Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.mft
File:                     rWbePns_OvDgZAZ70c52RUNYL18.mft (raw, json)
Hash identifier:          g3b6q8gGgsw6s1gThR68stYP3Braxc+L6GHgyYANlmA=
Subject key identifier:   CF:25:85:8C:39:4B:3F:3F:B3:45:F6:91:0D:2E:2E:64:7E:CE:5F:85
Authority key identifier: AD:66:DE:3E:7B:3F:3A:F0:E0:64:06:7B:D1:CE:76:45:43:58:2F:5F
Certificate issuer:       /CN=ad66de3e7b3f3af0e064067bd1ce764543582f5f
Certificate serial:       019D270402227A17176EC6DF9EF0F9660042
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rWbePns_OvDgZAZ70c52RUNYL18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.mft
Manifest number:          1537
Signing time:             Wed 25 Mar 2026 22:01:07 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:07 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:07 +0000
Files and hashes:         1: rWbePns_OvDgZAZ70c52RUNYL18.crl (hash: 4cc6TjoGPKrR4rFIiYb2AdWd5wcqSGgns+hM1Of+1eE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rWbePns_OvDgZAZ70c52RUNYL18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:02:22:7a:17:17:6e:c6:df:9e:f0:f9:66:00:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad66de3e7b3f3af0e064067bd1ce764543582f5f
        Validity
            Not Before: Mar 25 22:01:07 2026 GMT
            Not After : Mar 26 22:01:07 2026 GMT
        Subject: CN=cf25858c394b3f3fb345f6910d2e2e647ece5f85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:27:72:97:3a:e4:7e:31:75:93:fd:16:7e:24:
                    d8:7b:f8:3c:29:c8:24:cf:55:fa:5d:c9:b9:f1:c4:
                    98:84:e5:2b:f3:75:dd:67:3b:f1:ae:c7:d6:4c:15:
                    f5:4e:22:c5:e4:ec:49:0c:10:ba:9e:33:4b:35:c8:
                    d9:bb:c4:dd:e8:89:86:ba:d8:93:ec:f1:5e:02:f8:
                    58:ff:f6:f6:bc:c2:d4:d6:87:9c:c0:9a:29:0f:4b:
                    51:bb:8d:16:cc:19:6f:93:1d:4e:34:4e:8d:4f:26:
                    37:cd:c1:4f:2d:e0:73:35:6d:53:8c:ac:a0:6b:c0:
                    5d:73:b2:85:5b:bc:42:b9:5a:1d:90:a2:94:bb:a0:
                    b9:b8:eb:c1:82:cb:a0:25:bd:d2:5c:96:7a:87:07:
                    c8:ff:05:56:81:b2:89:c1:55:27:c8:a3:d5:9a:ec:
                    5c:5e:8f:33:f8:39:b7:c6:e3:ce:92:e0:55:ee:7c:
                    e6:05:b8:0b:07:31:38:04:50:38:f9:ef:84:ea:39:
                    88:21:bc:4d:b9:90:d5:fd:a7:7d:4c:75:fa:f8:38:
                    22:27:ae:f8:74:40:f9:8a:78:d2:85:01:9e:12:8b:
                    93:c9:81:7c:2b:fe:02:eb:12:ef:ee:2c:46:54:16:
                    87:90:d9:96:65:f8:2e:2c:6b:0c:70:69:3e:e3:51:
                    81:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:25:85:8C:39:4B:3F:3F:B3:45:F6:91:0D:2E:2E:64:7E:CE:5F:85
            X509v3 Authority Key Identifier:
                keyid:AD:66:DE:3E:7B:3F:3A:F0:E0:64:06:7B:D1:CE:76:45:43:58:2F:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rWbePns_OvDgZAZ70c52RUNYL18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:46:e0:91:ea:99:ce:5e:aa:98:37:82:e6:ac:e6:bf:09:22:
         59:0a:c8:12:f1:3f:55:82:e2:f9:14:15:51:91:46:78:21:f5:
         cc:e9:f6:a0:51:6e:47:b0:c2:a4:26:b3:58:54:c1:ba:3b:7a:
         91:62:8f:57:1f:a1:9a:55:8d:8c:af:c8:06:ed:51:43:52:27:
         a1:f0:39:d6:a1:81:d2:ce:16:80:bc:dd:01:43:c1:cf:45:d1:
         9f:97:91:96:f1:e0:ce:bd:01:1e:c2:4b:7c:d4:be:b1:0e:2c:
         ba:71:e0:cf:a5:3a:74:ac:fd:97:fa:de:bf:71:d3:54:2c:59:
         03:bd:01:3c:e5:18:95:01:c4:74:08:7a:b1:a6:6d:7a:24:86:
         78:cb:45:45:03:56:50:0b:cb:23:f0:ff:57:59:b8:ff:20:0f:
         7a:5e:59:54:7b:86:f9:54:40:fe:b6:b0:27:75:1d:d3:0c:ba:
         13:3c:93:7b:eb:82:b0:32:5a:5e:dd:4a:1e:43:49:b2:f7:b6:
         6c:5a:01:2f:75:60:75:a6:86:b3:5b:99:78:d1:7e:70:92:13:
         34:4b:8c:5b:ec:ff:19:55:76:9a:99:0f:7e:b6:0f:e6:3d:ef:
         bb:8d:5c:0e:9d:72:aa:af:f4:3a:df:cf:73:53:9b:19:74:02:
         9c:75:90:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBAIiehcXbsbfnvD5ZgBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNjZkZTNlN2IzZjNhZjBlMDY0MDY3YmQxY2U3NjQ1NDM1
ODJmNWYwHhcNMjYwMzI1MjIwMTA3WhcNMjYwMzI2MjIwMTA3WjAzMTEwLwYDVQQD
EyhjZjI1ODU4YzM5NGIzZjNmYjM0NWY2OTEwZDJlMmU2NDdlY2U1Zjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCdylzrkfjF1k/0WfiTYe/g8Kcgk
z1X6Xcm58cSYhOUr83XdZzvxrsfWTBX1TiLF5OxJDBC6njNLNcjZu8Td6ImGutiT
7PFeAvhY//b2vMLU1oecwJopD0tRu40WzBlvkx1ONE6NTyY3zcFPLeBzNW1TjKyg
a8Bdc7KFW7xCuVodkKKUu6C5uOvBgsugJb3SXJZ6hwfI/wVWgbKJwVUnyKPVmuxc
Xo8z+Dm3xuPOkuBV7nzmBbgLBzE4BFA4+e+E6jmIIbxNuZDV/ad9THX6+DgiJ674
dED5injShQGeEouTyYF8K/4C6xLv7ixGVBaHkNmWZfguLGsMcGk+41GBowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8lhYw5Sz8/s0X2kQ0uLmR+zl+FMB8GA1UdIwQY
MBaAFK1m3j57Pzrw4GQGe9HOdkVDWC9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcldiZVBuc19PdkRnWkFaNzBjNTJSVU5ZTDE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wM2U3NTUtODAyMS00OWIwLTgyZTQt
NzFlZjQ5Nzk5YmQ5LzEvcldiZVBuc19PdkRnWkFaNzBjNTJSVU5ZTDE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wM2U3NTUtODAyMS00OWIwLTgyZTQtNzFlZjQ5Nzk5YmQ5
LzEvcldiZVBuc19PdkRnWkFaNzBjNTJSVU5ZTDE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXUbgkeqZ
zl6qmDeC5qzmvwkiWQrIEvE/VYLi+RQVUZFGeCH1zOn2oFFuR7DCpCazWFTBujt6
kWKPVx+hmlWNjK/IBu1RQ1InofA51qGB0s4WgLzdAUPBz0XRn5eRlvHgzr0BHsJL
fNS+sQ4sunHgz6U6dKz9l/rev3HTVCxZA70BPOUYlQHEdAh6saZteiSGeMtFRQNW
UAvLI/D/V1m4/yAPel5ZVHuG+VRA/rawJ3Ud0wy6EzyTe+uCsDJaXt1KHkNJsve2
bFoBL3VgdaaGs1uZeNF+cJITNEuMW+z/GVV2mpkPfrYP5j3vu41cDp1yqq/0Ot/P
c1ObGXQCnHWQ+Q==
-----END CERTIFICATE-----