Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/cd33f9-4f04-4983-a43a-3a8231edb46c/1/DSC_pCDAzV9fGNuOe9o1X-joW30.mft
File:                     DSC_pCDAzV9fGNuOe9o1X-joW30.mft (raw, json)
Hash identifier:          Y5rQWgtqiz/yXyvVDVyUFWJgvjUBm60exxD57FYIRg0=
Subject key identifier:   1B:FD:FD:C7:33:33:A5:38:5E:E4:54:50:C0:57:BA:E6:D0:6C:E0:DF
Authority key identifier: 0D:20:BF:A4:20:C0:CD:5F:5F:18:DB:8E:7B:DA:35:5F:E8:E8:5B:7D
Certificate issuer:       /CN=0d20bfa420c0cd5f5f18db8e7bda355fe8e85b7d
Certificate serial:       019D37C03B2E39921C3665DFCE403E915226
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DSC_pCDAzV9fGNuOe9o1X-joW30.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/cd33f9-4f04-4983-a43a-3a8231edb46c/1/DSC_pCDAzV9fGNuOe9o1X-joW30.mft
Manifest number:          0388
Signing time:             Sun 29 Mar 2026 04:00:38 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:38 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:38 +0000
Files and hashes:         1: DSC_pCDAzV9fGNuOe9o1X-joW30.crl (hash: GJSNyGk82NxpudhJtRU35zA7kkch8VYb/CcjhAY3gQU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/cd33f9-4f04-4983-a43a-3a8231edb46c/1/DSC_pCDAzV9fGNuOe9o1X-joW30.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/cd33f9-4f04-4983-a43a-3a8231edb46c/1/DSC_pCDAzV9fGNuOe9o1X-joW30.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DSC_pCDAzV9fGNuOe9o1X-joW30.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:3b:2e:39:92:1c:36:65:df:ce:40:3e:91:52:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d20bfa420c0cd5f5f18db8e7bda355fe8e85b7d
        Validity
            Not Before: Mar 29 04:00:38 2026 GMT
            Not After : Mar 30 04:00:38 2026 GMT
        Subject: CN=1bfdfdc73333a5385ee45450c057bae6d06ce0df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a4:2a:6b:f8:37:ca:24:0f:87:05:e8:37:84:
                    c6:8b:7f:62:97:53:e2:d8:d1:0f:99:1f:80:dd:1f:
                    fc:95:ed:e9:9d:36:38:cf:8f:ff:46:05:41:d6:c9:
                    ad:4c:f9:2b:53:2a:3f:3a:17:c2:67:7b:4f:57:20:
                    34:85:8a:4c:57:1b:24:78:1c:f3:79:bd:7e:37:02:
                    96:b7:77:4b:91:c5:24:fe:29:50:47:fb:78:02:6d:
                    54:b5:06:85:37:fa:7a:59:3e:33:4d:e3:49:06:48:
                    26:be:44:91:9e:6f:1b:15:ee:b6:0f:42:ce:df:61:
                    d1:61:e5:56:f7:57:5d:62:e4:a5:91:7a:af:5b:af:
                    52:f9:7a:af:a0:87:95:7d:5b:4a:55:7c:4e:4e:0b:
                    dd:dd:07:be:51:1a:85:87:dd:a4:5b:a7:a4:1d:e1:
                    63:ad:3a:5f:1d:08:00:bb:71:c0:01:0c:c0:3b:59:
                    0c:24:0c:78:42:55:9f:4a:67:14:56:40:61:9e:30:
                    a2:2f:f8:fb:24:5d:d0:10:91:49:53:6a:07:ae:6e:
                    64:7c:b7:32:e3:e7:c4:0a:a8:a5:2a:7c:30:0f:3b:
                    c3:4f:14:73:6c:0f:21:79:28:11:cf:9f:b7:46:dd:
                    3b:57:8f:4e:cd:d9:43:f1:3d:fb:6a:bb:b6:62:64:
                    26:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:FD:FD:C7:33:33:A5:38:5E:E4:54:50:C0:57:BA:E6:D0:6C:E0:DF
            X509v3 Authority Key Identifier:
                keyid:0D:20:BF:A4:20:C0:CD:5F:5F:18:DB:8E:7B:DA:35:5F:E8:E8:5B:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSC_pCDAzV9fGNuOe9o1X-joW30.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/cd33f9-4f04-4983-a43a-3a8231edb46c/1/DSC_pCDAzV9fGNuOe9o1X-joW30.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/cd33f9-4f04-4983-a43a-3a8231edb46c/1/DSC_pCDAzV9fGNuOe9o1X-joW30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:e3:27:b1:00:b7:fe:a3:73:bd:1c:69:e8:cf:d8:0a:3d:dc:
         d2:73:df:ef:10:15:57:04:67:15:bb:39:ee:f2:f6:cd:d4:57:
         dc:4f:f2:ce:ee:37:60:fd:4f:9f:69:e2:70:84:98:62:a4:86:
         75:6f:76:dc:90:d3:10:51:6d:6d:92:ea:d8:c6:74:dd:b0:d5:
         c1:49:a8:3b:38:ec:fb:4e:46:ae:b4:08:f0:29:e7:e3:9d:6a:
         b9:23:5a:06:4b:47:97:6a:9a:ca:37:c2:7d:d9:38:5b:2a:9b:
         73:cc:cd:84:2f:f0:08:cd:03:75:db:75:e5:4d:ba:2e:6b:06:
         f4:43:ec:96:9b:4b:03:f7:2d:e2:4f:1f:d3:0b:cc:8a:71:32:
         f6:fd:14:9e:c2:35:99:3b:5a:11:11:71:2d:f1:83:15:1d:66:
         c4:18:a8:02:dd:0c:dc:31:40:7b:46:0f:7e:e0:2b:10:a8:9a:
         16:b1:01:cd:d3:c8:3d:79:51:ce:55:20:60:3c:3f:60:d1:99:
         25:c5:21:e1:b5:9c:a6:6a:c2:74:68:17:11:df:e7:18:ef:a0:
         5d:b1:c2:86:01:ec:c8:6b:ec:8f:70:08:de:50:35:1e:5e:69:
         ee:f5:11:37:90:05:2d:6d:05:8f:01:39:d5:d1:d1:58:25:21:
         1f:a9:91:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wDsuOZIcNmXfzkA+kVImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjBiZmE0MjBjMGNkNWY1ZjE4ZGI4ZTdiZGEzNTVmZThl
ODViN2QwHhcNMjYwMzI5MDQwMDM4WhcNMjYwMzMwMDQwMDM4WjAzMTEwLwYDVQQD
EygxYmZkZmRjNzMzMzNhNTM4NWVlNDU0NTBjMDU3YmFlNmQwNmNlMGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6Qqa/g3yiQPhwXoN4TGi39il1Pi
2NEPmR+A3R/8le3pnTY4z4//RgVB1smtTPkrUyo/OhfCZ3tPVyA0hYpMVxskeBzz
eb1+NwKWt3dLkcUk/ilQR/t4Am1UtQaFN/p6WT4zTeNJBkgmvkSRnm8bFe62D0LO
32HRYeVW91ddYuSlkXqvW69S+XqvoIeVfVtKVXxOTgvd3Qe+URqFh92kW6ekHeFj
rTpfHQgAu3HAAQzAO1kMJAx4QlWfSmcUVkBhnjCiL/j7JF3QEJFJU2oHrm5kfLcy
4+fECqilKnwwDzvDTxRzbA8heSgRz5+3Rt07V49OzdlD8T37aru2YmQmDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBv9/cczM6U4XuRUUMBXuubQbODfMB8GA1UdIwQY
MBaAFA0gv6QgwM1fXxjbjnvaNV/o6Ft9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNDX3BDREF6VjlmR051T2U5bzFYLWpvVzMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9jZDMzZjktNGYwNC00OTgzLWE0M2Et
M2E4MjMxZWRiNDZjLzEvRFNDX3BDREF6VjlmR051T2U5bzFYLWpvVzMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9jZDMzZjktNGYwNC00OTgzLWE0M2EtM2E4MjMxZWRiNDZj
LzEvRFNDX3BDREF6VjlmR051T2U5bzFYLWpvVzMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAz+MnsQC3
/qNzvRxp6M/YCj3c0nPf7xAVVwRnFbs57vL2zdRX3E/yzu43YP1Pn2nicISYYqSG
dW923JDTEFFtbZLq2MZ03bDVwUmoOzjs+05GrrQI8Cnn451quSNaBktHl2qayjfC
fdk4Wyqbc8zNhC/wCM0Dddt15U26LmsG9EPslptLA/ct4k8f0wvMinEy9v0UnsI1
mTtaERFxLfGDFR1mxBioAt0M3DFAe0YPfuArEKiaFrEBzdPIPXlRzlUgYDw/YNGZ
JcUh4bWcpmrCdGgXEd/nGO+gXbHChgHsyGvsj3AI3lA1Hl5p7vURN5AFLW0FjwE5
1dHRWCUhH6mRAQ==
-----END CERTIFICATE-----