Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
File:                     0qJGL3IIsJcBO18hbWNDf6QB-3I.mft (raw, json)
Hash identifier:          OZoVIGslqpf7oLwZZvtBO3xb4t9xieTv4mf4UHUj7m8=
Subject key identifier:   CA:C3:9B:00:C5:34:71:49:8A:23:25:76:62:CE:5E:8D:6C:87:92:94
Authority key identifier: D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72
Certificate issuer:       /CN=d2a2462f7208b097013b5f216d63437fa401fb72
Certificate serial:       0197B70E9C50D72BD0FD2EDE091A1B51FE5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
Manifest number:          0928
Signing time:             Sat 28 Jun 2025 15:01:17 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:17 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:17 +0000
Files and hashes:         1: 0qJGL3IIsJcBO18hbWNDf6QB-3I.crl (hash: 4LnD6wyLxh1+cp+BZmi5EI5VhqtBJZjMSKOtABbnJiw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:9c:50:d7:2b:d0:fd:2e:de:09:1a:1b:51:fe:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2a2462f7208b097013b5f216d63437fa401fb72
        Validity
            Not Before: Jun 28 15:01:17 2025 GMT
            Not After : Jun 29 15:01:17 2025 GMT
        Subject: CN=cac39b00c53471498a23257662ce5e8d6c879294
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c2:a4:a4:8c:75:8c:9f:48:e7:22:c2:22:a6:
                    0d:88:21:d9:27:92:7f:b5:1e:9a:e8:2c:c5:ea:12:
                    20:8f:b8:20:7a:61:17:b1:78:25:a9:ab:51:7c:b5:
                    f3:b1:45:39:e2:35:b6:bd:1e:bf:a6:a2:bb:27:43:
                    a2:cb:41:3a:89:62:c4:f9:7e:9f:e6:54:b6:b7:ca:
                    6d:09:62:34:28:47:07:06:3f:13:c1:55:16:b1:47:
                    a1:a3:e7:12:1b:87:9a:61:8f:89:72:85:24:55:b8:
                    ef:a0:a6:91:fb:93:ab:e8:6e:9d:ae:95:68:53:dd:
                    5c:26:96:7b:69:d9:00:0e:0a:e6:63:92:29:01:e2:
                    19:62:bc:71:85:28:47:f3:1d:e0:38:b1:a6:f5:04:
                    a7:84:b1:16:d7:b5:4c:80:6c:0c:a5:9f:1a:e0:f3:
                    53:d2:c4:f7:06:50:fe:3c:f3:a4:dc:dd:21:65:72:
                    93:5a:3c:ae:2f:36:49:9e:a9:ee:dc:b7:d9:10:34:
                    a7:a7:60:93:aa:49:39:11:84:84:8e:01:64:45:ba:
                    1d:90:1e:1a:bf:1f:2e:2e:20:99:e2:7c:f0:89:37:
                    71:91:c4:d3:2b:0e:84:79:27:8e:94:76:a3:dd:a8:
                    68:63:1c:4d:35:12:f9:c6:ec:80:ef:3d:ea:ca:3b:
                    51:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:C3:9B:00:C5:34:71:49:8A:23:25:76:62:CE:5E:8D:6C:87:92:94
            X509v3 Authority Key Identifier:
                keyid:D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:7f:35:b1:23:57:bb:c6:8b:0c:ab:8e:fe:c2:e2:8a:79:f8:
         b5:f2:3e:3d:39:95:c3:07:38:bf:7c:f7:c6:e9:07:fb:d1:ff:
         10:61:c1:0c:59:7d:6f:96:24:bc:3c:22:c6:74:a7:a9:aa:06:
         6f:14:16:52:32:5e:1a:db:9d:00:fb:11:1a:79:01:3b:83:cd:
         cb:39:44:7b:8d:fb:2b:08:4d:4b:02:5c:66:ea:ea:30:43:4c:
         2e:d9:d9:52:81:7d:a8:04:79:62:a9:49:05:54:53:3f:db:87:
         be:ce:9d:b5:34:c3:56:fc:2e:be:ed:0c:56:00:98:93:bf:fe:
         72:a3:e4:ff:cb:8f:00:0c:a2:64:5a:20:32:78:36:bc:96:f5:
         e1:63:04:ce:3d:3c:ce:bd:0e:e8:09:59:aa:e0:bd:29:08:55:
         d2:80:0e:73:f8:e7:0b:3b:1c:76:ec:c2:85:9f:4d:4a:db:fc:
         d4:71:20:c3:04:c2:20:ed:a6:04:67:06:bc:e8:3f:d6:9c:3c:
         06:6a:eb:dd:75:b9:05:d6:ad:3a:d0:47:6f:3a:b8:05:71:e9:
         19:35:c8:25:87:33:7e:90:ff:7e:76:c2:2d:5e:cc:23:57:65:
         f3:64:10:38:cc:1f:18:c6:b9:7d:ed:72:17:5f:9b:f3:99:ed:
         c3:fc:58:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DpxQ1yvQ/S7eCRobUf5dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTI0NjJmNzIwOGIwOTcwMTNiNWYyMTZkNjM0MzdmYTQw
MWZiNzIwHhcNMjUwNjI4MTUwMTE3WhcNMjUwNjI5MTUwMTE3WjAzMTEwLwYDVQQD
EyhjYWMzOWIwMGM1MzQ3MTQ5OGEyMzI1NzY2MmNlNWU4ZDZjODc5Mjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8KkpIx1jJ9I5yLCIqYNiCHZJ5J/
tR6a6CzF6hIgj7ggemEXsXglqatRfLXzsUU54jW2vR6/pqK7J0Oiy0E6iWLE+X6f
5lS2t8ptCWI0KEcHBj8TwVUWsUeho+cSG4eaYY+JcoUkVbjvoKaR+5Or6G6drpVo
U91cJpZ7adkADgrmY5IpAeIZYrxxhShH8x3gOLGm9QSnhLEW17VMgGwMpZ8a4PNT
0sT3BlD+PPOk3N0hZXKTWjyuLzZJnqnu3LfZEDSnp2CTqkk5EYSEjgFkRbodkB4a
vx8uLiCZ4nzwiTdxkcTTKw6EeSeOlHaj3ahoYxxNNRL5xuyA7z3qyjtRLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMrDmwDFNHFJiiMldmLOXo1sh5KUMB8GA1UdIwQY
MBaAFNKiRi9yCLCXATtfIW1jQ3+kAftyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYt
N2RiZjUwZDc0MjhjLzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYtN2RiZjUwZDc0Mjhj
LzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAin81sSNX
u8aLDKuO/sLiinn4tfI+PTmVwwc4v3z3xukH+9H/EGHBDFl9b5YkvDwixnSnqaoG
bxQWUjJeGtudAPsRGnkBO4PNyzlEe437KwhNSwJcZurqMENMLtnZUoF9qAR5YqlJ
BVRTP9uHvs6dtTTDVvwuvu0MVgCYk7/+cqPk/8uPAAyiZFogMng2vJb14WMEzj08
zr0O6AlZquC9KQhV0oAOc/jnCzscduzChZ9NStv81HEgwwTCIO2mBGcGvOg/1pw8
Bmrr3XW5BdatOtBHbzq4BXHpGTXIJYczfpD/fnbCLV7MI1dl82QQOMwfGMa5fe1y
F1+b85ntw/xY+A==
-----END CERTIFICATE-----