Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
File:                     WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json)
Hash identifier:          4YcAzOepa+8ZX1c9EVBz5nPmUs/Nal9LsJwY9A1eeXI=
Subject key identifier:   DB:EA:FD:38:A0:69:7F:CF:A5:40:BF:B8:94:FE:79:5A:8A:02:22:4F
Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1
Certificate issuer:       /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
Certificate serial:       019DA3E5D5B22A151EE3D09E756FB60956C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
Manifest number:          16EC
Signing time:             Sun 19 Apr 2026 04:00:41 +0000
Manifest this update:     Sun 19 Apr 2026 04:00:41 +0000
Manifest next update:     Mon 20 Apr 2026 04:00:41 +0000
Files and hashes:         1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: DTEmj15U9MIxmt3Cyn7J7nok2W/ecwGkzWrms1uI4GQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:e5:d5:b2:2a:15:1e:e3:d0:9e:75:6f:b6:09:56:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
        Validity
            Not Before: Apr 19 04:00:41 2026 GMT
            Not After : Apr 20 04:00:41 2026 GMT
        Subject: CN=dbeafd38a0697fcfa540bfb894fe795a8a02224f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:8f:8e:18:3b:4d:44:6b:0f:d2:ec:55:20:b9:
                    e8:28:5a:8f:21:8f:46:8e:ac:2a:99:b0:f0:9d:d5:
                    2e:e2:8e:82:d5:25:89:b4:f6:c1:81:bc:6d:30:43:
                    6f:c6:a6:ed:07:10:d2:9c:cc:6e:13:b0:ce:2c:8a:
                    65:84:75:7a:09:e0:66:45:31:7d:13:eb:b4:91:2e:
                    17:18:4f:ed:bc:73:43:aa:1f:3d:79:d4:3a:c9:69:
                    fe:c6:a8:49:b1:6e:cd:4f:90:e8:6a:d4:28:a6:da:
                    43:95:cd:6e:4e:13:cb:28:15:78:c8:e5:fa:5d:f3:
                    9c:c2:62:43:b3:7a:d5:76:18:04:5a:f2:14:0c:34:
                    2e:a3:62:9a:0e:db:a9:eb:de:52:f0:be:6b:47:22:
                    ff:39:0a:81:a6:23:75:53:f1:87:93:e9:d3:97:72:
                    a4:dd:aa:89:2a:91:bf:73:7c:cc:24:c6:88:9e:9e:
                    79:d7:1d:e7:b9:d8:58:f6:4e:84:d2:d9:a4:7a:7c:
                    6f:93:f7:14:e4:6e:5a:9e:ea:7c:7f:70:c8:b3:59:
                    ea:c1:fe:d0:1f:b6:e7:cb:62:3f:e5:f6:7e:fa:22:
                    de:ce:65:c3:36:9e:c2:5c:3a:d7:e3:4a:99:26:16:
                    25:ae:3e:cf:d2:75:a7:bf:5f:fe:ce:de:cd:02:41:
                    2d:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:EA:FD:38:A0:69:7F:CF:A5:40:BF:B8:94:FE:79:5A:8A:02:22:4F
            X509v3 Authority Key Identifier:
                keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:f4:53:14:25:6f:0d:b9:27:19:56:a8:c2:da:4e:a8:7f:50:
         19:c2:02:94:da:66:22:bc:c7:65:7a:3f:85:01:17:d2:e1:ce:
         bb:f4:ce:81:64:5d:76:43:61:d2:21:ce:44:a3:a2:13:8d:a2:
         26:95:78:c6:d9:ee:64:35:16:eb:f7:72:38:76:d4:e3:99:d0:
         58:0a:5d:ce:50:a6:9c:c4:55:ef:09:55:2f:89:9f:8f:59:bd:
         f3:62:95:f9:e5:1f:23:28:1b:13:6a:6f:8a:41:6a:5f:0f:3c:
         26:d0:ed:03:14:fe:94:d9:78:08:c1:d9:1b:34:c5:23:e3:2b:
         5a:e9:cc:55:30:83:45:5a:db:4a:c1:62:9e:27:c1:a5:f4:ff:
         e3:6d:87:cd:1b:db:30:fb:48:f0:1d:96:26:53:0c:aa:e4:54:
         0b:a4:f3:91:f2:f7:1f:44:09:7f:2f:b5:5e:97:82:6f:3b:bd:
         06:cd:ab:27:f2:27:10:9a:50:86:cc:25:2e:56:47:41:59:69:
         21:5e:51:76:0a:05:38:e6:84:08:ec:c1:ef:5e:30:bd:97:63:
         0c:84:26:c5:e3:7d:39:9b:33:44:af:c7:43:64:aa:05:09:4e:
         75:b0:c8:13:40:34:c8:91:a1:5b:4d:18:3f:bd:36:dc:39:93:
         03:07:74:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2j5dWyKhUe49CedW+2CVbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi
OTg0YjEwHhcNMjYwNDE5MDQwMDQxWhcNMjYwNDIwMDQwMDQxWjAzMTEwLwYDVQQD
EyhkYmVhZmQzOGEwNjk3ZmNmYTU0MGJmYjg5NGZlNzk1YThhMDIyMjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4+OGDtNRGsP0uxVILnoKFqPIY9G
jqwqmbDwndUu4o6C1SWJtPbBgbxtMENvxqbtBxDSnMxuE7DOLIplhHV6CeBmRTF9
E+u0kS4XGE/tvHNDqh89edQ6yWn+xqhJsW7NT5DoatQoptpDlc1uThPLKBV4yOX6
XfOcwmJDs3rVdhgEWvIUDDQuo2KaDtup695S8L5rRyL/OQqBpiN1U/GHk+nTl3Kk
3aqJKpG/c3zMJMaInp551x3nudhY9k6E0tmkenxvk/cU5G5anup8f3DIs1nqwf7Q
H7bny2I/5fZ++iLezmXDNp7CXDrX40qZJhYlrj7P0nWnv1/+zt7NAkEtaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvq/TigaX/PpUC/uJT+eVqKAiJPMB8GA1UdIwQY
MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct
MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2
LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKvRTFCVv
DbknGVaowtpOqH9QGcIClNpmIrzHZXo/hQEX0uHOu/TOgWRddkNh0iHORKOiE42i
JpV4xtnuZDUW6/dyOHbU45nQWApdzlCmnMRV7wlVL4mfj1m982KV+eUfIygbE2pv
ikFqXw88JtDtAxT+lNl4CMHZGzTFI+MrWunMVTCDRVrbSsFinifBpfT/422HzRvb
MPtI8B2WJlMMquRUC6TzkfL3H0QJfy+1XpeCbzu9Bs2rJ/InEJpQhswlLlZHQVlp
IV5RdgoFOOaECOzB714wvZdjDIQmxeN9OZszRK/HQ2SqBQlOdbDIE0A0yJGhW00Y
P7023DmTAwd0Nw==
-----END CERTIFICATE-----