Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.mft
File:                     biw-HNO4VNZu9GxWd-9y0sWjZpc.mft (raw, json)
Hash identifier:          ZzH5C0aAsiBeAjYzdtFlDu7nNanrBof1WCcWfqWoeTA=
Subject key identifier:   0C:AE:8A:58:6D:33:5B:B1:1A:CB:9A:C0:85:53:6E:B9:78:33:F4:9C
Authority key identifier: 6E:2C:3E:1C:D3:B8:54:D6:6E:F4:6C:56:77:EF:72:D2:C5:A3:66:97
Certificate issuer:       /CN=6e2c3e1cd3b854d66ef46c5677ef72d2c5a36697
Certificate serial:       019D26283B0721F24067C8BA6F4CEE9B2F99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/biw-HNO4VNZu9GxWd-9y0sWjZpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.mft
Manifest number:          0A3F
Signing time:             Wed 25 Mar 2026 18:01:03 +0000
Manifest this update:     Wed 25 Mar 2026 18:01:03 +0000
Manifest next update:     Thu 26 Mar 2026 18:01:03 +0000
Files and hashes:         1: biw-HNO4VNZu9GxWd-9y0sWjZpc.crl (hash: AJLSnAsxk+UgHYA2OSw0N0ZiWnCdidb23b4q5FRuLxY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/biw-HNO4VNZu9GxWd-9y0sWjZpc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 18:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:28:3b:07:21:f2:40:67:c8:ba:6f:4c:ee:9b:2f:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e2c3e1cd3b854d66ef46c5677ef72d2c5a36697
        Validity
            Not Before: Mar 25 18:01:03 2026 GMT
            Not After : Mar 26 18:01:03 2026 GMT
        Subject: CN=0cae8a586d335bb11acb9ac085536eb97833f49c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:52:d9:b0:96:ca:4a:b0:00:fe:39:56:85:0c:
                    bd:de:9a:70:c0:58:cc:a4:fc:04:e3:b1:9c:ab:2b:
                    b3:18:21:e4:f6:74:3c:1d:07:95:04:e4:51:d7:52:
                    ad:ea:9b:5c:e4:d1:c1:ea:44:46:13:9f:40:69:0b:
                    b9:be:57:1b:8a:d4:9c:0f:34:85:35:03:ea:04:3c:
                    92:03:f9:71:03:dd:f6:17:b2:69:e7:3d:07:a4:07:
                    85:5b:74:54:fd:de:7c:ab:f1:b7:42:c9:3f:a6:0a:
                    db:0b:be:3f:7f:41:de:98:15:e3:39:2f:1c:b1:48:
                    be:1f:7f:81:f4:e8:b7:c6:f1:44:bb:3a:94:42:6e:
                    6e:b9:e4:7d:44:b9:cd:a5:1c:8a:3f:a2:29:05:77:
                    69:93:22:17:14:f3:ef:d2:86:8f:82:d3:92:43:b8:
                    6d:7c:e5:77:9c:a7:a0:fc:f5:26:52:0e:41:5d:30:
                    14:a8:33:83:73:c9:0a:c8:55:88:20:f2:5d:31:0a:
                    ab:f5:f5:b8:ff:17:0c:8f:e0:08:7e:18:c2:09:7c:
                    c9:9d:2a:af:31:a1:de:dd:4f:46:26:a4:6a:a3:8d:
                    bf:4b:9d:9f:a4:f1:d3:67:21:c9:18:7f:73:d9:14:
                    4b:17:8a:e9:ec:db:63:93:09:04:37:a6:45:dc:82:
                    95:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:AE:8A:58:6D:33:5B:B1:1A:CB:9A:C0:85:53:6E:B9:78:33:F4:9C
            X509v3 Authority Key Identifier:
                keyid:6E:2C:3E:1C:D3:B8:54:D6:6E:F4:6C:56:77:EF:72:D2:C5:A3:66:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/biw-HNO4VNZu9GxWd-9y0sWjZpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:b7:19:cb:f6:70:77:fb:a2:dc:f6:34:19:5e:55:cb:35:9e:
         cd:88:65:c0:d3:0c:2f:21:12:76:53:16:08:4c:6d:4e:04:e7:
         d9:51:17:cd:96:5c:40:21:84:87:36:50:d4:e8:d6:a2:9c:5b:
         37:88:6c:17:26:c7:4d:b4:df:bc:93:60:ae:49:79:f6:97:e3:
         c5:b6:9d:87:42:2e:77:58:ac:13:d9:e5:ef:9d:fa:85:54:cb:
         ae:73:23:62:2b:3c:95:c8:90:7f:ef:f1:e2:d5:31:78:9f:24:
         ee:da:1b:a0:58:7d:d6:7b:5b:a7:56:cc:3b:53:d2:7c:d9:d5:
         80:0d:4b:1b:44:69:f8:bf:83:3a:44:73:85:54:8b:d1:f0:bf:
         ab:4a:61:8e:fb:c5:64:fe:27:3b:7e:c3:a3:22:d4:25:dd:5a:
         94:52:8a:f7:f0:4b:5b:5e:e0:b2:88:00:25:4d:76:66:34:97:
         9f:ca:ee:97:10:dd:75:eb:b1:e3:25:98:a0:26:69:45:16:12:
         a3:07:9f:57:31:5f:ea:3a:16:ce:4b:71:94:81:67:2f:b6:dd:
         50:00:66:e8:93:1a:7b:83:d7:ab:c6:7e:a6:bd:8a:18:4a:25:
         d3:84:24:c6:7f:7a:c1:81:bb:16:f1:61:3a:19:ff:ec:4d:7a:
         00:9e:28:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKDsHIfJAZ8i6b0zumy+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMmMzZTFjZDNiODU0ZDY2ZWY0NmM1Njc3ZWY3MmQyYzVh
MzY2OTcwHhcNMjYwMzI1MTgwMTAzWhcNMjYwMzI2MTgwMTAzWjAzMTEwLwYDVQQD
EygwY2FlOGE1ODZkMzM1YmIxMWFjYjlhYzA4NTUzNmViOTc4MzNmNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVLZsJbKSrAA/jlWhQy93ppwwFjM
pPwE47GcqyuzGCHk9nQ8HQeVBORR11Kt6ptc5NHB6kRGE59AaQu5vlcbitScDzSF
NQPqBDySA/lxA932F7Jp5z0HpAeFW3RU/d58q/G3Qsk/pgrbC74/f0HemBXjOS8c
sUi+H3+B9Oi3xvFEuzqUQm5uueR9RLnNpRyKP6IpBXdpkyIXFPPv0oaPgtOSQ7ht
fOV3nKeg/PUmUg5BXTAUqDODc8kKyFWIIPJdMQqr9fW4/xcMj+AIfhjCCXzJnSqv
MaHe3U9GJqRqo42/S52fpPHTZyHJGH9z2RRLF4rp7NtjkwkEN6ZF3IKVNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAyuilhtM1uxGsuawIVTbrl4M/ScMB8GA1UdIwQY
MBaAFG4sPhzTuFTWbvRsVnfvctLFo2aXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYml3LUhOTzRWTlp1OUd4V2QtOXkwc1dqWnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNTkwZmItYjA1ZS00NDQxLWFkZDEt
ZjgzNTViNzhkYjI0LzEvYml3LUhOTzRWTlp1OUd4V2QtOXkwc1dqWnBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNTkwZmItYjA1ZS00NDQxLWFkZDEtZjgzNTViNzhkYjI0
LzEvYml3LUhOTzRWTlp1OUd4V2QtOXkwc1dqWnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApLcZy/Zw
d/ui3PY0GV5VyzWezYhlwNMMLyESdlMWCExtTgTn2VEXzZZcQCGEhzZQ1OjWopxb
N4hsFybHTbTfvJNgrkl59pfjxbadh0Iud1isE9nl7536hVTLrnMjYis8lciQf+/x
4tUxeJ8k7toboFh91ntbp1bMO1PSfNnVgA1LG0Rp+L+DOkRzhVSL0fC/q0phjvvF
ZP4nO37DoyLUJd1alFKK9/BLW17gsogAJU12ZjSXn8rulxDddeux4yWYoCZpRRYS
owefVzFf6joWzktxlIFnL7bdUABm6JMae4PXq8Z+pr2KGEol04Qkxn96wYG7FvFh
Ohn/7E16AJ4oxQ==
-----END CERTIFICATE-----