Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
File:                     2hvwCCS2KL9iY7t03ndK3fmZD8k.mft (raw, json)
Hash identifier:          +6nFNODRdF/QcHfJLOE/XaW3fBZH6QpVwI/XVqOYBP4=
Subject key identifier:   EE:2E:9F:EC:35:42:9D:45:8D:A2:85:07:4B:F3:4E:D6:D9:C1:B2:7F
Authority key identifier: DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9
Certificate issuer:       /CN=da1bf00824b628bf6263bb74de774addf9990fc9
Certificate serial:       019D37BFEC13233A7F3152C36D9AB6F636F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
Manifest number:          1612
Signing time:             Sun 29 Mar 2026 04:00:17 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:17 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:17 +0000
Files and hashes:         1: 2hvwCCS2KL9iY7t03ndK3fmZD8k.crl (hash: 8xmt1JGEk33HvPCF8kpy3f/kKynb35MnI8+uDydS4Vg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:bf:ec:13:23:3a:7f:31:52:c3:6d:9a:b6:f6:36:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1bf00824b628bf6263bb74de774addf9990fc9
        Validity
            Not Before: Mar 29 04:00:17 2026 GMT
            Not After : Mar 30 04:00:17 2026 GMT
        Subject: CN=ee2e9fec35429d458da285074bf34ed6d9c1b27f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:aa:2f:38:f9:de:91:7d:dc:6d:b8:75:89:2a:
                    79:be:e4:c9:a5:79:1f:eb:7f:64:4f:8a:4b:9d:0c:
                    82:4b:81:30:38:f3:00:0d:ca:ff:f6:66:0c:19:ab:
                    d6:75:15:7a:b4:ce:68:58:57:92:a1:89:3b:57:17:
                    4d:28:59:fc:a4:39:e6:87:66:14:16:ea:ee:4e:61:
                    93:fa:73:b2:dc:49:b5:3a:4a:b3:80:0f:6f:61:12:
                    51:10:de:79:d6:18:20:b6:7f:7e:ea:31:76:0e:93:
                    87:e0:fa:5d:91:6d:e4:cf:82:57:7d:55:20:e0:8b:
                    0f:e0:b0:2d:20:9e:5c:be:bc:3d:43:98:4b:a0:cd:
                    77:3a:f9:62:51:fe:74:56:42:99:88:15:ef:52:81:
                    9a:cb:c4:f2:f9:3f:ec:50:56:32:ef:c1:c9:04:6c:
                    87:59:47:ce:b6:40:45:a5:36:4f:4d:1e:bc:d7:70:
                    83:55:40:99:9b:c7:17:28:38:aa:54:b0:5c:73:8b:
                    d8:cd:9a:91:15:7e:0f:c1:e7:ae:7c:56:07:26:33:
                    da:53:fe:8f:f1:97:a1:7d:c7:91:0a:fb:7e:78:e6:
                    12:76:2c:f5:e2:f1:17:e3:a1:d8:85:cc:d6:3b:81:
                    1d:e5:d4:b5:96:f5:14:16:ac:b4:7d:bd:4f:7c:fc:
                    ee:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:2E:9F:EC:35:42:9D:45:8D:A2:85:07:4B:F3:4E:D6:D9:C1:B2:7F
            X509v3 Authority Key Identifier:
                keyid:DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:68:c5:f3:96:6c:bb:9d:2f:bc:a9:b7:80:82:e5:d3:b5:c4:
         55:62:d3:6c:5c:ed:cb:6d:10:61:de:c3:a8:d5:ed:d4:0d:0d:
         fe:a8:d0:03:c1:f7:35:21:0d:11:48:aa:52:11:f5:f4:2c:e5:
         23:60:0b:24:50:55:f6:64:d7:98:85:4c:c1:f1:d3:dc:7f:2c:
         53:61:f5:d8:55:4f:fe:3b:19:32:8a:7a:f0:20:26:6c:a3:68:
         f8:5f:b0:ec:1a:27:60:f2:24:f5:0a:a1:42:11:85:85:1f:64:
         ee:79:2d:43:13:01:f8:22:d0:20:b0:6e:ce:25:eb:cc:f7:1f:
         2d:5f:9e:09:a1:fc:6a:20:4e:c5:e4:f8:e2:ad:e0:2f:db:40:
         04:93:d4:87:2d:24:f0:05:67:35:cd:80:11:2c:87:a2:65:79:
         51:60:b5:71:1e:69:cc:2b:83:79:66:de:a9:f8:f1:52:46:d1:
         c7:96:b8:85:4e:d1:92:fb:4e:e0:e5:a6:b1:d0:04:7c:c7:6e:
         c8:28:73:b1:3a:68:8a:00:87:85:5f:17:54:52:27:e2:ab:4b:
         f4:d2:73:65:5a:8f:a9:45:a5:36:82:05:12:d9:c8:d8:e2:6a:
         8e:27:1c:ba:37:b4:eb:66:7c:6f:93:af:4a:6f:b6:c3:3b:f3:
         ab:f0:a0:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03v+wTIzp/MVLDbZq29jbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWJmMDA4MjRiNjI4YmY2MjYzYmI3NGRlNzc0YWRkZjk5
OTBmYzkwHhcNMjYwMzI5MDQwMDE3WhcNMjYwMzMwMDQwMDE3WjAzMTEwLwYDVQQD
EyhlZTJlOWZlYzM1NDI5ZDQ1OGRhMjg1MDc0YmYzNGVkNmQ5YzFiMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqovOPnekX3cbbh1iSp5vuTJpXkf
639kT4pLnQyCS4EwOPMADcr/9mYMGavWdRV6tM5oWFeSoYk7VxdNKFn8pDnmh2YU
FuruTmGT+nOy3Em1OkqzgA9vYRJREN551hggtn9+6jF2DpOH4PpdkW3kz4JXfVUg
4IsP4LAtIJ5cvrw9Q5hLoM13OvliUf50VkKZiBXvUoGay8Ty+T/sUFYy78HJBGyH
WUfOtkBFpTZPTR6813CDVUCZm8cXKDiqVLBcc4vYzZqRFX4PweeufFYHJjPaU/6P
8ZehfceRCvt+eOYSdiz14vEX46HYhczWO4Ed5dS1lvUUFqy0fb1PfPzuFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO4un+w1Qp1FjaKFB0vzTtbZwbJ/MB8GA1UdIwQY
MBaAFNob8Agktii/YmO7dN53St35mQ/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2Mt
ZDZjNjIxNDJmN2UzLzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2MtZDZjNjIxNDJmN2Uz
LzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVWjF85Zs
u50vvKm3gILl07XEVWLTbFzty20QYd7DqNXt1A0N/qjQA8H3NSENEUiqUhH19Czl
I2ALJFBV9mTXmIVMwfHT3H8sU2H12FVP/jsZMop68CAmbKNo+F+w7BonYPIk9Qqh
QhGFhR9k7nktQxMB+CLQILBuziXrzPcfLV+eCaH8aiBOxeT44q3gL9tABJPUhy0k
8AVnNc2AESyHomV5UWC1cR5pzCuDeWbeqfjxUkbRx5a4hU7RkvtO4OWmsdAEfMdu
yChzsTpoigCHhV8XVFIn4qtL9NJzZVqPqUWlNoIFEtnI2OJqjiccuje062Z8b5Ov
Sm+2wzvzq/Cg5g==
-----END CERTIFICATE-----