Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft
File:                     16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft (raw, json)
Hash identifier:          2qZsRi/nsTyK4g7gxs/UrGfFRBPLHrKTPGQ8V0PDClE=
Subject key identifier:   25:11:0D:BC:AF:36:20:89:F0:F3:40:7F:3B:53:17:A2:0F:F7:F0:B3
Authority key identifier: D7:A4:FF:66:3F:A6:71:5D:B0:C6:BF:E7:9A:92:87:EA:DA:6C:B3:E6
Certificate issuer:       /CN=d7a4ff663fa6715db0c6bfe79a9287eada6cb3e6
Certificate serial:       019EC06D79CB802E766321453A759F462AD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/16T_Zj-mcV2wxr_nmpKH6tpss-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft
Manifest number:          1957
Signing time:             Sat 13 Jun 2026 10:01:00 +0000
Manifest this update:     Sat 13 Jun 2026 10:01:00 +0000
Manifest next update:     Sun 14 Jun 2026 10:01:00 +0000
Files and hashes:         1: 16T_Zj-mcV2wxr_nmpKH6tpss-Y.crl (hash: x3IQjjPiRSwEgqZ5evEQxiQWDBnGDa7kQ18NztBL7rk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/16T_Zj-mcV2wxr_nmpKH6tpss-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:43:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:6d:79:cb:80:2e:76:63:21:45:3a:75:9f:46:2a:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7a4ff663fa6715db0c6bfe79a9287eada6cb3e6
        Validity
            Not Before: Jun 13 10:01:00 2026 GMT
            Not After : Jun 14 10:01:00 2026 GMT
        Subject: CN=25110dbcaf362089f0f3407f3b5317a20ff7f0b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:c8:aa:16:49:3c:68:cd:0c:63:10:77:74:05:
                    db:95:cd:e9:8c:d4:44:22:87:e4:54:df:8e:ec:e9:
                    2c:77:0c:46:36:0b:1d:3e:fd:de:de:e5:ac:36:f4:
                    8e:00:96:b5:c7:f6:97:fa:78:8f:0a:6d:de:b6:b5:
                    9f:40:6c:73:a2:38:0d:2c:bb:0c:f7:9c:be:0b:69:
                    69:68:10:8c:b3:b8:a6:1e:22:73:88:71:7a:f0:d5:
                    62:18:97:5f:82:17:a2:cd:01:b6:a3:4b:12:bb:7f:
                    bf:3a:0e:a9:c1:59:c7:c5:6e:cf:fb:d2:04:76:1d:
                    4a:0b:16:7b:22:20:e3:2e:2c:21:19:21:85:21:e4:
                    12:73:f5:0f:e6:b0:dc:7e:d5:08:e5:94:b0:b2:c0:
                    f8:55:46:9a:1a:74:2f:76:a9:1a:58:c3:b5:0c:92:
                    90:02:e3:ef:19:16:f3:81:ed:c7:7f:18:e5:f2:9b:
                    eb:20:42:54:0c:5e:4d:6f:09:4e:87:9a:1a:9a:24:
                    db:b9:f3:10:4f:7c:6f:3c:23:94:af:dd:aa:c3:48:
                    0a:c2:15:76:9d:9d:92:a1:60:6e:32:b8:52:45:ce:
                    98:b6:5f:8e:42:a9:67:48:66:f2:54:36:66:bc:44:
                    eb:a9:7b:a7:a9:68:5f:fc:a3:dd:16:86:0f:d5:62:
                    ea:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:11:0D:BC:AF:36:20:89:F0:F3:40:7F:3B:53:17:A2:0F:F7:F0:B3
            X509v3 Authority Key Identifier:
                keyid:D7:A4:FF:66:3F:A6:71:5D:B0:C6:BF:E7:9A:92:87:EA:DA:6C:B3:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/16T_Zj-mcV2wxr_nmpKH6tpss-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:eb:74:1e:08:18:8f:30:22:e3:22:a9:db:a5:2f:ab:a8:29:
         1a:50:a5:01:3a:8e:76:f5:d5:7c:10:7a:ea:58:66:23:9c:aa:
         e3:17:c3:38:30:01:bf:3b:f0:c1:9f:03:f8:d5:e8:f2:5d:cc:
         5e:09:09:b0:51:82:73:81:d9:b4:94:05:10:20:00:7f:7e:76:
         d3:c4:3b:ce:b4:af:0e:02:bd:3b:d9:46:73:66:72:a1:61:34:
         32:c7:29:81:3a:72:5e:96:43:2e:e2:d3:8d:8c:9c:9b:d9:dd:
         dc:12:ff:2c:d2:05:30:c0:c9:20:2b:af:f9:bf:05:c5:2a:6e:
         b9:44:8b:fb:4b:b6:d5:54:b6:00:58:3e:b7:96:4a:64:27:c7:
         25:2f:22:07:39:11:d4:2d:66:3a:b4:0b:bd:33:12:fd:89:22:
         91:a8:63:e7:85:7c:b2:6e:8e:82:91:72:eb:da:d3:5c:bd:0e:
         d9:06:f3:ea:f5:56:6f:38:4e:4b:9d:91:77:13:4a:0e:35:d9:
         19:db:b0:c4:47:c8:16:13:1d:15:5d:7f:8d:d4:cd:96:a2:c3:
         1f:af:bc:c9:28:be:8f:ff:f5:ff:11:45:da:91:29:96:c8:d4:
         6e:ce:b6:02:99:ff:f2:a3:a7:66:fe:ec:89:df:d3:95:be:e1:
         08:70:dc:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7AbXnLgC52YyFFOnWfRirUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3YTRmZjY2M2ZhNjcxNWRiMGM2YmZlNzlhOTI4N2VhZGE2
Y2IzZTYwHhcNMjYwNjEzMTAwMTAwWhcNMjYwNjE0MTAwMTAwWjAzMTEwLwYDVQQD
EygyNTExMGRiY2FmMzYyMDg5ZjBmMzQwN2YzYjUzMTdhMjBmZjdmMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0siqFkk8aM0MYxB3dAXblc3pjNRE
IofkVN+O7OksdwxGNgsdPv3e3uWsNvSOAJa1x/aX+niPCm3etrWfQGxzojgNLLsM
95y+C2lpaBCMs7imHiJziHF68NViGJdfgheizQG2o0sSu3+/Og6pwVnHxW7P+9IE
dh1KCxZ7IiDjLiwhGSGFIeQSc/UP5rDcftUI5ZSwssD4VUaaGnQvdqkaWMO1DJKQ
AuPvGRbzge3Hfxjl8pvrIEJUDF5NbwlOh5oamiTbufMQT3xvPCOUr92qw0gKwhV2
nZ2SoWBuMrhSRc6Ytl+OQqlnSGbyVDZmvETrqXunqWhf/KPdFoYP1WLq7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCURDbyvNiCJ8PNAfztTF6IP9/CzMB8GA1UdIwQY
MBaAFNek/2Y/pnFdsMa/55qSh+rabLPmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTZUX1pqLW1jVjJ3eHJfbm1wS0g2dHBzcy1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8wYWFiODctYzg1Yi00YThhLTlkYzUt
NmNlNjdlMGYyNTkzLzEvMTZUX1pqLW1jVjJ3eHJfbm1wS0g2dHBzcy1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8wYWFiODctYzg1Yi00YThhLTlkYzUtNmNlNjdlMGYyNTkz
LzEvMTZUX1pqLW1jVjJ3eHJfbm1wS0g2dHBzcy1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMut0HggY
jzAi4yKp26Uvq6gpGlClATqOdvXVfBB66lhmI5yq4xfDODABvzvwwZ8D+NXo8l3M
XgkJsFGCc4HZtJQFECAAf35208Q7zrSvDgK9O9lGc2ZyoWE0MscpgTpyXpZDLuLT
jYycm9nd3BL/LNIFMMDJICuv+b8FxSpuuUSL+0u21VS2AFg+t5ZKZCfHJS8iBzkR
1C1mOrQLvTMS/Ykikahj54V8sm6OgpFy69rTXL0O2Qbz6vVWbzhOS52RdxNKDjXZ
GduwxEfIFhMdFV1/jdTNlqLDH6+8ySi+j//1/xFF2pEplsjUbs62Apn/8qOnZv7s
id/Tlb7hCHDc6A==
-----END CERTIFICATE-----