Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
File:                     WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json)
Hash identifier:          riqF8MpU/D+1xGUKhZ5en0SEK+f9YEEXu+Dnd5N1iSw=
Subject key identifier:   4A:7A:82:1F:6F:72:A9:B9:FB:81:E0:31:68:1B:52:F5:62:72:EF:E9
Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1
Certificate issuer:       /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
Certificate serial:       019D37C0C0E6F6A51C76062CD67BE4936186
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
Manifest number:          16B4
Signing time:             Sun 29 Mar 2026 04:01:12 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:12 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:12 +0000
Files and hashes:         1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: /l68zrvkZvUuvT7+bhz+y0ZdIiYnoGi/r6U0t/xbmhM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:c0:e6:f6:a5:1c:76:06:2c:d6:7b:e4:93:61:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
        Validity
            Not Before: Mar 29 04:01:12 2026 GMT
            Not After : Mar 30 04:01:12 2026 GMT
        Subject: CN=4a7a821f6f72a9b9fb81e031681b52f56272efe9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:56:e9:b8:41:6a:d1:54:77:15:b0:31:07:61:
                    7b:84:e4:5d:fe:fc:52:a9:ce:51:0c:ba:6c:5f:34:
                    93:50:ce:f3:3b:01:74:8d:03:57:c9:5a:d1:1c:d1:
                    a7:4c:fc:9d:8c:35:0b:3f:47:7a:21:93:d8:5f:0c:
                    fe:f0:0d:e1:2b:fb:1a:51:c8:33:e8:b1:89:5a:77:
                    71:06:b7:2b:5f:39:56:1c:1c:96:4d:b3:e2:25:d5:
                    b0:f0:72:7d:7a:7e:56:32:cb:de:30:4a:51:3a:ce:
                    ad:d4:8d:a6:4f:4c:8d:d9:00:ee:bb:c6:1a:16:49:
                    2c:14:8b:9e:ae:24:aa:83:01:3a:e3:a1:85:d7:4f:
                    f5:a7:f9:19:81:7c:f5:6d:ef:23:db:03:c2:f1:1b:
                    04:3c:80:f3:66:ab:d8:81:2a:cc:5b:34:43:8f:3b:
                    e4:9c:f9:38:97:e5:ee:b7:10:1c:15:05:4f:55:50:
                    f7:c6:07:41:1c:d4:85:c4:ed:66:ab:d1:06:1d:44:
                    c7:ac:75:84:8d:19:58:b9:19:db:5c:30:b2:76:6b:
                    3b:2f:4f:de:6b:4b:a3:eb:1f:69:23:7e:c4:c7:39:
                    02:56:7c:e3:3b:82:1a:2f:fa:e9:09:96:77:5c:74:
                    12:3d:42:5e:a0:8d:46:e5:c7:43:24:39:0f:47:3e:
                    18:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:7A:82:1F:6F:72:A9:B9:FB:81:E0:31:68:1B:52:F5:62:72:EF:E9
            X509v3 Authority Key Identifier:
                keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:5d:6d:6b:fe:34:1a:e5:25:c5:7b:a1:6e:9d:96:6a:80:be:
         3e:6a:29:13:cc:5b:e0:93:57:43:2b:6b:1b:06:fe:f0:8d:f1:
         4c:69:79:48:a9:d4:66:b9:49:ba:b2:d8:45:c2:ac:41:70:57:
         23:31:93:73:d7:d7:34:4b:83:88:5c:94:cf:6b:3e:9a:f6:92:
         13:41:20:a4:ed:e7:64:00:d0:c9:2c:19:e7:6a:ca:86:bb:6e:
         c5:78:ed:f2:0c:7d:b4:20:91:c0:09:60:39:62:51:ce:40:45:
         e2:ee:bc:ec:84:fd:04:29:49:cc:e6:66:fa:e0:e6:06:21:5f:
         73:a3:2d:3c:82:bf:f1:7d:15:b8:20:ce:bd:9f:c2:a1:d3:47:
         3d:ba:44:82:37:ac:ec:1c:ba:3c:0f:d0:59:a3:df:4b:a0:3f:
         11:97:fb:fa:75:fa:30:e0:ca:e8:0f:9d:79:5b:19:ee:72:c8:
         4a:b9:51:a3:58:01:1f:c1:04:fc:2c:30:0a:a4:25:5e:5f:da:
         a7:9b:6d:3b:38:08:2d:05:dc:64:ec:04:c6:a7:f2:d7:f0:2e:
         27:a8:38:dc:9b:8e:bf:a8:a9:68:29:e3:27:94:06:81:e7:35:
         bb:c9:99:9e:62:b8:f0:11:8e:a1:94:0b:2e:d8:56:e7:29:b0:
         20:7a:51:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wMDm9qUcdgYs1nvkk2GGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi
OTg0YjEwHhcNMjYwMzI5MDQwMTEyWhcNMjYwMzMwMDQwMTEyWjAzMTEwLwYDVQQD
Eyg0YTdhODIxZjZmNzJhOWI5ZmI4MWUwMzE2ODFiNTJmNTYyNzJlZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1bpuEFq0VR3FbAxB2F7hORd/vxS
qc5RDLpsXzSTUM7zOwF0jQNXyVrRHNGnTPydjDULP0d6IZPYXwz+8A3hK/saUcgz
6LGJWndxBrcrXzlWHByWTbPiJdWw8HJ9en5WMsveMEpROs6t1I2mT0yN2QDuu8Ya
FkksFIueriSqgwE646GF10/1p/kZgXz1be8j2wPC8RsEPIDzZqvYgSrMWzRDjzvk
nPk4l+XutxAcFQVPVVD3xgdBHNSFxO1mq9EGHUTHrHWEjRlYuRnbXDCydms7L0/e
a0uj6x9pI37ExzkCVnzjO4IaL/rpCZZ3XHQSPUJeoI1G5cdDJDkPRz4YBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEp6gh9vcqm5+4HgMWgbUvVicu/pMB8GA1UdIwQY
MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct
MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2
LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU11ta/40
GuUlxXuhbp2WaoC+PmopE8xb4JNXQytrGwb+8I3xTGl5SKnUZrlJurLYRcKsQXBX
IzGTc9fXNEuDiFyUz2s+mvaSE0EgpO3nZADQySwZ52rKhrtuxXjt8gx9tCCRwAlg
OWJRzkBF4u687IT9BClJzOZm+uDmBiFfc6MtPIK/8X0VuCDOvZ/CodNHPbpEgjes
7By6PA/QWaPfS6A/EZf7+nX6MODK6A+deVsZ7nLISrlRo1gBH8EE/CwwCqQlXl/a
p5ttOzgILQXcZOwExqfy1/AuJ6g43JuOv6ipaCnjJ5QGgec1u8mZnmK48BGOoZQL
LthW5ymwIHpR4g==
-----END CERTIFICATE-----