e:f4:
                    15:eb:79:fd:a1:39:17:dd:36:bd:8a:40:9e:44:28:
                    95:5c:be:bc:9f:12:af:2e:52:98:ac:c2:30:0b:64:
                    a1:a4:dd:dd:a8:82:2f:bb:69:a7:51:b0:f4:0e:fe:
                    29:0a:4e:a3:61:92:42:74:95:e4:e2:7e:37:ed:22:
                    87:ed:8a:73:a8:d4:01:c4:4a:99:70:4c:98:76:f9:
                    86:47:bb:28:03:d4:bc:ab:25:61:f0:15:cf:0e:63:
                    dd:29:0a:07:da:54:7a:81:e7:2a:13:45:4f:2f:54:
                    72:b5:7b:37:dc:71:12:ad:0f:d8:89:46:d0:a4:55:
                    c5:19:c1:06:2b:45:50:55:07:1a:bb:30:36:90:48:
                    61:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:D1:1A:AD:12:6B:2C:4B:FC:CB:3F:67:BA:1D:F1:4F:2A:EC:BD:8D
            X509v3 Authority Key Identifier:
                keyid:58:01:61:1E:80:BA:DE:40:2F:BD:60:E7:86:F3:4F:B7:17:2D:22:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:e4:97:f1:48:fe:99:7f:c8:11:c6:9c:1c:67:48:59:fc:e1:
         c8:b9:97:c8:56:99:ea:a0:95:60:b1:dd:2d:53:98:44:53:be:
         85:6e:84:46:1b:c3:35:32:78:52:66:35:1a:a0:22:c2:c4:a5:
         d2:72:da:47:7e:88:9f:c9:92:b8:99:4e:cc:73:53:03:07:46:
         ca:d3:0e:5a:3b:9f:2f:22:e0:70:cd:b8:7f:65:63:ee:2a:99:
         36:88:41:80:ef:2c:05:e2:ab:a9:00:4c:fa:37:f5:9f:af:e7:
         61:a4:92:bb:6c:09:97:7a:e2:5c:14:c0:77:6f:e2:66:bd:e7:
         af:29:a5:7d:45:38:c6:6e:c4:2f:7f:21:06:a0:f6:4e:f1:4d:
         d0:73:dd:2c:2a:1b:be:97:e8:87:ae:22:ab:5e:42:89:76:53:
         ad:5e:9d:8c:58:a1:01:2a:94:f4:52:5b:37:75:97:96:6c:75:
         81:2b:7d:f7:82:ee:a1:53:46:8d:32:fb:13:7f:20:0f:5b:ad:
         44:67:f4:b4:4d:f5:c1:52:46:15:b8:5f:fb:d4:92:b3:15:8f:
         21:e1:03:29:52:df:0b:b9:8a:dd:47:1a:b7:f6:db:d3:62:56:
         63:6d:a8:a7:62:ae:1c:af:2a:15:fb:fc:35:22:8a:e2:c9:09:
         7b:39:f7:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk2v/rv0R39k1c93/WX/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE2MTFlODBiYWRlNDAyZmJkNjBlNzg2ZjM0ZmI3MTcy
ZDIyNWEwHhcNMjUxMTExMTEwMDU1WhcNMjUxMTEyMTEwMDU1WjAzMTEwLwYDVQQD
EyhhN2QxMWFhZDEyNmIyYzRiZmNjYjNmNjdiYTFkZjE0ZjJhZWNiZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQWCyv5VASuuqZ4WFH9V09tCrT36
bqLJyZGD4YH0kwmTi03lDjIVSx3yAFf9isaSIm1+RvtIdj8U1la84JkztbOoTAVX
UoZPPL99eDsJjm1Da2L1uXAHIKlFLC1JPVhj1nKQRJa+BU3lJlRWhPDhytDn4FBp
LvQV63n9oTkX3Ta9ikCeRCiVXL68nxKvLlKYrMIwC2ShpN3dqIIvu2mnUbD0Dv4p
Ck6jYZJCdJXk4n437SKH7YpzqNQBxEqZcEyYdvmGR7soA9S8qyVh8BXPDmPdKQoH
2lR6gecqE0VPL1RytXs33HESrQ/YiUbQpFXFGcEGK0VQVQcauzA2kEhhzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKfRGq0SayxL/Ms/Z7od8U8q7L2NMB8GA1UdIwQY
MBaAFFgBYR6Aut5AL71g54bzT7cXLSJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZmRjNjktNjRjMi00YjQ3LWE0Zjgt
YWIzOWJlNjU2MDU3LzEvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZmRjNjktNjRjMi00YjQ3LWE0ZjgtYWIzOWJlNjU2MDU3
LzEvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAauSX8Uj+
mX/IEcacHGdIWfzhyLmXyFaZ6qCVYLHdLVOYRFO+hW6ERhvDNTJ4UmY1GqAiwsSl
0nLaR36In8mSuJlOzHNTAwdGytMOWjufLyLgcM24f2Vj7iqZNohBgO8sBeKrqQBM
+jf1n6/nYaSSu2wJl3riXBTAd2/iZr3nrymlfUU4xm7EL38hBqD2TvFN0HPdLCob
vpfoh64iq15CiXZTrV6djFihASqU9FJbN3WXlmx1gSt994LuoVNGjTL7E38gD1ut
RGf0tE31wVJGFbhf+9SSsxWPIeEDKVLfC7mK3Ucat/bb02JWY22op2KuHK8qFfv8
NSKK4skJezn3dw==
-----END CERTIFICATE-----