Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
File:                     kljqmCx9enWV6Dphx66z12GIlww.mft (raw, json)
Hash identifier:          12Y0IrYcRTnDrV7JkH41JveVXrDzVk49wZZfjji4Ugw=
Subject key identifier:   EC:8D:DA:54:0A:6F:BD:F4:06:E0:6C:84:EB:91:BD:30:35:FC:07:B1
Authority key identifier: 92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C
Certificate issuer:       /CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
Certificate serial:       01974DB295E7779EFD570B6DE513DC9D2205
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
Manifest number:          1324
Signing time:             Sun 08 Jun 2025 04:00:38 +0000
Manifest this update:     Sun 08 Jun 2025 04:00:38 +0000
Manifest next update:     Mon 09 Jun 2025 04:00:38 +0000
Files and hashes:         1: kljqmCx9enWV6Dphx66z12GIlww.crl (hash: jdnpblMTY44qtWB1n63e4BuNVFrihUZIRdDv/zTvan8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:b2:95:e7:77:9e:fd:57:0b:6d:e5:13:dc:9d:22:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
        Validity
            Not Before: Jun  8 04:00:38 2025 GMT
            Not After : Jun  9 04:00:38 2025 GMT
        Subject: CN=ec8dda540a6fbdf406e06c84eb91bd3035fc07b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:95:fb:57:2b:ad:d9:2b:00:ae:01:9d:f6:78:
                    ab:d0:11:c1:aa:13:71:bb:10:ad:43:ca:11:ff:5c:
                    a0:68:f0:6a:f3:03:1a:dd:39:33:53:6b:56:bb:1c:
                    fb:35:35:f9:fe:af:59:29:c6:c5:60:54:15:4b:15:
                    5b:77:62:78:66:93:f2:ff:f9:9f:ba:38:88:95:c8:
                    c0:1c:82:7b:a6:3d:dc:82:a2:e6:e6:b1:54:72:9a:
                    a1:36:70:59:d7:90:b5:ad:ad:97:c8:ba:ab:68:10:
                    7e:4e:7b:2e:cf:4f:2f:d0:94:8b:b6:e9:3a:c3:1b:
                    05:05:1d:39:0d:72:64:37:dd:43:35:45:e5:dc:3b:
                    70:17:1d:12:58:60:24:8b:a2:e8:93:5e:0b:f3:5f:
                    ad:78:b4:7a:c9:c6:71:57:b0:b1:59:e0:0f:a0:ab:
                    7f:24:50:77:1c:d1:fb:15:7d:e6:eb:fa:2e:35:ed:
                    ea:6e:30:83:c8:bb:e8:28:9e:f5:b7:77:55:05:d7:
                    06:af:c9:6a:0f:ac:f5:2e:e8:19:6b:c4:d2:7b:73:
                    c0:5b:d6:59:b9:33:e8:74:4a:81:a9:4d:aa:db:7a:
                    bf:1c:e5:b4:5f:95:6f:bf:2e:da:52:92:9a:21:fd:
                    53:84:b4:c9:0b:70:89:2d:f6:15:f0:e2:f8:ef:58:
                    53:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:8D:DA:54:0A:6F:BD:F4:06:E0:6C:84:EB:91:BD:30:35:FC:07:B1
            X509v3 Authority Key Identifier:
                keyid:92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:da:71:00:44:c4:80:0a:a7:27:cb:5a:dd:b0:81:b8:9a:3c:
         e2:ca:50:1c:dd:2e:7e:d1:fe:41:7e:8e:15:d2:a9:7b:75:c0:
         8d:f9:b5:27:c6:dd:05:37:f1:af:4d:2e:d0:a8:f5:fd:1f:15:
         34:b9:a5:ea:cf:1c:6d:cc:0a:34:ce:89:ff:32:e7:18:f0:bf:
         73:0f:1b:7f:24:34:9c:57:88:12:31:d8:d2:17:92:37:49:95:
         e4:6d:d3:a1:3c:fd:65:e6:35:30:77:2f:82:3a:5c:5a:01:3f:
         98:02:39:3a:8b:21:41:54:64:ec:3b:07:c7:8d:15:3f:c2:e6:
         54:d9:78:97:dc:32:26:fd:fa:91:b2:9e:9a:b5:32:f0:4e:29:
         75:f3:ff:87:5b:5f:f3:52:f3:6a:02:3b:53:0d:2b:b9:a7:64:
         19:b1:1e:5d:a6:09:68:2c:8c:e9:20:51:77:3c:32:1b:a3:d0:
         fa:cd:ed:9a:68:13:e8:40:31:28:fc:32:e9:6f:9d:f2:98:05:
         d9:a5:b9:0e:b3:0e:1d:35:de:9e:6f:06:1f:74:41:2e:74:34:
         f7:0b:37:66:3d:71:81:89:66:40:89:6d:43:a3:df:76:81:0a:
         d2:f0:92:91:5d:d1:82:08:ab:57:53:50:7a:e2:e1:ea:43:ec:
         b5:c8:31:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNspXnd579Vwtt5RPcnSIFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNThlYTk4MmM3ZDdhNzU5NWU4M2E2MWM3YWViM2Q3NjE4
ODk3MGMwHhcNMjUwNjA4MDQwMDM4WhcNMjUwNjA5MDQwMDM4WjAzMTEwLwYDVQQD
EyhlYzhkZGE1NDBhNmZiZGY0MDZlMDZjODRlYjkxYmQzMDM1ZmMwN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZX7Vyut2SsArgGd9nir0BHBqhNx
uxCtQ8oR/1ygaPBq8wMa3TkzU2tWuxz7NTX5/q9ZKcbFYFQVSxVbd2J4ZpPy//mf
ujiIlcjAHIJ7pj3cgqLm5rFUcpqhNnBZ15C1ra2XyLqraBB+Tnsuz08v0JSLtuk6
wxsFBR05DXJkN91DNUXl3DtwFx0SWGAki6Lok14L81+teLR6ycZxV7CxWeAPoKt/
JFB3HNH7FX3m6/ouNe3qbjCDyLvoKJ71t3dVBdcGr8lqD6z1LugZa8TSe3PAW9ZZ
uTPodEqBqU2q23q/HOW0X5Vvvy7aUpKaIf1ThLTJC3CJLfYV8OL471hTCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOyN2lQKb730BuBshOuRvTA1/AexMB8GA1UdIwQY
MBaAFJJY6pgsfXp1leg6Yceus9dhiJcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjct
OTExMDcwZjI3ZTM3LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjctOTExMDcwZjI3ZTM3
LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMdpxAETE
gAqnJ8ta3bCBuJo84spQHN0uftH+QX6OFdKpe3XAjfm1J8bdBTfxr00u0Kj1/R8V
NLml6s8cbcwKNM6J/zLnGPC/cw8bfyQ0nFeIEjHY0heSN0mV5G3ToTz9ZeY1MHcv
gjpcWgE/mAI5OoshQVRk7DsHx40VP8LmVNl4l9wyJv36kbKemrUy8E4pdfP/h1tf
81LzagI7Uw0ruadkGbEeXaYJaCyM6SBRdzwyG6PQ+s3tmmgT6EAxKPwy6W+d8pgF
2aW5DrMOHTXenm8GH3RBLnQ09ws3Zj1xgYlmQIltQ6PfdoEK0vCSkV3RggirV1NQ
euLh6kPstcgx2g==
-----END CERTIFICATE-----