Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
File:                     SVfItkDqWWxdEac7PSZu54w_Cds.mft (raw, json)
Hash identifier:          qx7iqgUHFkm9OC0/3JHQSLSsnkspyvzE8DPIIqU/+2k=
Subject key identifier:   BC:5C:9E:58:18:69:36:68:71:3A:76:C6:5D:51:D4:1E:7C:89:14:F4
Authority key identifier: 49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB
Certificate issuer:       /CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
Certificate serial:       019A725C8FF9AC44EEC839F5D8565E8EB070
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
Manifest number:          09AD
Signing time:             Tue 11 Nov 2025 10:01:00 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:00 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:00 +0000
Files and hashes:         1: SVfItkDqWWxdEac7PSZu54w_Cds.crl (hash: nGRk0KZSHh7q9DfneLAI7gzX17jNYClNIyNGk1BJffk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:8f:f9:ac:44:ee:c8:39:f5:d8:56:5e:8e:b0:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
        Validity
            Not Before: Nov 11 10:01:00 2025 GMT
            Not After : Nov 12 10:01:00 2025 GMT
        Subject: CN=bc5c9e5818693668713a76c65d51d41e7c8914f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:39:bf:91:85:dd:2c:74:f6:f6:66:93:6f:f3:
                    f1:bd:44:8d:65:dd:41:c7:b0:64:10:45:96:de:7f:
                    e6:c6:aa:63:e7:01:46:24:5d:06:29:a8:64:dd:12:
                    f7:a6:42:4b:90:65:03:5f:1c:8c:68:96:15:c8:80:
                    12:7b:34:cb:3d:c1:91:6b:2f:4f:ae:2c:05:e5:e9:
                    1c:26:a5:c3:b3:84:f8:97:8f:81:d5:06:3b:bf:37:
                    e0:0d:f3:64:bd:9a:71:1d:a8:80:e8:c4:d7:47:30:
                    9d:ab:1e:64:ba:8b:5b:07:f2:50:c4:1a:6e:61:97:
                    cd:0e:4b:3e:45:22:ac:d4:c8:c6:aa:4a:ca:cd:a0:
                    91:dc:e6:0a:55:25:32:61:a0:89:98:7a:c4:7d:7a:
                    91:0e:eb:7d:45:e8:41:1a:75:58:20:8f:d3:84:4d:
                    64:57:cc:2e:67:78:16:19:8c:3e:1e:d0:69:bf:47:
                    01:25:7c:ab:35:7f:89:a1:82:99:55:d6:38:91:34:
                    82:ca:78:eb:a9:73:5e:0b:7c:d5:61:ae:a9:e5:76:
                    19:98:7d:38:5d:1d:c9:2d:59:2a:fd:3a:d3:9b:95:
                    46:5c:f3:91:fd:8f:e5:a8:ce:0d:9f:b5:50:0a:c6:
                    b3:e2:92:b2:65:bd:14:f9:cb:1f:d7:19:26:4e:b8:
                    51:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:5C:9E:58:18:69:36:68:71:3A:76:C6:5D:51:D4:1E:7C:89:14:F4
            X509v3 Authority Key Identifier:
                keyid:49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:8d:31:34:7c:31:d7:32:6d:e8:ea:62:e2:03:de:9d:c6:72:
         39:e8:99:6a:36:4f:60:a3:18:2e:0a:3c:19:d4:4c:be:f2:57:
         d8:3e:ef:11:d8:60:79:f5:79:d2:dc:c6:af:86:96:70:38:a9:
         6d:ec:37:ab:22:22:0a:8b:ad:ef:20:0a:b8:e5:a8:7a:84:e7:
         bb:05:0a:b8:8d:d3:2b:27:88:db:2f:17:25:e6:d3:0d:6a:cb:
         4f:af:4c:84:17:b5:fd:cb:3f:4b:b4:b5:8a:27:2c:fb:33:6e:
         13:b2:cb:19:5d:ed:cc:7c:4d:20:34:32:b4:14:3a:fb:92:d0:
         4c:38:ec:2e:01:2e:be:15:75:b4:20:6f:31:6c:66:b8:56:83:
         f9:ce:e7:df:7f:6c:a6:06:63:bc:16:33:0c:fd:b3:cc:b7:a2:
         5a:b2:e8:59:7d:f1:15:f1:01:c5:67:63:19:01:78:cc:57:a9:
         6c:0c:6d:a4:6b:65:b3:de:05:d9:51:91:eb:38:aa:66:f5:9e:
         23:88:dc:84:fc:52:29:b1:9f:83:d5:92:9e:56:17:f6:02:14:
         3a:e8:26:08:de:63:40:d9:7d:27:fd:5d:c3:f6:d1:46:b9:99:
         aa:b4:6c:8e:63:92:af:a5:c3:c8:e3:75:89:57:1e:34:82:a2:
         1a:e1:87:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXI/5rETuyDn12FZejrBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTdjOGI2NDBlYTU5NmM1ZDExYTczYjNkMjY2ZWU3OGMz
ZjA5ZGIwHhcNMjUxMTExMTAwMTAwWhcNMjUxMTEyMTAwMTAwWjAzMTEwLwYDVQQD
EyhiYzVjOWU1ODE4NjkzNjY4NzEzYTc2YzY1ZDUxZDQxZTdjODkxNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujm/kYXdLHT29maTb/PxvUSNZd1B
x7BkEEWW3n/mxqpj5wFGJF0GKahk3RL3pkJLkGUDXxyMaJYVyIASezTLPcGRay9P
riwF5ekcJqXDs4T4l4+B1QY7vzfgDfNkvZpxHaiA6MTXRzCdqx5kuotbB/JQxBpu
YZfNDks+RSKs1MjGqkrKzaCR3OYKVSUyYaCJmHrEfXqRDut9RehBGnVYII/ThE1k
V8wuZ3gWGYw+HtBpv0cBJXyrNX+JoYKZVdY4kTSCynjrqXNeC3zVYa6p5XYZmH04
XR3JLVkq/TrTm5VGXPOR/Y/lqM4Nn7VQCsaz4pKyZb0U+csf1xkmTrhRZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxcnlgYaTZocTp2xl1R1B58iRT0MB8GA1UdIwQY
MBaAFElXyLZA6llsXRGnOz0mbueMPwnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWIt
YmZlMWUxNzNkOGYwLzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWItYmZlMWUxNzNkOGYw
LzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAio0xNHwx
1zJt6Opi4gPencZyOeiZajZPYKMYLgo8GdRMvvJX2D7vEdhgefV50tzGr4aWcDip
bew3qyIiCout7yAKuOWoeoTnuwUKuI3TKyeI2y8XJebTDWrLT69MhBe1/cs/S7S1
iics+zNuE7LLGV3tzHxNIDQytBQ6+5LQTDjsLgEuvhV1tCBvMWxmuFaD+c7n339s
pgZjvBYzDP2zzLeiWrLoWX3xFfEBxWdjGQF4zFepbAxtpGtls94F2VGR6ziqZvWe
I4jchPxSKbGfg9WSnlYX9gIUOugmCN5jQNl9J/1dw/bRRrmZqrRsjmOSr6XDyON1
iVceNIKiGuGHmg==
-----END CERTIFICATE-----