Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
File:                     kljqmCx9enWV6Dphx66z12GIlww.mft (raw, json)
Hash identifier:          4D6qftpIL0NN0ILUb4QBckDaUIcuUIQpG2XLoq38U5A=
Subject key identifier:   03:54:EA:82:66:B5:3F:41:9E:DB:39:C7:B4:99:E3:4D:A6:E5:E5:44
Authority key identifier: 92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C
Certificate issuer:       /CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
Certificate serial:       019A730165051C09E41E8165D56F4E04FD5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
Manifest number:          14C5
Signing time:             Tue 11 Nov 2025 13:01:02 +0000
Manifest this update:     Tue 11 Nov 2025 13:01:02 +0000
Manifest next update:     Wed 12 Nov 2025 13:01:02 +0000
Files and hashes:         1: kljqmCx9enWV6Dphx66z12GIlww.crl (hash: RyR4iIGgt70/WMHOIjgGKZvIU6GQ1KkkDwyd1cpDcCg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:65:05:1c:09:e4:1e:81:65:d5:6f:4e:04:fd:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
        Validity
            Not Before: Nov 11 13:01:02 2025 GMT
            Not After : Nov 12 13:01:02 2025 GMT
        Subject: CN=0354ea8266b53f419edb39c7b499e34da6e5e544
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:16:53:a7:bc:36:88:93:08:d5:8a:9b:a6:f2:
                    c0:de:94:a5:a2:f8:83:71:ea:a5:4f:7b:74:6e:86:
                    09:38:4d:c7:d4:1c:c2:7c:78:2b:c6:51:e4:4c:9d:
                    ea:36:a2:bc:95:79:e6:08:e0:82:8b:4e:57:ae:00:
                    1d:be:ee:17:37:5b:ab:26:71:16:2b:3d:44:eb:e4:
                    4f:8c:fb:c5:f3:03:34:fe:94:bb:6a:2e:14:c6:e2:
                    28:0e:1f:50:41:1e:e8:93:88:5d:10:9e:82:1e:d8:
                    d4:1c:af:67:79:f1:49:0b:5a:ad:30:d2:2c:ca:42:
                    33:69:2e:64:30:02:ff:83:0b:0a:80:2b:28:3b:63:
                    b3:64:14:10:56:14:1d:63:b7:85:53:3c:f8:d3:e0:
                    d9:32:1f:7f:05:ca:94:e8:c8:08:78:d8:fa:1c:d3:
                    27:c6:d8:b2:9e:4b:cd:70:70:5c:7d:d1:62:93:59:
                    55:4f:7a:90:2e:f2:17:c7:24:36:13:f8:fe:cb:4b:
                    0d:89:df:60:2e:9b:d9:27:67:e5:f5:58:4e:a0:69:
                    63:75:6f:ab:3e:06:52:ee:04:42:40:30:91:76:e6:
                    c6:cb:99:5f:1f:b6:be:7a:ed:f1:5a:3b:73:0e:41:
                    1e:fb:8c:f7:65:84:60:85:90:52:62:60:fb:8f:17:
                    32:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:54:EA:82:66:B5:3F:41:9E:DB:39:C7:B4:99:E3:4D:A6:E5:E5:44
            X509v3 Authority Key Identifier:
                keyid:92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:02:ce:0f:af:ee:7e:88:f5:2f:e2:bb:d7:2b:85:5a:9e:76:
         16:25:76:ec:46:0e:7f:28:4c:d5:93:de:d0:86:38:9e:46:9d:
         e0:4a:fa:3f:32:9c:e5:97:19:08:2f:52:5f:3e:90:f2:04:ae:
         cf:10:54:37:a4:49:b8:67:31:c1:a3:88:5c:3e:cb:20:47:6b:
         1a:22:13:c8:e2:34:8a:a3:0a:45:05:1c:1d:75:55:94:cd:1d:
         3a:eb:76:10:a2:a8:df:f1:a9:13:70:a6:1c:85:52:c1:db:ac:
         31:d1:1f:8a:c4:f7:25:62:d4:d9:08:08:64:55:80:1d:a2:36:
         6c:49:09:2d:9f:de:60:51:9c:12:e0:b5:06:66:59:18:4d:8e:
         29:e5:78:93:ca:26:7b:15:2f:f5:8e:87:fc:4e:e7:f8:f4:78:
         30:8a:bd:0e:07:c2:cd:14:d0:be:7a:e0:b7:21:33:18:88:44:
         41:47:cd:22:ae:10:55:b3:a4:c7:c7:c6:0d:da:27:fe:d7:b5:
         7f:e1:70:de:b3:12:13:f6:6e:06:d7:7f:4e:5b:bf:3b:4f:78:
         bd:87:a2:62:20:b3:c7:92:b8:e3:6d:a5:d2:94:ad:9f:65:8b:
         14:ea:00:47:60:cd:55:f1:e0:35:ca:8b:76:38:f6:6f:1e:7f:
         dc:dc:d0:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAWUFHAnkHoFl1W9OBP1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNThlYTk4MmM3ZDdhNzU5NWU4M2E2MWM3YWViM2Q3NjE4
ODk3MGMwHhcNMjUxMTExMTMwMTAyWhcNMjUxMTEyMTMwMTAyWjAzMTEwLwYDVQQD
EygwMzU0ZWE4MjY2YjUzZjQxOWVkYjM5YzdiNDk5ZTM0ZGE2ZTVlNTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBZTp7w2iJMI1YqbpvLA3pSloviD
ceqlT3t0boYJOE3H1BzCfHgrxlHkTJ3qNqK8lXnmCOCCi05XrgAdvu4XN1urJnEW
Kz1E6+RPjPvF8wM0/pS7ai4UxuIoDh9QQR7ok4hdEJ6CHtjUHK9nefFJC1qtMNIs
ykIzaS5kMAL/gwsKgCsoO2OzZBQQVhQdY7eFUzz40+DZMh9/BcqU6MgIeNj6HNMn
xtiynkvNcHBcfdFik1lVT3qQLvIXxyQ2E/j+y0sNid9gLpvZJ2fl9VhOoGljdW+r
PgZS7gRCQDCRdubGy5lfH7a+eu3xWjtzDkEe+4z3ZYRghZBSYmD7jxcyhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANU6oJmtT9Bnts5x7SZ402m5eVEMB8GA1UdIwQY
MBaAFJJY6pgsfXp1leg6Yceus9dhiJcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjct
OTExMDcwZjI3ZTM3LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjctOTExMDcwZjI3ZTM3
LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAwLOD6/u
foj1L+K71yuFWp52FiV27EYOfyhM1ZPe0IY4nkad4Er6PzKc5ZcZCC9SXz6Q8gSu
zxBUN6RJuGcxwaOIXD7LIEdrGiITyOI0iqMKRQUcHXVVlM0dOut2EKKo3/GpE3Cm
HIVSwdusMdEfisT3JWLU2QgIZFWAHaI2bEkJLZ/eYFGcEuC1BmZZGE2OKeV4k8om
exUv9Y6H/E7n+PR4MIq9DgfCzRTQvnrgtyEzGIhEQUfNIq4QVbOkx8fGDdon/te1
f+Fw3rMSE/ZuBtd/Tlu/O094vYeiYiCzx5K4422l0pStn2WLFOoAR2DNVfHgNcqL
djj2bx5/3NzQ1Q==
-----END CERTIFICATE-----