Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
File:                     kljqmCx9enWV6Dphx66z12GIlww.mft (raw, json)
Hash identifier:          M9OQ1fbaUySMDgam3VmsiSaedDbk7Qs/jdkYO9Qimfw=
Subject key identifier:   EA:A8:FF:A1:D1:54:33:DB:86:E3:2B:2B:84:1D:1C:CE:D5:CD:32:4A
Authority key identifier: 92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C
Certificate issuer:       /CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
Certificate serial:       019A522CA4095565796DB2F3274889326547
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
Manifest number:          14B4
Signing time:             Wed 05 Nov 2025 04:00:48 +0000
Manifest this update:     Wed 05 Nov 2025 04:00:48 +0000
Manifest next update:     Thu 06 Nov 2025 04:00:48 +0000
Files and hashes:         1: kljqmCx9enWV6Dphx66z12GIlww.crl (hash: 91gHO4IAkWT5BM8KZZ9F7Zy+CoDoUfKQc48HirqHZ70=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:37:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:2c:a4:09:55:65:79:6d:b2:f3:27:48:89:32:65:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
        Validity
            Not Before: Nov  5 04:00:48 2025 GMT
            Not After : Nov  6 04:00:48 2025 GMT
        Subject: CN=eaa8ffa1d15433db86e32b2b841d1cced5cd324a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f7:8d:7b:01:9d:59:0e:94:c0:f3:71:74:ad:
                    99:e8:b1:d9:aa:b8:a8:72:80:a5:18:03:02:d0:ee:
                    f5:e2:aa:8a:4c:af:6e:69:34:88:1c:c0:34:1d:32:
                    73:4d:cc:da:74:1c:fd:f6:d5:f0:fa:39:4f:60:9d:
                    8b:fe:96:90:bf:68:74:0a:b1:06:32:88:50:7a:ec:
                    40:c4:b3:65:63:1e:88:1c:86:42:bb:d5:e9:f6:ea:
                    c0:3f:1b:da:9d:df:ab:95:a6:b0:51:3f:19:cb:e3:
                    9e:1b:93:7e:1f:d6:a0:02:72:7f:29:9c:4c:5e:e9:
                    62:d7:dd:56:d9:75:21:44:a4:86:4a:44:82:70:2f:
                    61:be:1a:9b:f0:21:de:f3:95:5b:9a:0c:6b:6b:44:
                    c8:86:bc:2e:c4:eb:4d:20:1e:60:2f:f2:21:96:d8:
                    70:7b:ac:4b:2a:b3:8b:01:d8:07:12:96:12:5c:f9:
                    71:d3:f9:37:a8:d7:c8:de:73:0e:ac:98:df:ed:9f:
                    8c:ea:92:d0:2e:e5:4e:a2:96:6a:b3:d4:d2:33:ec:
                    db:75:72:af:83:72:e1:ca:fe:96:bc:48:29:fe:b8:
                    16:12:f2:54:9f:d9:ca:19:d3:54:e0:c5:14:a5:ec:
                    7c:39:97:66:7e:57:d9:34:e4:fb:27:f8:82:27:e6:
                    43:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:A8:FF:A1:D1:54:33:DB:86:E3:2B:2B:84:1D:1C:CE:D5:CD:32:4A
            X509v3 Authority Key Identifier:
                keyid:92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:e5:a5:14:2f:43:72:ce:0a:5f:86:b0:44:8e:23:1b:03:4a:
         1d:d2:72:43:7b:41:76:b6:e4:b3:37:25:ab:f4:5d:ae:63:25:
         38:3b:c6:ea:a9:c9:f9:11:49:16:4a:3c:bb:80:54:68:17:d4:
         7e:34:ef:d9:bb:e1:a2:21:ba:b2:4c:fc:6a:8a:4a:ff:92:19:
         e1:99:3a:48:27:df:ac:3c:a2:63:74:25:fd:b6:23:74:e4:90:
         a8:52:d2:15:fa:dc:58:6d:77:ee:0f:69:3e:3a:6e:a3:b1:5f:
         1f:c3:0f:9f:0e:8f:f0:d6:c5:13:ff:6e:4d:23:09:33:96:a0:
         74:4c:bf:53:9a:c2:13:e8:55:92:d6:0e:c6:91:9a:7e:ea:f2:
         e9:b2:a0:d2:29:5c:45:c1:11:93:0b:ee:40:0e:cb:63:ad:c3:
         0d:35:dd:48:14:67:6c:6b:88:51:ce:5f:68:6f:42:81:e5:85:
         de:b0:b4:eb:c7:81:d3:b1:8e:d0:51:2b:c7:1b:be:7c:60:f2:
         c7:79:a5:f8:76:22:40:3e:43:6b:ff:8a:fa:b9:57:8b:e9:95:
         ee:72:a4:8e:ad:79:1f:58:1a:1d:f8:28:41:9d:39:af:67:20:
         4d:66:f8:85:b3:fd:41:f9:c9:52:13:37:59:3a:96:5b:08:87:
         cc:dc:1d:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSLKQJVWV5bbLzJ0iJMmVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNThlYTk4MmM3ZDdhNzU5NWU4M2E2MWM3YWViM2Q3NjE4
ODk3MGMwHhcNMjUxMTA1MDQwMDQ4WhcNMjUxMTA2MDQwMDQ4WjAzMTEwLwYDVQQD
EyhlYWE4ZmZhMWQxNTQzM2RiODZlMzJiMmI4NDFkMWNjZWQ1Y2QzMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/eNewGdWQ6UwPNxdK2Z6LHZqrio
coClGAMC0O714qqKTK9uaTSIHMA0HTJzTczadBz99tXw+jlPYJ2L/paQv2h0CrEG
MohQeuxAxLNlYx6IHIZCu9Xp9urAPxvand+rlaawUT8Zy+OeG5N+H9agAnJ/KZxM
Xuli191W2XUhRKSGSkSCcC9hvhqb8CHe85Vbmgxra0TIhrwuxOtNIB5gL/Ihlthw
e6xLKrOLAdgHEpYSXPlx0/k3qNfI3nMOrJjf7Z+M6pLQLuVOopZqs9TSM+zbdXKv
g3Lhyv6WvEgp/rgWEvJUn9nKGdNU4MUUpex8OZdmflfZNOT7J/iCJ+ZDqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqo/6HRVDPbhuMrK4QdHM7VzTJKMB8GA1UdIwQY
MBaAFJJY6pgsfXp1leg6Yceus9dhiJcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjct
OTExMDcwZjI3ZTM3LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjctOTExMDcwZjI3ZTM3
LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJeWlFC9D
cs4KX4awRI4jGwNKHdJyQ3tBdrbkszclq/RdrmMlODvG6qnJ+RFJFko8u4BUaBfU
fjTv2bvhoiG6skz8aopK/5IZ4Zk6SCffrDyiY3Ql/bYjdOSQqFLSFfrcWG137g9p
Pjpuo7FfH8MPnw6P8NbFE/9uTSMJM5agdEy/U5rCE+hVktYOxpGafury6bKg0ilc
RcERkwvuQA7LY63DDTXdSBRnbGuIUc5faG9CgeWF3rC068eB07GO0FErxxu+fGDy
x3ml+HYiQD5Da/+K+rlXi+mV7nKkjq15H1gaHfgoQZ05r2cgTWb4hbP9QfnJUhM3
WTqWWwiHzNwdEQ==
-----END CERTIFICATE-----