Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
File:                     h16pmc28YATHGlRwyg7HrnOCCPo.mft (raw, json)
Hash identifier:          nGoUVErXRw+mxTUnGDDyavD7jc0yU8OFFwc1iIn/Tvg=
Subject key identifier:   69:4E:B6:3D:C2:E9:F6:D7:AD:CB:01:F6:6D:2D:78:5F:F9:5E:11:E7
Authority key identifier: 87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA
Certificate issuer:       /CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
Certificate serial:       019D9962C892E67C0688B9388FE928533C06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
Manifest number:          0822
Signing time:             Fri 17 Apr 2026 03:01:21 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:21 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:21 +0000
Files and hashes:         1: h16pmc28YATHGlRwyg7HrnOCCPo.crl (hash: YGCBsQGvxWnyqF7uNDeM7kWjx37WR4JF1OACTbkiRCc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:c8:92:e6:7c:06:88:b9:38:8f:e9:28:53:3c:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
        Validity
            Not Before: Apr 17 03:01:21 2026 GMT
            Not After : Apr 18 03:01:21 2026 GMT
        Subject: CN=694eb63dc2e9f6d7adcb01f66d2d785ff95e11e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:d2:43:ee:9d:a9:95:8c:ea:41:53:f9:92:15:
                    4c:e6:3c:e0:64:98:e3:4b:85:cc:06:f7:d9:9f:73:
                    47:84:8f:e9:43:51:ed:d0:db:1a:9f:5c:26:81:94:
                    7b:74:cb:a8:5f:1b:d7:5f:02:37:b0:e5:42:e3:11:
                    a9:38:07:5f:49:99:3d:15:93:76:54:aa:13:7e:c5:
                    e6:74:b5:75:d2:c6:6f:81:1b:5a:0d:78:d8:44:99:
                    8d:e6:28:32:b8:9f:5d:1a:f5:dd:70:11:09:4a:d5:
                    88:f8:e9:f3:a9:f4:3d:17:86:6b:a0:6e:80:c9:84:
                    3f:df:e4:b8:dd:b0:b6:29:84:78:94:ce:7f:e9:9e:
                    fc:d2:3b:02:e9:7f:73:5f:df:49:be:06:e8:14:be:
                    03:2d:a4:1e:31:b6:aa:37:39:56:37:da:8d:71:1f:
                    05:9d:09:e2:6b:88:58:40:07:7a:b7:3e:a8:5f:87:
                    c6:09:d9:9f:01:08:19:53:b4:a9:4c:bc:99:7e:41:
                    39:e5:73:3d:bd:29:9b:bc:8d:9e:98:c8:25:cb:c9:
                    b3:27:f7:06:d3:57:0c:d1:7d:92:3d:86:8a:7b:59:
                    d3:21:44:7e:b2:0d:32:07:bf:de:6d:3e:43:52:22:
                    47:f6:94:c5:c9:f9:15:91:74:fe:5b:fd:9e:41:9d:
                    04:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:4E:B6:3D:C2:E9:F6:D7:AD:CB:01:F6:6D:2D:78:5F:F9:5E:11:E7
            X509v3 Authority Key Identifier:
                keyid:87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:fc:92:38:50:51:17:ba:56:42:f7:bf:a0:f5:34:6d:94:c9:
         62:c1:29:a2:c5:86:34:21:b2:7d:23:ce:89:1d:a9:15:28:82:
         f2:6b:3b:70:8c:d5:c3:0f:ad:14:fc:75:d6:c5:c1:5e:2c:7b:
         01:2d:f7:ab:9f:d2:0d:64:6a:21:74:59:ff:8f:de:34:13:64:
         e9:6a:f4:3f:7e:af:ad:5f:19:93:75:54:26:36:38:aa:88:b9:
         34:ad:9b:48:12:2a:b7:9c:59:84:24:86:2a:14:b7:cd:78:3a:
         7e:96:de:c8:b6:ad:e8:0a:d0:db:e7:e3:eb:b5:3c:63:f0:7f:
         02:2a:a2:28:c7:2f:22:cb:59:66:a2:96:5c:12:01:37:a4:ba:
         62:81:82:38:92:cd:c7:a5:08:69:82:a5:ad:22:15:e1:71:e2:
         76:4f:1a:a4:a7:1b:22:9a:f0:d2:4b:cc:ca:15:f2:e0:b7:c3:
         c1:c4:81:03:29:d0:42:76:eb:ff:ff:ba:0b:ff:19:77:b4:36:
         a6:36:0c:c8:ab:57:9b:07:78:d9:33:eb:bd:4c:2d:bd:03:f0:
         2f:4e:07:7d:67:9a:c2:1e:2f:80:36:53:d6:96:3e:f7:13:64:
         6a:99:e2:7b:11:7f:38:28:8a:14:69:b4:10:ab:c0:5d:8b:b5:
         b0:ff:85:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYsiS5nwGiLk4j+koUzwGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NWVhOTk5Y2RiYzYwMDRjNzFhNTQ3MGNhMGVjN2FlNzM4
MjA4ZmEwHhcNMjYwNDE3MDMwMTIxWhcNMjYwNDE4MDMwMTIxWjAzMTEwLwYDVQQD
Eyg2OTRlYjYzZGMyZTlmNmQ3YWRjYjAxZjY2ZDJkNzg1ZmY5NWUxMWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtJD7p2plYzqQVP5khVM5jzgZJjj
S4XMBvfZn3NHhI/pQ1Ht0Nsan1wmgZR7dMuoXxvXXwI3sOVC4xGpOAdfSZk9FZN2
VKoTfsXmdLV10sZvgRtaDXjYRJmN5igyuJ9dGvXdcBEJStWI+OnzqfQ9F4ZroG6A
yYQ/3+S43bC2KYR4lM5/6Z780jsC6X9zX99JvgboFL4DLaQeMbaqNzlWN9qNcR8F
nQnia4hYQAd6tz6oX4fGCdmfAQgZU7SpTLyZfkE55XM9vSmbvI2emMgly8mzJ/cG
01cM0X2SPYaKe1nTIUR+sg0yB7/ebT5DUiJH9pTFyfkVkXT+W/2eQZ0EPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlOtj3C6fbXrcsB9m0teF/5XhHnMB8GA1UdIwQY
MBaAFIdeqZnNvGAExxpUcMoOx65zggj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2Ut
NGQxMmZkMjVkOTc4LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2UtNGQxMmZkMjVkOTc4
LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnvySOFBR
F7pWQve/oPU0bZTJYsEposWGNCGyfSPOiR2pFSiC8ms7cIzVww+tFPx11sXBXix7
AS33q5/SDWRqIXRZ/4/eNBNk6Wr0P36vrV8Zk3VUJjY4qoi5NK2bSBIqt5xZhCSG
KhS3zXg6fpbeyLat6ArQ2+fj67U8Y/B/AiqiKMcvIstZZqKWXBIBN6S6YoGCOJLN
x6UIaYKlrSIV4XHidk8apKcbIprw0kvMyhXy4LfDwcSBAynQQnbr//+6C/8Zd7Q2
pjYMyKtXmwd42TPrvUwtvQPwL04HfWeawh4vgDZT1pY+9xNkapniexF/OCiKFGm0
EKvAXYu1sP+FCQ==
-----END CERTIFICATE-----