Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
File:                     h16pmc28YATHGlRwyg7HrnOCCPo.mft (raw, json)
Hash identifier:          8ldRmqxmLjvmXsq5XTLkWRqz4CbBiJs19kFRzdw+0qI=
Subject key identifier:   10:02:B3:33:0B:F6:BE:15:F3:6C:95:98:C6:EF:02:8B:BA:20:B2:C4
Authority key identifier: 87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA
Certificate issuer:       /CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
Certificate serial:       019CABD92094A3A105D4C71504E3A2F1DE7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
Manifest number:          07A7
Signing time:             Mon 02 Mar 2026 00:00:59 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:59 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:59 +0000
Files and hashes:         1: h16pmc28YATHGlRwyg7HrnOCCPo.crl (hash: FjXQkmBny+yWIeNbHbyJXW5OkzGhJN+lU8JLZ2dxJrk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:20:94:a3:a1:05:d4:c7:15:04:e3:a2:f1:de:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
        Validity
            Not Before: Mar  2 00:00:59 2026 GMT
            Not After : Mar  3 00:00:59 2026 GMT
        Subject: CN=1002b3330bf6be15f36c9598c6ef028bba20b2c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:70:d8:b7:1e:f9:d1:37:b0:55:98:d6:3b:cc:
                    69:37:20:ab:de:0a:a5:06:02:1a:9a:ed:91:55:62:
                    bc:44:ff:12:00:1e:17:99:7e:9a:05:8f:de:cc:9f:
                    71:df:73:e9:c6:0e:42:86:31:25:88:c6:46:1a:d4:
                    19:0a:71:e8:3b:62:83:3a:16:ee:a2:b7:3c:4f:fb:
                    99:42:59:37:c5:0b:85:11:1e:85:52:b8:32:2c:a4:
                    a1:33:ab:de:b8:36:e3:78:b0:e7:3c:61:c1:94:55:
                    b7:72:2b:8b:af:52:4a:95:68:ee:e0:8f:4b:5d:01:
                    29:ce:f9:bf:40:b6:d0:b5:ae:e3:2d:ae:2a:85:b7:
                    ed:4b:2f:36:8a:40:d8:2e:38:25:e8:81:89:fe:2b:
                    6f:d2:f0:62:43:ed:99:3a:e8:ce:10:85:86:9d:3a:
                    dc:6d:c5:46:8f:75:1d:d2:d4:ff:ff:85:86:b3:e4:
                    44:21:b0:2d:d0:a3:f1:67:9e:d1:bb:c8:4f:b8:b6:
                    38:7c:a1:67:d2:9c:09:bd:6b:80:b5:4a:18:43:b5:
                    ec:5d:f0:2c:e9:df:24:a5:4e:65:91:9f:62:72:79:
                    b7:e5:f9:c1:ee:9d:16:eb:3f:80:1b:75:29:e0:12:
                    74:84:a7:a9:52:6a:4f:82:77:bd:fe:6b:12:7e:73:
                    34:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:02:B3:33:0B:F6:BE:15:F3:6C:95:98:C6:EF:02:8B:BA:20:B2:C4
            X509v3 Authority Key Identifier:
                keyid:87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:7f:31:09:7b:c0:0d:f0:d9:97:fd:13:32:b4:18:71:c3:fa:
         c1:78:e6:fc:bc:dc:36:fa:4b:97:19:d9:20:5d:a3:61:26:6d:
         b7:a7:c9:96:b6:07:3e:2d:d4:ad:b3:89:15:c5:b2:54:64:40:
         c2:b3:87:10:18:f4:ff:89:91:d8:88:51:66:63:5c:8b:ff:f7:
         a5:7f:a0:e2:ce:91:4c:73:a7:07:47:4f:d3:ed:d8:da:97:4e:
         34:2b:7b:f4:63:e3:92:80:56:17:c9:f3:79:44:be:64:a2:b4:
         37:99:6b:8d:a2:fd:32:2a:e9:00:f1:26:6a:0f:76:34:ff:b1:
         0a:40:43:73:65:b8:9a:1b:bc:4b:5b:f8:44:24:df:b0:ac:e6:
         94:34:b4:80:af:73:0b:2e:9a:ce:fa:48:e9:91:47:d5:47:9c:
         e7:f1:cd:d3:3d:69:b7:f7:b6:45:b4:89:46:28:b1:bc:98:d2:
         8a:39:37:d0:af:08:70:56:64:f0:92:68:5e:a4:36:c4:d7:83:
         97:17:58:65:3f:11:7a:23:6f:12:77:b5:3b:b1:03:8b:11:63:
         fe:89:d3:70:2c:ce:db:c8:9d:0f:c8:ac:78:80:8a:55:d6:69:
         69:3d:f5:fa:3e:06:30:01:35:34:0c:32:98:bb:6f:18:a7:c3:
         43:ca:13:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2SCUo6EF1McVBOOi8d58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NWVhOTk5Y2RiYzYwMDRjNzFhNTQ3MGNhMGVjN2FlNzM4
MjA4ZmEwHhcNMjYwMzAyMDAwMDU5WhcNMjYwMzAzMDAwMDU5WjAzMTEwLwYDVQQD
EygxMDAyYjMzMzBiZjZiZTE1ZjM2Yzk1OThjNmVmMDI4YmJhMjBiMmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHDYtx750TewVZjWO8xpNyCr3gql
BgIamu2RVWK8RP8SAB4XmX6aBY/ezJ9x33Ppxg5ChjEliMZGGtQZCnHoO2KDOhbu
orc8T/uZQlk3xQuFER6FUrgyLKShM6veuDbjeLDnPGHBlFW3ciuLr1JKlWju4I9L
XQEpzvm/QLbQta7jLa4qhbftSy82ikDYLjgl6IGJ/itv0vBiQ+2ZOujOEIWGnTrc
bcVGj3Ud0tT//4WGs+REIbAt0KPxZ57Ru8hPuLY4fKFn0pwJvWuAtUoYQ7XsXfAs
6d8kpU5lkZ9icnm35fnB7p0W6z+AG3Up4BJ0hKepUmpPgne9/msSfnM0JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBACszML9r4V82yVmMbvAou6ILLEMB8GA1UdIwQY
MBaAFIdeqZnNvGAExxpUcMoOx65zggj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2Ut
NGQxMmZkMjVkOTc4LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2UtNGQxMmZkMjVkOTc4
LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM38xCXvA
DfDZl/0TMrQYccP6wXjm/LzcNvpLlxnZIF2jYSZtt6fJlrYHPi3UrbOJFcWyVGRA
wrOHEBj0/4mR2IhRZmNci//3pX+g4s6RTHOnB0dP0+3Y2pdONCt79GPjkoBWF8nz
eUS+ZKK0N5lrjaL9MirpAPEmag92NP+xCkBDc2W4mhu8S1v4RCTfsKzmlDS0gK9z
Cy6azvpI6ZFH1Uec5/HN0z1pt/e2RbSJRiixvJjSijk30K8IcFZk8JJoXqQ2xNeD
lxdYZT8ReiNvEne1O7EDixFj/onTcCzO28idD8iseICKVdZpaT31+j4GMAE1NAwy
mLtvGKfDQ8oTpQ==
-----END CERTIFICATE-----