Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
File:                     kljqmCx9enWV6Dphx66z12GIlww.mft (raw, json)
Hash identifier:          eH5DDdKKoHl6gbprwEshHsRgwxI9qalxIG/QW5bzIbM=
Subject key identifier:   A4:B5:6A:44:8C:02:D2:2B:52:43:73:C2:03:62:87:E8:32:81:DD:D9
Authority key identifier: 92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C
Certificate issuer:       /CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
Certificate serial:       01967944088648E75B560FF621B6A11EE541
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
Manifest number:          12B6
Signing time:             Sun 27 Apr 2025 22:00:23 +0000
Manifest this update:     Sun 27 Apr 2025 22:00:23 +0000
Manifest next update:     Mon 28 Apr 2025 22:00:23 +0000
Files and hashes:         1: kljqmCx9enWV6Dphx66z12GIlww.crl (hash: 7F8Gn+K2QN6qbWYP9uIatKXNjpo18wu8cR1C9OFjaTM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 22:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:44:08:86:48:e7:5b:56:0f:f6:21:b6:a1:1e:e5:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
        Validity
            Not Before: Apr 27 22:00:23 2025 GMT
            Not After : Apr 28 22:00:23 2025 GMT
        Subject: CN=a4b56a448c02d22b524373c2036287e83281ddd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:15:6e:de:52:a6:6c:c2:93:93:f1:cb:10:28:
                    9a:07:7d:d9:e2:dc:8d:85:96:0d:4e:78:d3:78:2b:
                    a4:b4:f1:25:ea:48:c7:7c:69:b6:7f:92:f3:36:be:
                    6a:d9:68:94:68:aa:c5:ab:e6:13:f4:c9:36:ba:2f:
                    26:d6:6d:cc:69:e8:79:75:d3:6d:da:7d:ea:0e:6b:
                    5a:6d:db:6f:47:00:e1:95:0d:10:a8:52:f4:ec:9e:
                    25:e6:0d:0d:1a:23:ff:45:db:68:0d:5d:ce:17:7b:
                    7e:9f:47:26:46:83:c6:e4:af:9e:de:ef:54:04:9d:
                    98:13:ca:be:2e:03:13:22:79:5f:c4:aa:2b:ae:95:
                    1f:1d:d6:8b:4c:30:84:a4:f3:9c:44:bd:dc:d4:28:
                    be:b9:87:6e:85:d2:98:78:11:5f:96:3e:26:56:d6:
                    db:c4:1c:94:a2:d9:14:7a:8f:6c:7b:59:b0:1e:b8:
                    10:d6:45:1e:f7:9c:1c:53:5b:ff:89:7a:43:e2:2c:
                    6c:e9:c5:5c:1c:70:c5:0b:01:39:62:25:b2:af:c3:
                    3a:78:88:a5:cc:79:c7:14:63:94:3c:33:81:a2:87:
                    78:9c:13:86:b3:de:6f:cb:bc:68:4c:a3:57:45:91:
                    4e:1b:d7:52:3a:1e:3a:74:15:9b:8b:eb:ad:04:71:
                    34:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:B5:6A:44:8C:02:D2:2B:52:43:73:C2:03:62:87:E8:32:81:DD:D9
            X509v3 Authority Key Identifier:
                keyid:92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:11:3d:27:5a:d0:cf:ed:39:32:8b:ba:82:95:96:38:94:ed:
         e4:46:d7:ce:6e:47:c1:e6:a1:4a:79:cc:ae:2b:e0:a9:74:c0:
         cd:5b:e7:6d:41:13:42:cc:69:e1:c1:32:d7:40:a1:21:ab:d1:
         54:b8:56:77:ab:77:3f:b9:35:12:ec:d8:e0:e5:e2:f8:5a:0a:
         32:04:aa:5b:d6:c7:36:5a:63:43:18:12:79:a0:41:a7:0e:ac:
         f9:be:16:e5:90:d3:e5:c6:52:df:60:5f:c4:a2:6f:f3:50:2d:
         24:2e:4b:31:a2:fa:b6:d6:48:f4:82:15:87:4c:20:86:d3:28:
         3b:8a:74:a6:5b:42:61:58:74:e3:55:d9:c8:8b:f6:94:94:41:
         c3:38:a3:dd:5a:a3:40:75:bb:95:e0:05:a2:2b:1b:89:ac:4b:
         2a:ac:33:d3:5d:91:8e:b4:fc:d6:67:38:38:0e:d5:16:f8:3f:
         fe:89:d3:bd:da:d1:79:a7:be:7d:a7:23:42:a7:80:ce:a5:c0:
         ab:93:37:a6:56:85:21:a6:f4:05:e4:25:e7:83:79:bd:e9:0f:
         d2:bc:00:9b:f5:6e:3a:26:d6:f5:97:a7:1a:7a:7e:c2:e2:cf:
         33:c4:48:a3:e5:7f:40:17:c3:02:73:a7:5a:ae:61:d6:90:54:
         29:ae:7b:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ5RAiGSOdbVg/2IbahHuVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNThlYTk4MmM3ZDdhNzU5NWU4M2E2MWM3YWViM2Q3NjE4
ODk3MGMwHhcNMjUwNDI3MjIwMDIzWhcNMjUwNDI4MjIwMDIzWjAzMTEwLwYDVQQD
EyhhNGI1NmE0NDhjMDJkMjJiNTI0MzczYzIwMzYyODdlODMyODFkZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxVu3lKmbMKTk/HLECiaB33Z4tyN
hZYNTnjTeCuktPEl6kjHfGm2f5LzNr5q2WiUaKrFq+YT9Mk2ui8m1m3Maeh5ddNt
2n3qDmtabdtvRwDhlQ0QqFL07J4l5g0NGiP/RdtoDV3OF3t+n0cmRoPG5K+e3u9U
BJ2YE8q+LgMTInlfxKorrpUfHdaLTDCEpPOcRL3c1Ci+uYduhdKYeBFflj4mVtbb
xByUotkUeo9se1mwHrgQ1kUe95wcU1v/iXpD4ixs6cVcHHDFCwE5YiWyr8M6eIil
zHnHFGOUPDOBood4nBOGs95vy7xoTKNXRZFOG9dSOh46dBWbi+utBHE0SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKS1akSMAtIrUkNzwgNih+gygd3ZMB8GA1UdIwQY
MBaAFJJY6pgsfXp1leg6Yceus9dhiJcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjct
OTExMDcwZjI3ZTM3LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjctOTExMDcwZjI3ZTM3
LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAChE9J1rQ
z+05Mou6gpWWOJTt5EbXzm5HweahSnnMrivgqXTAzVvnbUETQsxp4cEy10ChIavR
VLhWd6t3P7k1EuzY4OXi+FoKMgSqW9bHNlpjQxgSeaBBpw6s+b4W5ZDT5cZS32Bf
xKJv81AtJC5LMaL6ttZI9IIVh0wghtMoO4p0pltCYVh041XZyIv2lJRBwzij3Vqj
QHW7leAFoisbiaxLKqwz012RjrT81mc4OA7VFvg//onTvdrReae+facjQqeAzqXA
q5M3plaFIab0BeQl54N5vekP0rwAm/VuOibW9ZenGnp+wuLPM8RIo+V/QBfDAnOn
Wq5h1pBUKa57iQ==
-----END CERTIFICATE-----