Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
File:                     0qJGL3IIsJcBO18hbWNDf6QB-3I.mft (raw, json)
Hash identifier:          7unJfgQkp4ooKSS75kVrdSivz8UHJ7dPyjArTtdNN9M=
Subject key identifier:   80:B0:67:67:EE:84:9A:1F:C1:98:E3:F7:26:91:A0:C0:8F:B4:C1:5B
Authority key identifier: D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72
Certificate issuer:       /CN=d2a2462f7208b097013b5f216d63437fa401fb72
Certificate serial:       019769CEFB83446D1BE40ACD9FBB22D1C729
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
Manifest number:          0900
Signing time:             Fri 13 Jun 2025 15:01:01 +0000
Manifest this update:     Fri 13 Jun 2025 15:01:01 +0000
Manifest next update:     Sat 14 Jun 2025 15:01:01 +0000
Files and hashes:         1: 0qJGL3IIsJcBO18hbWNDf6QB-3I.crl (hash: PWAfKr7SczmiFTdUF+E+ql5162qQMWPhSGEzK3MTBFA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:ce:fb:83:44:6d:1b:e4:0a:cd:9f:bb:22:d1:c7:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2a2462f7208b097013b5f216d63437fa401fb72
        Validity
            Not Before: Jun 13 15:01:01 2025 GMT
            Not After : Jun 14 15:01:01 2025 GMT
        Subject: CN=80b06767ee849a1fc198e3f72691a0c08fb4c15b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:60:33:25:7d:90:66:76:23:c9:be:4e:c8:13:
                    aa:02:b3:9d:16:4e:a3:33:b2:dd:21:e8:1c:78:00:
                    00:53:2b:26:88:68:32:ce:02:1e:3c:5e:37:dc:2f:
                    42:03:27:db:52:a7:ff:78:6b:ae:e2:8b:8b:dd:db:
                    7b:bb:86:5d:2b:5c:a9:d2:42:04:28:9b:8e:29:29:
                    99:45:d9:fb:4c:ee:d4:ab:fe:6c:a5:f7:dc:a9:13:
                    ed:64:96:ef:29:f3:e7:8d:3b:07:4f:9d:84:ae:ab:
                    3a:36:e9:8c:5a:23:9a:48:8a:16:cf:90:f8:8a:35:
                    f7:87:cd:69:8e:36:fd:c4:8f:2c:e6:37:d8:aa:b1:
                    a9:40:50:f7:05:85:17:01:31:a6:ca:fb:b5:96:95:
                    ac:ca:f0:9f:b0:76:ab:b8:80:e5:77:1a:10:a0:11:
                    bc:8f:eb:b9:b7:16:5f:96:ca:e4:06:5b:d3:7a:6c:
                    1a:45:67:1b:dd:fc:ab:e1:4a:a8:67:8d:ec:57:e4:
                    b6:b6:31:a5:fe:45:f0:a5:39:18:65:a3:57:9b:be:
                    36:66:0d:cb:a8:f8:5c:a6:fd:4a:9f:89:7a:0d:3e:
                    f2:d2:5a:ca:b6:d6:09:bd:75:21:da:8b:f2:74:c6:
                    47:b8:6b:ef:c5:9f:da:0f:06:47:4f:6d:29:d8:cb:
                    10:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:B0:67:67:EE:84:9A:1F:C1:98:E3:F7:26:91:A0:C0:8F:B4:C1:5B
            X509v3 Authority Key Identifier:
                keyid:D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:3b:ea:be:7f:98:fa:34:fd:b1:b4:36:42:0b:6a:1c:80:49:
         7b:ce:80:d0:30:b5:02:87:14:7d:6b:1c:75:c7:3e:68:eb:60:
         0a:5f:6e:e8:18:ee:a3:b1:10:c0:21:7a:f6:8e:0c:e6:f4:6d:
         ae:fe:83:16:68:94:ea:29:3e:63:1f:9e:8b:a9:8d:c8:da:61:
         45:82:d1:12:e3:49:61:b2:d4:84:44:7b:fd:f3:14:9b:c2:38:
         6f:f6:13:41:e1:26:91:c4:bd:9e:f3:61:db:7a:ec:56:12:78:
         ca:94:64:b6:5a:26:ae:5f:72:5a:ff:de:a5:5d:9a:50:f1:7f:
         ab:0d:27:80:93:33:85:d0:9e:32:4c:51:32:05:0a:dd:99:aa:
         c8:eb:b5:fa:11:55:ea:77:92:af:93:cd:e4:e6:78:cf:1d:68:
         14:9c:33:89:9d:e9:2b:0f:b9:d6:7e:b8:11:a0:44:7f:ab:e1:
         43:79:cb:c1:22:4d:aa:f4:a4:c7:e3:57:dc:ab:a2:53:a5:76:
         5f:c0:ca:64:82:33:25:c9:03:4b:49:91:7a:84:90:e2:85:43:
         b3:84:51:c7:0f:c7:52:44:4c:50:5c:0f:81:41:bc:49:1a:3a:
         98:ee:76:4f:19:04:9d:fe:5a:63:af:4e:aa:f2:87:ca:3b:1b:
         26:2b:d1:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzvuDRG0b5ArNn7si0ccpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTI0NjJmNzIwOGIwOTcwMTNiNWYyMTZkNjM0MzdmYTQw
MWZiNzIwHhcNMjUwNjEzMTUwMTAxWhcNMjUwNjE0MTUwMTAxWjAzMTEwLwYDVQQD
Eyg4MGIwNjc2N2VlODQ5YTFmYzE5OGUzZjcyNjkxYTBjMDhmYjRjMTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWAzJX2QZnYjyb5OyBOqArOdFk6j
M7LdIegceAAAUysmiGgyzgIePF433C9CAyfbUqf/eGuu4ouL3dt7u4ZdK1yp0kIE
KJuOKSmZRdn7TO7Uq/5spffcqRPtZJbvKfPnjTsHT52Erqs6NumMWiOaSIoWz5D4
ijX3h81pjjb9xI8s5jfYqrGpQFD3BYUXATGmyvu1lpWsyvCfsHaruIDldxoQoBG8
j+u5txZflsrkBlvTemwaRWcb3fyr4UqoZ43sV+S2tjGl/kXwpTkYZaNXm742Zg3L
qPhcpv1Kn4l6DT7y0lrKttYJvXUh2ovydMZHuGvvxZ/aDwZHT20p2MsQEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFICwZ2fuhJofwZjj9yaRoMCPtMFbMB8GA1UdIwQY
MBaAFNKiRi9yCLCXATtfIW1jQ3+kAftyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYt
N2RiZjUwZDc0MjhjLzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYtN2RiZjUwZDc0Mjhj
LzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYTvqvn+Y
+jT9sbQ2QgtqHIBJe86A0DC1AocUfWscdcc+aOtgCl9u6Bjuo7EQwCF69o4M5vRt
rv6DFmiU6ik+Yx+ei6mNyNphRYLREuNJYbLUhER7/fMUm8I4b/YTQeEmkcS9nvNh
23rsVhJ4ypRktlomrl9yWv/epV2aUPF/qw0ngJMzhdCeMkxRMgUK3ZmqyOu1+hFV
6neSr5PN5OZ4zx1oFJwziZ3pKw+51n64EaBEf6vhQ3nLwSJNqvSkx+NX3KuiU6V2
X8DKZIIzJckDS0mReoSQ4oVDs4RRxw/HUkRMUFwPgUG8SRo6mO52TxkEnf5aY69O
qvKHyjsbJivR2A==
-----END CERTIFICATE-----