Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
File:                     0qJGL3IIsJcBO18hbWNDf6QB-3I.mft (raw, json)
Hash identifier:          CuY3E+BjmND6MNn/go/VkOPPKq2B4iAaHAoYKNDGsXk=
Subject key identifier:   C0:3D:D6:69:3E:24:5E:3C:F1:A6:05:0E:27:09:95:D1:1D:90:40:2E
Authority key identifier: D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72
Certificate issuer:       /CN=d2a2462f7208b097013b5f216d63437fa401fb72
Certificate serial:       01987450AB12E64FD4AD2AB043C59CCBC115
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
Manifest number:          098A
Signing time:             Mon 04 Aug 2025 09:01:40 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:40 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:40 +0000
Files and hashes:         1: 0qJGL3IIsJcBO18hbWNDf6QB-3I.crl (hash: CUzjnQPJEpTP0UOoo08VzghxBil3UBVeOmskreuhsjQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:ab:12:e6:4f:d4:ad:2a:b0:43:c5:9c:cb:c1:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2a2462f7208b097013b5f216d63437fa401fb72
        Validity
            Not Before: Aug  4 09:01:40 2025 GMT
            Not After : Aug  5 09:01:40 2025 GMT
        Subject: CN=c03dd6693e245e3cf1a6050e270995d11d90402e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:d7:b6:ec:4d:81:45:52:40:2a:6b:d4:ec:63:
                    4e:52:e5:07:56:e6:8a:aa:f2:a4:ac:a1:59:5d:f0:
                    74:d2:09:b0:fe:d3:ee:99:aa:a1:5d:7b:bc:fa:48:
                    73:34:4f:ce:67:a2:59:4c:fe:67:66:1e:ef:15:5a:
                    ff:53:5f:7f:81:11:dd:96:51:0e:bf:0f:24:d8:0a:
                    a2:13:d4:8a:2c:f8:94:72:a5:ac:8c:a7:16:8b:06:
                    32:4e:f4:d1:4c:6e:12:20:46:dd:61:4d:bc:42:8f:
                    17:ef:73:d4:a6:e9:46:70:d7:f4:24:5a:31:8d:da:
                    20:b9:dd:4f:48:34:59:3e:cf:43:ea:ef:ae:8a:a7:
                    88:08:10:de:68:2a:f1:83:4c:05:0f:f8:20:ea:96:
                    88:e6:68:c3:78:75:54:b3:63:74:b8:bc:91:58:ad:
                    a9:08:93:48:0a:b1:dc:0b:5a:51:c2:c0:a2:e8:dd:
                    b9:cd:ce:8f:c9:cb:f1:0c:27:d7:7c:ff:cc:5b:c8:
                    c2:92:26:6e:ef:0a:c3:0c:e3:71:11:bd:d7:8a:33:
                    cb:ff:ca:0e:60:e4:70:92:2b:1a:97:71:5a:5c:9e:
                    cf:a2:af:5e:d2:a1:3e:4e:f9:74:1b:8a:0b:aa:39:
                    39:c9:e8:b2:30:9b:f4:1a:6f:24:17:6d:73:9a:1d:
                    5a:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:3D:D6:69:3E:24:5E:3C:F1:A6:05:0E:27:09:95:D1:1D:90:40:2E
            X509v3 Authority Key Identifier:
                keyid:D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:0b:77:b5:7e:72:ec:5e:5d:24:cc:9b:bd:8e:52:10:69:c4:
         55:26:2a:78:56:65:6b:74:94:71:7c:29:15:43:f3:6f:3f:8c:
         3e:fc:57:b2:52:a5:2c:f1:c5:fd:6e:d6:12:87:1d:1e:de:a6:
         20:4d:62:af:5f:48:2e:bd:15:5b:a9:07:ff:1a:51:03:d4:d2:
         c8:97:f3:e8:3d:66:f2:95:7f:f4:a5:e4:14:6a:a0:8e:8c:2f:
         e3:52:fc:19:4f:d4:f3:5a:5f:44:87:7b:68:33:6a:28:26:02:
         2c:73:8d:b0:e1:7f:38:3a:c9:6f:c4:05:31:7e:dd:59:80:fc:
         ec:15:a8:f6:a6:d6:97:bb:8f:1a:75:64:b6:96:d1:62:7d:73:
         0a:da:c2:22:e3:8c:a6:47:f2:30:13:1a:ac:e4:93:90:f7:c8:
         5e:d0:e1:63:7c:20:b9:e2:5c:11:8a:5a:45:fe:86:4e:06:5d:
         2e:ca:50:cd:4b:3d:5d:9a:45:e3:35:f6:0a:2d:c3:da:2d:56:
         78:38:6d:ee:01:f7:94:40:19:b7:10:7b:69:d8:3b:4e:2f:25:
         78:d3:bd:e3:af:7d:b0:bc:91:55:79:c8:97:94:ef:62:9f:83:
         b7:6f:ec:2e:39:d5:37:c8:24:6a:0f:5d:90:57:4a:4b:51:75:
         e2:68:67:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UKsS5k/UrSqwQ8Wcy8EVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTI0NjJmNzIwOGIwOTcwMTNiNWYyMTZkNjM0MzdmYTQw
MWZiNzIwHhcNMjUwODA0MDkwMTQwWhcNMjUwODA1MDkwMTQwWjAzMTEwLwYDVQQD
EyhjMDNkZDY2OTNlMjQ1ZTNjZjFhNjA1MGUyNzA5OTVkMTFkOTA0MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+de27E2BRVJAKmvU7GNOUuUHVuaK
qvKkrKFZXfB00gmw/tPumaqhXXu8+khzNE/OZ6JZTP5nZh7vFVr/U19/gRHdllEO
vw8k2AqiE9SKLPiUcqWsjKcWiwYyTvTRTG4SIEbdYU28Qo8X73PUpulGcNf0JFox
jdogud1PSDRZPs9D6u+uiqeICBDeaCrxg0wFD/gg6paI5mjDeHVUs2N0uLyRWK2p
CJNICrHcC1pRwsCi6N25zc6PycvxDCfXfP/MW8jCkiZu7wrDDONxEb3XijPL/8oO
YORwkisal3FaXJ7Poq9e0qE+Tvl0G4oLqjk5yeiyMJv0Gm8kF21zmh1aTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMA91mk+JF488aYFDicJldEdkEAuMB8GA1UdIwQY
MBaAFNKiRi9yCLCXATtfIW1jQ3+kAftyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYt
N2RiZjUwZDc0MjhjLzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYtN2RiZjUwZDc0Mjhj
LzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARgt3tX5y
7F5dJMybvY5SEGnEVSYqeFZla3SUcXwpFUPzbz+MPvxXslKlLPHF/W7WEocdHt6m
IE1ir19ILr0VW6kH/xpRA9TSyJfz6D1m8pV/9KXkFGqgjowv41L8GU/U81pfRId7
aDNqKCYCLHONsOF/ODrJb8QFMX7dWYD87BWo9qbWl7uPGnVktpbRYn1zCtrCIuOM
pkfyMBMarOSTkPfIXtDhY3wgueJcEYpaRf6GTgZdLspQzUs9XZpF4zX2Ci3D2i1W
eDht7gH3lEAZtxB7adg7Ti8leNO94699sLyRVXnIl5TvYp+Dt2/sLjnVN8gkag9d
kFdKS1F14mhnbQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:05:01 2025 by rpki-client