Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
File:                     KNX3dyLGFlf4HJ965JznKbWA9ng.mft (raw, json)
Hash identifier:          B9VvA1DbT+vLekEt5aHNDEXAm2U7hKQ7PO1mUC4CD6s=
Subject key identifier:   BA:0C:04:DA:A4:08:CD:B7:C2:EA:AB:8E:AF:50:B0:99:EE:1F:7A:D3
Authority key identifier: 28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78
Certificate issuer:       /CN=28d5f77722c61657f81c9f7ae49ce729b580f678
Certificate serial:       019655382BA64A1CB329AB0B5321C912F2AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
Manifest number:          14FB
Signing time:             Sun 20 Apr 2025 22:01:06 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:06 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:06 +0000
Files and hashes:         1: KNX3dyLGFlf4HJ965JznKbWA9ng.crl (hash: J8Q7OVIQ2GIdeTzj6JO9v2AgO5xTonpChIoB1/8UlIg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:2b:a6:4a:1c:b3:29:ab:0b:53:21:c9:12:f2:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28d5f77722c61657f81c9f7ae49ce729b580f678
        Validity
            Not Before: Apr 20 22:01:06 2025 GMT
            Not After : Apr 21 22:01:06 2025 GMT
        Subject: CN=ba0c04daa408cdb7c2eaab8eaf50b099ee1f7ad3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:42:c2:f3:87:2f:02:07:e8:20:22:28:57:f0:
                    10:0b:1d:b7:fa:9f:46:d2:65:44:c4:f1:90:6c:51:
                    1e:4a:0a:7f:85:90:04:5a:97:e8:0a:b7:cf:99:37:
                    81:27:75:0c:08:c3:a2:bd:02:18:55:bd:34:49:ff:
                    9c:a7:17:81:d1:eb:80:ba:11:65:0c:24:5c:bd:f7:
                    27:18:04:65:03:0e:d5:a2:54:55:d9:e2:d1:5a:9b:
                    0a:a2:0e:39:60:a7:f9:a4:28:9a:02:42:15:37:a8:
                    c6:d3:98:8b:e6:23:d9:c3:8a:7b:7e:a7:9c:de:89:
                    e5:39:c8:e6:11:41:d9:44:60:99:2c:24:de:18:fb:
                    27:c3:22:2d:04:2d:9a:69:91:79:63:5e:63:f4:53:
                    e4:2d:f0:30:2f:f9:66:48:f0:40:8c:65:d0:e6:1c:
                    05:5c:d4:ba:7e:95:e1:69:99:d3:90:62:ce:61:35:
                    29:62:56:a5:28:b8:c2:08:ef:44:ee:07:cb:ed:0e:
                    4d:e7:b0:3b:87:cb:3b:e7:d0:cb:67:e6:bb:4e:6e:
                    63:fd:63:8b:cc:c1:44:b3:a9:b0:ec:d9:e6:79:e6:
                    ef:d8:b4:e6:7b:ad:69:22:58:3b:0b:c5:21:54:f6:
                    6a:c1:a6:f5:14:7d:54:84:bf:a8:ae:3a:da:e0:2b:
                    77:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:0C:04:DA:A4:08:CD:B7:C2:EA:AB:8E:AF:50:B0:99:EE:1F:7A:D3
            X509v3 Authority Key Identifier:
                keyid:28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:16:5d:33:e4:5f:f3:4c:dd:b8:26:b9:ba:7c:91:3c:0f:9c:
         10:0d:38:94:e4:a2:a8:19:1f:6c:ab:e4:57:2a:43:91:5e:18:
         b6:c4:50:98:a5:da:8c:dd:17:eb:3c:1e:b1:50:da:ba:1d:65:
         16:1a:1a:c5:ae:d3:a0:f1:85:51:e0:18:86:bc:dd:54:50:8d:
         ae:5e:0b:b6:3e:37:2d:18:67:c1:cb:0c:bd:45:88:62:c7:0f:
         b6:f5:fc:fa:08:fa:0e:63:64:22:b6:02:b9:79:64:48:d2:cb:
         e9:11:58:c6:ba:92:56:10:d6:48:8f:1b:27:05:f9:9b:4a:a1:
         81:ee:a2:38:bb:56:0a:6b:6c:34:6f:d8:81:66:37:4f:9f:a9:
         0c:3e:06:51:c4:ff:fe:2d:20:e5:c1:1f:1c:b4:f0:7e:29:f3:
         42:f4:c5:bc:29:6f:98:25:97:1e:86:f7:28:fa:b5:48:5e:81:
         72:fe:f7:5a:15:1c:5b:d2:05:3d:38:15:a3:50:1c:87:6e:2a:
         e6:f7:4d:99:ab:a8:4f:da:18:63:2e:df:9f:c4:ce:5b:9f:75:
         d2:e0:f4:ab:9b:54:14:be:f0:db:36:b5:03:c5:8f:f1:dc:2f:
         3a:92:71:81:06:5a:4e:b8:b1:c4:13:e9:37:da:99:58:4d:35:
         4e:fd:4a:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOCumShyzKasLUyHJEvKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZDVmNzc3MjJjNjE2NTdmODFjOWY3YWU0OWNlNzI5YjU4
MGY2NzgwHhcNMjUwNDIwMjIwMTA2WhcNMjUwNDIxMjIwMTA2WjAzMTEwLwYDVQQD
EyhiYTBjMDRkYWE0MDhjZGI3YzJlYWFiOGVhZjUwYjA5OWVlMWY3YWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ELC84cvAgfoICIoV/AQCx23+p9G
0mVExPGQbFEeSgp/hZAEWpfoCrfPmTeBJ3UMCMOivQIYVb00Sf+cpxeB0euAuhFl
DCRcvfcnGARlAw7VolRV2eLRWpsKog45YKf5pCiaAkIVN6jG05iL5iPZw4p7fqec
3onlOcjmEUHZRGCZLCTeGPsnwyItBC2aaZF5Y15j9FPkLfAwL/lmSPBAjGXQ5hwF
XNS6fpXhaZnTkGLOYTUpYlalKLjCCO9E7gfL7Q5N57A7h8s759DLZ+a7Tm5j/WOL
zMFEs6mw7Nnmeebv2LTme61pIlg7C8UhVPZqwab1FH1UhL+orjra4Ct3xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLoMBNqkCM23wuqrjq9QsJnuH3rTMB8GA1UdIwQY
MBaAFCjV93cixhZX+ByfeuSc5ym1gPZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDkt
NjFiZThhMDZmM2FmLzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDktNjFiZThhMDZmM2Fm
LzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkBZdM+Rf
80zduCa5unyRPA+cEA04lOSiqBkfbKvkVypDkV4YtsRQmKXajN0X6zwesVDauh1l
Fhoaxa7ToPGFUeAYhrzdVFCNrl4Ltj43LRhnwcsMvUWIYscPtvX8+gj6DmNkIrYC
uXlkSNLL6RFYxrqSVhDWSI8bJwX5m0qhge6iOLtWCmtsNG/YgWY3T5+pDD4GUcT/
/i0g5cEfHLTwfinzQvTFvClvmCWXHob3KPq1SF6Bcv73WhUcW9IFPTgVo1Ach24q
5vdNmauoT9oYYy7fn8TOW5910uD0q5tUFL7w2za1A8WP8dwvOpJxgQZaTrixxBPp
N9qZWE01Tv1K9A==
-----END CERTIFICATE-----