Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
File:                     0qJGL3IIsJcBO18hbWNDf6QB-3I.mft (raw, json)
Hash identifier:          gWkfTgI9BDCegT8xPcUK552aVZPL9EBYuxeUYBwnza0=
Subject key identifier:   3D:87:C4:7D:CD:32:BB:B7:AA:C6:71:65:88:AB:5C:3D:69:6F:DE:C2
Authority key identifier: D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72
Certificate issuer:       /CN=d2a2462f7208b097013b5f216d63437fa401fb72
Certificate serial:       019A4D73DDB668D25CD595EF9B404309FB60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
Manifest number:          0A7F
Signing time:             Tue 04 Nov 2025 06:00:30 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:30 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:30 +0000
Files and hashes:         1: 0qJGL3IIsJcBO18hbWNDf6QB-3I.crl (hash: YanzqYWaf2cKoJ3a+6X0qFAUHJMWi0Ln+oreqXq7k5U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:73:dd:b6:68:d2:5c:d5:95:ef:9b:40:43:09:fb:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2a2462f7208b097013b5f216d63437fa401fb72
        Validity
            Not Before: Nov  4 06:00:30 2025 GMT
            Not After : Nov  5 06:00:30 2025 GMT
        Subject: CN=3d87c47dcd32bbb7aac6716588ab5c3d696fdec2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:03:cb:3a:cd:83:02:af:43:b3:e1:a0:05:89:
                    5c:89:ed:80:6c:76:68:ae:ca:9e:6d:fa:2f:fc:77:
                    0e:d0:84:22:54:20:6b:a6:3a:2a:72:4b:10:43:d1:
                    83:2a:24:cc:90:a6:08:f2:7b:44:b4:24:1a:1d:df:
                    64:6b:d5:9f:97:79:c3:81:1f:a3:29:98:e0:47:63:
                    02:a3:34:3b:7e:91:1c:89:11:04:6e:84:18:32:8f:
                    8f:a0:54:a2:35:ee:21:71:2e:7f:63:a9:c1:0b:ff:
                    1f:77:1a:d4:35:63:33:f4:8b:e7:b1:0e:14:23:49:
                    0e:77:b6:ef:d8:59:a4:6f:28:6a:f4:f2:17:37:59:
                    dd:11:fe:c7:4f:b5:e3:ea:0d:41:32:c6:7d:5f:4c:
                    74:af:73:64:22:c8:d4:59:e9:03:45:22:9d:c4:cc:
                    d2:4d:d2:f4:36:9f:1d:12:b0:a0:3a:bf:a0:36:b8:
                    86:a5:e6:f6:fd:4d:68:46:d5:f8:c0:42:43:45:6a:
                    cf:44:45:b7:74:74:17:3c:06:55:d0:1d:0b:b1:6e:
                    6b:b4:33:6c:0b:37:35:94:f8:1c:a0:48:ad:3e:f8:
                    b3:bb:f3:fa:22:ef:73:0e:8e:b7:52:f2:7c:d1:92:
                    89:43:e7:23:7f:f0:ed:d6:16:5c:d3:e5:97:d4:86:
                    98:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:87:C4:7D:CD:32:BB:B7:AA:C6:71:65:88:AB:5C:3D:69:6F:DE:C2
            X509v3 Authority Key Identifier:
                keyid:D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:08:90:05:fb:79:14:02:6d:f4:e6:2c:f3:00:60:4f:4e:e2:
         f6:62:40:b7:c5:d9:18:71:73:88:fa:5b:d6:e5:fa:fc:c3:8d:
         78:1a:e8:4c:dc:6a:d7:01:29:3b:8e:8b:cf:61:8b:ad:3d:d8:
         5e:cb:77:96:77:3f:7e:a1:65:a0:ec:cd:44:54:bf:93:39:9c:
         4e:10:e8:08:ba:cf:1e:32:09:d6:be:b9:e9:86:bc:96:14:85:
         e5:67:0b:07:79:f5:66:d7:ab:b4:ec:54:44:c2:5b:04:e6:29:
         d4:c7:1e:d0:7e:07:f8:8e:be:05:10:cf:f9:01:5d:69:a4:20:
         49:9f:d6:74:a0:81:97:d6:1f:6f:de:15:7c:50:6f:1b:57:2c:
         d2:53:e5:55:49:15:53:79:d7:51:74:67:23:df:0f:2d:e7:89:
         2d:71:96:db:8b:e0:a6:a8:73:4b:69:fc:cf:e0:c6:20:e3:67:
         af:68:98:7a:9e:e2:07:9b:cf:9c:5f:ab:f8:ab:83:b1:86:f4:
         52:ac:6b:13:d3:58:d8:6c:64:a7:21:fd:46:d4:a8:74:30:59:
         32:2b:ac:68:72:ab:4a:d5:34:29:60:20:4c:04:a3:f0:fb:8d:
         3e:50:45:5a:e4:b1:5c:7f:1b:8c:e3:b2:94:bc:03:1a:3a:6e:
         e2:76:8b:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc922aNJc1ZXvm0BDCftgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTI0NjJmNzIwOGIwOTcwMTNiNWYyMTZkNjM0MzdmYTQw
MWZiNzIwHhcNMjUxMTA0MDYwMDMwWhcNMjUxMTA1MDYwMDMwWjAzMTEwLwYDVQQD
EygzZDg3YzQ3ZGNkMzJiYmI3YWFjNjcxNjU4OGFiNWMzZDY5NmZkZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQPLOs2DAq9Ds+GgBYlcie2AbHZo
rsqebfov/HcO0IQiVCBrpjoqcksQQ9GDKiTMkKYI8ntEtCQaHd9ka9Wfl3nDgR+j
KZjgR2MCozQ7fpEciREEboQYMo+PoFSiNe4hcS5/Y6nBC/8fdxrUNWMz9IvnsQ4U
I0kOd7bv2Fmkbyhq9PIXN1ndEf7HT7Xj6g1BMsZ9X0x0r3NkIsjUWekDRSKdxMzS
TdL0Np8dErCgOr+gNriGpeb2/U1oRtX4wEJDRWrPREW3dHQXPAZV0B0LsW5rtDNs
Czc1lPgcoEitPvizu/P6Iu9zDo63UvJ80ZKJQ+cjf/Dt1hZc0+WX1IaYoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2HxH3NMru3qsZxZYirXD1pb97CMB8GA1UdIwQY
MBaAFNKiRi9yCLCXATtfIW1jQ3+kAftyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYt
N2RiZjUwZDc0MjhjLzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYtN2RiZjUwZDc0Mjhj
LzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmQiQBft5
FAJt9OYs8wBgT07i9mJAt8XZGHFziPpb1uX6/MONeBroTNxq1wEpO46Lz2GLrT3Y
Xst3lnc/fqFloOzNRFS/kzmcThDoCLrPHjIJ1r656Ya8lhSF5WcLB3n1ZtertOxU
RMJbBOYp1Mce0H4H+I6+BRDP+QFdaaQgSZ/WdKCBl9Yfb94VfFBvG1cs0lPlVUkV
U3nXUXRnI98PLeeJLXGW24vgpqhzS2n8z+DGIONnr2iYep7iB5vPnF+r+KuDsYb0
UqxrE9NY2GxkpyH9RtSodDBZMiusaHKrStU0KWAgTASj8PuNPlBFWuSxXH8bjOOy
lLwDGjpu4naLSA==
-----END CERTIFICATE-----