Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/99d177-8c03-498f-b202-7a78ae054b4c/1/IwdlIUTJEn3WJnlgVsnsKTKk8gU.mft
File:                     IwdlIUTJEn3WJnlgVsnsKTKk8gU.mft (raw, json)
Hash identifier:          9NKzP/G+3RB9FxkNKhRGmZdobIKJ6b0hBqH3dkXoRzc=
Subject key identifier:   31:83:0E:C4:56:4C:E9:4A:56:9F:7D:BF:58:E8:46:9D:31:C9:92:A5
Authority key identifier: 23:07:65:21:44:C9:12:7D:D6:26:79:60:56:C9:EC:29:32:A4:F2:05
Certificate issuer:       /CN=2307652144c9127dd626796056c9ec2932a4f205
Certificate serial:       019D38667E1B8C5749E1E21A78DA055A5CD2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IwdlIUTJEn3WJnlgVsnsKTKk8gU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/99d177-8c03-498f-b202-7a78ae054b4c/1/IwdlIUTJEn3WJnlgVsnsKTKk8gU.mft
Manifest number:          036E
Signing time:             Sun 29 Mar 2026 07:02:14 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:14 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:14 +0000
Files and hashes:         1: IwdlIUTJEn3WJnlgVsnsKTKk8gU.crl (hash: 9XfP8kp7DJe57cg3iGav3K2qER90Xxj0v8B1hMVVWic=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/99d177-8c03-498f-b202-7a78ae054b4c/1/IwdlIUTJEn3WJnlgVsnsKTKk8gU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/99d177-8c03-498f-b202-7a78ae054b4c/1/IwdlIUTJEn3WJnlgVsnsKTKk8gU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IwdlIUTJEn3WJnlgVsnsKTKk8gU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:7e:1b:8c:57:49:e1:e2:1a:78:da:05:5a:5c:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2307652144c9127dd626796056c9ec2932a4f205
        Validity
            Not Before: Mar 29 07:02:14 2026 GMT
            Not After : Mar 30 07:02:14 2026 GMT
        Subject: CN=31830ec4564ce94a569f7dbf58e8469d31c992a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:af:c0:f9:9e:c9:d0:16:18:f1:58:62:4e:d6:
                    09:37:45:b0:ee:71:e5:7b:c9:05:e9:25:13:6a:b3:
                    f4:99:6f:75:30:2d:4d:60:3d:97:c7:a6:ba:df:97:
                    90:a6:34:96:85:4e:1b:2b:c0:70:c8:c5:dc:c7:be:
                    6c:7f:dd:69:93:3d:50:f2:1d:03:07:b9:11:51:31:
                    01:9c:dd:21:91:94:1b:ed:de:bb:37:66:fa:3f:60:
                    f1:47:ce:23:cd:1f:f5:6e:73:07:00:ae:d8:b5:a5:
                    8c:ea:32:b3:d3:86:12:5e:bc:df:9c:5f:df:76:56:
                    a6:8e:bb:87:9c:79:8b:e0:67:18:86:26:d5:76:c8:
                    fb:08:95:1a:74:cb:ad:b3:3e:51:36:77:4f:5e:76:
                    18:6b:b6:07:4f:09:7f:61:68:51:4f:a0:68:c6:6c:
                    96:e9:79:eb:73:ff:ba:8c:f7:e3:b5:ed:1a:3d:e8:
                    1f:63:d0:f4:a3:eb:92:0c:09:29:a4:a6:25:a5:3c:
                    7a:14:6a:17:4e:a2:54:d8:da:9e:b0:60:f5:b4:4a:
                    01:00:c1:be:02:7d:0a:70:8a:76:84:a4:1f:14:fc:
                    3b:5b:a3:1f:23:ae:08:0a:6e:4e:ae:47:42:71:9b:
                    92:fb:34:67:03:37:43:ad:2c:63:d7:19:4c:c4:6d:
                    b1:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:83:0E:C4:56:4C:E9:4A:56:9F:7D:BF:58:E8:46:9D:31:C9:92:A5
            X509v3 Authority Key Identifier:
                keyid:23:07:65:21:44:C9:12:7D:D6:26:79:60:56:C9:EC:29:32:A4:F2:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IwdlIUTJEn3WJnlgVsnsKTKk8gU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/99d177-8c03-498f-b202-7a78ae054b4c/1/IwdlIUTJEn3WJnlgVsnsKTKk8gU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/99d177-8c03-498f-b202-7a78ae054b4c/1/IwdlIUTJEn3WJnlgVsnsKTKk8gU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:b6:af:e2:dd:20:ad:3c:9d:7c:74:66:0b:6f:58:fa:5a:9c:
         d0:4a:74:d1:e2:95:bd:29:de:62:82:f9:02:d8:4f:57:fc:e9:
         76:0a:41:b2:88:09:7b:51:c9:44:02:1e:c9:2f:2f:ec:7a:34:
         f9:00:47:10:2a:9a:eb:0f:b5:03:25:2b:0c:3c:00:0e:3a:59:
         7d:da:54:bc:7d:bf:c7:0e:0b:ba:9b:f5:59:14:8a:57:15:71:
         07:49:36:51:a7:8a:55:51:eb:a7:53:a1:27:69:76:4e:dc:4e:
         ff:4e:7c:4f:45:5f:0a:19:6d:8b:66:3b:4b:02:8b:7a:a6:60:
         62:4f:5f:2f:af:2a:2a:6e:c5:5a:55:86:fd:23:63:b1:92:6b:
         8f:aa:57:15:8a:07:a1:4b:fb:d8:bc:6c:46:e3:ba:8f:26:8e:
         e9:d6:62:f4:2c:e9:03:d7:5c:65:98:42:2b:51:62:54:ab:51:
         ca:06:a0:1b:0b:37:37:ff:f5:e7:23:e5:aa:e1:c2:5e:b9:5c:
         53:1b:f9:01:58:99:a1:2c:d7:fb:45:a6:d8:3b:02:24:2e:71:
         5d:66:34:18:0f:6e:48:e1:4c:78:6e:86:81:d8:4d:3d:58:9e:
         4d:6a:d6:b9:62:1b:3b:d0:72:5b:aa:6a:da:59:b6:f7:47:79:
         38:26:4d:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zn4bjFdJ4eIaeNoFWlzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMDc2NTIxNDRjOTEyN2RkNjI2Nzk2MDU2YzllYzI5MzJh
NGYyMDUwHhcNMjYwMzI5MDcwMjE0WhcNMjYwMzMwMDcwMjE0WjAzMTEwLwYDVQQD
EygzMTgzMGVjNDU2NGNlOTRhNTY5ZjdkYmY1OGU4NDY5ZDMxYzk5MmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6/A+Z7J0BYY8VhiTtYJN0Ww7nHl
e8kF6SUTarP0mW91MC1NYD2Xx6a635eQpjSWhU4bK8BwyMXcx75sf91pkz1Q8h0D
B7kRUTEBnN0hkZQb7d67N2b6P2DxR84jzR/1bnMHAK7YtaWM6jKz04YSXrzfnF/f
dlamjruHnHmL4GcYhibVdsj7CJUadMutsz5RNndPXnYYa7YHTwl/YWhRT6BoxmyW
6Xnrc/+6jPfjte0aPegfY9D0o+uSDAkppKYlpTx6FGoXTqJU2NqesGD1tEoBAMG+
An0KcIp2hKQfFPw7W6MfI64ICm5OrkdCcZuS+zRnAzdDrSxj1xlMxG2x9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDGDDsRWTOlKVp99v1joRp0xyZKlMB8GA1UdIwQY
MBaAFCMHZSFEyRJ91iZ5YFbJ7CkypPIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXdkbElVVEpFbjNXSm5sZ1ZzbnNLVEtrOGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85OWQxNzctOGMwMy00OThmLWIyMDIt
N2E3OGFlMDU0YjRjLzEvSXdkbElVVEpFbjNXSm5sZ1ZzbnNLVEtrOGdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC85OWQxNzctOGMwMy00OThmLWIyMDItN2E3OGFlMDU0YjRj
LzEvSXdkbElVVEpFbjNXSm5sZ1ZzbnNLVEtrOGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHrav4t0g
rTydfHRmC29Y+lqc0Ep00eKVvSneYoL5AthPV/zpdgpBsogJe1HJRAIeyS8v7Ho0
+QBHECqa6w+1AyUrDDwADjpZfdpUvH2/xw4Lupv1WRSKVxVxB0k2UaeKVVHrp1Oh
J2l2TtxO/058T0VfChlti2Y7SwKLeqZgYk9fL68qKm7FWlWG/SNjsZJrj6pXFYoH
oUv72LxsRuO6jyaO6dZi9CzpA9dcZZhCK1FiVKtRygagGws3N//15yPlquHCXrlc
Uxv5AViZoSzX+0Wm2DsCJC5xXWY0GA9uSOFMeG6GgdhNPVieTWrWuWIbO9ByW6pq
2lm290d5OCZNAA==
-----END CERTIFICATE-----