Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
File:                     2hvwCCS2KL9iY7t03ndK3fmZD8k.mft (raw, json)
Hash identifier:          lDVeuATVlzBeeYhTYrv9foFdM+4m43H/c/Y9bfP49ng=
Subject key identifier:   2E:B3:F0:90:46:C2:04:A5:14:18:36:A8:9B:6F:FB:E8:81:3B:2C:53
Authority key identifier: DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9
Certificate issuer:       /CN=da1bf00824b628bf6263bb74de774addf9990fc9
Certificate serial:       019CACB4A39F1C0427DEAF0E6B5E3417FAB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
Manifest number:          15CA
Signing time:             Mon 02 Mar 2026 04:00:45 +0000
Manifest this update:     Mon 02 Mar 2026 04:00:45 +0000
Manifest next update:     Tue 03 Mar 2026 04:00:45 +0000
Files and hashes:         1: 2hvwCCS2KL9iY7t03ndK3fmZD8k.crl (hash: DwVw68eUnNrbwv0VViW8eIRJmnhFkFHPwJCYugRQYD0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:b4:a3:9f:1c:04:27:de:af:0e:6b:5e:34:17:fa:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1bf00824b628bf6263bb74de774addf9990fc9
        Validity
            Not Before: Mar  2 04:00:45 2026 GMT
            Not After : Mar  3 04:00:45 2026 GMT
        Subject: CN=2eb3f09046c204a5141836a89b6ffbe8813b2c53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:d8:aa:5a:13:15:ae:de:f1:71:d7:0d:b1:f5:
                    d9:8f:8e:24:ef:d0:78:ea:25:c0:35:c0:6a:04:0f:
                    0d:3d:40:b7:95:07:7e:51:c8:54:40:c5:d5:a0:81:
                    70:81:d9:8e:08:68:42:9d:f7:4d:f4:b6:c9:f2:e2:
                    1e:b4:01:b0:f5:14:23:ac:37:3b:97:82:5a:35:95:
                    f9:3c:fe:da:3f:45:17:d7:f8:f2:75:ce:74:dd:2d:
                    e1:ca:db:44:a7:c6:36:e1:58:4e:3e:61:0f:10:c5:
                    01:90:2a:4f:d0:6f:d4:80:ef:86:cb:c5:cc:4f:8a:
                    c1:b7:3a:fe:6d:fe:ad:15:c4:ad:db:27:15:3e:23:
                    4a:69:23:8f:3b:91:f1:72:83:c0:34:8d:55:86:09:
                    56:73:1e:7e:3c:a1:c0:04:d4:d2:c7:b8:bd:6b:08:
                    ca:90:e9:a0:d2:b9:cf:c6:eb:f7:04:18:45:e1:bd:
                    e4:2d:ab:64:fb:94:fd:67:69:14:d9:08:18:5c:04:
                    ec:b8:f1:01:2c:a1:fe:52:94:c2:a1:b8:9e:6f:fe:
                    8f:09:db:de:a9:0b:ad:fe:da:4c:22:e8:8f:b4:9f:
                    36:c0:04:fc:f9:0c:fe:9f:bd:67:d1:ce:da:45:7b:
                    b4:0d:f6:d2:7a:e8:9e:47:3b:f2:3a:1d:fb:fc:ce:
                    77:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:B3:F0:90:46:C2:04:A5:14:18:36:A8:9B:6F:FB:E8:81:3B:2C:53
            X509v3 Authority Key Identifier:
                keyid:DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:79:a6:0b:e5:52:b0:fc:9e:1a:c3:bd:b8:ea:1d:6e:85:f3:
         10:33:05:50:a6:b0:8e:15:45:f6:af:0f:23:0e:b9:57:7a:ca:
         c2:d0:56:3c:61:c4:e1:7c:a4:14:33:fa:eb:30:61:8b:71:51:
         7d:a9:b6:f8:03:4f:fd:3f:e6:e0:77:9f:8c:63:3e:4c:a0:28:
         37:2c:ca:b3:34:64:f6:85:dd:c2:90:87:16:ea:45:9d:7f:7e:
         6b:d9:b8:30:ab:1e:99:d3:a2:96:68:d6:cd:9b:d7:a6:93:4c:
         2d:28:f2:e5:ff:e1:44:f7:4f:9b:98:d8:4f:97:d9:a4:e1:dc:
         91:26:bd:2f:63:d6:77:26:4f:fc:3c:25:b3:f1:25:53:e9:93:
         5b:d8:7c:6b:a5:b8:ee:18:66:73:fd:ce:b3:c7:7a:91:be:0a:
         83:32:86:a3:5b:aa:1f:ea:e3:ce:48:10:31:55:e7:5e:b2:5c:
         38:66:59:a8:c4:de:f4:e0:c1:c5:d8:e0:cf:83:1e:f2:dc:99:
         5c:3f:61:bb:45:29:19:22:5c:8c:46:56:38:ff:1e:62:9f:f5:
         1a:14:fb:4f:d4:7f:af:73:8f:10:5e:c1:38:4c:b4:26:01:23:
         bb:85:8b:38:8f:75:f6:82:37:a2:2b:4e:88:0a:ad:5e:35:05:
         85:19:f4:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystKOfHAQn3q8Oa140F/qwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWJmMDA4MjRiNjI4YmY2MjYzYmI3NGRlNzc0YWRkZjk5
OTBmYzkwHhcNMjYwMzAyMDQwMDQ1WhcNMjYwMzAzMDQwMDQ1WjAzMTEwLwYDVQQD
EygyZWIzZjA5MDQ2YzIwNGE1MTQxODM2YTg5YjZmZmJlODgxM2IyYzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydiqWhMVrt7xcdcNsfXZj44k79B4
6iXANcBqBA8NPUC3lQd+UchUQMXVoIFwgdmOCGhCnfdN9LbJ8uIetAGw9RQjrDc7
l4JaNZX5PP7aP0UX1/jydc503S3hyttEp8Y24VhOPmEPEMUBkCpP0G/UgO+Gy8XM
T4rBtzr+bf6tFcSt2ycVPiNKaSOPO5HxcoPANI1VhglWcx5+PKHABNTSx7i9awjK
kOmg0rnPxuv3BBhF4b3kLatk+5T9Z2kU2QgYXATsuPEBLKH+UpTCobieb/6PCdve
qQut/tpMIuiPtJ82wAT8+Qz+n71n0c7aRXu0DfbSeuieRzvyOh37/M530QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC6z8JBGwgSlFBg2qJtv++iBOyxTMB8GA1UdIwQY
MBaAFNob8Agktii/YmO7dN53St35mQ/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2Mt
ZDZjNjIxNDJmN2UzLzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2MtZDZjNjIxNDJmN2Uz
LzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAanmmC+VS
sPyeGsO9uOodboXzEDMFUKawjhVF9q8PIw65V3rKwtBWPGHE4XykFDP66zBhi3FR
fam2+ANP/T/m4HefjGM+TKAoNyzKszRk9oXdwpCHFupFnX9+a9m4MKsemdOilmjW
zZvXppNMLSjy5f/hRPdPm5jYT5fZpOHckSa9L2PWdyZP/Dwls/ElU+mTW9h8a6W4
7hhmc/3Os8d6kb4KgzKGo1uqH+rjzkgQMVXnXrJcOGZZqMTe9ODBxdjgz4Me8tyZ
XD9hu0UpGSJcjEZWOP8eYp/1GhT7T9R/r3OPEF7BOEy0JgEju4WLOI919oI3oitO
iAqtXjUFhRn0tQ==
-----END CERTIFICATE-----