Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
File:                     kljqmCx9enWV6Dphx66z12GIlww.mft (raw, json)
Hash identifier:          iF7bBujZICIXX1mus7kNVsfweNWH3UWTZ6MPGBzOLrs=
Subject key identifier:   6B:65:98:21:1C:88:62:D7:54:FC:B8:4A:9E:BB:4A:16:A8:DD:F6:6D
Authority key identifier: 92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C
Certificate issuer:       /CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
Certificate serial:       01965681A7A040EE99E2A7EBCE9E8E2FC6EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
Manifest number:          12A4
Signing time:             Mon 21 Apr 2025 04:00:59 +0000
Manifest this update:     Mon 21 Apr 2025 04:00:59 +0000
Manifest next update:     Tue 22 Apr 2025 04:00:59 +0000
Files and hashes:         1: kljqmCx9enWV6Dphx66z12GIlww.crl (hash: LE+jGOTSL/U59iMsZGEMJjZW/ER49JuQC7NQqOBUJew=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:81:a7:a0:40:ee:99:e2:a7:eb:ce:9e:8e:2f:c6:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
        Validity
            Not Before: Apr 21 04:00:59 2025 GMT
            Not After : Apr 22 04:00:59 2025 GMT
        Subject: CN=6b6598211c8862d754fcb84a9ebb4a16a8ddf66d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:b7:78:0e:9a:39:0c:72:5b:c7:f0:0b:b8:46:
                    04:ae:51:1b:37:e7:17:2c:b5:43:6b:18:d5:8d:f5:
                    d3:79:88:f1:73:4e:67:56:3a:ca:f5:7d:9f:e1:9f:
                    5f:70:a8:e2:f0:95:71:02:83:b9:a8:9a:ca:24:2b:
                    ea:11:9c:df:27:63:f0:76:0d:7b:fa:ea:76:b3:f5:
                    ef:52:f7:2f:58:ba:ec:ae:a2:bc:da:7d:09:48:69:
                    b3:5e:d2:21:10:0c:74:52:95:bc:ff:26:a4:16:e8:
                    0b:44:a7:88:08:13:5b:fe:82:4a:32:75:15:61:10:
                    18:75:63:28:f7:cc:10:8a:94:e7:7b:53:39:e9:8c:
                    ac:54:0d:97:0f:17:e2:97:78:54:36:a7:33:1b:bc:
                    b9:26:92:6c:59:84:44:f2:69:74:f9:df:03:20:b0:
                    d0:ba:cf:91:81:2d:a1:fa:21:20:86:1b:93:28:ff:
                    75:98:58:a4:d4:4f:3b:28:5b:74:bc:50:c7:4b:d9:
                    79:3b:94:01:72:a7:80:b5:77:10:4b:75:1e:2c:4b:
                    8f:05:f2:40:ed:c4:99:d1:f1:17:05:29:d7:83:44:
                    b2:71:8d:e0:46:aa:a0:74:1d:ca:ee:26:34:8f:d4:
                    f2:87:c2:64:c8:b8:ef:8c:be:c2:4b:b1:0b:b5:cd:
                    3b:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:65:98:21:1C:88:62:D7:54:FC:B8:4A:9E:BB:4A:16:A8:DD:F6:6D
            X509v3 Authority Key Identifier:
                keyid:92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:b3:0b:f4:1e:53:6a:37:97:1b:60:e0:79:62:a3:16:f5:96:
         1a:83:7a:a8:ee:3b:93:9f:97:93:0a:ca:6a:66:9e:1b:27:49:
         04:34:3b:6a:80:3f:c0:22:2d:b8:95:3b:0d:15:77:71:cb:fa:
         2f:fd:34:53:d3:35:d3:a3:da:52:0d:df:2e:ff:5b:65:9b:18:
         00:69:32:40:26:a0:13:25:20:b6:93:77:1b:7c:50:41:c8:43:
         df:82:0b:06:e9:bf:ec:04:64:04:8f:b1:3f:47:fa:24:9a:56:
         27:05:ec:76:2a:87:da:4b:b5:3c:32:fb:5b:a2:04:09:c6:91:
         ac:c3:83:e6:ec:39:e9:4d:71:43:18:fd:f2:5e:fd:b0:64:d6:
         d7:6d:8e:38:fb:dc:8d:05:26:ab:ff:9b:82:b2:8c:4e:48:bd:
         74:83:ba:90:0a:85:a9:b2:84:c9:8f:79:97:c2:5d:64:78:38:
         8c:61:a6:6e:f5:e1:85:1d:1c:c4:b6:5e:98:f4:0d:6f:3d:88:
         41:65:0e:20:98:2b:99:cb:1b:72:69:81:42:e4:99:6b:39:f6:
         b0:62:2b:76:4e:0e:90:47:05:ad:98:06:3f:93:d3:8f:86:79:
         8b:59:fe:1b:d8:b8:01:ca:3d:80:d0:ce:7a:e5:c3:c9:8f:ea:
         a2:1d:e9:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWgaegQO6Z4qfrzp6OL8bqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNThlYTk4MmM3ZDdhNzU5NWU4M2E2MWM3YWViM2Q3NjE4
ODk3MGMwHhcNMjUwNDIxMDQwMDU5WhcNMjUwNDIyMDQwMDU5WjAzMTEwLwYDVQQD
Eyg2YjY1OTgyMTFjODg2MmQ3NTRmY2I4NGE5ZWJiNGExNmE4ZGRmNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7d4Dpo5DHJbx/ALuEYErlEbN+cX
LLVDaxjVjfXTeYjxc05nVjrK9X2f4Z9fcKji8JVxAoO5qJrKJCvqEZzfJ2Pwdg17
+up2s/XvUvcvWLrsrqK82n0JSGmzXtIhEAx0UpW8/yakFugLRKeICBNb/oJKMnUV
YRAYdWMo98wQipTne1M56YysVA2XDxfil3hUNqczG7y5JpJsWYRE8ml0+d8DILDQ
us+RgS2h+iEghhuTKP91mFik1E87KFt0vFDHS9l5O5QBcqeAtXcQS3UeLEuPBfJA
7cSZ0fEXBSnXg0SycY3gRqqgdB3K7iY0j9Tyh8JkyLjvjL7CS7ELtc076QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGtlmCEciGLXVPy4Sp67Shao3fZtMB8GA1UdIwQY
MBaAFJJY6pgsfXp1leg6Yceus9dhiJcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjct
OTExMDcwZjI3ZTM3LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjctOTExMDcwZjI3ZTM3
LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANLML9B5T
ajeXG2DgeWKjFvWWGoN6qO47k5+XkwrKamaeGydJBDQ7aoA/wCItuJU7DRV3ccv6
L/00U9M106PaUg3fLv9bZZsYAGkyQCagEyUgtpN3G3xQQchD34ILBum/7ARkBI+x
P0f6JJpWJwXsdiqH2ku1PDL7W6IECcaRrMOD5uw56U1xQxj98l79sGTW122OOPvc
jQUmq/+bgrKMTki9dIO6kAqFqbKEyY95l8JdZHg4jGGmbvXhhR0cxLZemPQNbz2I
QWUOIJgrmcsbcmmBQuSZazn2sGIrdk4OkEcFrZgGP5PTj4Z5i1n+G9i4Aco9gNDO
euXDyY/qoh3p2g==
-----END CERTIFICATE-----