Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
File:                     kljqmCx9enWV6Dphx66z12GIlww.mft (raw, json)
Hash identifier:          VGTLY7iXsLtdI13IVyxg+QN6QaHuEaAY0L90JMTD718=
Subject key identifier:   61:CA:9F:31:49:74:A2:2A:FC:8D:32:74:2D:5B:25:D6:C0:1F:B7:DC
Authority key identifier: 92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C
Certificate issuer:       /CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
Certificate serial:       019922FA3688345BD117DA5018FD3729B0C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
Manifest number:          1417
Signing time:             Sun 07 Sep 2025 07:00:47 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:47 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:47 +0000
Files and hashes:         1: kljqmCx9enWV6Dphx66z12GIlww.crl (hash: Hb46WgxjmrbvB91kXCl59khchmHfAtaXc3m1jbs6GNw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:36:88:34:5b:d1:17:da:50:18:fd:37:29:b0:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
        Validity
            Not Before: Sep  7 07:00:47 2025 GMT
            Not After : Sep  8 07:00:47 2025 GMT
        Subject: CN=61ca9f314974a22afc8d32742d5b25d6c01fb7dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:71:80:4d:36:78:bf:42:d3:15:1c:cc:e5:a6:
                    f1:76:ed:05:b1:85:19:67:e4:b6:13:19:01:74:d2:
                    4a:af:1b:20:77:08:55:fc:a9:b7:e8:54:02:15:05:
                    ed:03:12:af:da:48:64:93:1b:03:30:23:82:03:bd:
                    9e:26:d0:bb:17:f7:29:fc:5f:00:d4:68:07:b7:43:
                    a5:d0:37:78:c3:23:02:38:cd:2c:00:37:d0:22:05:
                    c7:a6:87:0f:50:aa:64:42:06:dd:91:e5:14:93:37:
                    ee:9f:49:c0:a2:43:b4:6e:a2:bc:bf:fa:78:6c:11:
                    62:55:77:93:8f:c3:ac:d9:a4:c6:95:fd:8d:17:eb:
                    b6:af:62:d3:0b:12:c4:45:b1:68:a9:ed:eb:4c:5b:
                    65:1f:3d:72:64:3a:cb:f3:b7:af:68:0a:31:5b:e4:
                    3d:2f:09:9f:c8:af:79:7f:31:f7:37:66:36:b7:09:
                    72:de:1f:84:b4:5b:db:8c:17:aa:88:0d:24:12:e5:
                    d7:ed:96:1f:4e:25:99:b9:de:7f:ef:8f:72:93:40:
                    2f:cf:ef:fa:88:91:d7:d8:3c:25:62:9b:4d:45:5d:
                    14:6d:4c:cf:4e:ff:29:30:06:d9:64:f2:2e:1c:2b:
                    57:01:13:08:78:73:6c:a1:ae:ad:77:cf:e0:c1:c6:
                    42:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:CA:9F:31:49:74:A2:2A:FC:8D:32:74:2D:5B:25:D6:C0:1F:B7:DC
            X509v3 Authority Key Identifier:
                keyid:92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:e1:99:0f:39:37:7f:d3:fd:4d:d2:01:cd:5c:cb:bc:15:0b:
         b0:e3:5e:ab:08:d9:6b:d8:1c:f8:b6:be:d0:6f:98:8b:64:8f:
         f8:fa:18:da:b4:2b:cf:af:e6:16:9b:18:5d:f8:6e:ad:12:4a:
         56:4d:87:30:85:dc:4c:8a:fc:b8:c1:c8:82:6f:43:5d:d1:7b:
         88:7a:5c:d4:00:8f:7a:5f:b7:d4:f4:22:36:97:75:71:4c:13:
         08:31:e2:27:5f:37:1a:69:b8:1f:a4:ed:56:52:93:74:2f:45:
         ff:17:11:bd:2f:84:39:61:ea:25:29:0e:06:92:ae:82:df:31:
         4a:19:af:a3:9b:4e:0b:4c:57:31:f7:a2:c8:83:11:bf:dc:b7:
         a6:9c:bf:50:6c:84:95:10:ad:07:b7:50:30:86:fc:43:37:9a:
         69:39:0e:85:0a:e6:61:c3:67:4f:6d:f1:4e:6a:97:0f:22:0f:
         e7:f0:f6:7c:19:0a:5a:de:a2:d4:f6:5f:06:d3:93:33:d5:24:
         e7:44:dc:34:ad:6a:3b:e9:49:18:e5:14:ef:49:8b:a5:05:a6:
         bb:32:7f:10:3e:40:97:ef:f4:9e:51:a3:a7:a7:60:50:11:66:
         a1:5d:7c:7e:5b:a6:e6:8f:dd:ea:64:32:4b:ae:89:5e:a3:29:
         12:2c:4e:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+jaINFvRF9pQGP03KbDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNThlYTk4MmM3ZDdhNzU5NWU4M2E2MWM3YWViM2Q3NjE4
ODk3MGMwHhcNMjUwOTA3MDcwMDQ3WhcNMjUwOTA4MDcwMDQ3WjAzMTEwLwYDVQQD
Eyg2MWNhOWYzMTQ5NzRhMjJhZmM4ZDMyNzQyZDViMjVkNmMwMWZiN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nGATTZ4v0LTFRzM5abxdu0FsYUZ
Z+S2ExkBdNJKrxsgdwhV/Km36FQCFQXtAxKv2khkkxsDMCOCA72eJtC7F/cp/F8A
1GgHt0Ol0Dd4wyMCOM0sADfQIgXHpocPUKpkQgbdkeUUkzfun0nAokO0bqK8v/p4
bBFiVXeTj8Os2aTGlf2NF+u2r2LTCxLERbFoqe3rTFtlHz1yZDrL87evaAoxW+Q9
LwmfyK95fzH3N2Y2twly3h+EtFvbjBeqiA0kEuXX7ZYfTiWZud5/749yk0Avz+/6
iJHX2DwlYptNRV0UbUzPTv8pMAbZZPIuHCtXARMIeHNsoa6td8/gwcZCSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGHKnzFJdKIq/I0ydC1bJdbAH7fcMB8GA1UdIwQY
MBaAFJJY6pgsfXp1leg6Yceus9dhiJcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjct
OTExMDcwZjI3ZTM3LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjctOTExMDcwZjI3ZTM3
LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkeGZDzk3
f9P9TdIBzVzLvBULsONeqwjZa9gc+La+0G+Yi2SP+PoY2rQrz6/mFpsYXfhurRJK
Vk2HMIXcTIr8uMHIgm9DXdF7iHpc1ACPel+31PQiNpd1cUwTCDHiJ183Gmm4H6Tt
VlKTdC9F/xcRvS+EOWHqJSkOBpKugt8xShmvo5tOC0xXMfeiyIMRv9y3ppy/UGyE
lRCtB7dQMIb8QzeaaTkOhQrmYcNnT23xTmqXDyIP5/D2fBkKWt6i1PZfBtOTM9Uk
50TcNK1qO+lJGOUU70mLpQWmuzJ/ED5Al+/0nlGjp6dgUBFmoV18flum5o/d6mQy
S66JXqMpEixOEg==
-----END CERTIFICATE-----