Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
File:                     kjlpG6eScAY69DZNMIYxNl6QEWo.mft (raw, json)
Hash identifier:          xmu21U+L7XhyRyKokszv5vpaNXDM6HBPl42lJiFSWP4=
Subject key identifier:   D1:A7:53:41:00:0B:56:E8:24:B6:56:2A:5A:55:B8:53:2A:49:5A:37
Authority key identifier: 92:39:69:1B:A7:92:70:06:3A:F4:36:4D:30:86:31:36:5E:90:11:6A
Certificate issuer:       /CN=9239691ba79270063af4364d308631365e90116a
Certificate serial:       01977007814557F29B48C400D840C640EA8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
Manifest number:          0CEA
Signing time:             Sat 14 Jun 2025 20:00:29 +0000
Manifest this update:     Sat 14 Jun 2025 20:00:29 +0000
Manifest next update:     Sun 15 Jun 2025 20:00:29 +0000
Files and hashes:         1: kjlpG6eScAY69DZNMIYxNl6QEWo.crl (hash: 9REE3+pI4v07zGsx8HXCfuAV9kxu2oWiyR5YdUo3ZkA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:07:81:45:57:f2:9b:48:c4:00:d8:40:c6:40:ea:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9239691ba79270063af4364d308631365e90116a
        Validity
            Not Before: Jun 14 20:00:29 2025 GMT
            Not After : Jun 15 20:00:29 2025 GMT
        Subject: CN=d1a75341000b56e824b6562a5a55b8532a495a37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b8:d7:49:5f:42:01:e6:dd:7f:e9:8d:b2:30:
                    d3:20:47:bc:06:4a:48:e7:c8:85:54:62:53:cd:dd:
                    b6:d7:fc:d9:3c:96:d8:f6:83:8b:51:21:2e:30:2f:
                    08:26:f9:0e:b4:77:01:a6:2f:c4:54:09:c0:b7:32:
                    47:a7:f5:91:91:0d:be:9c:8a:fb:72:62:1f:f8:74:
                    74:62:c5:a6:53:72:c7:a7:9c:0b:5a:6f:dd:71:12:
                    ab:ed:59:d7:3f:5e:2f:f9:5b:70:3f:a4:38:fd:db:
                    93:e1:8c:19:96:61:ee:ed:3b:0c:9c:d1:45:03:c7:
                    50:62:6e:5d:9c:f2:d2:d0:92:ad:bf:22:82:e6:20:
                    f1:98:12:ab:84:9f:45:5c:31:62:46:3d:75:b7:83:
                    29:ab:98:55:7b:77:31:71:c2:1a:db:6c:2f:76:b1:
                    8d:4e:28:d6:df:42:48:06:91:33:26:72:ac:6c:bd:
                    f4:ee:09:24:1c:b1:2c:76:36:ca:96:b7:36:ac:dd:
                    6c:dd:ae:c3:e0:d3:c6:0e:cd:c8:16:9d:46:e1:f4:
                    7a:dc:d6:8a:da:56:20:61:cb:16:bb:01:85:09:62:
                    2f:8c:af:5f:bb:4f:fe:ab:cc:31:25:99:e8:e0:f2:
                    1b:3c:59:28:2e:36:a7:be:db:6c:15:bd:21:7e:08:
                    51:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:A7:53:41:00:0B:56:E8:24:B6:56:2A:5A:55:B8:53:2A:49:5A:37
            X509v3 Authority Key Identifier:
                keyid:92:39:69:1B:A7:92:70:06:3A:F4:36:4D:30:86:31:36:5E:90:11:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:d8:0b:64:fd:dd:34:f4:94:37:61:d7:3c:17:c8:3b:2e:45:
         6f:44:7a:9c:76:c5:98:89:c9:09:62:db:14:dd:a1:2e:b8:cb:
         de:71:03:92:a0:30:32:ef:4a:66:62:74:4d:b7:dd:96:9e:7c:
         d3:bb:3b:a0:22:90:84:d7:a1:60:8c:32:11:3f:25:b2:b6:33:
         de:47:96:8f:8e:d2:0d:87:68:3b:2d:5b:63:81:47:68:64:10:
         bd:62:ee:1a:07:98:42:63:14:6f:01:a6:79:c5:07:74:5c:be:
         45:d0:c5:6f:c9:6f:d0:53:8a:16:dc:70:c6:8d:8c:7b:f4:55:
         c8:3b:19:c0:70:3e:22:2a:84:22:a1:b1:c3:e1:cd:7a:56:b4:
         2f:76:00:90:1b:5d:00:71:73:f9:1a:18:1f:01:63:21:72:4b:
         57:4d:ba:4b:de:55:51:91:de:52:8b:ce:16:17:41:52:8d:70:
         47:5c:13:ae:8c:63:5c:c8:89:1b:b2:1a:f8:98:55:19:fc:2c:
         2c:6c:cf:98:24:36:87:5e:16:2d:dc:a3:c0:6f:45:16:41:c3:
         1a:98:06:09:e6:28:15:30:b2:70:39:62:8a:26:39:e2:16:86:
         50:64:24:07:32:9e:b1:94:36:94:6b:d8:ba:a1:12:00:a5:bc:
         0f:7c:59:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwB4FFV/KbSMQA2EDGQOqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMzk2OTFiYTc5MjcwMDYzYWY0MzY0ZDMwODYzMTM2NWU5
MDExNmEwHhcNMjUwNjE0MjAwMDI5WhcNMjUwNjE1MjAwMDI5WjAzMTEwLwYDVQQD
EyhkMWE3NTM0MTAwMGI1NmU4MjRiNjU2MmE1YTU1Yjg1MzJhNDk1YTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurjXSV9CAebdf+mNsjDTIEe8BkpI
58iFVGJTzd221/zZPJbY9oOLUSEuMC8IJvkOtHcBpi/EVAnAtzJHp/WRkQ2+nIr7
cmIf+HR0YsWmU3LHp5wLWm/dcRKr7VnXP14v+VtwP6Q4/duT4YwZlmHu7TsMnNFF
A8dQYm5dnPLS0JKtvyKC5iDxmBKrhJ9FXDFiRj11t4Mpq5hVe3cxccIa22wvdrGN
TijW30JIBpEzJnKsbL307gkkHLEsdjbKlrc2rN1s3a7D4NPGDs3IFp1G4fR63NaK
2lYgYcsWuwGFCWIvjK9fu0/+q8wxJZno4PIbPFkoLjanvttsFb0hfghR7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGnU0EAC1boJLZWKlpVuFMqSVo3MB8GA1UdIwQY
MBaAFJI5aRunknAGOvQ2TTCGMTZekBFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC84NmJkMDktMzJiMC00OTRjLTk3NTUt
ZjE3OTJiZDc3YTUzLzEva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC84NmJkMDktMzJiMC00OTRjLTk3NTUtZjE3OTJiZDc3YTUz
LzEva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd9gLZP3d
NPSUN2HXPBfIOy5Fb0R6nHbFmInJCWLbFN2hLrjL3nEDkqAwMu9KZmJ0Tbfdlp58
07s7oCKQhNehYIwyET8lsrYz3keWj47SDYdoOy1bY4FHaGQQvWLuGgeYQmMUbwGm
ecUHdFy+RdDFb8lv0FOKFtxwxo2Me/RVyDsZwHA+IiqEIqGxw+HNela0L3YAkBtd
AHFz+RoYHwFjIXJLV026S95VUZHeUovOFhdBUo1wR1wTroxjXMiJG7Ia+JhVGfws
LGzPmCQ2h14WLdyjwG9FFkHDGpgGCeYoFTCycDliiiY54haGUGQkBzKesZQ2lGvY
uqESAKW8D3xZdA==
-----END CERTIFICATE-----