Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/b54e9c-ba92-4e8b-a09e-4f9332a2a71e/1/MWKbwb0al4TaHlsLjV4I4r5n3kA.mft
File:                     MWKbwb0al4TaHlsLjV4I4r5n3kA.mft (raw, json)
Hash identifier:          WZa45PszqMgMnhLBt/ZHw0HcExNEHwbSS5Z4TLbAK2k=
Subject key identifier:   1E:8F:F3:59:5F:CD:EE:DA:9F:95:A0:5D:F3:8B:C2:B5:50:72:A8:34
Authority key identifier: 31:62:9B:C1:BD:1A:97:84:DA:1E:5B:0B:8D:5E:08:E2:BE:67:DE:40
Certificate issuer:       /CN=31629bc1bd1a9784da1e5b0b8d5e08e2be67de40
Certificate serial:       019D27A92060789A8D8413EE43F6F99E44B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MWKbwb0al4TaHlsLjV4I4r5n3kA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/b54e9c-ba92-4e8b-a09e-4f9332a2a71e/1/MWKbwb0al4TaHlsLjV4I4r5n3kA.mft
Manifest number:          019B
Signing time:             Thu 26 Mar 2026 01:01:28 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:28 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:28 +0000
Files and hashes:         1: MWKbwb0al4TaHlsLjV4I4r5n3kA.crl (hash: mFnq3K5L2ziJ1W4Z378QUYGDV7luNNvM5Ml4jt0Ehz4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/b54e9c-ba92-4e8b-a09e-4f9332a2a71e/1/MWKbwb0al4TaHlsLjV4I4r5n3kA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/b54e9c-ba92-4e8b-a09e-4f9332a2a71e/1/MWKbwb0al4TaHlsLjV4I4r5n3kA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MWKbwb0al4TaHlsLjV4I4r5n3kA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a9:20:60:78:9a:8d:84:13:ee:43:f6:f9:9e:44:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31629bc1bd1a9784da1e5b0b8d5e08e2be67de40
        Validity
            Not Before: Mar 26 01:01:28 2026 GMT
            Not After : Mar 27 01:01:28 2026 GMT
        Subject: CN=1e8ff3595fcdeeda9f95a05df38bc2b55072a834
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:52:82:41:32:56:06:51:ac:db:ec:fb:4b:8d:
                    1a:df:84:f7:db:1a:c0:b4:e1:de:cb:1e:50:6b:fd:
                    cc:3f:dd:6b:75:77:f3:fb:4d:c4:01:76:4f:24:f6:
                    3c:ad:77:5f:1a:e2:f5:59:3f:1f:4d:f2:ef:6c:02:
                    65:fd:b6:c9:1d:e2:a0:31:1b:6f:87:5e:c6:26:0c:
                    1e:d3:0d:65:c1:48:35:61:c8:b9:ac:2d:50:57:8f:
                    63:a6:f0:05:97:00:9c:e2:d2:10:6e:83:ae:fe:07:
                    5e:12:ca:f6:2d:3b:3a:95:a0:c6:4b:14:de:c1:66:
                    53:f6:dc:ce:15:92:e4:b4:23:79:78:8f:61:bd:68:
                    1e:cb:4e:18:e7:35:e5:aa:15:26:bc:ab:90:b8:ee:
                    a4:9e:62:cc:8e:10:4a:5c:6a:b1:4d:cf:80:52:19:
                    20:5e:e9:bb:db:cc:ed:4b:f3:7d:f2:a9:14:a4:a3:
                    78:84:f1:11:23:fd:a1:64:4b:0f:38:18:20:a1:49:
                    2f:b6:52:2c:f4:0a:44:fa:6b:8a:19:64:dd:89:f2:
                    cf:34:ca:e8:ba:78:76:ba:90:3f:d5:cc:89:60:4c:
                    a8:42:da:ad:72:7a:31:e0:b0:b8:84:fe:bc:fe:a8:
                    5b:af:e6:62:b6:15:68:94:47:98:2e:f5:bd:97:f4:
                    77:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:8F:F3:59:5F:CD:EE:DA:9F:95:A0:5D:F3:8B:C2:B5:50:72:A8:34
            X509v3 Authority Key Identifier:
                keyid:31:62:9B:C1:BD:1A:97:84:DA:1E:5B:0B:8D:5E:08:E2:BE:67:DE:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MWKbwb0al4TaHlsLjV4I4r5n3kA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b54e9c-ba92-4e8b-a09e-4f9332a2a71e/1/MWKbwb0al4TaHlsLjV4I4r5n3kA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b54e9c-ba92-4e8b-a09e-4f9332a2a71e/1/MWKbwb0al4TaHlsLjV4I4r5n3kA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:a8:db:f4:13:76:6d:df:77:22:27:28:e0:13:b2:06:49:03:
         c2:29:37:fb:5c:55:43:84:0d:a7:bb:3b:88:21:9e:00:a9:f7:
         1a:f2:b8:72:28:16:82:10:1f:a9:35:b4:98:39:24:fe:32:42:
         f0:7f:cd:0f:6a:ee:80:7c:01:92:06:0c:1b:5b:8f:44:01:f1:
         b8:85:94:be:4f:68:a9:23:02:8f:22:ab:b2:f4:42:cf:ea:e6:
         93:ef:4e:89:7f:64:b3:f2:7b:37:50:9f:11:14:12:88:6e:c2:
         7c:e7:85:b6:ac:14:ca:1a:f6:44:24:62:b2:51:f8:86:d3:02:
         fb:8a:65:01:5e:0d:cf:55:6b:10:53:e4:a0:e6:45:cf:2f:a2:
         60:a7:b4:6e:65:fd:e4:eb:c9:3e:6b:7b:b3:4a:1f:22:aa:bf:
         db:70:46:0c:19:9f:82:b5:6c:f5:82:a9:47:b9:a9:3b:f0:82:
         49:a8:a0:a7:02:a0:e6:80:81:65:74:62:f4:bd:c7:f5:8b:f7:
         3b:49:4e:29:ad:f2:cb:a5:31:34:32:96:7d:2c:d1:bf:2c:7c:
         f3:1a:2b:32:ef:1b:8c:e9:93:47:81:96:20:3a:6f:46:7a:c6:
         5d:9c:03:1c:d8:66:89:6a:05:4c:53:7b:2b:0d:be:e5:bd:bb:
         7a:8d:4f:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqSBgeJqNhBPuQ/b5nkSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNjI5YmMxYmQxYTk3ODRkYTFlNWIwYjhkNWUwOGUyYmU2
N2RlNDAwHhcNMjYwMzI2MDEwMTI4WhcNMjYwMzI3MDEwMTI4WjAzMTEwLwYDVQQD
EygxZThmZjM1OTVmY2RlZWRhOWY5NWEwNWRmMzhiYzJiNTUwNzJhODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1KCQTJWBlGs2+z7S40a34T32xrA
tOHeyx5Qa/3MP91rdXfz+03EAXZPJPY8rXdfGuL1WT8fTfLvbAJl/bbJHeKgMRtv
h17GJgwe0w1lwUg1Yci5rC1QV49jpvAFlwCc4tIQboOu/gdeEsr2LTs6laDGSxTe
wWZT9tzOFZLktCN5eI9hvWgey04Y5zXlqhUmvKuQuO6knmLMjhBKXGqxTc+AUhkg
Xum728ztS/N98qkUpKN4hPERI/2hZEsPOBggoUkvtlIs9ApE+muKGWTdifLPNMro
unh2upA/1cyJYEyoQtqtcnox4LC4hP68/qhbr+ZithVolEeYLvW9l/R3jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6P81lfze7an5WgXfOLwrVQcqg0MB8GA1UdIwQY
MBaAFDFim8G9GpeE2h5bC41eCOK+Z95AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVdLYndiMGFsNFRhSGxzTGpWNEk0cjVuM2tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iNTRlOWMtYmE5Mi00ZThiLWEwOWUt
NGY5MzMyYTJhNzFlLzEvTVdLYndiMGFsNFRhSGxzTGpWNEk0cjVuM2tBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iNTRlOWMtYmE5Mi00ZThiLWEwOWUtNGY5MzMyYTJhNzFl
LzEvTVdLYndiMGFsNFRhSGxzTGpWNEk0cjVuM2tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQajb9BN2
bd93Iico4BOyBkkDwik3+1xVQ4QNp7s7iCGeAKn3GvK4cigWghAfqTW0mDkk/jJC
8H/ND2rugHwBkgYMG1uPRAHxuIWUvk9oqSMCjyKrsvRCz+rmk+9OiX9ks/J7N1Cf
ERQSiG7CfOeFtqwUyhr2RCRislH4htMC+4plAV4Nz1VrEFPkoOZFzy+iYKe0bmX9
5OvJPmt7s0ofIqq/23BGDBmfgrVs9YKpR7mpO/CCSaigpwKg5oCBZXRi9L3H9Yv3
O0lOKa3yy6UxNDKWfSzRvyx88xorMu8bjOmTR4GWIDpvRnrGXZwDHNhmiWoFTFN7
Kw2+5b27eo1PfA==
-----END CERTIFICATE-----