Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
File:                     kljqmCx9enWV6Dphx66z12GIlww.mft (raw, json)
Hash identifier:          zE3xtALIAxkbEXE1T8hf3QJX3WCSZBKAiEaloeEcVs0=
Subject key identifier:   70:36:0A:E6:1D:FF:40:B7:E7:9E:41:E0:E7:44:CA:84:E4:51:87:05
Authority key identifier: 92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C
Certificate issuer:       /CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
Certificate serial:       01976C98A8655ABDABF2AEF56FA95BDD2A18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
Manifest number:          1334
Signing time:             Sat 14 Jun 2025 04:00:33 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:33 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:33 +0000
Files and hashes:         1: kljqmCx9enWV6Dphx66z12GIlww.crl (hash: wZR4VNR21h1HLsEOGHNzQXH/CEiRjOZbcXjje96X/ho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:a8:65:5a:bd:ab:f2:ae:f5:6f:a9:5b:dd:2a:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
        Validity
            Not Before: Jun 14 04:00:33 2025 GMT
            Not After : Jun 15 04:00:33 2025 GMT
        Subject: CN=70360ae61dff40b7e79e41e0e744ca84e4518705
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:82:b5:6e:2d:aa:5b:19:61:10:ee:29:8c:ab:
                    84:a7:d4:c6:d2:01:3c:1a:4a:3a:48:bc:b2:ff:71:
                    eb:de:3f:17:3d:c9:55:1a:bc:11:01:dd:36:c4:90:
                    a0:f5:15:a6:8c:4c:6d:23:4e:38:d6:38:0b:ed:fd:
                    80:d1:e4:81:ed:fe:99:a0:6d:06:6b:10:d3:ea:98:
                    2c:27:41:2c:8a:03:03:fe:b7:d2:eb:4a:7b:3a:40:
                    fb:85:4b:81:9f:84:97:f0:ad:86:13:75:a3:17:47:
                    5d:55:3e:f3:bb:b9:3f:8f:e2:c6:9c:f6:eb:64:d2:
                    de:58:89:10:69:b8:39:fa:31:6a:eb:88:2d:a5:af:
                    f5:1e:79:68:bf:28:1c:c0:51:28:f7:f6:07:76:d1:
                    aa:aa:aa:7c:3f:3f:4b:b3:2d:25:2c:d5:d5:9c:43:
                    a7:8e:94:fd:15:77:05:cf:67:d0:4f:9c:6b:91:4d:
                    04:de:38:3f:0d:34:58:bd:8f:2e:34:ce:6d:1b:97:
                    e8:90:a4:98:ce:56:03:bc:96:a1:4e:bf:d2:4c:b2:
                    9d:32:ac:f4:69:85:e6:30:e2:83:8e:f6:77:31:70:
                    b7:01:46:a9:c0:b7:23:14:45:ed:ee:65:bb:48:71:
                    03:7a:87:fc:a4:96:3b:4b:78:c9:36:c3:83:65:06:
                    f7:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:36:0A:E6:1D:FF:40:B7:E7:9E:41:E0:E7:44:CA:84:E4:51:87:05
            X509v3 Authority Key Identifier:
                keyid:92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:36:d9:5e:b5:9c:76:83:6d:97:36:29:ee:ab:97:bb:25:81:
         ab:19:4b:92:05:d1:36:25:7e:50:fc:9e:08:e2:3f:93:4e:38:
         ec:64:13:8c:fc:73:ed:cd:fc:ab:02:be:f2:f5:18:90:d6:f1:
         59:32:17:4a:22:ba:d9:96:0f:89:33:29:20:a6:b3:5c:02:8e:
         4b:3b:aa:65:73:08:99:40:88:fd:84:ae:e3:63:58:e4:3b:38:
         22:65:af:ef:72:a8:a6:15:0f:33:38:8e:f9:86:55:0c:74:80:
         c8:98:da:b7:51:ba:27:47:03:5f:30:36:55:2e:1f:8d:76:2e:
         cd:4d:db:86:7c:09:17:31:17:98:94:e1:65:c9:b9:cf:b6:36:
         d0:6c:08:4c:56:e4:0e:87:42:53:30:90:32:b6:79:cc:f6:1c:
         b5:c6:9b:59:c6:9d:0f:89:69:61:6f:73:df:1a:48:de:b7:98:
         18:73:da:71:d5:3c:b1:5f:7d:5a:c2:93:6d:39:0a:7c:ed:ba:
         86:17:d0:78:12:74:43:c0:06:99:9a:4f:23:67:1b:0b:c2:d7:
         3c:0b:2d:83:dd:e4:c4:c3:cc:7a:20:ee:8b:06:e2:c0:8f:e3:
         26:35:ce:ee:a7:a0:88:88:3c:88:eb:92:74:d1:b6:3e:90:3f:
         87:aa:12:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmKhlWr2r8q71b6lb3SoYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNThlYTk4MmM3ZDdhNzU5NWU4M2E2MWM3YWViM2Q3NjE4
ODk3MGMwHhcNMjUwNjE0MDQwMDMzWhcNMjUwNjE1MDQwMDMzWjAzMTEwLwYDVQQD
Eyg3MDM2MGFlNjFkZmY0MGI3ZTc5ZTQxZTBlNzQ0Y2E4NGU0NTE4NzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoK1bi2qWxlhEO4pjKuEp9TG0gE8
Gko6SLyy/3Hr3j8XPclVGrwRAd02xJCg9RWmjExtI0441jgL7f2A0eSB7f6ZoG0G
axDT6pgsJ0EsigMD/rfS60p7OkD7hUuBn4SX8K2GE3WjF0ddVT7zu7k/j+LGnPbr
ZNLeWIkQabg5+jFq64gtpa/1HnlovygcwFEo9/YHdtGqqqp8Pz9Lsy0lLNXVnEOn
jpT9FXcFz2fQT5xrkU0E3jg/DTRYvY8uNM5tG5fokKSYzlYDvJahTr/STLKdMqz0
aYXmMOKDjvZ3MXC3AUapwLcjFEXt7mW7SHEDeof8pJY7S3jJNsODZQb3mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHA2CuYd/0C3555B4OdEyoTkUYcFMB8GA1UdIwQY
MBaAFJJY6pgsfXp1leg6Yceus9dhiJcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjct
OTExMDcwZjI3ZTM3LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjctOTExMDcwZjI3ZTM3
LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeDbZXrWc
doNtlzYp7quXuyWBqxlLkgXRNiV+UPyeCOI/k0447GQTjPxz7c38qwK+8vUYkNbx
WTIXSiK62ZYPiTMpIKazXAKOSzuqZXMImUCI/YSu42NY5Ds4ImWv73KophUPMziO
+YZVDHSAyJjat1G6J0cDXzA2VS4fjXYuzU3bhnwJFzEXmJThZcm5z7Y20GwITFbk
DodCUzCQMrZ5zPYctcabWcadD4lpYW9z3xpI3reYGHPacdU8sV99WsKTbTkKfO26
hhfQeBJ0Q8AGmZpPI2cbC8LXPAstg93kxMPMeiDuiwbiwI/jJjXO7qegiIg8iOuS
dNG2PpA/h6oSFw==
-----END CERTIFICATE-----