Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
File:                     3rwtwyLztJZucDtdjIi3FvDZsOk.mft (raw, json)
Hash identifier:          ZxlT9+mB3g3eol2kBeudR65F+P7BZ0Py/mSbHQfs6f8=
Subject key identifier:   A1:89:04:83:D0:FC:10:31:B1:43:EA:C9:C1:D8:4D:F2:19:C5:E6:06
Authority key identifier: DE:BC:2D:C3:22:F3:B4:96:6E:70:3B:5D:8C:88:B7:16:F0:D9:B0:E9
Certificate issuer:       /CN=debc2dc322f3b4966e703b5d8c88b716f0d9b0e9
Certificate serial:       019E21DB53D6C46E663FC8F29BBC5C3BE6AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
Manifest number:          16C6
Signing time:             Wed 13 May 2026 15:01:22 +0000
Manifest this update:     Wed 13 May 2026 15:01:22 +0000
Manifest next update:     Thu 14 May 2026 15:01:22 +0000
Files and hashes:         1: 3rwtwyLztJZucDtdjIi3FvDZsOk.crl (hash: wzy6ZmEX8XPS3a2B4ndfZVTLrpXC6w+xL2EBaTFfTHc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 14 May 2026 15:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:21:db:53:d6:c4:6e:66:3f:c8:f2:9b:bc:5c:3b:e6:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=debc2dc322f3b4966e703b5d8c88b716f0d9b0e9
        Validity
            Not Before: May 13 15:01:22 2026 GMT
            Not After : May 14 15:01:22 2026 GMT
        Subject: CN=a1890483d0fc1031b143eac9c1d84df219c5e606
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:3f:8b:01:5e:cb:e3:5e:90:16:82:63:45:04:
                    a7:b3:43:e7:6e:9a:0d:79:49:46:2c:03:39:e7:3d:
                    0d:d7:b4:af:a4:67:1a:b7:d5:48:59:85:f0:04:60:
                    62:2a:6c:a6:d8:85:5b:ed:c3:5b:c5:24:c9:33:b4:
                    0f:36:50:c6:34:7a:4e:33:cc:87:44:36:2d:08:fa:
                    7a:e2:e1:04:7c:53:33:c4:51:84:5a:d2:a8:51:f9:
                    77:c8:e2:da:27:1c:11:c3:2c:92:ef:fb:b3:f9:df:
                    52:ee:7a:fa:1c:fd:84:8c:11:76:91:bc:6a:a4:ee:
                    b2:b5:dc:30:f6:cd:aa:15:da:bb:43:56:e6:f5:4b:
                    e0:8e:09:23:44:2b:0d:d8:a1:a7:59:42:06:37:b0:
                    96:b7:1f:46:6d:78:9d:46:91:a4:d5:55:38:c8:ff:
                    f3:5e:88:e3:e2:da:f9:bc:ed:bd:a4:5f:bd:d3:98:
                    5e:49:c5:fc:98:40:de:08:1d:17:18:cd:a4:40:6a:
                    bf:bb:01:92:45:09:df:94:09:e1:58:2f:15:e4:d5:
                    d4:3d:e5:3e:7c:66:75:f1:a8:2c:48:45:81:50:68:
                    c6:19:b9:81:20:89:73:36:4b:55:01:fc:bc:74:a9:
                    38:86:cd:fc:eb:d6:fa:3d:51:f0:14:27:0b:16:a1:
                    1d:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:89:04:83:D0:FC:10:31:B1:43:EA:C9:C1:D8:4D:F2:19:C5:E6:06
            X509v3 Authority Key Identifier:
                keyid:DE:BC:2D:C3:22:F3:B4:96:6E:70:3B:5D:8C:88:B7:16:F0:D9:B0:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:72:62:e0:f2:02:c8:ea:1f:bc:91:e1:2e:82:9e:b1:50:47:
         18:2e:78:ef:3a:1e:03:1d:d8:07:86:5a:b1:0f:7b:49:c5:41:
         33:7f:48:37:f7:79:46:07:ed:c6:f6:8e:ec:41:db:5d:c4:2c:
         b9:3a:86:c5:7d:93:0f:d7:fa:76:1c:62:f3:35:f3:5b:ab:9b:
         1b:21:dc:ce:76:e5:53:e0:03:59:d4:9b:ac:f5:1d:d2:91:65:
         29:6c:7b:43:71:81:f8:ff:62:60:70:b9:2c:c9:09:18:83:e0:
         71:b0:6d:91:30:bd:82:12:c5:ca:c9:27:74:0c:b7:18:b2:ff:
         69:5f:1e:ad:fc:22:7d:7f:d9:31:82:eb:5b:bd:aa:12:ef:87:
         6b:cd:e9:52:3c:b4:c4:00:3e:1d:66:9b:cd:b9:49:12:3a:00:
         93:e9:57:07:c2:43:5b:46:1a:b0:31:6d:57:81:6f:27:ec:ca:
         55:39:06:ec:80:44:f2:be:31:ad:8c:03:01:06:4e:48:43:30:
         6b:ba:eb:30:8d:44:ad:a3:75:cc:37:0f:c9:ff:76:c4:36:03:
         c0:10:15:b8:a1:25:e1:d3:9a:72:7c:34:41:66:c6:90:aa:b3:
         e8:32:13:bc:24:cb:c2:2c:46:f8:14:0b:96:c9:25:cd:76:40:
         4b:df:66:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4h21PWxG5mP8jym7xcO+aqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYmMyZGMzMjJmM2I0OTY2ZTcwM2I1ZDhjODhiNzE2ZjBk
OWIwZTkwHhcNMjYwNTEzMTUwMTIyWhcNMjYwNTE0MTUwMTIyWjAzMTEwLwYDVQQD
EyhhMTg5MDQ4M2QwZmMxMDMxYjE0M2VhYzljMWQ4NGRmMjE5YzVlNjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT+LAV7L416QFoJjRQSns0PnbpoN
eUlGLAM55z0N17SvpGcat9VIWYXwBGBiKmym2IVb7cNbxSTJM7QPNlDGNHpOM8yH
RDYtCPp64uEEfFMzxFGEWtKoUfl3yOLaJxwRwyyS7/uz+d9S7nr6HP2EjBF2kbxq
pO6ytdww9s2qFdq7Q1bm9UvgjgkjRCsN2KGnWUIGN7CWtx9GbXidRpGk1VU4yP/z
Xojj4tr5vO29pF+905heScX8mEDeCB0XGM2kQGq/uwGSRQnflAnhWC8V5NXUPeU+
fGZ18agsSEWBUGjGGbmBIIlzNktVAfy8dKk4hs3869b6PVHwFCcLFqEdFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKGJBIPQ/BAxsUPqycHYTfIZxeYGMB8GA1UdIwQY
MBaAFN68LcMi87SWbnA7XYyItxbw2bDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MDBkZWMtYjY2Yy00ZTFhLWE2Y2Mt
ZTg4ZTFhNjY4YmU0LzEvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MDBkZWMtYjY2Yy00ZTFhLWE2Y2MtZTg4ZTFhNjY4YmU0
LzEvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkHJi4PIC
yOofvJHhLoKesVBHGC547zoeAx3YB4ZasQ97ScVBM39IN/d5RgftxvaO7EHbXcQs
uTqGxX2TD9f6dhxi8zXzW6ubGyHcznblU+ADWdSbrPUd0pFlKWx7Q3GB+P9iYHC5
LMkJGIPgcbBtkTC9ghLFyskndAy3GLL/aV8erfwifX/ZMYLrW72qEu+Ha83pUjy0
xAA+HWabzblJEjoAk+lXB8JDW0YasDFtV4FvJ+zKVTkG7IBE8r4xrYwDAQZOSEMw
a7rrMI1EraN1zDcPyf92xDYDwBAVuKEl4dOacnw0QWbGkKqz6DITvCTLwixG+BQL
lsklzXZAS99maA==
-----END CERTIFICATE-----