Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft
File:                     KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft (raw, json)
Hash identifier:          bxrmXNJCIttOLfbEhaUz68KBMKyTHvX7zzNZojejp94=
Subject key identifier:   9F:EE:91:9D:1D:27:79:CE:92:8E:BD:A5:2C:98:FD:C7:CE:99:31:E2
Authority key identifier: 2A:52:75:AD:89:C9:97:6B:51:03:0C:5B:D2:56:79:9B:79:26:56:0C
Certificate issuer:       /CN=2a5275ad89c9976b51030c5bd256799b7926560c
Certificate serial:       01976D3E03FE7EDA61A7B24D979FB514317E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft
Manifest number:          093F
Signing time:             Sat 14 Jun 2025 07:01:10 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:10 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:10 +0000
Files and hashes:         1: KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl (hash: oiqupRYjKsyZxyLUJrmstUE1YrqfPJJgDlfyHdQIKzM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:03:fe:7e:da:61:a7:b2:4d:97:9f:b5:14:31:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a5275ad89c9976b51030c5bd256799b7926560c
        Validity
            Not Before: Jun 14 07:01:10 2025 GMT
            Not After : Jun 15 07:01:10 2025 GMT
        Subject: CN=9fee919d1d2779ce928ebda52c98fdc7ce9931e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:d1:ff:7d:3e:58:c2:ab:bf:41:bd:60:15:41:
                    74:66:78:d3:b0:06:29:49:d9:10:95:fe:0d:4b:9f:
                    49:26:ba:3b:70:46:92:1d:15:ab:5a:89:a2:52:90:
                    11:6c:cd:d4:01:1d:92:40:e6:a3:e8:9c:4f:8f:09:
                    a1:a3:40:4f:2e:34:81:c7:df:7f:b8:36:04:17:fa:
                    50:3a:e4:a9:01:22:33:78:24:40:f2:35:08:69:bf:
                    45:2d:63:ef:30:ec:16:85:a2:65:b6:64:25:a0:47:
                    94:06:14:f9:01:a8:dd:39:00:f2:01:5e:01:18:76:
                    81:db:70:54:23:e4:ec:ed:58:54:19:c9:e2:a0:47:
                    76:34:19:c9:02:89:91:a6:07:f8:14:48:ed:48:28:
                    dc:97:a2:f7:da:4c:78:3f:d9:f5:90:f3:06:ca:92:
                    59:8d:76:d4:c0:67:55:d6:2a:18:93:bf:00:21:66:
                    a0:a8:af:c6:63:7d:e9:5a:9c:62:17:67:76:fd:5e:
                    b0:60:b9:d8:cc:da:61:ff:cf:e5:2c:70:c4:56:74:
                    4a:5d:e4:8c:60:68:88:6c:9f:f4:0f:2a:df:fc:04:
                    fe:93:22:13:63:b7:83:ab:64:93:58:7d:78:3d:49:
                    10:f4:4e:65:f9:42:ab:97:45:c0:c6:0a:98:54:7f:
                    dc:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:EE:91:9D:1D:27:79:CE:92:8E:BD:A5:2C:98:FD:C7:CE:99:31:E2
            X509v3 Authority Key Identifier:
                keyid:2A:52:75:AD:89:C9:97:6B:51:03:0C:5B:D2:56:79:9B:79:26:56:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:79:f1:c6:e8:85:e2:bb:64:85:7e:ba:bb:63:6e:f1:37:4e:
         9d:e7:9d:b5:89:5f:19:1c:ae:5a:53:bb:76:96:18:22:9f:e7:
         bd:e1:5e:66:e8:46:00:d1:56:fb:73:36:8b:e5:63:26:e7:56:
         3b:29:5b:b2:92:8a:9a:ad:22:07:91:d8:01:2e:da:9b:35:2a:
         a3:65:d9:e4:8c:f1:a6:26:f4:92:68:0e:62:05:8f:71:8d:37:
         61:1e:96:6b:97:35:39:98:80:8b:a2:4c:63:5e:72:af:78:bb:
         2d:1a:b9:e7:7a:f7:cc:bc:94:cd:ea:7d:90:72:67:1e:e8:4a:
         1b:bf:ee:97:8f:08:29:da:c3:b7:d8:52:d0:bd:c0:08:ca:d7:
         c3:f0:89:e4:70:a3:10:b0:e5:45:b2:db:56:27:4b:3e:95:ab:
         2a:24:84:d5:28:26:b8:5b:65:8c:8e:8f:d5:8f:99:82:81:2b:
         69:9d:d4:a9:6c:95:c8:8c:cd:25:92:a9:a3:cb:44:d3:b7:8d:
         8e:bd:3a:6d:1e:b8:02:08:75:c3:59:f5:f5:48:0f:45:29:aa:
         14:b7:d8:e0:c8:16:b6:58:7a:97:b7:4c:34:44:77:54:c6:b6:
         99:9f:8d:1d:1b:ef:69:1c:ab:10:70:8d:8b:ce:63:e1:14:2f:
         28:14:cc:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPgP+ftphp7JNl5+1FDF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNTI3NWFkODljOTk3NmI1MTAzMGM1YmQyNTY3OTliNzky
NjU2MGMwHhcNMjUwNjE0MDcwMTEwWhcNMjUwNjE1MDcwMTEwWjAzMTEwLwYDVQQD
Eyg5ZmVlOTE5ZDFkMjc3OWNlOTI4ZWJkYTUyYzk4ZmRjN2NlOTkzMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dH/fT5Ywqu/Qb1gFUF0ZnjTsAYp
SdkQlf4NS59JJro7cEaSHRWrWomiUpARbM3UAR2SQOaj6JxPjwmho0BPLjSBx99/
uDYEF/pQOuSpASIzeCRA8jUIab9FLWPvMOwWhaJltmQloEeUBhT5AajdOQDyAV4B
GHaB23BUI+Ts7VhUGcnioEd2NBnJAomRpgf4FEjtSCjcl6L32kx4P9n1kPMGypJZ
jXbUwGdV1ioYk78AIWagqK/GY33pWpxiF2d2/V6wYLnYzNph/8/lLHDEVnRKXeSM
YGiIbJ/0Dyrf/AT+kyITY7eDq2STWH14PUkQ9E5l+UKrl0XAxgqYVH/cmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ/ukZ0dJ3nOko69pSyY/cfOmTHiMB8GA1UdIwQY
MBaAFCpSda2JyZdrUQMMW9JWeZt5JlYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85YmMyZDgtOTMyMC00YTMxLWE3ZDQt
MTE1NjY5MGE0M2I1LzEvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC85YmMyZDgtOTMyMC00YTMxLWE3ZDQtMTE1NjY5MGE0M2I1
LzEvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEnnxxuiF
4rtkhX66u2Nu8TdOneedtYlfGRyuWlO7dpYYIp/nveFeZuhGANFW+3M2i+VjJudW
OylbspKKmq0iB5HYAS7amzUqo2XZ5Izxpib0kmgOYgWPcY03YR6Wa5c1OZiAi6JM
Y15yr3i7LRq553r3zLyUzep9kHJnHuhKG7/ul48IKdrDt9hS0L3ACMrXw/CJ5HCj
ELDlRbLbVidLPpWrKiSE1SgmuFtljI6P1Y+ZgoEraZ3UqWyVyIzNJZKpo8tE07eN
jr06bR64Agh1w1n19UgPRSmqFLfY4MgWtlh6l7dMNER3VMa2mZ+NHRvvaRyrEHCN
i85j4RQvKBTM9w==
-----END CERTIFICATE-----