Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.mft
File:                     biw-HNO4VNZu9GxWd-9y0sWjZpc.mft (raw, json)
Hash identifier:          st68vE1fEJa16hCl4Xxx+RRcjH3aH5p+O8dbQxqMLl4=
Subject key identifier:   62:3A:8A:F1:29:AA:E4:89:F7:C8:25:64:16:25:55:43:45:95:CD:54
Authority key identifier: 6E:2C:3E:1C:D3:B8:54:D6:6E:F4:6C:56:77:EF:72:D2:C5:A3:66:97
Certificate issuer:       /CN=6e2c3e1cd3b854d66ef46c5677ef72d2c5a36697
Certificate serial:       019D378947ABBF00C713110CF7C69F50832B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/biw-HNO4VNZu9GxWd-9y0sWjZpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.mft
Manifest number:          0A48
Signing time:             Sun 29 Mar 2026 03:00:36 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:36 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:36 +0000
Files and hashes:         1: biw-HNO4VNZu9GxWd-9y0sWjZpc.crl (hash: VNESV4boO1vfKaNKiZtwWrWoAAlWAq+tHz+jmRhxVSE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/biw-HNO4VNZu9GxWd-9y0sWjZpc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:47:ab:bf:00:c7:13:11:0c:f7:c6:9f:50:83:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e2c3e1cd3b854d66ef46c5677ef72d2c5a36697
        Validity
            Not Before: Mar 29 03:00:36 2026 GMT
            Not After : Mar 30 03:00:36 2026 GMT
        Subject: CN=623a8af129aae489f7c82564162555434595cd54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:36:af:8d:74:30:ff:8f:eb:82:78:45:5b:6b:
                    ac:d3:a3:75:80:3a:b8:1b:7e:f1:29:2d:34:ce:71:
                    c0:ef:42:29:b0:1b:73:6f:ec:bc:95:4f:5d:dd:0c:
                    c5:06:79:33:0f:96:90:4d:16:d2:a1:e5:f0:14:ae:
                    89:4b:cb:cd:fb:ea:66:ad:5b:df:87:02:11:ec:d5:
                    b8:27:8e:aa:54:dc:1c:4c:aa:64:90:49:97:c8:88:
                    52:39:9e:b5:1b:c2:02:11:e2:41:73:2f:95:02:be:
                    e6:9c:7a:7f:b5:55:8e:ea:8e:b7:d4:58:0e:2e:19:
                    bb:22:6d:4e:23:9c:3c:91:06:45:a7:2b:1e:6b:37:
                    a2:d8:b3:b9:90:aa:73:ef:b3:cf:68:f6:8a:4f:1e:
                    45:46:f6:1b:0e:30:18:c2:11:c2:e3:b7:b1:54:08:
                    97:51:2b:bd:1a:74:6b:ef:e1:19:d7:34:f1:72:6c:
                    c9:22:df:24:8e:ef:94:d8:0d:d4:29:34:34:14:53:
                    92:57:7f:c2:af:80:96:bd:91:e8:b9:46:c7:2b:84:
                    17:d1:f0:97:a3:ea:cb:79:66:14:cb:fe:9e:04:e1:
                    89:c3:0f:31:0a:18:2b:46:a6:79:25:47:a0:3b:eb:
                    08:29:17:b8:60:8b:19:f4:d1:74:68:c9:65:01:33:
                    c4:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:3A:8A:F1:29:AA:E4:89:F7:C8:25:64:16:25:55:43:45:95:CD:54
            X509v3 Authority Key Identifier:
                keyid:6E:2C:3E:1C:D3:B8:54:D6:6E:F4:6C:56:77:EF:72:D2:C5:A3:66:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/biw-HNO4VNZu9GxWd-9y0sWjZpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:91:b9:fa:f2:75:fa:a0:8c:97:99:84:5f:e7:20:48:c3:8f:
         b7:18:ad:bc:34:16:8d:f9:2d:3b:dc:d3:18:1f:66:3b:1c:c6:
         52:1d:3b:3c:a8:92:e7:af:47:2d:20:c7:d1:df:cd:8a:2c:b2:
         c3:c9:72:1a:3c:5c:8d:3d:92:79:6e:a1:c5:93:79:fa:aa:12:
         e0:46:62:01:e4:5d:c7:8c:a0:24:ba:b1:e8:45:c1:04:0a:88:
         d0:e8:67:9a:9a:6a:3e:69:66:a0:da:90:3f:06:e1:23:79:77:
         c9:37:83:31:d9:97:02:68:c8:82:07:af:dc:0a:8e:91:7d:bd:
         72:dc:bd:04:fc:a3:ad:9f:a2:12:2f:67:85:30:c5:08:d4:ce:
         db:5b:ed:41:1b:a3:34:c7:5b:28:77:ec:ab:5a:2c:56:37:65:
         b9:0c:b3:eb:e9:14:61:fb:6f:8f:13:e4:78:e3:49:a8:05:38:
         61:dc:8a:5d:e9:e8:e8:9d:99:87:b9:39:49:f8:d7:61:43:b0:
         a5:b1:bd:e9:42:ba:d9:df:a0:28:4d:8d:7a:59:18:be:23:e3:
         fa:81:b5:27:39:b1:3b:c8:ff:5c:99:0e:24:89:5c:2a:bb:14:
         e9:4a:4f:c0:af:f7:4d:51:59:04:23:1a:2e:12:fa:7f:a0:3e:
         4b:f9:f9:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iUervwDHExEM98afUIMrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMmMzZTFjZDNiODU0ZDY2ZWY0NmM1Njc3ZWY3MmQyYzVh
MzY2OTcwHhcNMjYwMzI5MDMwMDM2WhcNMjYwMzMwMDMwMDM2WjAzMTEwLwYDVQQD
Eyg2MjNhOGFmMTI5YWFlNDg5ZjdjODI1NjQxNjI1NTU0MzQ1OTVjZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zavjXQw/4/rgnhFW2us06N1gDq4
G37xKS00znHA70IpsBtzb+y8lU9d3QzFBnkzD5aQTRbSoeXwFK6JS8vN++pmrVvf
hwIR7NW4J46qVNwcTKpkkEmXyIhSOZ61G8ICEeJBcy+VAr7mnHp/tVWO6o631FgO
Lhm7Im1OI5w8kQZFpyseazei2LO5kKpz77PPaPaKTx5FRvYbDjAYwhHC47exVAiX
USu9GnRr7+EZ1zTxcmzJIt8kju+U2A3UKTQ0FFOSV3/Cr4CWvZHouUbHK4QX0fCX
o+rLeWYUy/6eBOGJww8xChgrRqZ5JUegO+sIKRe4YIsZ9NF0aMllATPEcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGI6ivEpquSJ98glZBYlVUNFlc1UMB8GA1UdIwQY
MBaAFG4sPhzTuFTWbvRsVnfvctLFo2aXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYml3LUhOTzRWTlp1OUd4V2QtOXkwc1dqWnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNTkwZmItYjA1ZS00NDQxLWFkZDEt
ZjgzNTViNzhkYjI0LzEvYml3LUhOTzRWTlp1OUd4V2QtOXkwc1dqWnBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNTkwZmItYjA1ZS00NDQxLWFkZDEtZjgzNTViNzhkYjI0
LzEvYml3LUhOTzRWTlp1OUd4V2QtOXkwc1dqWnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK5G5+vJ1
+qCMl5mEX+cgSMOPtxitvDQWjfktO9zTGB9mOxzGUh07PKiS569HLSDH0d/Niiyy
w8lyGjxcjT2SeW6hxZN5+qoS4EZiAeRdx4ygJLqx6EXBBAqI0OhnmppqPmlmoNqQ
PwbhI3l3yTeDMdmXAmjIggev3AqOkX29cty9BPyjrZ+iEi9nhTDFCNTO21vtQRuj
NMdbKHfsq1osVjdluQyz6+kUYftvjxPkeONJqAU4YdyKXeno6J2Zh7k5SfjXYUOw
pbG96UK62d+gKE2NelkYviPj+oG1JzmxO8j/XJkOJIlcKrsU6UpPwK/3TVFZBCMa
LhL6f6A+S/n57A==
-----END CERTIFICATE-----