Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
File:                     KNX3dyLGFlf4HJ965JznKbWA9ng.mft (raw, json)
Hash identifier:          V02HqrYZg8BhT0TAa6Qyo2O7UVsfPb5EW20TGAy8j+A=
Subject key identifier:   2A:6D:DE:9B:C9:1E:05:5C:CE:C0:55:43:57:47:1C:4B:04:D3:57:7F
Authority key identifier: 28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78
Certificate issuer:       /CN=28d5f77722c61657f81c9f7ae49ce729b580f678
Certificate serial:       019847780C9270B3DB9B86903BA58EF7F603
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
Manifest number:          15FD
Signing time:             Sat 26 Jul 2025 16:01:46 +0000
Manifest this update:     Sat 26 Jul 2025 16:01:46 +0000
Manifest next update:     Sun 27 Jul 2025 16:01:46 +0000
Files and hashes:         1: KNX3dyLGFlf4HJ965JznKbWA9ng.crl (hash: Sd7i97bDj6D/feUFTyT9355WsNG2DUIZesH/66JYFlE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 11:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:47:78:0c:92:70:b3:db:9b:86:90:3b:a5:8e:f7:f6:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28d5f77722c61657f81c9f7ae49ce729b580f678
        Validity
            Not Before: Jul 26 16:01:46 2025 GMT
            Not After : Jul 27 16:01:46 2025 GMT
        Subject: CN=2a6dde9bc91e055ccec0554357471c4b04d3577f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:0e:30:06:9c:95:c0:53:7e:74:a7:49:a0:61:
                    1c:0f:c2:d9:7a:a8:69:81:f8:93:5b:e7:3a:30:2d:
                    f4:d3:95:ca:f6:66:ab:24:08:b2:cd:d1:1a:ef:62:
                    bc:04:c3:8f:bf:ef:94:d0:b8:c9:92:10:0e:dd:65:
                    af:91:45:71:9b:6f:cf:8d:37:c2:88:af:71:3e:ed:
                    ad:cc:f9:57:a5:fe:82:2c:72:38:23:5c:eb:2f:7e:
                    ec:7d:ce:9d:8c:2a:06:6a:a3:19:94:17:db:2c:9e:
                    d4:04:c4:5c:7c:33:fd:6b:fc:36:e2:39:71:e8:da:
                    01:60:8a:3f:31:e0:c7:8a:8b:2b:5c:11:33:8c:dc:
                    9e:d1:40:3e:92:bd:8b:bb:6c:a3:26:16:7f:07:2d:
                    3e:65:05:84:0a:9b:67:8a:03:bd:b6:fc:7a:15:8d:
                    24:33:f9:39:1b:d7:9b:cc:80:c6:3e:3f:51:ab:1d:
                    ba:40:ca:2b:49:af:f6:e9:e9:bc:1e:3a:6d:ef:0b:
                    39:98:a1:1b:ab:5e:99:7e:9b:90:69:fd:f9:12:b0:
                    60:72:e3:5b:db:04:e5:86:ec:47:50:cf:3b:34:bd:
                    68:19:6d:c5:6d:7f:17:74:d7:4c:7d:5e:81:8d:4d:
                    a7:44:ef:1d:f8:b5:66:dc:91:7e:d9:f2:9b:09:32:
                    5c:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:6D:DE:9B:C9:1E:05:5C:CE:C0:55:43:57:47:1C:4B:04:D3:57:7F
            X509v3 Authority Key Identifier:
                keyid:28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:8d:24:f6:31:b2:ca:ef:5c:38:37:e3:f4:46:b2:c7:11:c8:
         81:a6:69:ef:5c:60:23:38:a6:c1:d6:c6:a1:46:c6:5f:91:5d:
         f4:d7:b4:c5:0f:f9:d7:30:1e:10:cc:64:e0:ea:12:c4:2c:64:
         01:3f:da:f4:3c:19:13:65:fc:b2:c8:9e:cf:76:ab:09:bd:05:
         fe:58:35:0a:f3:5f:95:f0:32:81:0f:b6:5f:73:7b:49:e2:97:
         d0:a8:a9:89:12:27:65:46:20:45:de:c9:98:86:3a:ff:50:2a:
         75:27:67:bf:e0:79:4c:3f:ad:f2:c4:f8:0d:18:59:27:63:9f:
         61:db:e8:74:f0:b3:66:a7:aa:3f:bf:35:2e:40:7a:17:8e:66:
         49:45:ea:fc:56:25:57:85:68:a5:6a:83:fe:0e:a1:c5:57:e7:
         9e:a5:6a:58:1c:b3:d1:51:f1:f2:85:1a:dd:01:8d:2c:6b:64:
         b7:cb:16:f3:6a:94:be:0d:cc:80:b4:cd:e8:2a:fb:cc:74:10:
         ab:9e:e8:bb:ad:4f:92:a7:42:8e:b7:97:41:23:24:4e:1a:c3:
         c7:4a:4a:78:6d:41:b4:3b:c5:59:c1:7f:48:ed:64:df:28:08:
         aa:ab:5f:e0:9b:0e:c5:c1:0f:05:9d:a5:21:87:06:55:c7:b2:
         a1:8c:d4:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhHeAyScLPbm4aQO6WO9/YDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZDVmNzc3MjJjNjE2NTdmODFjOWY3YWU0OWNlNzI5YjU4
MGY2NzgwHhcNMjUwNzI2MTYwMTQ2WhcNMjUwNzI3MTYwMTQ2WjAzMTEwLwYDVQQD
EygyYTZkZGU5YmM5MWUwNTVjY2VjMDU1NDM1NzQ3MWM0YjA0ZDM1NzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw4wBpyVwFN+dKdJoGEcD8LZeqhp
gfiTW+c6MC3005XK9marJAiyzdEa72K8BMOPv++U0LjJkhAO3WWvkUVxm2/PjTfC
iK9xPu2tzPlXpf6CLHI4I1zrL37sfc6djCoGaqMZlBfbLJ7UBMRcfDP9a/w24jlx
6NoBYIo/MeDHiosrXBEzjNye0UA+kr2Lu2yjJhZ/By0+ZQWECptnigO9tvx6FY0k
M/k5G9ebzIDGPj9Rqx26QMorSa/26em8Hjpt7ws5mKEbq16ZfpuQaf35ErBgcuNb
2wTlhuxHUM87NL1oGW3FbX8XdNdMfV6BjU2nRO8d+LVm3JF+2fKbCTJcdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpt3pvJHgVczsBVQ1dHHEsE01d/MB8GA1UdIwQY
MBaAFCjV93cixhZX+ByfeuSc5ym1gPZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDkt
NjFiZThhMDZmM2FmLzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDktNjFiZThhMDZmM2Fm
LzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkY0k9jGy
yu9cODfj9EayxxHIgaZp71xgIzimwdbGoUbGX5Fd9Ne0xQ/51zAeEMxk4OoSxCxk
AT/a9DwZE2X8ssiez3arCb0F/lg1CvNflfAygQ+2X3N7SeKX0KipiRInZUYgRd7J
mIY6/1AqdSdnv+B5TD+t8sT4DRhZJ2OfYdvodPCzZqeqP781LkB6F45mSUXq/FYl
V4VopWqD/g6hxVfnnqVqWByz0VHx8oUa3QGNLGtkt8sW82qUvg3MgLTN6Cr7zHQQ
q57ou61PkqdCjreXQSMkThrDx0pKeG1BtDvFWcF/SO1k3ygIqqtf4JsOxcEPBZ2l
IYcGVceyoYzUmg==
-----END CERTIFICATE-----