Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/cd33f9-4f04-4983-a43a-3a8231edb46c/1/DSC_pCDAzV9fGNuOe9o1X-joW30.mft
File:                     DSC_pCDAzV9fGNuOe9o1X-joW30.mft (raw, json)
Hash identifier:          wJyn2XCCNUTMMUfWChxEH9j7irMjg5crgUSOl1vDK7A=
Subject key identifier:   A0:C4:D2:84:2B:A8:A3:BC:7F:98:25:CF:2F:26:D1:8C:86:87:A1:6C
Authority key identifier: 0D:20:BF:A4:20:C0:CD:5F:5F:18:DB:8E:7B:DA:35:5F:E8:E8:5B:7D
Certificate issuer:       /CN=0d20bfa420c0cd5f5f18db8e7bda355fe8e85b7d
Certificate serial:       019A7112AE580B593D7AD66DD70B25F463F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DSC_pCDAzV9fGNuOe9o1X-joW30.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/cd33f9-4f04-4983-a43a-3a8231edb46c/1/DSC_pCDAzV9fGNuOe9o1X-joW30.mft
Manifest number:          0218
Signing time:             Tue 11 Nov 2025 04:00:40 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:40 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:40 +0000
Files and hashes:         1: DSC_pCDAzV9fGNuOe9o1X-joW30.crl (hash: g8MiWBbq3ln2HJyP2YHRK2IUdhAedPsCcueiTDj2kXc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/cd33f9-4f04-4983-a43a-3a8231edb46c/1/DSC_pCDAzV9fGNuOe9o1X-joW30.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/cd33f9-4f04-4983-a43a-3a8231edb46c/1/DSC_pCDAzV9fGNuOe9o1X-joW30.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DSC_pCDAzV9fGNuOe9o1X-joW30.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:ae:58:0b:59:3d:7a:d6:6d:d7:0b:25:f4:63:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d20bfa420c0cd5f5f18db8e7bda355fe8e85b7d
        Validity
            Not Before: Nov 11 04:00:40 2025 GMT
            Not After : Nov 12 04:00:40 2025 GMT
        Subject: CN=a0c4d2842ba8a3bc7f9825cf2f26d18c8687a16c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:51:61:96:b6:cc:92:e0:20:6b:4d:e1:1b:0f:
                    e7:14:8c:35:7b:ed:04:6a:6d:5a:e9:a7:18:65:13:
                    22:9d:11:c0:b8:16:69:3a:a9:4a:05:78:85:a1:e4:
                    f8:21:ef:20:bd:76:ef:67:d8:86:78:dc:e0:ff:1f:
                    5b:5a:c5:96:64:02:f0:2d:0f:77:0d:a4:9d:4d:79:
                    23:85:72:84:00:8a:d4:a7:32:c6:20:c0:83:f5:20:
                    e0:7d:46:12:11:d5:a1:35:f9:f5:6d:26:21:6a:48:
                    33:fd:59:4d:d7:7e:3d:3a:f9:67:cb:60:09:5b:c5:
                    95:c8:13:68:b3:d8:55:09:7d:ec:2b:33:39:fc:92:
                    8f:db:10:dc:48:03:65:ba:a1:ba:40:ac:08:70:b9:
                    d0:d3:af:8e:b0:59:01:ae:50:9d:61:77:94:35:b7:
                    70:d8:ca:06:f3:79:08:3a:5a:59:8b:ee:38:24:da:
                    e1:c9:be:ab:ee:8f:63:d5:b3:15:86:4d:bc:5a:64:
                    51:51:e7:5e:0e:b7:24:9d:be:6e:2a:4f:02:29:9d:
                    d7:08:82:d8:6e:b1:2b:cb:39:86:16:94:fb:47:c7:
                    c6:3d:ab:6a:53:8b:82:fd:31:79:3e:68:e7:87:45:
                    59:14:35:5a:a0:63:d8:43:22:4f:86:ee:6d:4c:9d:
                    81:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:C4:D2:84:2B:A8:A3:BC:7F:98:25:CF:2F:26:D1:8C:86:87:A1:6C
            X509v3 Authority Key Identifier:
                keyid:0D:20:BF:A4:20:C0:CD:5F:5F:18:DB:8E:7B:DA:35:5F:E8:E8:5B:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSC_pCDAzV9fGNuOe9o1X-joW30.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/cd33f9-4f04-4983-a43a-3a8231edb46c/1/DSC_pCDAzV9fGNuOe9o1X-joW30.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/cd33f9-4f04-4983-a43a-3a8231edb46c/1/DSC_pCDAzV9fGNuOe9o1X-joW30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:73:4a:3d:9d:66:f2:b3:ab:81:4b:38:09:ac:58:04:c1:d1:
         e7:c2:9a:2c:90:66:25:fe:38:de:ab:a6:f2:cb:1e:be:1e:03:
         1f:26:cf:09:03:0f:84:90:cd:ea:cc:8b:88:82:7b:c2:1d:9d:
         6c:5c:60:c6:7d:09:7c:7a:ee:22:4e:34:2c:6c:68:b5:ea:ab:
         bf:6b:24:e1:e6:ae:d0:6e:3a:81:b6:0e:27:2c:3e:fc:73:3f:
         9d:e1:59:c2:25:aa:47:0f:ca:ea:54:a6:ea:45:64:65:55:c5:
         2e:29:3b:b9:fa:f8:22:d4:76:64:dd:c8:f0:68:01:aa:c8:2e:
         a5:a4:e5:e8:7f:4e:e4:8f:d8:9a:9b:ea:05:1d:fe:6f:02:54:
         6a:4b:ea:10:4b:d6:37:26:e5:21:ab:2d:68:12:d6:24:35:b2:
         a2:fb:f6:db:9a:0d:50:e9:46:ca:05:6d:78:4f:18:c7:85:00:
         3c:6e:3c:88:90:8e:9f:07:f8:c9:0b:8c:b1:98:13:97:ac:77:
         f6:6b:8e:14:c9:c5:70:9e:89:50:7e:7c:02:e9:7b:ba:75:37:
         5d:53:b1:36:bf:45:72:42:54:f3:d5:da:0f:b0:0d:00:6b:b9:
         dd:bd:ad:52:9a:0e:a5:20:23:97:3d:24:5d:2a:b6:d5:b6:2d:
         4f:bd:2d:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEq5YC1k9etZt1wsl9GPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjBiZmE0MjBjMGNkNWY1ZjE4ZGI4ZTdiZGEzNTVmZThl
ODViN2QwHhcNMjUxMTExMDQwMDQwWhcNMjUxMTEyMDQwMDQwWjAzMTEwLwYDVQQD
EyhhMGM0ZDI4NDJiYThhM2JjN2Y5ODI1Y2YyZjI2ZDE4Yzg2ODdhMTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFFhlrbMkuAga03hGw/nFIw1e+0E
am1a6acYZRMinRHAuBZpOqlKBXiFoeT4Ie8gvXbvZ9iGeNzg/x9bWsWWZALwLQ93
DaSdTXkjhXKEAIrUpzLGIMCD9SDgfUYSEdWhNfn1bSYhakgz/VlN1349Ovlny2AJ
W8WVyBNos9hVCX3sKzM5/JKP2xDcSANluqG6QKwIcLnQ06+OsFkBrlCdYXeUNbdw
2MoG83kIOlpZi+44JNrhyb6r7o9j1bMVhk28WmRRUedeDrcknb5uKk8CKZ3XCILY
brEryzmGFpT7R8fGPatqU4uC/TF5Pmjnh0VZFDVaoGPYQyJPhu5tTJ2BZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKDE0oQrqKO8f5glzy8m0YyGh6FsMB8GA1UdIwQY
MBaAFA0gv6QgwM1fXxjbjnvaNV/o6Ft9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNDX3BDREF6VjlmR051T2U5bzFYLWpvVzMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9jZDMzZjktNGYwNC00OTgzLWE0M2Et
M2E4MjMxZWRiNDZjLzEvRFNDX3BDREF6VjlmR051T2U5bzFYLWpvVzMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9jZDMzZjktNGYwNC00OTgzLWE0M2EtM2E4MjMxZWRiNDZj
LzEvRFNDX3BDREF6VjlmR051T2U5bzFYLWpvVzMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD3NKPZ1m
8rOrgUs4CaxYBMHR58KaLJBmJf443qum8ssevh4DHybPCQMPhJDN6syLiIJ7wh2d
bFxgxn0JfHruIk40LGxoteqrv2sk4eau0G46gbYOJyw+/HM/neFZwiWqRw/K6lSm
6kVkZVXFLik7ufr4ItR2ZN3I8GgBqsgupaTl6H9O5I/YmpvqBR3+bwJUakvqEEvW
NyblIastaBLWJDWyovv225oNUOlGygVteE8Yx4UAPG48iJCOnwf4yQuMsZgTl6x3
9muOFMnFcJ6JUH58Aul7unU3XVOxNr9FckJU89XaD7ANAGu53b2tUpoOpSAjlz0k
XSq21bYtT70tZQ==
-----END CERTIFICATE-----