Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
File:                     w9bWn9WH0FQXblPRknJoI2GxZzY.mft (raw, json)
Hash identifier:          doZSWKXdwAjVsUAmGrwvW5+mitM/r66KwcKKOWN81IA=
Subject key identifier:   81:6F:7D:60:DB:AE:67:3A:B8:7F:9D:47:C9:E0:EC:70:E8:A8:B4:95
Authority key identifier: C3:D6:D6:9F:D5:87:D0:54:17:6E:53:D1:92:72:68:23:61:B1:67:36
Certificate issuer:       /CN=c3d6d69fd587d054176e53d19272682361b16736
Certificate serial:       019D38668A58D25B29B2FE669344E1C1BFEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:02:17 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:17 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:17 +0000
Files and hashes:         1: w9bWn9WH0FQXblPRknJoI2GxZzY.crl (hash: xVwX9cAtWrKTT9WB16kUFyHNYQ59lJZqTjDi4X3B+Nk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:8a:58:d2:5b:29:b2:fe:66:93:44:e1:c1:bf:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3d6d69fd587d054176e53d19272682361b16736
        Validity
            Not Before: Mar 29 07:02:17 2026 GMT
            Not After : Mar 30 07:02:17 2026 GMT
        Subject: CN=816f7d60dbae673ab87f9d47c9e0ec70e8a8b495
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:57:08:eb:bb:b0:7a:ec:2d:9b:40:2e:1c:12:
                    50:94:ca:b2:7b:93:cc:90:a9:21:73:10:c4:7a:ec:
                    67:fe:e6:1b:a6:c9:02:94:eb:c2:3f:90:f8:74:9b:
                    bc:83:f0:cb:19:e5:fe:dc:9e:9d:d9:7e:c6:0b:83:
                    96:66:69:82:9a:9b:e4:cd:35:2a:78:93:87:c1:79:
                    96:f4:86:be:4b:80:43:bc:80:ff:31:3f:06:6d:1b:
                    be:f4:62:fe:d7:dc:8f:64:f7:7f:34:42:29:2a:f1:
                    66:2b:b9:3b:22:81:89:42:2d:92:a7:76:e8:d1:cd:
                    b6:68:00:e6:38:42:d4:99:51:ca:61:93:4f:06:91:
                    94:23:77:95:83:95:4d:ac:9b:52:b8:66:22:d0:d7:
                    71:fe:5b:4e:70:d9:b8:87:7c:50:22:b0:21:4a:f5:
                    e5:9b:ab:f6:68:7f:d5:83:ef:80:02:45:b7:de:27:
                    d9:7c:87:a9:a4:e5:33:28:45:09:8e:af:d3:9a:b1:
                    71:3d:b9:0c:a7:d5:e8:9d:c4:7a:25:03:1f:9b:49:
                    f3:49:44:41:5c:3b:2b:bc:39:2e:9e:03:da:81:76:
                    6a:d2:7b:3f:f4:99:15:a9:de:3a:c6:ef:c8:7d:ad:
                    88:76:a2:91:3c:ae:ae:78:d7:09:47:52:85:84:48:
                    2e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:6F:7D:60:DB:AE:67:3A:B8:7F:9D:47:C9:E0:EC:70:E8:A8:B4:95
            X509v3 Authority Key Identifier:
                keyid:C3:D6:D6:9F:D5:87:D0:54:17:6E:53:D1:92:72:68:23:61:B1:67:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:e1:ac:85:d6:59:f1:26:5c:8b:e9:d9:f0:d1:cd:2f:b1:6f:
         6e:82:39:66:16:93:fa:84:8b:67:74:33:3c:5d:14:7e:79:f5:
         fe:86:35:93:84:2f:05:55:b4:d8:33:d7:95:85:6a:64:7d:bd:
         bd:60:39:e0:67:de:e0:4b:43:9f:78:d6:37:cc:a2:11:f7:d8:
         5c:3f:03:ec:8d:95:20:ac:4b:18:28:a1:74:d5:2a:33:f8:20:
         4e:96:34:9a:51:b7:12:40:bd:c8:83:f8:75:a4:16:36:fd:ed:
         e2:98:4c:53:c6:1d:c9:a3:49:e3:8e:1d:85:46:12:63:12:aa:
         e7:d6:04:d7:92:b3:61:eb:6c:c3:50:6c:17:7a:61:e7:c1:44:
         96:b7:f9:0a:a5:90:19:e3:2a:d7:3e:b3:bb:5d:06:15:ac:d2:
         12:49:0b:37:17:45:07:6c:f5:90:82:a4:72:26:42:96:bb:af:
         5f:44:92:52:fd:9c:3d:d0:80:4d:b4:f0:46:7c:22:99:b6:0c:
         f3:de:15:af:bd:e7:18:fc:96:c5:5b:93:13:ff:79:0f:f5:19:
         9e:f3:bc:bd:f1:4f:fa:7c:ff:73:12:00:79:19:4c:94:26:aa:
         44:77:d5:f2:0b:0e:00:2c:e7:2f:ea:b8:9b:85:67:8a:e5:22:
         5d:85:19:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZopY0lspsv5mk0Thwb/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZDZkNjlmZDU4N2QwNTQxNzZlNTNkMTkyNzI2ODIzNjFi
MTY3MzYwHhcNMjYwMzI5MDcwMjE3WhcNMjYwMzMwMDcwMjE3WjAzMTEwLwYDVQQD
Eyg4MTZmN2Q2MGRiYWU2NzNhYjg3ZjlkNDdjOWUwZWM3MGU4YThiNDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1cI67uweuwtm0AuHBJQlMqye5PM
kKkhcxDEeuxn/uYbpskClOvCP5D4dJu8g/DLGeX+3J6d2X7GC4OWZmmCmpvkzTUq
eJOHwXmW9Ia+S4BDvID/MT8GbRu+9GL+19yPZPd/NEIpKvFmK7k7IoGJQi2Sp3bo
0c22aADmOELUmVHKYZNPBpGUI3eVg5VNrJtSuGYi0Ndx/ltOcNm4h3xQIrAhSvXl
m6v2aH/Vg++AAkW33ifZfIeppOUzKEUJjq/TmrFxPbkMp9XoncR6JQMfm0nzSURB
XDsrvDkungPagXZq0ns/9JkVqd46xu/Ifa2IdqKRPK6ueNcJR1KFhEguSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIFvfWDbrmc6uH+dR8ng7HDoqLSVMB8GA1UdIwQY
MBaAFMPW1p/Vh9BUF25T0ZJyaCNhsWc2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kNzc0YmYtMDBmZS00Mzc5LWFkMjQt
Y2EwODM2MzE4OTk1LzEvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kNzc0YmYtMDBmZS00Mzc5LWFkMjQtY2EwODM2MzE4OTk1
LzEvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiOGshdZZ
8SZci+nZ8NHNL7FvboI5ZhaT+oSLZ3QzPF0Ufnn1/oY1k4QvBVW02DPXlYVqZH29
vWA54Gfe4EtDn3jWN8yiEffYXD8D7I2VIKxLGCihdNUqM/ggTpY0mlG3EkC9yIP4
daQWNv3t4phMU8YdyaNJ444dhUYSYxKq59YE15KzYetsw1BsF3ph58FElrf5CqWQ
GeMq1z6zu10GFazSEkkLNxdFB2z1kIKkciZClruvX0SSUv2cPdCATbTwRnwimbYM
894Vr73nGPyWxVuTE/95D/UZnvO8vfFP+nz/cxIAeRlMlCaqRHfV8gsOACznL+q4
m4VniuUiXYUZpQ==
-----END CERTIFICATE-----