Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
File:                     2Hwy4kled0lvwgKzAxZLpAjl0SI.mft (raw, json)
Hash identifier:          hPzn2E8M10fTJf13EE6GPQeKVfV68I5RYpkpHlSqAKU=
Subject key identifier:   6C:EA:2A:5D:8B:7B:20:6D:61:4D:89:91:D4:04:AC:58:7A:B8:F7:24
Authority key identifier: D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22
Certificate issuer:       /CN=d87c32e2495e77496fc202b303164ba408e5d122
Certificate serial:       019D270490C86F34D52F7D43B3A686FFA61B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
Manifest number:          1781
Signing time:             Wed 25 Mar 2026 22:01:43 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:43 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:43 +0000
Files and hashes:         1: 2Hwy4kled0lvwgKzAxZLpAjl0SI.crl (hash: EuXghoQVapTswtNWT4gKiBoD+/zN5eAvns86QIZrzaQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:90:c8:6f:34:d5:2f:7d:43:b3:a6:86:ff:a6:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87c32e2495e77496fc202b303164ba408e5d122
        Validity
            Not Before: Mar 25 22:01:43 2026 GMT
            Not After : Mar 26 22:01:43 2026 GMT
        Subject: CN=6cea2a5d8b7b206d614d8991d404ac587ab8f724
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:35:c7:2c:c0:63:9d:f9:ff:66:a1:e2:03:88:
                    27:f8:1c:4c:5d:bc:b7:d1:31:ed:2d:34:94:77:34:
                    80:1f:c2:e9:f8:06:6d:4e:2a:c9:f4:e7:ff:83:aa:
                    a9:8f:1c:19:47:9b:84:ca:85:98:02:0c:26:78:b4:
                    10:c5:9b:0c:47:61:7f:d9:6b:49:28:9c:c0:35:ed:
                    74:8c:4a:1c:ad:1a:d7:4b:18:44:6f:b8:d1:28:bd:
                    b5:3a:f7:76:74:62:39:cb:85:00:b6:3b:95:57:2f:
                    33:23:84:c2:23:4e:d6:7b:8a:24:eb:9c:99:23:c7:
                    f9:d7:0d:00:80:8e:72:d2:7d:53:5a:dc:96:d9:d0:
                    ba:b5:d7:10:cc:48:81:10:07:3a:d6:0d:44:85:03:
                    80:71:61:4e:53:91:67:ff:a2:94:37:17:6f:de:c5:
                    8c:53:df:b4:8e:6b:96:a7:51:e7:92:c1:b4:87:b9:
                    6b:68:ed:1b:d8:d9:a6:b7:cb:6f:98:a5:b5:a0:de:
                    f3:5a:7d:bd:c9:15:67:72:a1:a9:4a:a6:ee:5e:ba:
                    df:94:6b:47:bd:82:b1:0f:53:ef:6b:6c:14:9e:37:
                    c0:bb:9f:c5:79:fb:bd:be:1f:13:04:82:54:3d:1d:
                    90:8f:26:a9:67:85:f8:ae:d1:7f:ad:36:12:65:77:
                    25:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:EA:2A:5D:8B:7B:20:6D:61:4D:89:91:D4:04:AC:58:7A:B8:F7:24
            X509v3 Authority Key Identifier:
                keyid:D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:bd:be:5e:44:a6:4b:6f:d2:cb:0e:55:0d:00:3c:41:50:9d:
         a1:56:d8:51:c3:8d:a4:6f:b4:83:d1:fd:5d:f3:8e:61:18:6f:
         10:24:a9:d4:99:69:3d:df:ec:92:5b:c1:16:e5:9f:13:f2:10:
         f7:de:cc:39:8a:7f:a9:91:8f:61:db:dc:05:8b:b6:37:9a:7f:
         9e:f8:7b:b0:7f:3d:e9:71:b6:67:dc:f5:e7:69:20:8a:42:77:
         eb:a8:03:95:cc:06:0f:7d:e2:de:9e:0a:1c:11:fd:f6:f0:40:
         34:46:20:7d:21:7e:01:e6:a2:07:c4:6e:40:b8:ca:5b:d5:19:
         0e:af:b8:a2:80:4e:41:eb:7f:b8:ec:04:9a:da:ae:dc:f7:f1:
         7e:22:bc:03:78:8f:f0:ba:10:0e:27:d3:1f:58:76:f5:f1:d9:
         de:fb:cc:f8:5b:7e:22:17:a6:d9:50:46:fa:8b:6b:d7:ef:13:
         3d:e9:97:19:55:df:bb:a0:07:41:dd:2c:35:c4:4b:c9:0f:de:
         39:45:d9:73:01:d1:89:c1:3c:f4:d0:1d:55:6a:a2:8c:d7:35:
         0d:cd:d0:61:2f:72:5b:e4:72:e7:6c:94:b4:30:7f:cb:2e:b0:
         d4:a1:dc:f2:61:94:8f:56:be:9d:9a:aa:2c:91:06:c4:cb:2d:
         4c:2b:7e:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBJDIbzTVL31Ds6aG/6YbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2MzMmUyNDk1ZTc3NDk2ZmMyMDJiMzAzMTY0YmE0MDhl
NWQxMjIwHhcNMjYwMzI1MjIwMTQzWhcNMjYwMzI2MjIwMTQzWjAzMTEwLwYDVQQD
Eyg2Y2VhMmE1ZDhiN2IyMDZkNjE0ZDg5OTFkNDA0YWM1ODdhYjhmNzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzXHLMBjnfn/ZqHiA4gn+BxMXby3
0THtLTSUdzSAH8Lp+AZtTirJ9Of/g6qpjxwZR5uEyoWYAgwmeLQQxZsMR2F/2WtJ
KJzANe10jEocrRrXSxhEb7jRKL21Ovd2dGI5y4UAtjuVVy8zI4TCI07We4ok65yZ
I8f51w0AgI5y0n1TWtyW2dC6tdcQzEiBEAc61g1EhQOAcWFOU5Fn/6KUNxdv3sWM
U9+0jmuWp1HnksG0h7lraO0b2Nmmt8tvmKW1oN7zWn29yRVncqGpSqbuXrrflGtH
vYKxD1Pva2wUnjfAu5/Fefu9vh8TBIJUPR2QjyapZ4X4rtF/rTYSZXclHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGzqKl2LeyBtYU2JkdQErFh6uPckMB8GA1UdIwQY
MBaAFNh8MuJJXndJb8ICswMWS6QI5dEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAt
NzI0M2I5ODRhNjE1LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAtNzI0M2I5ODRhNjE1
LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAL2+XkSm
S2/Syw5VDQA8QVCdoVbYUcONpG+0g9H9XfOOYRhvECSp1JlpPd/sklvBFuWfE/IQ
997MOYp/qZGPYdvcBYu2N5p/nvh7sH896XG2Z9z152kgikJ366gDlcwGD33i3p4K
HBH99vBANEYgfSF+AeaiB8RuQLjKW9UZDq+4ooBOQet/uOwEmtqu3PfxfiK8A3iP
8LoQDifTH1h29fHZ3vvM+Ft+Ihem2VBG+otr1+8TPemXGVXfu6AHQd0sNcRLyQ/e
OUXZcwHRicE89NAdVWqijNc1Dc3QYS9yW+Ry52yUtDB/yy6w1KHc8mGUj1a+nZqq
LJEGxMstTCt+TA==
-----END CERTIFICATE-----