Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
File:                     0qJGL3IIsJcBO18hbWNDf6QB-3I.mft (raw, json)
Hash identifier:          ahGKR4hCEHC0z6JyEI/syo0eLCy9LJpllkCBBs2JHMU=
Subject key identifier:   AE:38:BE:11:41:22:29:8D:DC:BD:BF:58:26:3D:60:33:C5:06:48:48
Authority key identifier: D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72
Certificate issuer:       /CN=d2a2462f7208b097013b5f216d63437fa401fb72
Certificate serial:       019A722608DBF21E19CD263B5204DAA16FB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
Manifest number:          0A92
Signing time:             Tue 11 Nov 2025 09:01:26 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:26 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:26 +0000
Files and hashes:         1: 0qJGL3IIsJcBO18hbWNDf6QB-3I.crl (hash: QgQ/3XnKUJU6XIGlYxGgC/vSFQseKDsa2bap+riwa1E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:08:db:f2:1e:19:cd:26:3b:52:04:da:a1:6f:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2a2462f7208b097013b5f216d63437fa401fb72
        Validity
            Not Before: Nov 11 09:01:26 2025 GMT
            Not After : Nov 12 09:01:26 2025 GMT
        Subject: CN=ae38be114122298ddcbdbf58263d6033c5064848
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:0d:07:9f:e7:3a:7c:6f:b8:95:b3:ec:b3:9e:
                    a4:05:d6:24:02:4e:43:1b:51:1e:9a:cd:01:18:56:
                    6d:fe:1c:c8:6f:69:d0:3c:80:3c:dc:84:4c:3d:4a:
                    8e:cb:6e:67:ae:e8:bc:ff:95:63:71:5f:e7:e2:f1:
                    7e:89:bd:6e:5a:f4:d7:ac:bf:9b:d2:ed:12:8a:bc:
                    41:b7:53:e8:4d:85:36:59:cd:4b:5d:5a:d6:4e:db:
                    b1:52:b7:09:99:a8:be:ea:c2:77:2a:69:80:01:0f:
                    89:1f:2c:9d:a0:94:f0:83:c5:af:4d:8c:df:8a:e5:
                    89:0e:e4:75:a1:63:3b:c4:60:12:bb:03:35:49:e5:
                    99:e3:b6:32:0d:e6:99:f3:c6:1e:9e:c7:90:62:5a:
                    f3:cb:7c:6f:7a:a4:18:16:0d:bc:f8:78:a3:9b:5c:
                    ff:36:1a:c2:50:49:79:5f:56:a8:0d:d8:57:8f:b2:
                    e3:9f:17:7f:99:e7:86:91:c2:08:e7:7b:c4:78:13:
                    6b:79:dc:70:49:89:7d:a9:73:06:84:40:02:c7:c8:
                    96:26:e2:38:46:51:e4:e3:e9:c3:a9:45:c5:62:73:
                    34:71:d1:48:7b:6b:06:0e:74:ac:d8:90:73:30:e5:
                    15:48:f5:bd:dc:29:fa:b7:51:22:21:77:a7:89:2a:
                    8e:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:38:BE:11:41:22:29:8D:DC:BD:BF:58:26:3D:60:33:C5:06:48:48
            X509v3 Authority Key Identifier:
                keyid:D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:8a:77:bf:f4:f7:4e:4a:59:00:86:60:9d:9f:d5:1c:9f:5f:
         48:00:4f:b7:3e:00:74:f5:72:7c:b7:c4:62:0a:f7:51:4b:70:
         d0:50:23:c5:72:2e:38:30:07:33:44:93:b3:39:cb:6a:67:1c:
         51:19:92:12:29:ac:d6:2d:de:aa:e6:86:57:34:e7:21:3d:4f:
         9b:cf:b6:93:32:0f:53:e6:ee:e2:c3:7d:37:4e:07:4a:6c:42:
         0d:a6:d5:7e:b6:c2:71:67:5c:18:43:cb:16:83:a9:34:d8:0a:
         b3:2b:cc:a5:44:bd:32:44:53:10:73:22:ce:c4:32:f7:bb:bf:
         cb:a1:ad:f9:43:3f:02:a7:60:19:e3:f8:a3:21:7a:cb:0c:4f:
         48:af:0d:09:fe:95:1d:ff:2f:5e:89:dd:27:81:96:81:a8:ed:
         3d:ff:d9:9d:1e:6b:53:c0:28:1d:20:33:cb:34:5b:30:9e:ff:
         fb:90:f1:4f:fb:85:85:9e:13:d8:eb:99:bd:3d:6f:9e:ef:ca:
         d0:c2:03:78:91:ad:4d:fb:af:e3:7a:d7:cf:71:5e:ae:8a:a4:
         1c:aa:f4:f7:8d:57:a8:2d:2c:ac:42:90:25:84:94:90:2b:cf:
         02:c9:d8:1f:01:53:ff:b4:d4:42:9e:c7:29:4f:11:bd:53:16:
         c8:a4:eb:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJgjb8h4ZzSY7UgTaoW+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTI0NjJmNzIwOGIwOTcwMTNiNWYyMTZkNjM0MzdmYTQw
MWZiNzIwHhcNMjUxMTExMDkwMTI2WhcNMjUxMTEyMDkwMTI2WjAzMTEwLwYDVQQD
EyhhZTM4YmUxMTQxMjIyOThkZGNiZGJmNTgyNjNkNjAzM2M1MDY0ODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Q0Hn+c6fG+4lbPss56kBdYkAk5D
G1Eems0BGFZt/hzIb2nQPIA83IRMPUqOy25nrui8/5VjcV/n4vF+ib1uWvTXrL+b
0u0SirxBt1PoTYU2Wc1LXVrWTtuxUrcJmai+6sJ3KmmAAQ+JHyydoJTwg8WvTYzf
iuWJDuR1oWM7xGASuwM1SeWZ47YyDeaZ88YenseQYlrzy3xveqQYFg28+Hijm1z/
NhrCUEl5X1aoDdhXj7Ljnxd/meeGkcII53vEeBNredxwSYl9qXMGhEACx8iWJuI4
RlHk4+nDqUXFYnM0cdFIe2sGDnSs2JBzMOUVSPW93Cn6t1EiIXeniSqORQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK44vhFBIimN3L2/WCY9YDPFBkhIMB8GA1UdIwQY
MBaAFNKiRi9yCLCXATtfIW1jQ3+kAftyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYt
N2RiZjUwZDc0MjhjLzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYtN2RiZjUwZDc0Mjhj
LzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbYp3v/T3
TkpZAIZgnZ/VHJ9fSABPtz4AdPVyfLfEYgr3UUtw0FAjxXIuODAHM0STsznLamcc
URmSEims1i3equaGVzTnIT1Pm8+2kzIPU+bu4sN9N04HSmxCDabVfrbCcWdcGEPL
FoOpNNgKsyvMpUS9MkRTEHMizsQy97u/y6Gt+UM/AqdgGeP4oyF6ywxPSK8NCf6V
Hf8vXondJ4GWgajtPf/ZnR5rU8AoHSAzyzRbMJ7/+5DxT/uFhZ4T2OuZvT1vnu/K
0MIDeJGtTfuv43rXz3FeroqkHKr0941XqC0srEKQJYSUkCvPAsnYHwFT/7TUQp7H
KU8RvVMWyKTrWw==
-----END CERTIFICATE-----