Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
File:                     h16pmc28YATHGlRwyg7HrnOCCPo.mft (raw, json)
Hash identifier:          OmoRV5AOSJmQ+VN3pCg6QAMzDJwAxt3cfpVHJ3nSnks=
Subject key identifier:   ED:4F:67:9E:1F:AE:E5:80:52:7D:50:0F:92:68:BA:54:D6:B4:A9:2C
Authority key identifier: 87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA
Certificate issuer:       /CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
Certificate serial:       019D2583DDA4B04F7E677E19A0F69B86096E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
Manifest number:          07E6
Signing time:             Wed 25 Mar 2026 15:01:32 +0000
Manifest this update:     Wed 25 Mar 2026 15:01:32 +0000
Manifest next update:     Thu 26 Mar 2026 15:01:32 +0000
Files and hashes:         1: h16pmc28YATHGlRwyg7HrnOCCPo.crl (hash: 8LlcBA7x6ncaLw+Pq/1XEclQq8y/RBBL3DwsO94Q1yg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:83:dd:a4:b0:4f:7e:67:7e:19:a0:f6:9b:86:09:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
        Validity
            Not Before: Mar 25 15:01:32 2026 GMT
            Not After : Mar 26 15:01:32 2026 GMT
        Subject: CN=ed4f679e1faee580527d500f9268ba54d6b4a92c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:74:df:6b:09:a7:90:3b:4b:92:9d:ea:eb:34:
                    db:23:4e:7c:68:36:9c:e2:1a:ba:34:d3:6d:55:7a:
                    ef:34:5f:8f:b8:0f:d1:55:78:a6:bd:3b:16:21:a6:
                    c8:e6:d3:d4:9c:db:9f:a6:d4:28:a9:4d:28:e7:88:
                    f6:3b:a9:4e:67:92:fc:d1:03:b0:62:6c:43:ac:5b:
                    d8:8d:b1:89:4b:32:82:15:48:02:fd:f9:25:e3:84:
                    2e:2a:ac:88:51:29:f7:b1:9b:77:23:7d:98:08:a5:
                    24:4d:c9:ab:c5:32:e2:d5:f9:52:c5:00:20:1e:e0:
                    5a:38:e6:2f:be:9f:5f:21:f2:0e:99:e3:c4:b3:19:
                    b1:8d:92:e8:08:cc:8a:c4:f6:37:65:5e:1b:3b:f8:
                    5c:c7:55:ec:b6:24:b8:b2:17:b4:52:fb:27:a5:3b:
                    d4:d0:4c:30:ae:a8:68:5c:09:17:19:a6:64:03:d6:
                    03:e5:fa:a4:fd:d1:bb:7a:09:d1:7f:9d:99:ec:e8:
                    0a:fc:cc:55:64:02:e9:53:04:ce:5a:31:ec:d5:4e:
                    30:5c:e5:1e:66:c3:f0:c6:3e:bd:68:b8:a5:af:db:
                    5c:71:58:e5:c8:d4:ef:a4:0c:3f:df:81:f5:11:4a:
                    b5:46:14:e8:b2:39:ec:be:18:23:09:9f:51:56:31:
                    58:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:4F:67:9E:1F:AE:E5:80:52:7D:50:0F:92:68:BA:54:D6:B4:A9:2C
            X509v3 Authority Key Identifier:
                keyid:87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:28:b8:75:ab:35:6e:9c:72:c7:a1:eb:3c:23:d8:6f:a6:d1:
         91:0e:0c:bc:d2:b8:6b:da:06:49:26:5e:87:22:0e:7d:f2:11:
         a2:d3:3c:08:a3:7f:3c:36:eb:35:e1:57:a4:d6:37:93:ee:be:
         77:c9:9b:a8:c7:c7:46:10:19:18:95:34:0c:b1:68:64:cb:e2:
         74:f6:58:cf:53:9f:1b:07:55:41:7f:2e:54:6b:b7:1d:e1:1d:
         ab:8e:1d:04:49:24:c7:2c:fb:9d:0e:6f:73:4b:b5:b9:fe:ef:
         3a:46:ab:05:86:9d:8c:96:c7:2d:c8:c7:c1:2e:4b:8d:44:0c:
         08:51:df:28:3a:49:77:29:21:1e:01:a1:6a:36:f5:ed:8d:44:
         18:8c:a4:64:6d:7e:5d:f8:5c:e3:38:30:18:1d:54:55:67:29:
         fc:20:71:6f:da:86:a7:33:1f:88:2c:3f:63:5d:c9:dd:94:a8:
         7f:86:8e:55:a7:9b:67:d2:09:b2:08:c8:0d:e4:20:c7:1c:fe:
         b7:11:a7:09:09:6f:85:c9:f6:a9:47:2d:8a:4d:bf:f5:8b:f7:
         b9:0f:66:31:38:d3:7e:64:4d:a7:a4:b8:72:7b:52:1e:e4:3d:
         a2:a3:f0:9b:d8:25:f6:4c:72:13:b8:62:67:d8:96:e0:08:b4:
         51:94:17:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lg92ksE9+Z34ZoPabhgluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NWVhOTk5Y2RiYzYwMDRjNzFhNTQ3MGNhMGVjN2FlNzM4
MjA4ZmEwHhcNMjYwMzI1MTUwMTMyWhcNMjYwMzI2MTUwMTMyWjAzMTEwLwYDVQQD
EyhlZDRmNjc5ZTFmYWVlNTgwNTI3ZDUwMGY5MjY4YmE1NGQ2YjRhOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynTfawmnkDtLkp3q6zTbI058aDac
4hq6NNNtVXrvNF+PuA/RVXimvTsWIabI5tPUnNufptQoqU0o54j2O6lOZ5L80QOw
YmxDrFvYjbGJSzKCFUgC/fkl44QuKqyIUSn3sZt3I32YCKUkTcmrxTLi1flSxQAg
HuBaOOYvvp9fIfIOmePEsxmxjZLoCMyKxPY3ZV4bO/hcx1XstiS4she0UvsnpTvU
0EwwrqhoXAkXGaZkA9YD5fqk/dG7egnRf52Z7OgK/MxVZALpUwTOWjHs1U4wXOUe
ZsPwxj69aLilr9tccVjlyNTvpAw/34H1EUq1RhTosjnsvhgjCZ9RVjFYlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO1PZ54fruWAUn1QD5JoulTWtKksMB8GA1UdIwQY
MBaAFIdeqZnNvGAExxpUcMoOx65zggj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2Ut
NGQxMmZkMjVkOTc4LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2UtNGQxMmZkMjVkOTc4
LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmii4das1
bpxyx6HrPCPYb6bRkQ4MvNK4a9oGSSZehyIOffIRotM8CKN/PDbrNeFXpNY3k+6+
d8mbqMfHRhAZGJU0DLFoZMvidPZYz1OfGwdVQX8uVGu3HeEdq44dBEkkxyz7nQ5v
c0u1uf7vOkarBYadjJbHLcjHwS5LjUQMCFHfKDpJdykhHgGhajb17Y1EGIykZG1+
Xfhc4zgwGB1UVWcp/CBxb9qGpzMfiCw/Y13J3ZSof4aOVaebZ9IJsgjIDeQgxxz+
txGnCQlvhcn2qUctik2/9Yv3uQ9mMTjTfmRNp6S4cntSHuQ9oqPwm9gl9kxyE7hi
Z9iW4Ai0UZQXXw==
-----END CERTIFICATE-----