Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
File:                     w9bWn9WH0FQXblPRknJoI2GxZzY.mft (raw, json)
Hash identifier:          jS3tEby0fvyZc+qw6Y0B+r6/L2SsV1tYWE/dIBr1LWI=
Subject key identifier:   28:AC:5F:36:0D:26:E0:61:09:F0:63:D2:25:51:0A:4F:3F:C0:35:47
Authority key identifier: C3:D6:D6:9F:D5:87:D0:54:17:6E:53:D1:92:72:68:23:61:B1:67:36
Certificate issuer:       /CN=c3d6d69fd587d054176e53d19272682361b16736
Certificate serial:       019EB6C584A6FE2A94D8E6CA83FE572437F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
Manifest number:          1951
Signing time:             Thu 11 Jun 2026 13:00:58 +0000
Manifest this update:     Thu 11 Jun 2026 13:00:58 +0000
Manifest next update:     Fri 12 Jun 2026 13:00:58 +0000
Files and hashes:         1: w9bWn9WH0FQXblPRknJoI2GxZzY.crl (hash: YwP3YtyYCEhUGuetAI/oq0VqR11RuqZ7Rng07LeojAY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Jun 2026 13:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:b6:c5:84:a6:fe:2a:94:d8:e6:ca:83:fe:57:24:37:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3d6d69fd587d054176e53d19272682361b16736
        Validity
            Not Before: Jun 11 13:00:58 2026 GMT
            Not After : Jun 12 13:00:58 2026 GMT
        Subject: CN=28ac5f360d26e06109f063d225510a4f3fc03547
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:a1:ba:97:2c:ac:48:f2:2b:08:8c:83:5b:30:
                    78:03:58:31:68:28:74:88:9d:a8:ff:da:89:56:f2:
                    73:42:f7:82:64:af:ca:53:07:12:67:d1:66:bf:2a:
                    83:31:70:07:98:ac:79:e9:52:2b:e4:04:c5:09:dd:
                    d2:f6:10:b9:f7:48:02:a4:e0:d3:16:e3:13:a6:a5:
                    5e:30:3d:54:f3:8d:82:a1:d1:b9:a6:a8:b6:74:d6:
                    af:4c:4e:99:8f:a2:06:40:c5:02:97:a8:40:0e:af:
                    19:8d:4b:80:d4:0a:26:bc:a2:f9:66:d0:be:18:ac:
                    7c:b3:dc:aa:e2:e5:f9:ed:7d:9a:ab:1c:a8:f3:c1:
                    46:99:14:8e:16:29:73:e3:62:97:91:80:89:ee:4f:
                    5a:ec:65:ca:6f:4c:8b:5f:3d:ae:75:6c:6f:69:ae:
                    6c:d5:20:f8:4a:f8:0a:cf:6a:8c:40:fc:0f:9d:e7:
                    8e:9e:6c:ce:9f:fb:19:19:de:b0:50:58:b6:14:c8:
                    04:2d:ff:c0:11:92:b7:81:b0:22:e9:f1:b7:e2:e8:
                    aa:e5:3b:de:38:a3:50:f8:00:6a:77:dd:c0:73:23:
                    aa:0d:d1:53:bb:f5:ab:f6:6d:a5:5d:7d:22:8b:f8:
                    af:5e:d6:98:ee:82:b4:bf:36:c1:b4:6b:1a:c8:88:
                    3b:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:AC:5F:36:0D:26:E0:61:09:F0:63:D2:25:51:0A:4F:3F:C0:35:47
            X509v3 Authority Key Identifier:
                keyid:C3:D6:D6:9F:D5:87:D0:54:17:6E:53:D1:92:72:68:23:61:B1:67:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:08:bf:e1:1a:01:07:03:d4:53:f3:07:e2:e6:ac:ff:bb:74:
         72:1f:18:ff:02:03:c8:d8:23:a3:3f:ad:2a:a3:68:b6:40:9d:
         06:e1:96:a8:c7:fc:71:99:38:e9:54:67:33:1b:a8:57:d0:17:
         89:c8:0c:9a:34:97:2c:5c:1c:e1:0d:ab:6b:48:df:1e:1e:82:
         e5:3a:ef:23:8e:56:90:76:2a:14:81:71:31:14:a7:bd:61:0e:
         4d:e4:2b:be:ba:fa:fb:b2:a9:3c:3e:e4:9b:1b:59:f5:33:f1:
         0d:ce:99:27:c1:82:05:fc:16:01:c0:84:83:e0:2a:ef:b3:37:
         f7:c5:bd:13:8a:ef:d2:be:62:24:25:79:02:d7:63:f7:7b:a9:
         d6:84:84:06:76:2c:22:21:a1:c3:e0:44:69:79:dd:4d:6e:40:
         80:cb:9b:ed:37:a8:f1:b5:00:c5:5b:3e:b9:bf:ab:e6:33:5e:
         df:01:ee:36:06:15:d8:db:a0:9c:fd:12:3b:93:20:54:64:d5:
         cf:6b:3d:91:e6:2f:6c:3f:bb:83:36:7a:70:d6:7a:98:14:38:
         60:b8:ad:35:55:59:da:ab:c5:87:b0:bb:cd:4f:fd:49:23:92:
         cf:92:39:02:0b:b5:68:ce:3d:88:28:db:20:e0:1a:64:2e:00:
         84:df:ba:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ62xYSm/iqU2ObKg/5XJDf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZDZkNjlmZDU4N2QwNTQxNzZlNTNkMTkyNzI2ODIzNjFi
MTY3MzYwHhcNMjYwNjExMTMwMDU4WhcNMjYwNjEyMTMwMDU4WjAzMTEwLwYDVQQD
EygyOGFjNWYzNjBkMjZlMDYxMDlmMDYzZDIyNTUxMGE0ZjNmYzAzNTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqG6lyysSPIrCIyDWzB4A1gxaCh0
iJ2o/9qJVvJzQveCZK/KUwcSZ9FmvyqDMXAHmKx56VIr5ATFCd3S9hC590gCpODT
FuMTpqVeMD1U842CodG5pqi2dNavTE6Zj6IGQMUCl6hADq8ZjUuA1AomvKL5ZtC+
GKx8s9yq4uX57X2aqxyo88FGmRSOFilz42KXkYCJ7k9a7GXKb0yLXz2udWxvaa5s
1SD4SvgKz2qMQPwPneeOnmzOn/sZGd6wUFi2FMgELf/AEZK3gbAi6fG34uiq5Tve
OKNQ+ABqd93AcyOqDdFTu/Wr9m2lXX0ii/ivXtaY7oK0vzbBtGsayIg7WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCisXzYNJuBhCfBj0iVRCk8/wDVHMB8GA1UdIwQY
MBaAFMPW1p/Vh9BUF25T0ZJyaCNhsWc2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kNzc0YmYtMDBmZS00Mzc5LWFkMjQt
Y2EwODM2MzE4OTk1LzEvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kNzc0YmYtMDBmZS00Mzc5LWFkMjQtY2EwODM2MzE4OTk1
LzEvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApgi/4RoB
BwPUU/MH4uas/7t0ch8Y/wIDyNgjoz+tKqNotkCdBuGWqMf8cZk46VRnMxuoV9AX
icgMmjSXLFwc4Q2ra0jfHh6C5TrvI45WkHYqFIFxMRSnvWEOTeQrvrr6+7KpPD7k
mxtZ9TPxDc6ZJ8GCBfwWAcCEg+Aq77M398W9E4rv0r5iJCV5Atdj93up1oSEBnYs
IiGhw+BEaXndTW5AgMub7Teo8bUAxVs+ub+r5jNe3wHuNgYV2NugnP0SO5MgVGTV
z2s9keYvbD+7gzZ6cNZ6mBQ4YLitNVVZ2qvFh7C7zU/9SSOSz5I5Agu1aM49iCjb
IOAaZC4AhN+66g==
-----END CERTIFICATE-----