Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
File:                     kjlpG6eScAY69DZNMIYxNl6QEWo.mft (raw, json)
Hash identifier:          ur2j/HA41OtVf98XKc0jcZOUIG6jcXRotGnSp/XZsjk=
Subject key identifier:   3D:99:F6:6F:3B:40:84:4D:9C:BE:3E:BA:00:E9:C9:05:C5:8E:0F:AE
Authority key identifier: 92:39:69:1B:A7:92:70:06:3A:F4:36:4D:30:86:31:36:5E:90:11:6A
Certificate issuer:       /CN=9239691ba79270063af4364d308631365e90116a
Certificate serial:       0197BF35878E428874D95D5ED1663701697A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
Manifest number:          0D13
Signing time:             Mon 30 Jun 2025 05:00:45 +0000
Manifest this update:     Mon 30 Jun 2025 05:00:45 +0000
Manifest next update:     Tue 01 Jul 2025 05:00:45 +0000
Files and hashes:         1: kjlpG6eScAY69DZNMIYxNl6QEWo.crl (hash: HIigiAUVIoNcSBqGsseqweLXeHxImN4FZAQ1UY+b70I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 05:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:bf:35:87:8e:42:88:74:d9:5d:5e:d1:66:37:01:69:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9239691ba79270063af4364d308631365e90116a
        Validity
            Not Before: Jun 30 05:00:45 2025 GMT
            Not After : Jul  1 05:00:45 2025 GMT
        Subject: CN=3d99f66f3b40844d9cbe3eba00e9c905c58e0fae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:25:9f:b8:72:bb:d6:de:bc:62:d2:be:6c:bb:
                    80:f3:a6:ee:6d:e9:8a:bc:6b:cf:3b:dd:ce:a4:e4:
                    c5:27:11:74:a9:d1:fb:58:1e:71:17:25:1a:eb:14:
                    4f:73:0a:3f:ed:19:e9:14:e6:15:9c:14:28:eb:09:
                    19:8e:55:6e:b2:38:a8:76:e3:0e:fc:18:73:8b:4a:
                    0e:95:9a:6e:0c:bf:63:59:c3:b3:36:81:e0:08:80:
                    da:23:ca:70:d5:10:44:fc:94:f6:a8:52:80:b3:c8:
                    bc:1c:9e:21:63:c4:21:b5:99:2c:b0:72:ce:cd:99:
                    9d:cc:f0:3b:a1:fc:9d:1e:ff:41:90:d4:65:9b:ce:
                    89:2c:63:44:85:d6:82:83:d2:2c:27:d8:3c:68:c6:
                    f8:94:10:4a:55:4e:b4:6d:92:27:c2:09:30:95:f1:
                    ab:2d:69:4e:9d:11:99:0b:54:a3:6e:40:1c:40:dd:
                    e2:fe:1a:88:ad:f5:68:9c:74:f0:c0:ad:c1:a4:7c:
                    dd:b6:1f:d4:e5:9f:69:78:90:22:0d:0b:68:8f:6b:
                    68:cc:23:02:f3:c1:ad:b9:ad:d4:8e:56:e3:eb:0d:
                    f1:07:ad:b1:25:b6:b6:b9:88:70:63:18:36:80:bf:
                    ea:5e:db:5d:55:fc:d6:87:84:1b:b9:44:fb:68:89:
                    cd:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:99:F6:6F:3B:40:84:4D:9C:BE:3E:BA:00:E9:C9:05:C5:8E:0F:AE
            X509v3 Authority Key Identifier:
                keyid:92:39:69:1B:A7:92:70:06:3A:F4:36:4D:30:86:31:36:5E:90:11:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:bc:8f:1c:81:50:be:1b:c7:66:8a:95:d9:b9:e8:83:55:95:
         83:9b:cf:cc:95:ba:01:13:7f:67:5b:b4:2c:93:5d:c4:fe:e5:
         f2:71:64:89:cc:13:3c:28:6d:83:f1:ff:fa:5c:80:f7:be:5f:
         d4:23:f2:e3:a5:22:1b:6d:00:25:6f:14:81:59:1d:e8:ce:21:
         0e:b8:51:d1:f6:ae:5e:bb:73:cb:63:78:35:4f:da:c6:7e:de:
         0c:29:da:ed:6d:5e:8b:99:be:cc:ac:46:64:85:8e:43:f3:c4:
         c0:0c:ac:45:90:a1:dc:72:67:ac:e0:cf:1d:15:73:3e:af:0d:
         fa:43:36:61:62:32:34:a4:c7:20:75:e3:ad:06:c6:61:e7:f0:
         65:04:4f:4d:16:99:c9:2e:ee:f4:e6:5d:8d:53:3a:96:3a:8b:
         63:39:69:d8:fc:da:95:eb:da:16:b9:19:68:9c:6b:1b:85:ba:
         4b:e3:1e:bd:30:29:50:16:23:25:1f:97:50:ab:b2:43:2e:14:
         2f:88:4e:76:df:c1:60:bf:27:13:f1:ec:f4:8a:c9:a1:b6:6f:
         aa:22:16:df:0b:9b:31:ba:7c:53:cc:56:bf:66:fb:3c:e3:a4:
         51:bf:77:8a:a0:c3:77:1b:da:d9:dc:a0:48:81:50:8a:c6:1d:
         2f:18:b3:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe/NYeOQoh02V1e0WY3AWl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMzk2OTFiYTc5MjcwMDYzYWY0MzY0ZDMwODYzMTM2NWU5
MDExNmEwHhcNMjUwNjMwMDUwMDQ1WhcNMjUwNzAxMDUwMDQ1WjAzMTEwLwYDVQQD
EygzZDk5ZjY2ZjNiNDA4NDRkOWNiZTNlYmEwMGU5YzkwNWM1OGUwZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCWfuHK71t68YtK+bLuA86bubemK
vGvPO93OpOTFJxF0qdH7WB5xFyUa6xRPcwo/7RnpFOYVnBQo6wkZjlVusjioduMO
/Bhzi0oOlZpuDL9jWcOzNoHgCIDaI8pw1RBE/JT2qFKAs8i8HJ4hY8QhtZkssHLO
zZmdzPA7ofydHv9BkNRlm86JLGNEhdaCg9IsJ9g8aMb4lBBKVU60bZInwgkwlfGr
LWlOnRGZC1SjbkAcQN3i/hqIrfVonHTwwK3BpHzdth/U5Z9peJAiDQtoj2tozCMC
88Gtua3Ujlbj6w3xB62xJba2uYhwYxg2gL/qXttdVfzWh4QbuUT7aInNAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2Z9m87QIRNnL4+ugDpyQXFjg+uMB8GA1UdIwQY
MBaAFJI5aRunknAGOvQ2TTCGMTZekBFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC84NmJkMDktMzJiMC00OTRjLTk3NTUt
ZjE3OTJiZDc3YTUzLzEva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC84NmJkMDktMzJiMC00OTRjLTk3NTUtZjE3OTJiZDc3YTUz
LzEva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjbyPHIFQ
vhvHZoqV2bnog1WVg5vPzJW6ARN/Z1u0LJNdxP7l8nFkicwTPChtg/H/+lyA975f
1CPy46UiG20AJW8UgVkd6M4hDrhR0fauXrtzy2N4NU/axn7eDCna7W1ei5m+zKxG
ZIWOQ/PEwAysRZCh3HJnrODPHRVzPq8N+kM2YWIyNKTHIHXjrQbGYefwZQRPTRaZ
yS7u9OZdjVM6ljqLYzlp2PzalevaFrkZaJxrG4W6S+MevTApUBYjJR+XUKuyQy4U
L4hOdt/BYL8nE/Hs9IrJobZvqiIW3wubMbp8U8xWv2b7POOkUb93iqDDdxva2dyg
SIFQisYdLxizQA==
-----END CERTIFICATE-----