Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft
File:                     WKNa-48AdsEVWKz_QGPy9YooF8o.mft (raw, json)
Hash identifier:          b3rCZ9dKA5WTP75151KEtmSECRXSe1drUaRzzbgn1kw=
Subject key identifier:   79:17:41:75:2E:34:01:11:B9:78:7A:78:2B:15:1D:A6:71:E1:BF:9B
Authority key identifier: 58:A3:5A:FB:8F:00:76:C1:15:58:AC:FF:40:63:F2:F5:8A:28:17:CA
Certificate issuer:       /CN=58a35afb8f0076c11558acff4063f2f58a2817ca
Certificate serial:       0199FAD7FC7636D3DFD7BA5DB836378DDF57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WKNa-48AdsEVWKz_QGPy9YooF8o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft
Manifest number:          04C8
Signing time:             Sun 19 Oct 2025 05:01:22 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:22 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:22 +0000
Files and hashes:         1: WKNa-48AdsEVWKz_QGPy9YooF8o.crl (hash: FT9YZdPkdAiMA1Z/AOgUKOfb+zQyBr1dNEuStq1Sln0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WKNa-48AdsEVWKz_QGPy9YooF8o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:fc:76:36:d3:df:d7:ba:5d:b8:36:37:8d:df:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58a35afb8f0076c11558acff4063f2f58a2817ca
        Validity
            Not Before: Oct 19 05:01:22 2025 GMT
            Not After : Oct 20 05:01:22 2025 GMT
        Subject: CN=791741752e340111b9787a782b151da671e1bf9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:48:7e:25:2a:2c:5d:e9:4e:6a:29:2d:72:36:
                    bd:1a:5e:58:16:51:59:72:fe:07:e8:6e:5b:2f:17:
                    19:c5:3c:e2:25:9e:9b:3e:07:04:ff:60:4f:bd:33:
                    a4:89:8d:6d:7b:88:1d:19:48:0a:f2:1b:a1:c5:12:
                    6f:6b:71:10:4d:9f:7c:04:7f:0a:81:ea:9e:d1:cc:
                    c7:e8:1d:e0:27:9f:9f:13:1f:36:61:95:48:71:ea:
                    35:4e:1c:64:8e:7b:3f:9b:ad:e3:c4:e9:1c:a4:da:
                    07:93:59:2c:3b:a3:d6:18:11:5c:d0:f7:ad:16:ab:
                    f7:ff:3e:b9:11:e7:ab:37:9e:b6:d2:69:88:44:42:
                    ba:71:86:19:54:ca:70:a7:f5:cf:b1:38:7c:e8:d0:
                    06:fa:e9:52:78:c7:38:08:c2:94:b6:5e:b5:03:22:
                    52:6a:e0:e8:49:80:04:58:2f:75:a6:32:4d:dd:9f:
                    91:e3:33:80:12:7e:28:a6:82:75:ff:d5:00:4e:dd:
                    d8:4d:63:4c:ca:52:1f:e5:14:41:d3:6a:a1:bb:aa:
                    81:ff:e9:b1:bb:92:0c:ea:b8:57:d6:4d:c7:4f:87:
                    7b:65:5a:12:2a:8b:8b:b8:f7:0c:b2:a5:35:fc:63:
                    03:72:8e:7f:58:73:56:a1:09:dd:0c:0a:dc:83:85:
                    ff:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:17:41:75:2E:34:01:11:B9:78:7A:78:2B:15:1D:A6:71:E1:BF:9B
            X509v3 Authority Key Identifier:
                keyid:58:A3:5A:FB:8F:00:76:C1:15:58:AC:FF:40:63:F2:F5:8A:28:17:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WKNa-48AdsEVWKz_QGPy9YooF8o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:df:0d:51:d3:a5:26:e7:75:cf:27:b0:20:6c:71:8f:a1:20:
         e4:c9:e9:e7:da:1a:d5:d4:5d:67:20:69:ef:8a:82:15:aa:17:
         42:a9:ed:35:ff:63:c4:18:d9:40:70:bb:a8:fa:27:12:84:61:
         32:a6:f2:e6:ca:dd:62:00:91:51:c3:03:d1:d9:06:df:0f:e7:
         f3:26:27:5e:51:89:0c:35:cd:6d:4a:f6:ad:91:c2:6d:da:7f:
         b8:d9:49:7e:8f:2e:ee:cc:32:89:39:fe:82:ac:dd:51:80:ca:
         32:da:08:1f:8f:7c:52:50:35:18:9c:a2:dd:3b:4d:2c:8d:9a:
         18:61:83:c2:68:73:49:53:71:73:46:9e:6e:04:cc:4e:5f:6c:
         b2:c3:e1:fb:cb:d4:f3:1b:02:e7:1b:6e:b4:fa:cc:a0:e6:e1:
         c0:d2:c1:51:5e:64:f3:61:48:b1:20:ce:54:78:bd:4c:88:46:
         1e:69:0c:ac:41:37:56:5e:19:6b:c1:d9:25:3f:2d:ee:5c:5d:
         3f:cb:22:1d:3b:9a:5c:57:70:27:b4:d0:85:89:82:fa:43:1a:
         51:68:2c:a3:0a:72:ce:b9:13:72:27:9d:04:06:ee:f6:bb:e3:
         bb:f6:4a:d4:07:fa:46:95:b2:0d:44:03:d3:77:61:db:d4:fb:
         96:fb:a0:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn61/x2NtPf17pduDY3jd9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YTM1YWZiOGYwMDc2YzExNTU4YWNmZjQwNjNmMmY1OGEy
ODE3Y2EwHhcNMjUxMDE5MDUwMTIyWhcNMjUxMDIwMDUwMTIyWjAzMTEwLwYDVQQD
Eyg3OTE3NDE3NTJlMzQwMTExYjk3ODdhNzgyYjE1MWRhNjcxZTFiZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUh+JSosXelOaiktcja9Gl5YFlFZ
cv4H6G5bLxcZxTziJZ6bPgcE/2BPvTOkiY1te4gdGUgK8huhxRJva3EQTZ98BH8K
geqe0czH6B3gJ5+fEx82YZVIceo1Thxkjns/m63jxOkcpNoHk1ksO6PWGBFc0Pet
Fqv3/z65EeerN5620mmIREK6cYYZVMpwp/XPsTh86NAG+ulSeMc4CMKUtl61AyJS
auDoSYAEWC91pjJN3Z+R4zOAEn4opoJ1/9UATt3YTWNMylIf5RRB02qhu6qB/+mx
u5IM6rhX1k3HT4d7ZVoSKouLuPcMsqU1/GMDco5/WHNWoQndDArcg4X/5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHkXQXUuNAERuXh6eCsVHaZx4b+bMB8GA1UdIwQY
MBaAFFijWvuPAHbBFVis/0Bj8vWKKBfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0tOYS00OEFkc0VWV0t6X1FHUHk5WW9vRjhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMjdiM2EtM2NlYy00MTM5LTg3ZTgt
MzUxOGQ4MDZmZmMzLzEvV0tOYS00OEFkc0VWV0t6X1FHUHk5WW9vRjhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMjdiM2EtM2NlYy00MTM5LTg3ZTgtMzUxOGQ4MDZmZmMz
LzEvV0tOYS00OEFkc0VWV0t6X1FHUHk5WW9vRjhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb98NUdOl
Jud1zyewIGxxj6Eg5Mnp59oa1dRdZyBp74qCFaoXQqntNf9jxBjZQHC7qPonEoRh
Mqby5srdYgCRUcMD0dkG3w/n8yYnXlGJDDXNbUr2rZHCbdp/uNlJfo8u7swyiTn+
gqzdUYDKMtoIH498UlA1GJyi3TtNLI2aGGGDwmhzSVNxc0aebgTMTl9sssPh+8vU
8xsC5xtutPrMoObhwNLBUV5k82FIsSDOVHi9TIhGHmkMrEE3Vl4Za8HZJT8t7lxd
P8siHTuaXFdwJ7TQhYmC+kMaUWgsowpyzrkTciedBAbu9rvju/ZK1Af6RpWyDUQD
03dh29T7lvugNA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:14 2025 by rpki-client