Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
File:                     0qJGL3IIsJcBO18hbWNDf6QB-3I.mft (raw, json)
Hash identifier:          Ik06EsCwEk9cymKDUEhR0myVDzhcRASYqOgcPLgkajU=
Subject key identifier:   1F:7E:C3:2D:AA:F3:43:AF:04:E1:6D:85:95:B9:09:D6:82:C3:8F:A7
Authority key identifier: D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72
Certificate issuer:       /CN=d2a2462f7208b097013b5f216d63437fa401fb72
Certificate serial:       0199240C9AE07E01FC891D6DF64D9A9417F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
Manifest number:          09E5
Signing time:             Sun 07 Sep 2025 12:00:29 +0000
Manifest this update:     Sun 07 Sep 2025 12:00:29 +0000
Manifest next update:     Mon 08 Sep 2025 12:00:29 +0000
Files and hashes:         1: 0qJGL3IIsJcBO18hbWNDf6QB-3I.crl (hash: kRerviVMvSTaQI1WerDo/Ro1AykyDLXpajAQc9KeeRU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0c:9a:e0:7e:01:fc:89:1d:6d:f6:4d:9a:94:17:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2a2462f7208b097013b5f216d63437fa401fb72
        Validity
            Not Before: Sep  7 12:00:29 2025 GMT
            Not After : Sep  8 12:00:29 2025 GMT
        Subject: CN=1f7ec32daaf343af04e16d8595b909d682c38fa7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:70:d9:69:53:65:58:5a:94:32:7c:30:a0:bd:
                    f5:ed:d5:77:c8:aa:2f:44:d6:8b:4e:da:92:a6:ad:
                    92:27:28:0b:09:5b:b9:9e:20:4c:96:51:9a:ee:6c:
                    64:98:f1:9d:69:6a:69:f5:28:cc:d1:7c:cc:32:cc:
                    89:7e:66:9d:d4:a5:b9:81:2b:1c:a7:27:59:df:f4:
                    f9:be:e1:94:8d:3f:96:ea:29:24:44:85:0d:03:41:
                    30:5b:5d:e4:88:9a:2b:8a:72:d5:3e:81:27:db:6e:
                    8d:12:ba:32:34:30:c0:25:cd:a7:37:87:f0:b7:db:
                    b9:96:d0:26:f0:ab:55:11:33:8b:8f:f4:aa:e3:64:
                    bf:11:2f:87:a4:27:da:da:91:5c:52:39:9f:66:2a:
                    a0:47:51:da:fb:c6:82:13:24:95:8f:9c:cf:49:85:
                    ff:cd:2f:57:8c:4f:3a:3f:23:48:82:41:95:ee:29:
                    75:a1:35:1d:df:93:5a:17:28:d0:bf:6e:26:40:3e:
                    d5:75:f3:77:14:5b:78:8d:13:e6:b9:d9:37:db:79:
                    1a:df:e7:2c:ac:72:d1:07:e8:aa:72:ca:02:78:7d:
                    d7:a3:97:36:46:06:ec:ae:0f:2a:31:1c:76:65:e6:
                    69:e0:29:82:5c:9f:f8:39:b3:d7:91:6e:b1:ba:1b:
                    10:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:7E:C3:2D:AA:F3:43:AF:04:E1:6D:85:95:B9:09:D6:82:C3:8F:A7
            X509v3 Authority Key Identifier:
                keyid:D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:84:01:91:a9:7c:07:09:05:ff:c8:1d:63:11:df:01:20:7e:
         a9:b3:4c:bc:2c:48:32:cb:91:6d:c2:77:0f:b5:87:af:35:1b:
         cc:c2:68:82:87:2e:e0:a3:f8:13:27:ca:82:34:44:50:c2:9b:
         f0:b0:18:3a:13:64:72:10:d6:46:1e:0d:8f:8d:bc:66:de:be:
         5e:51:3e:76:cb:22:4b:79:03:2f:1d:ca:38:4b:b8:db:99:fd:
         a7:bc:02:b3:dd:48:e7:07:ea:f4:a3:a8:39:07:8e:bb:8d:97:
         1b:ef:74:5c:ac:51:65:2c:81:2b:64:0e:12:3b:45:36:0f:b6:
         a1:c7:25:f1:a0:67:cf:23:04:ac:03:4c:37:5f:30:c6:fc:af:
         43:8a:3e:f5:f9:cc:76:7c:f4:87:d5:a7:5d:fb:f0:a7:36:35:
         35:be:42:34:6b:fe:4f:82:2c:78:4b:6f:11:d2:87:68:47:cd:
         dc:4b:56:a7:1d:ea:e9:21:b6:e3:75:f8:d8:0d:99:a4:3c:f4:
         c8:67:e8:a5:2b:58:75:3f:3e:7e:d9:b0:76:3a:06:16:44:44:
         45:63:3f:b5:5e:d4:3f:1b:d7:d8:82:a2:00:9c:3b:ef:93:b0:
         99:b9:72:c5:ce:8e:ad:e4:a9:6f:7a:6f:51:dc:db:de:cf:3a:
         bc:bf:ce:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDJrgfgH8iR1t9k2alBfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTI0NjJmNzIwOGIwOTcwMTNiNWYyMTZkNjM0MzdmYTQw
MWZiNzIwHhcNMjUwOTA3MTIwMDI5WhcNMjUwOTA4MTIwMDI5WjAzMTEwLwYDVQQD
EygxZjdlYzMyZGFhZjM0M2FmMDRlMTZkODU5NWI5MDlkNjgyYzM4ZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknDZaVNlWFqUMnwwoL317dV3yKov
RNaLTtqSpq2SJygLCVu5niBMllGa7mxkmPGdaWpp9SjM0XzMMsyJfmad1KW5gSsc
pydZ3/T5vuGUjT+W6ikkRIUNA0EwW13kiJorinLVPoEn226NEroyNDDAJc2nN4fw
t9u5ltAm8KtVETOLj/Sq42S/ES+HpCfa2pFcUjmfZiqgR1Ha+8aCEySVj5zPSYX/
zS9XjE86PyNIgkGV7il1oTUd35NaFyjQv24mQD7VdfN3FFt4jRPmudk323ka3+cs
rHLRB+iqcsoCeH3Xo5c2Rgbsrg8qMRx2ZeZp4CmCXJ/4ObPXkW6xuhsQmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB9+wy2q80OvBOFthZW5CdaCw4+nMB8GA1UdIwQY
MBaAFNKiRi9yCLCXATtfIW1jQ3+kAftyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYt
N2RiZjUwZDc0MjhjLzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYtN2RiZjUwZDc0Mjhj
LzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApoQBkal8
BwkF/8gdYxHfASB+qbNMvCxIMsuRbcJ3D7WHrzUbzMJogocu4KP4EyfKgjREUMKb
8LAYOhNkchDWRh4Nj428Zt6+XlE+dssiS3kDLx3KOEu425n9p7wCs91I5wfq9KOo
OQeOu42XG+90XKxRZSyBK2QOEjtFNg+2occl8aBnzyMErANMN18wxvyvQ4o+9fnM
dnz0h9WnXfvwpzY1Nb5CNGv+T4IseEtvEdKHaEfN3EtWpx3q6SG243X42A2ZpDz0
yGfopStYdT8+ftmwdjoGFkRERWM/tV7UPxvX2IKiAJw775Owmblyxc6OreSpb3pv
Udzb3s86vL/Ohw==
-----END CERTIFICATE-----