Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft
File:                     16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft (raw, json)
Hash identifier:          LWwHOOWDxBiYFXdJg7lLvvqLcjJtBRi8/EQKKtQwMLc=
Subject key identifier:   83:E2:F3:40:49:42:F5:9E:CF:D3:35:02:BC:6F:D3:22:9D:88:DE:71
Authority key identifier: D7:A4:FF:66:3F:A6:71:5D:B0:C6:BF:E7:9A:92:87:EA:DA:6C:B3:E6
Certificate issuer:       /CN=d7a4ff663fa6715db0c6bfe79a9287eada6cb3e6
Certificate serial:       019D98F4D0BDBA4977E15DCF83375D7479FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/16T_Zj-mcV2wxr_nmpKH6tpss-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 01:01:14 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:14 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:14 +0000
Files and hashes:         1: 16T_Zj-mcV2wxr_nmpKH6tpss-Y.crl (hash: iGh8Q77J+ts7EGXF7uwcdqYuZccIH1YSQSlIfcyT69M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/16T_Zj-mcV2wxr_nmpKH6tpss-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:d0:bd:ba:49:77:e1:5d:cf:83:37:5d:74:79:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7a4ff663fa6715db0c6bfe79a9287eada6cb3e6
        Validity
            Not Before: Apr 17 01:01:14 2026 GMT
            Not After : Apr 18 01:01:14 2026 GMT
        Subject: CN=83e2f3404942f59ecfd33502bc6fd3229d88de71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:28:48:6c:37:64:5c:66:d2:ff:8f:68:44:fb:
                    98:59:8e:ca:38:33:ed:87:ab:70:d7:9c:15:c0:80:
                    ec:98:70:cb:f8:82:f4:5e:7d:31:8f:fa:8f:6b:a3:
                    c6:b8:bb:5c:a1:a3:d9:78:f4:4c:4b:a3:06:af:7c:
                    82:f7:ea:b1:b6:60:47:83:a3:12:54:3f:f1:6b:35:
                    98:2f:61:d8:25:c4:35:b9:cf:78:73:cf:c0:75:be:
                    14:6d:78:8c:21:ee:9e:e3:42:9a:2e:0c:7f:fd:a9:
                    10:d4:89:76:b5:8c:d1:d1:82:87:21:ea:ef:c1:e9:
                    30:30:9e:9d:ed:bd:33:27:f9:0e:a7:b6:f1:56:b3:
                    79:e0:86:05:d4:60:c0:b6:5c:84:ec:18:4a:59:a2:
                    0b:37:02:ba:18:2c:21:b0:0a:90:ed:a0:a6:6c:e7:
                    6e:1c:35:0e:bb:23:75:ee:0e:67:7b:f8:aa:30:04:
                    c5:d0:26:83:de:67:c3:70:2e:d4:99:86:c0:e3:f0:
                    50:07:ce:0f:39:2d:8e:00:cd:ee:63:b4:69:f6:76:
                    1a:f5:d1:44:9d:03:36:04:8c:0b:b6:21:f9:d2:2e:
                    55:6d:2b:9e:8b:28:0f:b2:66:41:b4:a7:1f:2d:c0:
                    07:11:fa:c1:e3:24:fe:ce:cc:6f:c8:0c:0a:f4:21:
                    98:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:E2:F3:40:49:42:F5:9E:CF:D3:35:02:BC:6F:D3:22:9D:88:DE:71
            X509v3 Authority Key Identifier:
                keyid:D7:A4:FF:66:3F:A6:71:5D:B0:C6:BF:E7:9A:92:87:EA:DA:6C:B3:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/16T_Zj-mcV2wxr_nmpKH6tpss-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:75:2f:39:ad:0c:18:ab:a1:1e:dd:73:08:2a:1b:fd:69:be:
         57:3d:5b:03:13:c2:7d:76:00:b2:27:6b:93:c1:d1:e2:3b:33:
         28:50:fe:05:d7:c5:d2:29:d6:29:51:fc:73:48:07:0f:23:ee:
         14:f4:20:53:9a:70:07:15:80:40:f7:68:80:b6:8a:47:69:07:
         1f:89:20:22:09:9b:68:48:eb:a4:3f:15:40:40:13:ba:f7:d2:
         c8:ae:e2:37:1a:bf:2d:e6:19:c7:c6:98:57:25:c2:69:24:88:
         17:85:6d:a0:57:e3:68:f2:a1:2c:66:c5:28:3e:51:dd:81:0d:
         8b:d0:ef:66:7a:92:81:82:6c:6a:ed:ec:9b:e1:c3:f7:55:91:
         05:fd:cf:31:0d:3e:63:23:a0:8c:c3:d3:5c:b9:06:f9:9a:63:
         88:d8:3a:21:d6:f3:a3:c1:b8:a9:11:a8:6e:cf:25:35:fe:8f:
         56:6e:75:2d:b3:83:96:f4:42:af:e5:b8:d3:c3:18:c3:07:c5:
         0b:fe:5d:c3:7d:72:16:17:e6:94:6e:8c:ce:da:f5:59:1e:28:
         6a:b4:b5:cf:2f:dc:0f:52:69:16:21:e1:b6:de:40:97:c3:3d:
         34:64:29:6e:74:34:79:f9:b8:d2:6f:86:a6:c4:8c:8c:5c:73:
         d5:36:26:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9NC9ukl34V3PgzdddHn+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3YTRmZjY2M2ZhNjcxNWRiMGM2YmZlNzlhOTI4N2VhZGE2
Y2IzZTYwHhcNMjYwNDE3MDEwMTE0WhcNMjYwNDE4MDEwMTE0WjAzMTEwLwYDVQQD
Eyg4M2UyZjM0MDQ5NDJmNTllY2ZkMzM1MDJiYzZmZDMyMjlkODhkZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyhIbDdkXGbS/49oRPuYWY7KODPt
h6tw15wVwIDsmHDL+IL0Xn0xj/qPa6PGuLtcoaPZePRMS6MGr3yC9+qxtmBHg6MS
VD/xazWYL2HYJcQ1uc94c8/Adb4UbXiMIe6e40KaLgx//akQ1Il2tYzR0YKHIerv
wekwMJ6d7b0zJ/kOp7bxVrN54IYF1GDAtlyE7BhKWaILNwK6GCwhsAqQ7aCmbOdu
HDUOuyN17g5ne/iqMATF0CaD3mfDcC7UmYbA4/BQB84POS2OAM3uY7Rp9nYa9dFE
nQM2BIwLtiH50i5VbSueiygPsmZBtKcfLcAHEfrB4yT+zsxvyAwK9CGY1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIPi80BJQvWez9M1Arxv0yKdiN5xMB8GA1UdIwQY
MBaAFNek/2Y/pnFdsMa/55qSh+rabLPmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTZUX1pqLW1jVjJ3eHJfbm1wS0g2dHBzcy1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8wYWFiODctYzg1Yi00YThhLTlkYzUt
NmNlNjdlMGYyNTkzLzEvMTZUX1pqLW1jVjJ3eHJfbm1wS0g2dHBzcy1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8wYWFiODctYzg1Yi00YThhLTlkYzUtNmNlNjdlMGYyNTkz
LzEvMTZUX1pqLW1jVjJ3eHJfbm1wS0g2dHBzcy1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVXUvOa0M
GKuhHt1zCCob/Wm+Vz1bAxPCfXYAsidrk8HR4jszKFD+BdfF0inWKVH8c0gHDyPu
FPQgU5pwBxWAQPdogLaKR2kHH4kgIgmbaEjrpD8VQEATuvfSyK7iNxq/LeYZx8aY
VyXCaSSIF4VtoFfjaPKhLGbFKD5R3YENi9DvZnqSgYJsau3sm+HD91WRBf3PMQ0+
YyOgjMPTXLkG+ZpjiNg6Idbzo8G4qRGobs8lNf6PVm51LbODlvRCr+W408MYwwfF
C/5dw31yFhfmlG6Mztr1WR4oarS1zy/cD1JpFiHhtt5Al8M9NGQpbnQ0efm40m+G
psSMjFxz1TYm9g==
-----END CERTIFICATE-----