Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
File:                     kjlpG6eScAY69DZNMIYxNl6QEWo.mft (raw, json)
Hash identifier:          ukRHVssikDxjlBcXAiv577DRQn4uLOd3yP/a0F8wY2k=
Subject key identifier:   70:77:2C:7C:C1:4F:3A:2F:4D:F2:7D:76:38:7C:6B:E4:FF:88:5A:48
Authority key identifier: 92:39:69:1B:A7:92:70:06:3A:F4:36:4D:30:86:31:36:5E:90:11:6A
Certificate issuer:       /CN=9239691ba79270063af4364d308631365e90116a
Certificate serial:       01974779F12CF33BA19941D06D8DEDF7173A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
Manifest number:          0CD5
Signing time:             Fri 06 Jun 2025 23:01:03 +0000
Manifest this update:     Fri 06 Jun 2025 23:01:03 +0000
Manifest next update:     Sat 07 Jun 2025 23:01:03 +0000
Files and hashes:         1: kjlpG6eScAY69DZNMIYxNl6QEWo.crl (hash: Lwg08vNb5a3ac/OKSCAv1SM/EuTtC/zRi5HwZN0Gpns=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:79:f1:2c:f3:3b:a1:99:41:d0:6d:8d:ed:f7:17:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9239691ba79270063af4364d308631365e90116a
        Validity
            Not Before: Jun  6 23:01:03 2025 GMT
            Not After : Jun  7 23:01:03 2025 GMT
        Subject: CN=70772c7cc14f3a2f4df27d76387c6be4ff885a48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:f3:5b:55:99:02:32:41:f4:f1:b6:3e:13:33:
                    88:dd:3a:c9:e2:d7:17:91:a6:03:6e:aa:05:a9:c7:
                    ac:40:53:85:bc:1f:4f:b4:70:21:00:2c:d2:ed:3b:
                    21:53:21:5c:41:7f:eb:f8:b5:2e:e7:78:66:a9:c5:
                    5b:e9:34:17:bd:62:a2:e6:87:12:38:47:6c:63:d2:
                    7f:9c:a4:e0:59:5d:8a:b0:9b:8b:c7:b5:21:46:3b:
                    16:55:0e:19:80:5a:46:a7:7a:d8:3a:15:eb:6f:e1:
                    d8:f9:ff:bc:b2:5f:43:f8:62:32:13:74:27:fe:81:
                    16:90:f2:7c:16:e6:23:68:35:9b:4b:d3:54:3b:bc:
                    cc:2f:b0:a0:3e:b2:fa:06:d6:24:e7:0e:0a:30:40:
                    b6:6a:52:e3:f4:94:e8:1e:24:11:c0:4d:b2:62:70:
                    f6:c3:5a:d3:05:f2:8f:20:cf:3c:15:29:7c:db:fd:
                    02:d7:ac:cc:c9:c6:68:78:bd:d4:0e:15:dc:23:50:
                    38:c0:58:58:6a:80:ab:d8:ff:19:0a:57:de:31:71:
                    e4:9f:fa:f6:cc:1c:91:76:26:9d:7d:00:e3:bf:8a:
                    e2:87:e4:84:21:88:80:3d:11:21:ed:6b:72:a0:92:
                    5f:01:49:6b:bc:60:b2:46:43:27:ff:8a:ae:ef:4f:
                    84:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:77:2C:7C:C1:4F:3A:2F:4D:F2:7D:76:38:7C:6B:E4:FF:88:5A:48
            X509v3 Authority Key Identifier:
                keyid:92:39:69:1B:A7:92:70:06:3A:F4:36:4D:30:86:31:36:5E:90:11:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:4e:bd:32:38:55:5e:a7:85:1b:ab:7b:df:86:26:b2:c2:c0:
         09:59:b6:8c:07:fc:fc:ad:27:cc:36:1a:0b:f9:c9:d0:62:fe:
         f6:16:38:aa:9f:bd:62:65:25:ef:4d:75:d9:ba:69:99:09:b8:
         37:84:db:85:de:95:52:b4:a2:3e:87:a7:6b:99:66:81:29:6f:
         c1:9b:62:14:21:5e:43:7d:07:ca:b5:74:15:23:02:de:b8:76:
         ab:ba:27:70:7e:b5:c2:96:81:ee:9e:5f:fd:51:99:6c:81:9d:
         36:0c:b6:1d:12:94:09:f7:35:ae:77:77:2e:ab:0c:d0:05:83:
         d2:fe:33:f3:c6:c1:56:79:7b:77:99:7f:0a:11:5e:1d:02:d4:
         d2:f3:9e:d7:17:33:51:45:2f:ce:40:bf:3f:d6:a2:30:42:fe:
         4c:71:53:37:f9:15:e5:61:c4:7a:37:f4:84:b2:eb:22:bf:73:
         bf:3d:8c:6b:51:71:b8:8e:29:dd:20:89:ac:16:ce:ee:ff:2c:
         43:49:07:5b:b8:75:96:f5:98:55:15:b7:10:80:51:8c:1c:76:
         bc:72:0e:65:ad:5c:12:92:ce:2e:45:0d:93:45:24:ec:38:d5:
         97:42:87:7b:55:f8:4a:88:5d:4e:f0:9c:07:0b:9d:0b:8a:5e:
         b3:5e:e2:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHefEs8zuhmUHQbY3t9xc6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMzk2OTFiYTc5MjcwMDYzYWY0MzY0ZDMwODYzMTM2NWU5
MDExNmEwHhcNMjUwNjA2MjMwMTAzWhcNMjUwNjA3MjMwMTAzWjAzMTEwLwYDVQQD
Eyg3MDc3MmM3Y2MxNGYzYTJmNGRmMjdkNzYzODdjNmJlNGZmODg1YTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfNbVZkCMkH08bY+EzOI3TrJ4tcX
kaYDbqoFqcesQFOFvB9PtHAhACzS7TshUyFcQX/r+LUu53hmqcVb6TQXvWKi5ocS
OEdsY9J/nKTgWV2KsJuLx7UhRjsWVQ4ZgFpGp3rYOhXrb+HY+f+8sl9D+GIyE3Qn
/oEWkPJ8FuYjaDWbS9NUO7zML7CgPrL6BtYk5w4KMEC2alLj9JToHiQRwE2yYnD2
w1rTBfKPIM88FSl82/0C16zMycZoeL3UDhXcI1A4wFhYaoCr2P8ZClfeMXHkn/r2
zByRdiadfQDjv4rih+SEIYiAPREh7WtyoJJfAUlrvGCyRkMn/4qu70+EYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHB3LHzBTzovTfJ9djh8a+T/iFpIMB8GA1UdIwQY
MBaAFJI5aRunknAGOvQ2TTCGMTZekBFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC84NmJkMDktMzJiMC00OTRjLTk3NTUt
ZjE3OTJiZDc3YTUzLzEva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC84NmJkMDktMzJiMC00OTRjLTk3NTUtZjE3OTJiZDc3YTUz
LzEva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXk69MjhV
XqeFG6t734YmssLACVm2jAf8/K0nzDYaC/nJ0GL+9hY4qp+9YmUl70112bppmQm4
N4Tbhd6VUrSiPoena5lmgSlvwZtiFCFeQ30HyrV0FSMC3rh2q7oncH61wpaB7p5f
/VGZbIGdNgy2HRKUCfc1rnd3LqsM0AWD0v4z88bBVnl7d5l/ChFeHQLU0vOe1xcz
UUUvzkC/P9aiMEL+THFTN/kV5WHEejf0hLLrIr9zvz2Ma1FxuI4p3SCJrBbO7v8s
Q0kHW7h1lvWYVRW3EIBRjBx2vHIOZa1cEpLOLkUNk0Uk7DjVl0KHe1X4SohdTvCc
BwudC4pes17iZg==
-----END CERTIFICATE-----