Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
File:                     0qJGL3IIsJcBO18hbWNDf6QB-3I.mft (raw, json)
Hash identifier:          W7nzpCsYNiUbN2O4FfBzS4CP5hw7VEc2pCOP2lZBDnU=
Subject key identifier:   7A:33:B6:13:E7:76:2A:C9:4F:81:71:B9:1F:27:53:44:3F:53:88:48
Authority key identifier: D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72
Certificate issuer:       /CN=d2a2462f7208b097013b5f216d63437fa401fb72
Certificate serial:       0198D4E0C3244E1C6DEC64FD2158FF943AD2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
Manifest number:          09BC
Signing time:             Sat 23 Aug 2025 03:02:36 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:36 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:36 +0000
Files and hashes:         1: 0qJGL3IIsJcBO18hbWNDf6QB-3I.crl (hash: 4daV0H6/92iHh7cv4CUGfKIRpy0DwBWDd4kvvQMyCMY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:c3:24:4e:1c:6d:ec:64:fd:21:58:ff:94:3a:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2a2462f7208b097013b5f216d63437fa401fb72
        Validity
            Not Before: Aug 23 03:02:36 2025 GMT
            Not After : Aug 24 03:02:36 2025 GMT
        Subject: CN=7a33b613e7762ac94f8171b91f2753443f538848
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:07:f2:4f:ef:9a:ce:38:7e:d5:f9:24:d9:23:
                    dd:a6:0a:87:8c:46:42:f9:ad:47:e7:7f:f2:8e:0b:
                    02:08:c0:85:dc:8c:2c:b5:e7:5a:81:d5:96:ce:1b:
                    78:68:14:dc:39:d1:a0:f8:97:a9:3b:e3:19:e6:38:
                    d7:69:6a:a9:93:e0:82:5d:c0:3c:dc:64:40:81:86:
                    3b:18:d2:b7:87:b1:e0:ae:e5:34:da:ae:e2:8b:0c:
                    9d:fc:84:62:a0:d0:a1:78:40:3d:cc:af:23:b0:89:
                    17:8a:ae:53:a1:7a:28:23:ca:e2:b4:57:7f:10:7e:
                    68:4c:32:f3:d9:80:c2:09:41:52:07:07:5f:1d:46:
                    b7:42:10:ca:fc:d0:89:34:f4:8c:ca:25:76:81:71:
                    5e:c3:ba:53:1a:c0:90:6e:35:78:5d:d1:64:5b:51:
                    1c:a7:87:dc:f4:bd:85:62:c8:be:90:65:fa:67:33:
                    38:34:ed:4a:24:2f:15:47:b5:1c:03:f6:a7:8a:76:
                    7c:06:9e:a6:b1:a7:f4:b3:e8:00:3c:bc:7a:48:2d:
                    f8:b4:bc:0a:eb:9c:03:7f:dc:90:b9:e5:14:b2:b9:
                    64:80:57:b9:dc:09:f5:36:00:38:32:c6:57:1b:5f:
                    4a:7f:17:37:55:29:21:73:c3:d3:91:17:26:3d:f2:
                    77:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:33:B6:13:E7:76:2A:C9:4F:81:71:B9:1F:27:53:44:3F:53:88:48
            X509v3 Authority Key Identifier:
                keyid:D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:be:c4:01:5f:81:0d:a3:c6:d8:a8:a1:81:a0:6b:29:9e:6c:
         de:be:47:0f:3d:c2:94:88:13:d4:b3:f5:83:96:0f:ca:75:a2:
         1c:17:be:a0:a7:0e:8f:8c:e7:15:a1:bb:68:83:92:c5:89:4d:
         bb:fa:b5:ca:7d:ed:41:c2:0d:83:48:f6:e9:ab:a3:26:ae:7e:
         82:ea:17:df:93:b0:86:e5:1a:bc:40:2d:24:d7:f0:30:70:94:
         d1:c7:9f:3a:db:31:2e:5b:90:5a:eb:67:45:8c:4b:e8:f5:96:
         18:d1:f0:70:cc:62:39:e2:98:f1:a5:bf:36:13:1b:27:7e:a9:
         0f:0b:4b:2e:ee:b8:4d:ef:a7:0e:b8:74:11:98:68:30:6e:c9:
         9a:86:d7:84:a2:dd:7d:f2:be:06:03:97:d0:8a:8e:36:2d:b8:
         bd:c8:48:e7:46:08:7f:28:df:da:af:bc:0f:77:5c:d6:b7:39:
         99:e7:bb:e8:af:6b:6d:5f:1a:93:06:a7:4e:75:b6:08:de:ec:
         c5:83:2c:32:34:36:26:f4:05:f2:20:70:12:83:02:77:ae:4b:
         be:f0:4c:87:57:47:77:be:35:79:1c:c6:80:54:f1:e9:5c:6e:
         1a:89:c9:07:5e:3b:80:22:6a:45:30:0c:4e:cb:04:94:59:e9:
         01:87:e0:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4MMkThxt7GT9IVj/lDrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTI0NjJmNzIwOGIwOTcwMTNiNWYyMTZkNjM0MzdmYTQw
MWZiNzIwHhcNMjUwODIzMDMwMjM2WhcNMjUwODI0MDMwMjM2WjAzMTEwLwYDVQQD
Eyg3YTMzYjYxM2U3NzYyYWM5NGY4MTcxYjkxZjI3NTM0NDNmNTM4ODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQfyT++azjh+1fkk2SPdpgqHjEZC
+a1H53/yjgsCCMCF3IwstedagdWWzht4aBTcOdGg+JepO+MZ5jjXaWqpk+CCXcA8
3GRAgYY7GNK3h7HgruU02q7iiwyd/IRioNCheEA9zK8jsIkXiq5ToXooI8ritFd/
EH5oTDLz2YDCCUFSBwdfHUa3QhDK/NCJNPSMyiV2gXFew7pTGsCQbjV4XdFkW1Ec
p4fc9L2FYsi+kGX6ZzM4NO1KJC8VR7UcA/aninZ8Bp6msaf0s+gAPLx6SC34tLwK
65wDf9yQueUUsrlkgFe53An1NgA4MsZXG19Kfxc3VSkhc8PTkRcmPfJ3iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHozthPndirJT4FxuR8nU0Q/U4hIMB8GA1UdIwQY
MBaAFNKiRi9yCLCXATtfIW1jQ3+kAftyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYt
N2RiZjUwZDc0MjhjLzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYtN2RiZjUwZDc0Mjhj
LzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMb7EAV+B
DaPG2KihgaBrKZ5s3r5HDz3ClIgT1LP1g5YPynWiHBe+oKcOj4znFaG7aIOSxYlN
u/q1yn3tQcINg0j26aujJq5+guoX35OwhuUavEAtJNfwMHCU0cefOtsxLluQWutn
RYxL6PWWGNHwcMxiOeKY8aW/NhMbJ36pDwtLLu64Te+nDrh0EZhoMG7JmobXhKLd
ffK+BgOX0IqONi24vchI50YIfyjf2q+8D3dc1rc5mee76K9rbV8akwanTnW2CN7s
xYMsMjQ2JvQF8iBwEoMCd65LvvBMh1dHd741eRzGgFTx6VxuGonJB147gCJqRTAM
TssElFnpAYfgqA==
-----END CERTIFICATE-----