Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
File:                     2hvwCCS2KL9iY7t03ndK3fmZD8k.mft (raw, json)
Hash identifier:          zE33za4Ppy8wyxk2in12pWX8Z2+iNmkN1OB3ZuIssQY=
Subject key identifier:   72:FF:10:01:24:91:79:4A:77:83:6D:51:93:68:E9:5B:29:E1:EC:AF
Authority key identifier: DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9
Certificate issuer:       /CN=da1bf00824b628bf6263bb74de774addf9990fc9
Certificate serial:       019D9A3E444454942983C289651D4D669068
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
Manifest number:          1645
Signing time:             Fri 17 Apr 2026 07:01:05 +0000
Manifest this update:     Fri 17 Apr 2026 07:01:05 +0000
Manifest next update:     Sat 18 Apr 2026 07:01:05 +0000
Files and hashes:         1: 2hvwCCS2KL9iY7t03ndK3fmZD8k.crl (hash: JIgwg8WbedKBREIQ0IFE0bMiePdbbYlw5CdVqtZNSHo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:44:44:54:94:29:83:c2:89:65:1d:4d:66:90:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1bf00824b628bf6263bb74de774addf9990fc9
        Validity
            Not Before: Apr 17 07:01:05 2026 GMT
            Not After : Apr 18 07:01:05 2026 GMT
        Subject: CN=72ff10012491794a77836d519368e95b29e1ecaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:89:cc:39:7d:46:bc:24:66:aa:c3:46:b8:7e:
                    d5:8b:19:96:cb:6f:00:3e:6b:fe:99:15:b3:90:2a:
                    92:85:0d:13:d9:a6:28:a5:9d:f9:0b:69:fd:8c:45:
                    19:cd:d2:a5:7f:4f:9f:12:82:57:34:e0:c8:8d:15:
                    08:65:f8:57:92:6e:75:39:d5:f8:84:9b:6f:07:55:
                    c3:b1:11:71:6a:45:b0:26:68:d1:7f:0d:1a:41:29:
                    b6:52:11:0e:ec:cd:7b:d4:4e:14:f7:e0:93:36:71:
                    43:e6:6a:e6:3e:cf:42:57:4f:07:37:41:a2:8e:c2:
                    04:f6:54:1f:e1:6f:03:ac:ed:99:1a:6a:7f:19:98:
                    08:80:44:91:5a:8f:4d:15:fb:ee:30:c6:27:2f:79:
                    bf:67:bf:79:36:52:12:57:b1:28:38:55:f5:ee:e3:
                    95:ec:ab:5c:86:bd:d2:c2:70:55:e0:83:f2:b5:28:
                    2c:5c:d5:33:01:6d:26:25:9c:d6:f0:06:e2:f7:81:
                    f3:f0:92:49:cf:09:b9:f3:b0:2a:5b:a3:a5:36:43:
                    92:bd:32:ac:c2:19:66:6c:b4:3c:ad:52:52:a8:8c:
                    da:45:34:f1:eb:e0:6a:00:8c:17:ea:d2:fe:18:aa:
                    a4:85:7b:df:5e:47:ba:c1:9b:84:96:43:4b:c2:a0:
                    c5:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:FF:10:01:24:91:79:4A:77:83:6D:51:93:68:E9:5B:29:E1:EC:AF
            X509v3 Authority Key Identifier:
                keyid:DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:dc:27:ee:36:c2:a5:da:1e:91:aa:6f:d8:f4:4d:bd:46:03:
         ae:71:b2:ac:d6:2e:da:7a:33:aa:88:9a:3a:81:8e:7a:13:c2:
         ac:6b:bb:a4:24:d9:29:47:0d:a4:54:fd:01:e8:bc:34:05:bd:
         72:ad:9f:17:5a:b6:dc:6e:44:73:9c:72:28:13:e7:59:72:f7:
         90:be:ec:27:6c:0b:17:0b:2f:04:e4:20:14:33:60:16:9b:78:
         8a:ab:78:f1:16:12:3f:5c:b8:d1:de:d9:11:f6:d2:6b:d9:f4:
         f8:eb:c1:a7:9b:84:b0:95:5b:6c:07:89:dd:8e:c5:a0:b5:ed:
         a3:87:6c:16:a3:a6:66:89:4a:3c:7c:95:b4:38:62:ef:bd:27:
         0a:02:1f:eb:a7:dd:5b:f5:30:cd:2b:6f:33:97:43:23:a7:4e:
         47:78:6d:ab:5b:02:bf:a1:54:7e:13:3e:df:12:bf:1c:a0:a1:
         15:5f:5b:c1:50:36:f3:37:05:0e:3e:6b:b5:95:c4:90:25:e5:
         75:36:11:60:8a:a6:19:db:e8:d4:a0:87:e9:3f:ac:89:2b:52:
         b5:27:e7:6e:33:55:21:b2:0b:ec:a7:23:e0:1f:6b:86:f3:6b:
         d5:18:59:3d:eb:a4:de:1b:40:57:62:27:cc:b1:d4:75:be:f2:
         ba:45:f5:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPkREVJQpg8KJZR1NZpBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWJmMDA4MjRiNjI4YmY2MjYzYmI3NGRlNzc0YWRkZjk5
OTBmYzkwHhcNMjYwNDE3MDcwMTA1WhcNMjYwNDE4MDcwMTA1WjAzMTEwLwYDVQQD
Eyg3MmZmMTAwMTI0OTE3OTRhNzc4MzZkNTE5MzY4ZTk1YjI5ZTFlY2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YnMOX1GvCRmqsNGuH7VixmWy28A
Pmv+mRWzkCqShQ0T2aYopZ35C2n9jEUZzdKlf0+fEoJXNODIjRUIZfhXkm51OdX4
hJtvB1XDsRFxakWwJmjRfw0aQSm2UhEO7M171E4U9+CTNnFD5mrmPs9CV08HN0Gi
jsIE9lQf4W8DrO2ZGmp/GZgIgESRWo9NFfvuMMYnL3m/Z795NlISV7EoOFX17uOV
7Ktchr3SwnBV4IPytSgsXNUzAW0mJZzW8Abi94Hz8JJJzwm587AqW6OlNkOSvTKs
whlmbLQ8rVJSqIzaRTTx6+BqAIwX6tL+GKqkhXvfXke6wZuElkNLwqDF4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHL/EAEkkXlKd4NtUZNo6Vsp4eyvMB8GA1UdIwQY
MBaAFNob8Agktii/YmO7dN53St35mQ/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2Mt
ZDZjNjIxNDJmN2UzLzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2MtZDZjNjIxNDJmN2Uz
LzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWdwn7jbC
pdoekapv2PRNvUYDrnGyrNYu2nozqoiaOoGOehPCrGu7pCTZKUcNpFT9Aei8NAW9
cq2fF1q23G5Ec5xyKBPnWXL3kL7sJ2wLFwsvBOQgFDNgFpt4iqt48RYSP1y40d7Z
EfbSa9n0+OvBp5uEsJVbbAeJ3Y7FoLXto4dsFqOmZolKPHyVtDhi770nCgIf66fd
W/UwzStvM5dDI6dOR3htq1sCv6FUfhM+3xK/HKChFV9bwVA28zcFDj5rtZXEkCXl
dTYRYIqmGdvo1KCH6T+siStStSfnbjNVIbIL7Kcj4B9rhvNr1RhZPeuk3htAV2In
zLHUdb7yukX19Q==
-----END CERTIFICATE-----