Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
File:                     0qJGL3IIsJcBO18hbWNDf6QB-3I.mft (raw, json)
Hash identifier:          bdI2qReUxs96hoyBBmrMLh/sxT972COnVbPal+1B0y0=
Subject key identifier:   AA:E0:4D:8A:D7:BA:F5:F0:6C:69:95:FC:22:01:B3:F5:24:34:5F:77
Authority key identifier: D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72
Certificate issuer:       /CN=d2a2462f7208b097013b5f216d63437fa401fb72
Certificate serial:       0199FC58EC08265D0E0E89B5152F7B2F94FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
Manifest number:          0A55
Signing time:             Sun 19 Oct 2025 12:01:49 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:49 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:49 +0000
Files and hashes:         1: 0qJGL3IIsJcBO18hbWNDf6QB-3I.crl (hash: EGSJm25BZxVsbKm7g+5aLpcmbbvrTrvUGPzbHopA0JA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:ec:08:26:5d:0e:0e:89:b5:15:2f:7b:2f:94:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2a2462f7208b097013b5f216d63437fa401fb72
        Validity
            Not Before: Oct 19 12:01:49 2025 GMT
            Not After : Oct 20 12:01:49 2025 GMT
        Subject: CN=aae04d8ad7baf5f06c6995fc2201b3f524345f77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:96:9a:fd:c2:ea:c6:e7:61:19:32:ff:0f:06:
                    b3:d9:28:f5:f8:7f:f5:b3:ca:1b:9f:52:18:be:66:
                    29:02:56:5c:da:36:8b:77:a7:e5:fe:92:a6:54:c8:
                    a9:60:a7:72:de:f3:8a:ed:f0:ba:8c:6a:f2:97:85:
                    de:1d:53:bf:b4:17:f7:b2:71:08:2f:28:c0:65:31:
                    3f:bd:59:e4:c0:11:dc:7f:f5:04:00:6c:3d:29:2b:
                    93:0c:fe:e5:79:7b:61:be:15:21:08:fa:6e:1d:b4:
                    64:19:1a:dc:16:24:c9:04:0c:07:1f:de:9b:09:63:
                    7a:09:e3:db:eb:c4:28:25:64:ba:09:ec:ea:9a:c6:
                    6c:35:9a:6c:cb:96:34:90:8c:3e:d4:e7:ee:dd:5b:
                    a8:15:b6:db:6c:7c:a9:74:b0:d3:16:f7:81:44:7f:
                    cb:ff:3c:99:6e:57:fe:eb:4b:33:42:3c:bd:6a:49:
                    55:82:40:2d:da:57:4a:ed:87:14:6e:a2:4a:5a:bc:
                    a3:fc:5b:92:ec:f3:6d:0e:88:0f:01:27:38:bd:2f:
                    c8:81:60:fa:25:eb:b5:86:48:18:3a:c2:e2:ab:fe:
                    83:df:5c:e2:23:bb:de:bd:5f:8a:bc:10:f3:02:50:
                    56:d9:bd:e3:a8:2b:f4:c3:8a:15:85:dd:c2:0c:50:
                    bc:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:E0:4D:8A:D7:BA:F5:F0:6C:69:95:FC:22:01:B3:F5:24:34:5F:77
            X509v3 Authority Key Identifier:
                keyid:D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:d3:5a:a4:e3:c9:5a:c1:0e:76:07:35:d2:1f:63:db:03:4b:
         9f:b1:94:66:5d:3e:1a:d2:5a:9f:fc:de:71:b1:36:52:67:81:
         03:4a:8f:85:09:72:da:be:a1:6e:09:b6:02:12:fa:8b:8c:8f:
         d4:c7:1a:ae:61:1c:00:da:a2:c7:ce:0d:ab:8a:c2:a3:b9:cf:
         04:58:6c:ca:85:62:4f:4b:ee:93:b6:33:d6:06:c7:30:91:31:
         3c:a5:54:2b:6a:64:e8:e2:44:bb:42:e3:00:f7:02:4e:fe:7e:
         44:1e:df:bc:c4:42:22:28:7b:d1:16:c3:be:97:8c:62:4a:9f:
         af:3b:4f:2a:92:ff:1e:76:11:72:36:03:6d:be:2c:38:96:b5:
         e5:42:81:73:18:8b:e6:ce:8e:cd:b4:d7:a6:4f:e0:96:00:e5:
         22:af:2a:e7:10:ea:09:bb:8d:36:84:61:88:1d:13:9f:0b:e8:
         71:9c:fa:5d:3b:2d:27:89:22:8b:4a:94:19:ce:05:7b:1f:59:
         08:0c:c0:6c:39:77:76:6d:27:78:86:d5:a9:5b:43:70:1b:14:
         ea:3b:26:19:49:04:1d:0a:7a:1f:ba:32:bc:30:67:92:1b:5d:
         c1:99:54:da:91:34:78:04:59:87:5e:b7:21:21:c5:e2:9f:ae:
         e4:c6:d1:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WOwIJl0ODom1FS97L5T+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTI0NjJmNzIwOGIwOTcwMTNiNWYyMTZkNjM0MzdmYTQw
MWZiNzIwHhcNMjUxMDE5MTIwMTQ5WhcNMjUxMDIwMTIwMTQ5WjAzMTEwLwYDVQQD
EyhhYWUwNGQ4YWQ3YmFmNWYwNmM2OTk1ZmMyMjAxYjNmNTI0MzQ1Zjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5aa/cLqxudhGTL/Dwaz2Sj1+H/1
s8obn1IYvmYpAlZc2jaLd6fl/pKmVMipYKdy3vOK7fC6jGryl4XeHVO/tBf3snEI
LyjAZTE/vVnkwBHcf/UEAGw9KSuTDP7leXthvhUhCPpuHbRkGRrcFiTJBAwHH96b
CWN6CePb68QoJWS6CezqmsZsNZpsy5Y0kIw+1Ofu3VuoFbbbbHypdLDTFveBRH/L
/zyZblf+60szQjy9aklVgkAt2ldK7YcUbqJKWryj/FuS7PNtDogPASc4vS/IgWD6
Jeu1hkgYOsLiq/6D31ziI7vevV+KvBDzAlBW2b3jqCv0w4oVhd3CDFC8jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrgTYrXuvXwbGmV/CIBs/UkNF93MB8GA1UdIwQY
MBaAFNKiRi9yCLCXATtfIW1jQ3+kAftyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYt
N2RiZjUwZDc0MjhjLzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYtN2RiZjUwZDc0Mjhj
LzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXNNapOPJ
WsEOdgc10h9j2wNLn7GUZl0+GtJan/zecbE2UmeBA0qPhQly2r6hbgm2AhL6i4yP
1McarmEcANqix84Nq4rCo7nPBFhsyoViT0vuk7Yz1gbHMJExPKVUK2pk6OJEu0Lj
APcCTv5+RB7fvMRCIih70RbDvpeMYkqfrztPKpL/HnYRcjYDbb4sOJa15UKBcxiL
5s6OzbTXpk/glgDlIq8q5xDqCbuNNoRhiB0TnwvocZz6XTstJ4kii0qUGc4Fex9Z
CAzAbDl3dm0neIbVqVtDcBsU6jsmGUkEHQp6H7oyvDBnkhtdwZlU2pE0eARZh163
ISHF4p+u5MbRoQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:12:40 2025 by rpki-client