Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
File:                     WAFhHoC63kAvvWDnhvNPtxctIlo.mft (raw, json)
Hash identifier:          4oXakGncmdN6j6J3SI/9a9CQTYSoJbnDTPKtx8+n/QM=
Subject key identifier:   DE:D8:AE:80:57:C0:C5:43:90:BA:28:3B:E5:6E:F0:E1:8B:8A:8D:1D
Authority key identifier: 58:01:61:1E:80:BA:DE:40:2F:BD:60:E7:86:F3:4F:B7:17:2D:22:5A
Certificate issuer:       /CN=5801611e80bade402fbd60e786f34fb7172d225a
Certificate serial:       019D3940E5F500580407774BF54B7CD8DF2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
Manifest number:          15EF
Signing time:             Sun 29 Mar 2026 11:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:47 +0000
Files and hashes:         1: WAFhHoC63kAvvWDnhvNPtxctIlo.crl (hash: CbDbx3eLZFYUt4fnxi3+FWCtx7UWBHmsdTGyAvd6KbY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:e5:f5:00:58:04:07:77:4b:f5:4b:7c:d8:df:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5801611e80bade402fbd60e786f34fb7172d225a
        Validity
            Not Before: Mar 29 11:00:47 2026 GMT
            Not After : Mar 30 11:00:47 2026 GMT
        Subject: CN=ded8ae8057c0c54390ba283be56ef0e18b8a8d1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:36:16:82:f1:4f:7e:69:56:95:13:30:66:84:
                    9f:73:85:d7:9d:93:fd:23:c6:e0:2a:75:0b:33:29:
                    32:14:e9:13:e3:26:8e:8a:72:2a:b2:7a:09:0a:6c:
                    83:8b:94:c4:cf:c7:90:c8:59:df:49:e4:c9:b8:d4:
                    fe:c0:58:5a:43:88:1b:fa:da:f1:51:8f:fc:ee:d5:
                    0a:2f:c0:49:9f:5d:a4:fe:b9:76:e6:23:01:a7:0e:
                    f7:cf:76:a3:aa:c8:91:20:65:5d:f0:da:49:51:c4:
                    3d:2a:48:b4:cc:8e:ef:19:39:11:0f:c9:91:74:0c:
                    e1:ae:b1:6d:d8:47:bb:50:f4:cc:9a:58:c0:3b:b8:
                    cf:00:23:fb:3b:d0:c8:8e:e6:ca:99:9b:e6:ea:3c:
                    c2:fe:ac:2a:3d:71:7d:3f:dd:0e:55:ec:86:33:52:
                    29:99:5d:03:47:3f:b9:43:4b:fe:fd:3d:f1:27:f3:
                    2b:78:d1:1e:ff:75:b2:5d:48:cb:fc:27:da:d6:c8:
                    64:c5:a2:fc:f5:53:7b:c5:e8:fd:7e:2a:3b:f5:18:
                    7d:2f:c3:c6:68:26:c2:81:4b:ab:7d:fe:ac:2f:99:
                    2c:f8:a4:57:69:63:32:30:e6:e8:0c:03:c9:04:31:
                    ea:d0:42:28:1b:b8:26:5c:96:10:05:28:5d:01:12:
                    cf:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:D8:AE:80:57:C0:C5:43:90:BA:28:3B:E5:6E:F0:E1:8B:8A:8D:1D
            X509v3 Authority Key Identifier:
                keyid:58:01:61:1E:80:BA:DE:40:2F:BD:60:E7:86:F3:4F:B7:17:2D:22:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:da:f4:97:f5:67:ed:c5:45:0d:19:e8:b6:e8:c2:f2:05:9f:
         27:ca:49:33:62:6c:7d:c0:91:61:3f:2f:cc:2f:04:c1:88:8d:
         f9:3d:81:9d:28:fb:bd:bb:01:55:cb:74:b1:fe:9f:65:64:d5:
         be:5b:be:53:44:15:2f:22:69:7f:fa:76:71:07:a1:ba:fe:9a:
         9e:d7:22:b9:8e:90:e7:b6:23:5c:32:4e:87:9d:22:14:9c:ea:
         85:98:87:a9:ca:bd:1f:74:60:79:6b:9d:ff:be:36:cd:06:d7:
         b6:ea:70:5c:7c:77:d4:00:1d:e7:54:24:84:04:1a:4c:6e:18:
         89:dc:58:25:90:1b:08:35:19:43:30:9b:eb:b4:f0:93:e3:33:
         60:d9:39:7e:49:35:9a:6f:1b:a9:b8:43:a1:1d:63:8d:5b:3c:
         18:2f:de:e6:8b:e4:a1:67:90:45:96:91:6f:10:be:a6:61:8e:
         6e:b0:2d:05:15:ae:e0:81:78:a3:51:cb:77:16:4a:ff:53:99:
         24:90:78:a8:a2:ea:85:c3:ac:6f:94:cc:a6:57:7c:01:23:cd:
         2a:64:c8:44:b8:c2:da:84:50:e4:2a:bd:d0:cf:fe:2d:a6:27:
         a0:fb:90:da:34:42:41:bd:4c:7d:fe:5f:df:d3:e1:e9:2d:19:
         24:a8:70:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QOX1AFgEB3dL9Ut82N8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE2MTFlODBiYWRlNDAyZmJkNjBlNzg2ZjM0ZmI3MTcy
ZDIyNWEwHhcNMjYwMzI5MTEwMDQ3WhcNMjYwMzMwMTEwMDQ3WjAzMTEwLwYDVQQD
EyhkZWQ4YWU4MDU3YzBjNTQzOTBiYTI4M2JlNTZlZjBlMThiOGE4ZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzYWgvFPfmlWlRMwZoSfc4XXnZP9
I8bgKnULMykyFOkT4yaOinIqsnoJCmyDi5TEz8eQyFnfSeTJuNT+wFhaQ4gb+trx
UY/87tUKL8BJn12k/rl25iMBpw73z3ajqsiRIGVd8NpJUcQ9Kki0zI7vGTkRD8mR
dAzhrrFt2Ee7UPTMmljAO7jPACP7O9DIjubKmZvm6jzC/qwqPXF9P90OVeyGM1Ip
mV0DRz+5Q0v+/T3xJ/MreNEe/3WyXUjL/Cfa1shkxaL89VN7xej9fio79Rh9L8PG
aCbCgUurff6sL5ks+KRXaWMyMOboDAPJBDHq0EIoG7gmXJYQBShdARLPQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN7YroBXwMVDkLooO+Vu8OGLio0dMB8GA1UdIwQY
MBaAFFgBYR6Aut5AL71g54bzT7cXLSJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZmRjNjktNjRjMi00YjQ3LWE0Zjgt
YWIzOWJlNjU2MDU3LzEvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZmRjNjktNjRjMi00YjQ3LWE0ZjgtYWIzOWJlNjU2MDU3
LzEvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADdr0l/Vn
7cVFDRnotujC8gWfJ8pJM2JsfcCRYT8vzC8EwYiN+T2BnSj7vbsBVct0sf6fZWTV
vlu+U0QVLyJpf/p2cQehuv6antciuY6Q57YjXDJOh50iFJzqhZiHqcq9H3RgeWud
/742zQbXtupwXHx31AAd51QkhAQaTG4YidxYJZAbCDUZQzCb67Twk+MzYNk5fkk1
mm8bqbhDoR1jjVs8GC/e5ovkoWeQRZaRbxC+pmGObrAtBRWu4IF4o1HLdxZK/1OZ
JJB4qKLqhcOsb5TMpld8ASPNKmTIRLjC2oRQ5Cq90M/+LaYnoPuQ2jRCQb1Mff5f
39Ph6S0ZJKhwWA==
-----END CERTIFICATE-----