Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
File:                     2hvwCCS2KL9iY7t03ndK3fmZD8k.mft (raw, json)
Hash identifier:          1UuUq2cjAhjp+bXLsnk00X8R7fsUTErggauHY985JzU=
Subject key identifier:   BD:31:B1:91:59:D3:42:5D:DA:A7:10:0B:9D:4C:23:B1:9B:53:A1:A6
Authority key identifier: DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9
Certificate issuer:       /CN=da1bf00824b628bf6263bb74de774addf9990fc9
Certificate serial:       019D284D9333C99EC758F9E40B2A59313D2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
Manifest number:          160A
Signing time:             Thu 26 Mar 2026 04:01:05 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:05 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:05 +0000
Files and hashes:         1: 2hvwCCS2KL9iY7t03ndK3fmZD8k.crl (hash: tTIlXhD++RPF3VVfN8VoANeyMba9rm13ca1JTFFovSM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4d:93:33:c9:9e:c7:58:f9:e4:0b:2a:59:31:3d:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1bf00824b628bf6263bb74de774addf9990fc9
        Validity
            Not Before: Mar 26 04:01:05 2026 GMT
            Not After : Mar 27 04:01:05 2026 GMT
        Subject: CN=bd31b19159d3425ddaa7100b9d4c23b19b53a1a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:5f:77:ca:ba:d9:a4:6e:cb:a9:92:af:5c:7f:
                    77:1f:81:a2:77:22:f8:32:1d:03:2e:3a:f8:04:6b:
                    a3:b5:3d:5c:2d:37:07:a2:b3:80:7a:05:c0:77:32:
                    01:c7:16:8e:f7:dc:9b:e3:32:77:21:5f:95:f4:65:
                    a5:4e:1e:59:e4:f5:3e:49:93:3b:8e:74:2b:f5:94:
                    70:8b:6e:e1:87:e7:b3:97:d0:d1:b6:c6:80:0c:7b:
                    a6:48:2f:a1:4e:45:e8:c4:9d:d3:4e:c6:9e:6d:a0:
                    5d:f2:22:d4:38:f4:b9:1c:f8:77:a6:94:03:c4:7a:
                    84:a2:21:8a:82:eb:69:53:71:7d:e3:35:84:5f:1d:
                    cc:a4:2d:e0:34:b7:8b:78:1b:8d:27:aa:f9:f0:d7:
                    44:af:73:cb:7d:37:63:42:b9:86:36:1b:ab:d8:51:
                    9d:7d:ad:17:57:59:19:bf:4e:f7:38:ca:fe:cf:20:
                    3d:23:32:0d:71:09:49:12:84:61:b3:f5:18:19:19:
                    85:5e:6a:9d:de:4b:42:65:07:a8:44:49:a6:bf:45:
                    1c:06:e7:1f:ba:21:c8:c6:a5:c3:40:f9:20:5f:1b:
                    6d:5e:56:a3:29:67:b3:70:49:8b:6e:80:6e:f4:0a:
                    09:6c:4b:90:ff:da:ab:de:75:ff:77:84:5d:2c:7d:
                    32:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:31:B1:91:59:D3:42:5D:DA:A7:10:0B:9D:4C:23:B1:9B:53:A1:A6
            X509v3 Authority Key Identifier:
                keyid:DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:75:b7:c8:10:e0:72:b1:1e:3e:db:e1:81:b2:26:00:25:8c:
         47:a4:b9:4a:3c:67:a2:c0:ab:86:81:24:8b:fe:7f:f4:d4:0e:
         4d:f5:a0:50:97:b7:8f:ac:90:07:a4:c6:aa:18:2a:00:3d:2b:
         75:01:63:6c:66:25:b8:0f:63:80:e9:16:72:dd:95:0b:cf:a5:
         ab:07:42:00:15:41:1a:3b:3b:7b:ab:75:fb:5d:0e:ec:93:1f:
         0b:b0:c2:9d:ff:b7:33:30:b3:b6:98:eb:28:ed:57:cd:6c:f3:
         b9:99:c4:f8:18:dd:dd:cd:43:4e:1c:15:86:8f:f7:a2:d3:6e:
         f8:6f:e5:d5:cc:5a:a1:e1:a6:c9:62:c8:fb:a2:84:b2:1c:55:
         c4:22:4b:3c:4f:63:83:a9:d0:86:01:9a:01:bd:2c:10:b3:cf:
         fd:2d:c0:a1:80:64:ea:f3:98:4d:a0:eb:a1:3d:e8:3b:21:65:
         89:ab:1f:26:a2:41:a3:13:b5:d7:e9:42:03:05:08:c5:56:a7:
         43:09:84:00:79:ed:23:a5:24:92:4e:fb:35:4f:37:90:48:0e:
         26:f4:50:87:a4:a7:a8:04:30:c3:ba:50:a3:7d:cb:ef:3a:78:
         5e:c6:97:b9:3b:e1:d9:85:2e:7f:14:47:83:4e:94:d0:ca:23:
         7e:68:1d:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTZMzyZ7HWPnkCypZMT0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWJmMDA4MjRiNjI4YmY2MjYzYmI3NGRlNzc0YWRkZjk5
OTBmYzkwHhcNMjYwMzI2MDQwMTA1WhcNMjYwMzI3MDQwMTA1WjAzMTEwLwYDVQQD
EyhiZDMxYjE5MTU5ZDM0MjVkZGFhNzEwMGI5ZDRjMjNiMTliNTNhMWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3l93yrrZpG7LqZKvXH93H4GidyL4
Mh0DLjr4BGujtT1cLTcHorOAegXAdzIBxxaO99yb4zJ3IV+V9GWlTh5Z5PU+SZM7
jnQr9ZRwi27hh+ezl9DRtsaADHumSC+hTkXoxJ3TTsaebaBd8iLUOPS5HPh3ppQD
xHqEoiGKgutpU3F94zWEXx3MpC3gNLeLeBuNJ6r58NdEr3PLfTdjQrmGNhur2FGd
fa0XV1kZv073OMr+zyA9IzINcQlJEoRhs/UYGRmFXmqd3ktCZQeoREmmv0UcBucf
uiHIxqXDQPkgXxttXlajKWezcEmLboBu9AoJbEuQ/9qr3nX/d4RdLH0y8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0xsZFZ00Jd2qcQC51MI7GbU6GmMB8GA1UdIwQY
MBaAFNob8Agktii/YmO7dN53St35mQ/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2Mt
ZDZjNjIxNDJmN2UzLzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2MtZDZjNjIxNDJmN2Uz
LzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVXW3yBDg
crEePtvhgbImACWMR6S5SjxnosCrhoEki/5/9NQOTfWgUJe3j6yQB6TGqhgqAD0r
dQFjbGYluA9jgOkWct2VC8+lqwdCABVBGjs7e6t1+10O7JMfC7DCnf+3MzCztpjr
KO1XzWzzuZnE+Bjd3c1DThwVho/3otNu+G/l1cxaoeGmyWLI+6KEshxVxCJLPE9j
g6nQhgGaAb0sELPP/S3AoYBk6vOYTaDroT3oOyFliasfJqJBoxO11+lCAwUIxVan
QwmEAHntI6Ukkk77NU83kEgOJvRQh6SnqAQww7pQo33L7zp4XsaXuTvh2YUufxRH
g06U0MojfmgdKQ==
-----END CERTIFICATE-----