Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft
File:                     16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft (raw, json)
Hash identifier:          kmP2Z/N/FtpI0JGkLDs0qXiIOJlMeF2KKAxyf1IVOAg=
Subject key identifier:   52:70:98:C6:48:C5:E0:6F:19:E3:B4:86:FA:25:5B:B3:4F:34:B0:77
Authority key identifier: D7:A4:FF:66:3F:A6:71:5D:B0:C6:BF:E7:9A:92:87:EA:DA:6C:B3:E6
Certificate issuer:       /CN=d7a4ff663fa6715db0c6bfe79a9287eada6cb3e6
Certificate serial:       019CAB6BD367334C085913596DC5C102ECB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/16T_Zj-mcV2wxr_nmpKH6tpss-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 22:01:36 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:36 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:36 +0000
Files and hashes:         1: 16T_Zj-mcV2wxr_nmpKH6tpss-Y.crl (hash: 3jVNrc1DMmNvls68kTPY62K3EqJoFZjTX12F0vKSGkw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/16T_Zj-mcV2wxr_nmpKH6tpss-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:d3:67:33:4c:08:59:13:59:6d:c5:c1:02:ec:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7a4ff663fa6715db0c6bfe79a9287eada6cb3e6
        Validity
            Not Before: Mar  1 22:01:36 2026 GMT
            Not After : Mar  2 22:01:36 2026 GMT
        Subject: CN=527098c648c5e06f19e3b486fa255bb34f34b077
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:bd:18:8f:7e:d4:ff:3e:a9:ed:a1:cc:a0:ca:
                    6f:3f:81:74:47:82:9e:ad:b4:e0:4f:9f:d8:ed:e1:
                    d8:c3:fb:15:ba:57:cf:44:fb:28:d4:93:34:84:86:
                    3b:0c:d2:67:83:6e:2e:95:9a:83:62:e0:de:d8:81:
                    22:80:98:39:60:45:54:04:91:e6:1b:4b:98:30:94:
                    a7:bb:84:1a:0c:8d:1a:e8:a4:9a:f1:7b:7e:eb:bc:
                    86:b2:79:76:2b:46:a7:3b:f5:c0:54:06:fb:c8:68:
                    c9:e4:1b:7a:9c:e9:94:18:5f:63:09:cd:5b:cb:7b:
                    90:d4:0d:ae:aa:6e:09:c4:3b:55:72:6a:6f:71:80:
                    50:0e:2a:84:2c:da:4a:9a:4e:d0:b4:c3:f9:ac:bf:
                    66:b6:e9:04:c3:f5:40:90:6a:fa:fe:68:3e:83:3e:
                    60:0b:76:59:6f:39:bc:17:c4:5c:a7:1f:ce:8c:c5:
                    6b:ca:8d:ab:94:2b:55:15:43:9e:4b:8c:7b:ca:e5:
                    60:bb:87:4d:e6:24:fb:83:1a:fc:61:06:6b:e5:fd:
                    72:f2:0d:dc:ef:8b:90:b4:99:8b:4e:42:bc:67:05:
                    9b:8b:f2:cf:34:2e:f5:8a:2c:8c:4a:54:79:45:a8:
                    94:7a:82:7f:72:fb:c6:d5:69:06:75:08:1b:51:62:
                    29:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:70:98:C6:48:C5:E0:6F:19:E3:B4:86:FA:25:5B:B3:4F:34:B0:77
            X509v3 Authority Key Identifier:
                keyid:D7:A4:FF:66:3F:A6:71:5D:B0:C6:BF:E7:9A:92:87:EA:DA:6C:B3:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/16T_Zj-mcV2wxr_nmpKH6tpss-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:4b:e5:1b:3e:0e:d7:fc:ce:13:13:bb:41:c0:f0:98:f8:b7:
         67:88:19:0a:44:7c:68:2f:71:4f:fc:f2:58:03:1d:fd:d1:2c:
         90:e2:51:78:79:c0:77:5a:8f:d8:13:4f:03:96:7e:6b:ed:0d:
         4e:fb:fb:9a:19:83:44:2b:27:d7:21:ae:e1:8b:ac:78:db:02:
         bb:74:a8:87:a6:6e:bd:ff:5c:a0:5e:ba:cd:68:11:4d:1a:87:
         37:94:7b:99:10:86:f6:69:e4:73:d0:e3:54:60:12:b1:f4:a1:
         0b:20:25:2c:e5:54:55:d9:47:13:bd:2d:74:62:15:ac:ab:b9:
         49:c4:1c:ea:3e:83:dc:90:59:bc:9f:a6:6c:b8:4c:fc:e3:5d:
         6c:b7:81:19:f3:0d:0a:7c:48:97:ed:d1:3b:cd:da:93:18:3f:
         eb:c5:0d:9e:a2:f6:ed:d6:83:b6:b3:ee:08:09:58:0d:fa:f6:
         b2:48:ab:bb:63:5d:97:d2:90:7d:d1:10:70:6e:20:e5:db:9a:
         2a:91:27:3e:40:93:1b:68:02:47:c8:e9:9f:22:b0:71:b0:86:
         32:e2:f4:25:00:6f:0a:ff:f5:5d:5b:89:9f:5b:81:d8:9c:5a:
         e8:7e:fa:19:17:5d:d4:28:06:16:79:df:e6:a9:16:11:ff:cd:
         b0:59:1f:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra9NnM0wIWRNZbcXBAuyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3YTRmZjY2M2ZhNjcxNWRiMGM2YmZlNzlhOTI4N2VhZGE2
Y2IzZTYwHhcNMjYwMzAxMjIwMTM2WhcNMjYwMzAyMjIwMTM2WjAzMTEwLwYDVQQD
Eyg1MjcwOThjNjQ4YzVlMDZmMTllM2I0ODZmYTI1NWJiMzRmMzRiMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4L0Yj37U/z6p7aHMoMpvP4F0R4Ke
rbTgT5/Y7eHYw/sVulfPRPso1JM0hIY7DNJng24ulZqDYuDe2IEigJg5YEVUBJHm
G0uYMJSnu4QaDI0a6KSa8Xt+67yGsnl2K0anO/XAVAb7yGjJ5Bt6nOmUGF9jCc1b
y3uQ1A2uqm4JxDtVcmpvcYBQDiqELNpKmk7QtMP5rL9mtukEw/VAkGr6/mg+gz5g
C3ZZbzm8F8Rcpx/OjMVryo2rlCtVFUOeS4x7yuVgu4dN5iT7gxr8YQZr5f1y8g3c
74uQtJmLTkK8ZwWbi/LPNC71iiyMSlR5RaiUeoJ/cvvG1WkGdQgbUWIpYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJwmMZIxeBvGeO0hvolW7NPNLB3MB8GA1UdIwQY
MBaAFNek/2Y/pnFdsMa/55qSh+rabLPmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTZUX1pqLW1jVjJ3eHJfbm1wS0g2dHBzcy1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8wYWFiODctYzg1Yi00YThhLTlkYzUt
NmNlNjdlMGYyNTkzLzEvMTZUX1pqLW1jVjJ3eHJfbm1wS0g2dHBzcy1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8wYWFiODctYzg1Yi00YThhLTlkYzUtNmNlNjdlMGYyNTkz
LzEvMTZUX1pqLW1jVjJ3eHJfbm1wS0g2dHBzcy1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFkvlGz4O
1/zOExO7QcDwmPi3Z4gZCkR8aC9xT/zyWAMd/dEskOJReHnAd1qP2BNPA5Z+a+0N
Tvv7mhmDRCsn1yGu4YuseNsCu3Soh6Zuvf9coF66zWgRTRqHN5R7mRCG9mnkc9Dj
VGASsfShCyAlLOVUVdlHE70tdGIVrKu5ScQc6j6D3JBZvJ+mbLhM/ONdbLeBGfMN
CnxIl+3RO83akxg/68UNnqL27daDtrPuCAlYDfr2skiru2Ndl9KQfdEQcG4g5dua
KpEnPkCTG2gCR8jpnyKwcbCGMuL0JQBvCv/1XVuJn1uB2Jxa6H76GRdd1CgGFnnf
5qkWEf/NsFkfyw==
-----END CERTIFICATE-----