Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
File:                     kljqmCx9enWV6Dphx66z12GIlww.mft (raw, json)
Hash identifier:          dXWmMyvhLd1buRLjzJoVWlzgDJ1KhG7jM1kzhn7fU/c=
Subject key identifier:   67:F0:E1:1F:3D:18:8D:62:E8:68:0D:73:82:4C:8E:94:9F:BF:83:22
Authority key identifier: 92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C
Certificate issuer:       /CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
Certificate serial:       01989DB9EE991E56E66E1083A2A2C2A27C30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
Manifest number:          13D2
Signing time:             Tue 12 Aug 2025 10:01:04 +0000
Manifest this update:     Tue 12 Aug 2025 10:01:04 +0000
Manifest next update:     Wed 13 Aug 2025 10:01:04 +0000
Files and hashes:         1: kljqmCx9enWV6Dphx66z12GIlww.crl (hash: 5RslMZ1Jyjjh740p89ecsm/Uaz2lzrS/dVX3ulXIsDk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 10:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9d:b9:ee:99:1e:56:e6:6e:10:83:a2:a2:c2:a2:7c:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
        Validity
            Not Before: Aug 12 10:01:04 2025 GMT
            Not After : Aug 13 10:01:04 2025 GMT
        Subject: CN=67f0e11f3d188d62e8680d73824c8e949fbf8322
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:54:ab:35:8c:03:47:f1:b3:be:9e:f9:ee:82:
                    33:33:18:20:7f:61:8d:a1:56:b3:fe:35:fb:0e:94:
                    35:74:3e:30:8e:6f:fb:d9:3a:f5:6c:ef:a3:6b:35:
                    5c:97:0c:68:69:91:95:05:26:26:dc:7b:77:91:12:
                    16:b9:cd:03:7a:90:7b:23:00:d8:b6:86:15:60:8f:
                    21:12:22:ad:1c:12:cc:18:4c:1e:6e:38:71:bd:11:
                    f2:8c:fb:2b:c8:d0:a5:3f:cd:d6:d1:f1:75:20:99:
                    36:5e:cf:ea:ba:99:00:ea:10:c2:93:f8:b9:d9:79:
                    80:0d:c9:6e:70:92:03:a0:ec:ff:9f:a6:92:53:53:
                    86:97:b5:97:03:af:36:0c:d9:5c:ee:dc:96:24:9d:
                    fd:8b:db:04:8a:00:ce:57:c9:2f:08:23:55:92:96:
                    50:2e:19:af:4b:b7:a3:71:60:1c:ba:88:2b:b8:2f:
                    57:79:7a:b3:2f:9e:2e:ff:99:82:eb:e7:b3:84:e2:
                    37:82:57:6e:9e:60:69:ae:e3:28:62:14:9e:f7:4f:
                    31:90:da:8c:e1:bc:19:b8:29:69:30:0a:71:58:4f:
                    a2:9b:38:77:04:f1:1c:b5:f8:91:51:83:91:e0:93:
                    8e:ca:42:7a:52:ed:49:5a:f2:42:f6:8d:d5:cf:00:
                    82:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:F0:E1:1F:3D:18:8D:62:E8:68:0D:73:82:4C:8E:94:9F:BF:83:22
            X509v3 Authority Key Identifier:
                keyid:92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:6a:66:ca:2f:04:70:0d:c9:77:d0:d9:4f:59:fa:40:48:a0:
         26:4d:95:26:fa:1b:d8:9e:bf:cb:3d:7b:31:7a:a0:ff:40:f0:
         87:08:e6:b8:68:82:0c:b5:fd:82:d9:4f:53:d4:c2:0b:e1:35:
         5e:f6:e1:8e:10:c7:b4:b1:3e:c2:3e:5c:51:c6:5a:0f:5d:a8:
         9b:bc:d1:8c:43:9b:8f:10:52:35:7b:c7:0b:30:52:89:64:46:
         90:d9:a4:2e:11:81:3a:58:93:d1:7e:e6:b2:b0:0c:22:9a:97:
         42:f2:a0:84:f5:7c:30:1d:72:7f:23:ea:c9:5b:78:0f:54:d3:
         0a:8c:cc:14:e2:79:5c:d1:3a:0e:79:93:26:d6:e2:f9:ee:f4:
         ba:4a:fe:be:4f:61:12:4c:95:17:02:63:c3:68:4c:7e:a8:c4:
         f7:1b:86:43:d0:eb:c9:40:7f:68:d1:d4:20:41:4c:3f:f6:8d:
         ef:aa:94:b8:4d:06:79:4e:b1:2e:bb:20:37:c2:42:84:69:86:
         a0:ef:eb:c4:dd:09:e8:38:94:04:83:7d:ed:af:56:02:a8:f0:
         68:8d:13:42:04:58:b0:ba:1e:39:24:bc:74:f2:f6:26:26:0e:
         f2:68:32:e5:6b:76:66:71:97:77:16:74:a4:90:dd:85:13:22:
         8f:9a:5a:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZidue6ZHlbmbhCDoqLConwwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNThlYTk4MmM3ZDdhNzU5NWU4M2E2MWM3YWViM2Q3NjE4
ODk3MGMwHhcNMjUwODEyMTAwMTA0WhcNMjUwODEzMTAwMTA0WjAzMTEwLwYDVQQD
Eyg2N2YwZTExZjNkMTg4ZDYyZTg2ODBkNzM4MjRjOGU5NDlmYmY4MzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1SrNYwDR/Gzvp757oIzMxggf2GN
oVaz/jX7DpQ1dD4wjm/72Tr1bO+jazVclwxoaZGVBSYm3Ht3kRIWuc0DepB7IwDY
toYVYI8hEiKtHBLMGEwebjhxvRHyjPsryNClP83W0fF1IJk2Xs/qupkA6hDCk/i5
2XmADclucJIDoOz/n6aSU1OGl7WXA682DNlc7tyWJJ39i9sEigDOV8kvCCNVkpZQ
LhmvS7ejcWAcuogruC9XeXqzL54u/5mC6+ezhOI3gldunmBpruMoYhSe908xkNqM
4bwZuClpMApxWE+imzh3BPEctfiRUYOR4JOOykJ6Uu1JWvJC9o3VzwCCcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfw4R89GI1i6GgNc4JMjpSfv4MiMB8GA1UdIwQY
MBaAFJJY6pgsfXp1leg6Yceus9dhiJcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjct
OTExMDcwZjI3ZTM3LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjctOTExMDcwZjI3ZTM3
LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGmpmyi8E
cA3Jd9DZT1n6QEigJk2VJvob2J6/yz17MXqg/0DwhwjmuGiCDLX9gtlPU9TCC+E1
XvbhjhDHtLE+wj5cUcZaD12om7zRjEObjxBSNXvHCzBSiWRGkNmkLhGBOliT0X7m
srAMIpqXQvKghPV8MB1yfyPqyVt4D1TTCozMFOJ5XNE6DnmTJtbi+e70ukr+vk9h
EkyVFwJjw2hMfqjE9xuGQ9DryUB/aNHUIEFMP/aN76qUuE0GeU6xLrsgN8JChGmG
oO/rxN0J6DiUBIN97a9WAqjwaI0TQgRYsLoeOSS8dPL2JiYO8mgy5Wt2ZnGXdxZ0
pJDdhRMij5paWg==
-----END CERTIFICATE-----