Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
File:                     0qJGL3IIsJcBO18hbWNDf6QB-3I.mft (raw, json)
Hash identifier:          n8BTJQgKeLSUFowHGaRX4tn0kUHHTKnpp5PGTFemESg=
Subject key identifier:   2E:2B:4D:EA:6F:7C:D1:60:4E:EE:11:39:05:6B:D3:9A:2D:15:BF:4A
Authority key identifier: D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72
Certificate issuer:       /CN=d2a2462f7208b097013b5f216d63437fa401fb72
Certificate serial:       01974AE85C3C01668513E817F907A2BB9394
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
Manifest number:          08F0
Signing time:             Sat 07 Jun 2025 15:00:31 +0000
Manifest this update:     Sat 07 Jun 2025 15:00:31 +0000
Manifest next update:     Sun 08 Jun 2025 15:00:31 +0000
Files and hashes:         1: 0qJGL3IIsJcBO18hbWNDf6QB-3I.crl (hash: 0oNtld+x9WAbdXFYU/6I8Qu7CYZ6AUPWVtMwJfIMzLI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:5c:3c:01:66:85:13:e8:17:f9:07:a2:bb:93:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2a2462f7208b097013b5f216d63437fa401fb72
        Validity
            Not Before: Jun  7 15:00:31 2025 GMT
            Not After : Jun  8 15:00:31 2025 GMT
        Subject: CN=2e2b4dea6f7cd1604eee1139056bd39a2d15bf4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:be:5c:9b:7a:5c:4e:91:ce:46:b5:3f:1a:6f:
                    8e:00:01:79:98:34:fb:8d:6e:c8:4c:92:06:a0:b9:
                    dd:ff:dc:37:ec:74:25:cb:10:7f:0f:24:c5:9f:2b:
                    2b:43:d4:d0:b4:1e:79:90:70:c2:8d:19:c0:f8:09:
                    d6:90:87:4f:d0:59:be:ab:1a:36:2d:07:e1:51:81:
                    c2:36:7f:7a:7a:84:71:90:52:1e:15:d1:29:d9:a8:
                    47:79:1e:3a:03:0b:f3:64:ac:0a:f1:7b:9b:d6:83:
                    4a:cf:5e:59:66:14:35:14:7f:8a:83:c9:fe:ee:6d:
                    01:01:89:00:02:08:56:e1:10:59:eb:de:13:eb:e1:
                    80:a6:94:de:65:05:d2:5c:2d:17:d7:19:f2:58:4a:
                    b2:4d:1d:9b:b9:a5:6a:4b:72:4b:d4:4a:00:f0:c8:
                    97:cb:d1:62:a6:49:e4:a6:f6:4e:68:14:69:66:19:
                    01:c2:74:9d:a7:c7:c4:a1:0b:2a:c3:f4:ce:96:29:
                    99:e5:a2:52:0c:2d:86:61:b2:0a:73:6c:af:a5:bd:
                    54:d6:70:06:2c:ce:fc:79:54:fe:d5:89:cb:77:6c:
                    23:47:76:44:44:ca:09:b5:1f:a0:2f:60:f6:c2:1e:
                    9d:1a:08:c3:a1:d5:43:e7:a5:52:99:7c:1c:97:5a:
                    45:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:2B:4D:EA:6F:7C:D1:60:4E:EE:11:39:05:6B:D3:9A:2D:15:BF:4A
            X509v3 Authority Key Identifier:
                keyid:D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:60:3e:f3:70:52:41:4c:24:bc:da:ef:c8:7d:22:e5:d4:d6:
         38:f5:99:08:eb:80:b9:17:66:f1:6d:80:36:6c:6c:bd:8f:3b:
         61:a6:2b:03:41:f9:f3:06:c3:69:e9:fe:b7:b5:c1:ec:1a:b5:
         99:80:f6:4d:97:6d:e2:90:f6:1e:05:02:f2:03:1b:c0:4f:75:
         2b:dd:e1:f8:19:d9:d2:73:e8:56:fc:3c:5b:b1:a1:51:40:06:
         52:05:89:47:ed:67:96:69:1b:ed:b5:c5:e5:d1:7a:64:86:85:
         3a:b1:64:a0:d1:29:fb:8c:65:cd:50:63:ce:03:a1:b4:c7:2a:
         af:03:d1:3e:8c:97:4e:b9:0a:65:32:6c:4a:40:55:70:b2:e2:
         1a:37:9a:59:b4:2a:76:e4:64:27:07:36:1b:59:75:56:52:37:
         15:2c:01:53:82:33:69:6e:26:9b:58:47:e2:22:51:fc:68:e6:
         4b:d9:68:78:55:59:b3:cf:9d:c2:07:c9:2a:6b:15:1c:43:56:
         a9:7a:f1:7a:9b:a6:4c:b7:87:63:a6:0d:72:1d:cc:21:1b:f1:
         50:e4:44:24:02:e0:95:2b:fd:75:a7:4a:92:6d:26:4e:72:a5:
         7b:39:7b:f2:57:ac:d1:3d:7e:55:5c:72:ab:67:e1:63:31:b9:
         68:ec:9c:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6Fw8AWaFE+gX+Qeiu5OUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTI0NjJmNzIwOGIwOTcwMTNiNWYyMTZkNjM0MzdmYTQw
MWZiNzIwHhcNMjUwNjA3MTUwMDMxWhcNMjUwNjA4MTUwMDMxWjAzMTEwLwYDVQQD
EygyZTJiNGRlYTZmN2NkMTYwNGVlZTExMzkwNTZiZDM5YTJkMTViZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi75cm3pcTpHORrU/Gm+OAAF5mDT7
jW7ITJIGoLnd/9w37HQlyxB/DyTFnysrQ9TQtB55kHDCjRnA+AnWkIdP0Fm+qxo2
LQfhUYHCNn96eoRxkFIeFdEp2ahHeR46AwvzZKwK8Xub1oNKz15ZZhQ1FH+Kg8n+
7m0BAYkAAghW4RBZ694T6+GAppTeZQXSXC0X1xnyWEqyTR2buaVqS3JL1EoA8MiX
y9FipknkpvZOaBRpZhkBwnSdp8fEoQsqw/TOlimZ5aJSDC2GYbIKc2yvpb1U1nAG
LM78eVT+1YnLd2wjR3ZERMoJtR+gL2D2wh6dGgjDodVD56VSmXwcl1pF1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC4rTepvfNFgTu4ROQVr05otFb9KMB8GA1UdIwQY
MBaAFNKiRi9yCLCXATtfIW1jQ3+kAftyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYt
N2RiZjUwZDc0MjhjLzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYtN2RiZjUwZDc0Mjhj
LzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU2A+83BS
QUwkvNrvyH0i5dTWOPWZCOuAuRdm8W2ANmxsvY87YaYrA0H58wbDaen+t7XB7Bq1
mYD2TZdt4pD2HgUC8gMbwE91K93h+BnZ0nPoVvw8W7GhUUAGUgWJR+1nlmkb7bXF
5dF6ZIaFOrFkoNEp+4xlzVBjzgOhtMcqrwPRPoyXTrkKZTJsSkBVcLLiGjeaWbQq
duRkJwc2G1l1VlI3FSwBU4IzaW4mm1hH4iJR/GjmS9loeFVZs8+dwgfJKmsVHENW
qXrxepumTLeHY6YNch3MIRvxUOREJALglSv9dadKkm0mTnKlezl78les0T1+VVxy
q2fhYzG5aOycgA==
-----END CERTIFICATE-----