Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
File:                     kjlpG6eScAY69DZNMIYxNl6QEWo.mft (raw, json)
Hash identifier:          OyIQ7SrTEhAF5QAQBKiRLBw5lJxvMDLgmzv9uxYXzZE=
Subject key identifier:   C2:AD:51:E5:88:89:7C:05:1B:5E:F0:95:B6:0E:A4:0B:22:1E:BB:6E
Authority key identifier: 92:39:69:1B:A7:92:70:06:3A:F4:36:4D:30:86:31:36:5E:90:11:6A
Certificate issuer:       /CN=9239691ba79270063af4364d308631365e90116a
Certificate serial:       019A10157005D0533AC6B7078918064B16DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
Manifest number:          0E46
Signing time:             Thu 23 Oct 2025 08:00:31 +0000
Manifest this update:     Thu 23 Oct 2025 08:00:31 +0000
Manifest next update:     Fri 24 Oct 2025 08:00:31 +0000
Files and hashes:         1: kjlpG6eScAY69DZNMIYxNl6QEWo.crl (hash: 2RYt5nUhcTugI23NmaQ1ChM/mpltnuZ+wiM8+/D1hbo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 24 Oct 2025 08:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:10:15:70:05:d0:53:3a:c6:b7:07:89:18:06:4b:16:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9239691ba79270063af4364d308631365e90116a
        Validity
            Not Before: Oct 23 08:00:31 2025 GMT
            Not After : Oct 24 08:00:31 2025 GMT
        Subject: CN=c2ad51e588897c051b5ef095b60ea40b221ebb6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:06:f3:ef:21:e6:64:7e:98:9c:df:35:d1:80:
                    31:3c:10:3f:2a:33:4a:6f:b0:b6:1e:14:e4:d3:26:
                    06:4f:5c:65:f4:45:35:ef:04:87:98:eb:d8:7e:c2:
                    00:19:65:e8:44:6d:34:96:bc:28:d7:c5:38:b3:0a:
                    55:d1:3f:80:af:03:19:f0:72:93:77:ab:c1:73:94:
                    5a:54:2e:09:b9:df:9c:85:ec:c0:fd:00:74:e1:03:
                    ae:f0:ad:2c:9a:f5:af:7b:6b:39:a8:f7:50:e7:06:
                    a5:db:6f:82:28:f2:b3:45:90:02:5d:4f:a9:cc:76:
                    1b:63:8d:d8:81:2e:c6:fc:81:d8:4b:4b:c7:1d:3b:
                    6a:f2:d3:0b:91:86:50:f9:53:4a:02:2c:6c:94:6b:
                    27:1c:be:24:6d:94:6f:c9:53:91:ab:8d:58:c2:5a:
                    00:0f:5e:71:7d:d4:26:7c:b9:18:5d:56:e4:b9:90:
                    b3:41:01:1f:7b:e5:6f:46:f3:3f:e1:96:95:00:cf:
                    ef:6b:ef:0e:97:5c:00:88:f0:62:fa:78:5b:7d:6e:
                    bb:d8:e5:d2:60:1c:76:3f:f1:f6:a1:86:e1:1c:6a:
                    7a:56:b3:60:91:83:bb:ed:d1:47:96:f8:56:cd:33:
                    1f:63:8a:6a:c6:8c:19:66:cf:92:44:ff:ff:ad:cd:
                    46:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:AD:51:E5:88:89:7C:05:1B:5E:F0:95:B6:0E:A4:0B:22:1E:BB:6E
            X509v3 Authority Key Identifier:
                keyid:92:39:69:1B:A7:92:70:06:3A:F4:36:4D:30:86:31:36:5E:90:11:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:22:d3:32:0c:d8:a1:d8:05:e3:1f:ca:b2:21:20:53:ee:a0:
         44:2e:4d:69:2b:e5:fa:1b:1e:ef:0c:a8:bc:bf:27:ad:47:d0:
         fe:94:3e:6b:6c:1d:a7:69:0e:92:42:7b:c2:23:f7:83:70:c3:
         83:e9:a4:52:5a:fb:ac:02:58:a9:c4:60:ce:13:d3:16:d4:53:
         3c:90:b0:0f:e1:a4:58:fc:fa:de:35:16:34:61:4a:25:50:36:
         84:c1:e0:10:cf:7f:9e:ad:9e:df:96:72:ce:d3:f7:71:20:23:
         99:6c:d2:0b:ba:89:9d:4a:0a:49:b4:75:d2:ac:56:a0:27:3b:
         3b:6d:94:69:7e:3b:b9:dc:8e:03:fe:78:00:13:b3:bc:2c:d9:
         22:a0:61:8e:50:a2:8b:76:f0:0d:c7:cf:5b:18:cc:a4:a9:a2:
         40:97:83:0d:c9:fc:97:e1:f3:a6:c0:5d:a9:69:cd:0a:73:7e:
         3e:4f:d6:25:3d:0d:98:76:09:c7:7b:33:17:12:30:9b:b6:d3:
         53:19:a3:03:7d:d3:1e:f4:51:23:5e:e0:3d:5f:eb:3d:cd:1b:
         07:e7:43:c7:0e:11:8e:38:0e:d3:6f:9c:ee:91:33:22:dc:47:
         5b:0d:42:2b:5d:eb:66:73:3c:25:d1:13:c5:29:28:83:bb:d4:
         f6:c4:7f:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoQFXAF0FM6xrcHiRgGSxbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMzk2OTFiYTc5MjcwMDYzYWY0MzY0ZDMwODYzMTM2NWU5
MDExNmEwHhcNMjUxMDIzMDgwMDMxWhcNMjUxMDI0MDgwMDMxWjAzMTEwLwYDVQQD
EyhjMmFkNTFlNTg4ODk3YzA1MWI1ZWYwOTViNjBlYTQwYjIyMWViYjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgbz7yHmZH6YnN810YAxPBA/KjNK
b7C2HhTk0yYGT1xl9EU17wSHmOvYfsIAGWXoRG00lrwo18U4swpV0T+ArwMZ8HKT
d6vBc5RaVC4Jud+chezA/QB04QOu8K0smvWve2s5qPdQ5wal22+CKPKzRZACXU+p
zHYbY43YgS7G/IHYS0vHHTtq8tMLkYZQ+VNKAixslGsnHL4kbZRvyVORq41YwloA
D15xfdQmfLkYXVbkuZCzQQEfe+VvRvM/4ZaVAM/va+8Ol1wAiPBi+nhbfW672OXS
YBx2P/H2oYbhHGp6VrNgkYO77dFHlvhWzTMfY4pqxowZZs+SRP//rc1GUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMKtUeWIiXwFG17wlbYOpAsiHrtuMB8GA1UdIwQY
MBaAFJI5aRunknAGOvQ2TTCGMTZekBFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC84NmJkMDktMzJiMC00OTRjLTk3NTUt
ZjE3OTJiZDc3YTUzLzEva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC84NmJkMDktMzJiMC00OTRjLTk3NTUtZjE3OTJiZDc3YTUz
LzEva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbSLTMgzY
odgF4x/KsiEgU+6gRC5NaSvl+hse7wyovL8nrUfQ/pQ+a2wdp2kOkkJ7wiP3g3DD
g+mkUlr7rAJYqcRgzhPTFtRTPJCwD+GkWPz63jUWNGFKJVA2hMHgEM9/nq2e35Zy
ztP3cSAjmWzSC7qJnUoKSbR10qxWoCc7O22UaX47udyOA/54ABOzvCzZIqBhjlCi
i3bwDcfPWxjMpKmiQJeDDcn8l+HzpsBdqWnNCnN+Pk/WJT0NmHYJx3szFxIwm7bT
UxmjA33THvRRI17gPV/rPc0bB+dDxw4RjjgO02+c7pEzItxHWw1CK13rZnM8JdET
xSkog7vU9sR/VQ==
-----END CERTIFICATE-----