Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
File:                     NDLzVG3kPONceHHFVLizDvY1wlE.mft (raw, json)
Hash identifier:          DrZ9Jf1pmO6d1NwiMkEWB2CMvdy8xxmNEed9zpKNWc8=
Subject key identifier:   5B:CA:8B:58:89:94:B0:BC:23:C7:E3:0B:3C:7C:28:BB:0B:99:5C:B4
Authority key identifier: 34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51
Certificate issuer:       /CN=3432f3546de43ce35c7871c554b8b30ef635c251
Certificate serial:       019D38D34AC933E176F786B8DDCAD75E9008
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
Manifest number:          0436
Signing time:             Sun 29 Mar 2026 09:01:04 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:04 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:04 +0000
Files and hashes:         1: NDLzVG3kPONceHHFVLizDvY1wlE.crl (hash: Vb+C2paL4ZJnvrAWr6TvH/9z02m5MonhvorS3+dWj+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:4a:c9:33:e1:76:f7:86:b8:dd:ca:d7:5e:90:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3432f3546de43ce35c7871c554b8b30ef635c251
        Validity
            Not Before: Mar 29 09:01:04 2026 GMT
            Not After : Mar 30 09:01:04 2026 GMT
        Subject: CN=5bca8b588994b0bc23c7e30b3c7c28bb0b995cb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:9c:6a:f3:70:c7:ab:0a:57:31:e6:ba:88:4f:
                    c9:e0:8a:b0:9a:5a:88:a7:10:dd:5c:3c:1e:60:3c:
                    fc:11:2f:b9:45:9e:fd:53:77:1f:b0:dd:77:4b:3c:
                    2b:0e:b0:9a:7c:43:ac:05:f7:1c:07:c8:da:5e:2d:
                    8e:58:3f:ba:44:d9:c1:b0:6e:a3:47:03:91:10:2c:
                    51:cc:b1:55:6b:00:d2:21:2b:57:1a:54:98:d3:2a:
                    e2:d0:8a:ce:77:06:39:a6:e7:1c:cb:ff:d6:55:1d:
                    42:29:26:c3:6f:ad:c9:33:60:86:4c:dc:9e:90:80:
                    0c:4d:be:30:b7:bf:b2:eb:88:a4:f0:f1:e4:6b:8b:
                    cc:5e:53:ad:14:ce:e4:4c:cd:77:a7:f3:b5:04:b3:
                    7e:38:e6:62:1f:48:af:a7:ca:f8:0c:6c:be:2b:5d:
                    46:21:b7:25:ff:24:e6:3b:9e:18:d8:ce:04:0f:56:
                    51:0c:38:e1:93:a6:22:0c:03:75:60:90:e1:25:47:
                    ba:77:c4:67:38:60:41:e3:46:ce:1f:98:d5:19:0a:
                    c3:bc:8e:df:39:49:07:97:1c:4d:23:fe:54:5e:86:
                    18:f3:c0:78:0f:c1:fc:68:0e:08:55:b1:21:1e:9e:
                    12:ed:cb:5d:77:19:46:47:89:16:51:4f:fd:1c:c7:
                    97:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:CA:8B:58:89:94:B0:BC:23:C7:E3:0B:3C:7C:28:BB:0B:99:5C:B4
            X509v3 Authority Key Identifier:
                keyid:34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:1e:0d:ac:50:76:1a:2e:ca:00:b4:e1:1d:47:0e:46:17:76:
         46:1c:6f:b0:6b:15:ef:b7:e1:6d:00:fd:f6:8f:77:9d:b0:33:
         64:bf:ec:7f:8b:9d:32:cd:29:3c:be:58:2a:eb:ee:5f:f0:5c:
         73:9f:92:90:9a:28:5b:78:4b:f4:f5:d0:9b:00:22:3b:01:af:
         53:75:ef:c5:1c:21:26:20:98:de:c9:1e:8e:97:7a:eb:6e:58:
         54:d8:51:4e:81:68:d3:a5:c9:6f:64:a7:ea:cd:7d:13:25:b8:
         cc:e2:a4:d3:c3:ce:be:39:db:b7:14:4e:3c:50:08:3e:28:55:
         1d:d1:c3:7e:a4:16:0b:14:93:f5:9f:eb:57:b7:df:eb:ff:63:
         4a:e4:c5:b9:e1:74:f0:5c:df:e4:27:82:05:3b:05:96:aa:ab:
         26:ac:20:69:f1:01:f0:75:44:bc:cd:12:7b:2b:92:d4:31:e6:
         e1:65:31:d0:b1:5c:0a:05:f9:c3:e8:86:c3:33:50:cf:4d:13:
         23:11:45:f7:9a:71:b5:4a:50:e9:78:61:9b:e0:0d:38:df:41:
         e2:9e:7b:f7:da:fd:f0:bf:7a:82:b5:fe:a2:7b:62:fe:a8:5b:
         df:54:6a:0a:75:ce:b3:7b:4f:c9:a0:21:e5:12:94:cc:3a:01:
         34:e3:cd:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0400rJM+F294a43crXXpAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzJmMzU0NmRlNDNjZTM1Yzc4NzFjNTU0YjhiMzBlZjYz
NWMyNTEwHhcNMjYwMzI5MDkwMTA0WhcNMjYwMzMwMDkwMTA0WjAzMTEwLwYDVQQD
Eyg1YmNhOGI1ODg5OTRiMGJjMjNjN2UzMGIzYzdjMjhiYjBiOTk1Y2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJxq83DHqwpXMea6iE/J4IqwmlqI
pxDdXDweYDz8ES+5RZ79U3cfsN13SzwrDrCafEOsBfccB8jaXi2OWD+6RNnBsG6j
RwORECxRzLFVawDSIStXGlSY0yri0IrOdwY5puccy//WVR1CKSbDb63JM2CGTNye
kIAMTb4wt7+y64ik8PHka4vMXlOtFM7kTM13p/O1BLN+OOZiH0ivp8r4DGy+K11G
Ibcl/yTmO54Y2M4ED1ZRDDjhk6YiDAN1YJDhJUe6d8RnOGBB40bOH5jVGQrDvI7f
OUkHlxxNI/5UXoYY88B4D8H8aA4IVbEhHp4S7ctddxlGR4kWUU/9HMeXdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvKi1iJlLC8I8fjCzx8KLsLmVy0MB8GA1UdIwQY
MBaAFDQy81Rt5DzjXHhxxVS4sw72NcJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjct
NjYzOGMzZWI0MDI3LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjctNjYzOGMzZWI0MDI3
LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsh4NrFB2
Gi7KALThHUcORhd2RhxvsGsV77fhbQD99o93nbAzZL/sf4udMs0pPL5YKuvuX/Bc
c5+SkJooW3hL9PXQmwAiOwGvU3XvxRwhJiCY3skejpd6625YVNhRToFo06XJb2Sn
6s19EyW4zOKk08POvjnbtxROPFAIPihVHdHDfqQWCxST9Z/rV7ff6/9jSuTFueF0
8Fzf5CeCBTsFlqqrJqwgafEB8HVEvM0SeyuS1DHm4WUx0LFcCgX5w+iGwzNQz00T
IxFF95pxtUpQ6Xhhm+ANON9B4p5799r98L96grX+onti/qhb31RqCnXOs3tPyaAh
5RKUzDoBNOPNeg==
-----END CERTIFICATE-----