Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
File:                     WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json)
Hash identifier:          nG+bzFqVRfZlEbdFerp53RhMbQIYACTSx7sFAbymGBU=
Subject key identifier:   BC:B7:91:A6:62:55:02:D8:30:D9:5C:5E:68:F8:8F:12:0B:CF:48:68
Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1
Certificate issuer:       /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
Certificate serial:       019D265ED07CB54B14DAB8EA8A7309C47AC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
Manifest number:          16AB
Signing time:             Wed 25 Mar 2026 19:00:41 +0000
Manifest this update:     Wed 25 Mar 2026 19:00:41 +0000
Manifest next update:     Thu 26 Mar 2026 19:00:41 +0000
Files and hashes:         1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: frcpMlAVxPjx6ZOe+oN32wlesinifhrfj8/8i1r15fY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5e:d0:7c:b5:4b:14:da:b8:ea:8a:73:09:c4:7a:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
        Validity
            Not Before: Mar 25 19:00:41 2026 GMT
            Not After : Mar 26 19:00:41 2026 GMT
        Subject: CN=bcb791a6625502d830d95c5e68f88f120bcf4868
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:a2:d2:3e:a4:93:7e:74:7d:5a:a1:35:c6:0f:
                    e9:20:63:2d:eb:c1:cf:1b:d2:c6:52:76:4e:5d:6a:
                    af:aa:82:ad:1c:09:96:7f:e6:27:e5:90:91:ac:34:
                    ef:f6:9e:7b:32:d6:96:35:e9:53:ca:92:41:26:af:
                    ef:26:e6:b1:1c:bd:a9:40:0d:be:18:fd:53:73:57:
                    f5:27:e5:ba:4a:2e:c9:81:0b:0f:b6:68:bc:03:d4:
                    79:42:03:fe:ec:a6:e1:a7:21:b6:72:9c:1c:2a:32:
                    58:cc:b8:6a:e5:6b:de:6a:44:ae:04:06:f6:9a:09:
                    44:43:d2:68:b0:5b:80:71:9a:b6:86:f5:97:59:2a:
                    14:ae:90:fd:bf:c7:e3:be:9e:1b:63:6d:b9:6b:13:
                    f4:c3:de:b5:d3:3f:7b:18:77:94:40:e3:14:0a:40:
                    17:7b:d3:d5:2d:fb:71:7c:b6:b7:88:91:bf:62:ad:
                    d3:59:a6:71:97:d4:93:10:b4:67:3d:61:e2:9a:e0:
                    3d:f2:79:14:12:d4:23:a4:30:f2:d2:87:88:0a:47:
                    ae:63:35:a3:5f:13:2d:a2:eb:28:72:2a:34:cb:86:
                    aa:57:9f:2c:96:05:cd:34:ad:1e:3a:90:56:01:db:
                    98:1e:1b:d0:a8:c1:c4:dc:85:f4:96:8a:a2:96:df:
                    a8:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:B7:91:A6:62:55:02:D8:30:D9:5C:5E:68:F8:8F:12:0B:CF:48:68
            X509v3 Authority Key Identifier:
                keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:f4:5f:27:79:35:9d:68:76:aa:2d:bb:2c:cd:41:2b:89:bb:
         2f:ce:e9:f4:1a:76:2b:86:70:5f:23:7d:78:ad:ab:75:0c:61:
         dc:bc:33:d5:b9:d1:50:1d:9c:5b:d3:86:31:a0:ba:e5:09:d8:
         2f:68:7b:2e:38:3a:0f:99:05:2d:8a:99:4f:8f:a9:e3:e7:a6:
         07:14:fe:81:35:fd:16:eb:0c:a5:4a:57:8a:4c:da:60:94:2d:
         1e:28:a0:cf:41:29:14:b9:11:c9:c9:ad:e7:ad:d3:97:32:75:
         cb:ca:5f:06:d4:c4:85:a6:61:45:69:18:b8:7f:b3:5b:70:71:
         e7:84:ba:c3:b5:99:78:b3:3f:a8:2d:70:e2:cb:3d:6f:4e:ce:
         89:df:00:29:4b:8f:1f:b3:17:f4:2e:43:d3:f8:04:e4:a1:17:
         9a:18:94:31:e5:3f:33:da:4d:ec:c8:6b:4c:e8:93:12:13:da:
         cf:23:a3:52:c8:f2:b0:4b:c7:aa:d6:7b:90:01:df:df:37:fd:
         08:77:f2:a7:08:0d:8e:7c:9a:55:5e:2f:e4:4c:89:9f:e4:74:
         6b:f1:78:49:5f:bd:58:b6:62:00:f1:09:64:b8:a6:01:30:b1:
         58:3d:fe:39:a6:4b:22:6b:89:72:76:31:12:2f:a8:a5:ae:79:
         9d:83:f8:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXtB8tUsU2rjqinMJxHrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi
OTg0YjEwHhcNMjYwMzI1MTkwMDQxWhcNMjYwMzI2MTkwMDQxWjAzMTEwLwYDVQQD
EyhiY2I3OTFhNjYyNTUwMmQ4MzBkOTVjNWU2OGY4OGYxMjBiY2Y0ODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qLSPqSTfnR9WqE1xg/pIGMt68HP
G9LGUnZOXWqvqoKtHAmWf+Yn5ZCRrDTv9p57MtaWNelTypJBJq/vJuaxHL2pQA2+
GP1Tc1f1J+W6Si7JgQsPtmi8A9R5QgP+7KbhpyG2cpwcKjJYzLhq5WveakSuBAb2
mglEQ9JosFuAcZq2hvWXWSoUrpD9v8fjvp4bY225axP0w9610z97GHeUQOMUCkAX
e9PVLftxfLa3iJG/Yq3TWaZxl9STELRnPWHimuA98nkUEtQjpDDy0oeICkeuYzWj
XxMtousocio0y4aqV58slgXNNK0eOpBWAduYHhvQqMHE3IX0loqilt+oZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLy3kaZiVQLYMNlcXmj4jxILz0hoMB8GA1UdIwQY
MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct
MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2
LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq/RfJ3k1
nWh2qi27LM1BK4m7L87p9Bp2K4ZwXyN9eK2rdQxh3Lwz1bnRUB2cW9OGMaC65QnY
L2h7Ljg6D5kFLYqZT4+p4+emBxT+gTX9FusMpUpXikzaYJQtHiigz0EpFLkRycmt
563TlzJ1y8pfBtTEhaZhRWkYuH+zW3Bx54S6w7WZeLM/qC1w4ss9b07Oid8AKUuP
H7MX9C5D0/gE5KEXmhiUMeU/M9pN7MhrTOiTEhPazyOjUsjysEvHqtZ7kAHf3zf9
CHfypwgNjnyaVV4v5EyJn+R0a/F4SV+9WLZiAPEJZLimATCxWD3+OaZLImuJcnYx
Ei+opa55nYP4Bg==
-----END CERTIFICATE-----