Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
File:                     Kn-4HcfsycpmKnTuO347rS6k3nE.mft (raw, json)
Hash identifier:          YDt+0oMk3DUrs1ddm0t8ajryYZibJ2niZgKUC1MRBj4=
Subject key identifier:   5B:69:5D:42:DF:A9:73:AE:02:B8:66:1A:E6:1A:6D:6A:97:EB:D0:11
Authority key identifier: 2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71
Certificate issuer:       /CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71
Certificate serial:       01992330F95AA08EE8A7A76AFA2B2134E280
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
Manifest number:          60
Signing time:             Sun 07 Sep 2025 08:00:36 +0000
Manifest this update:     Sun 07 Sep 2025 08:00:36 +0000
Manifest next update:     Mon 08 Sep 2025 08:00:36 +0000
Files and hashes:         1: Kn-4HcfsycpmKnTuO347rS6k3nE.crl (hash: i51QKRWQnsb74ZUgy0QV5V4bBGMudMXm3tKESDtje3U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:30:f9:5a:a0:8e:e8:a7:a7:6a:fa:2b:21:34:e2:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71
        Validity
            Not Before: Sep  7 08:00:36 2025 GMT
            Not After : Sep  8 08:00:36 2025 GMT
        Subject: CN=5b695d42dfa973ae02b8661ae61a6d6a97ebd011
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:9b:64:62:91:31:9e:3d:7d:2f:69:fa:c2:52:
                    60:fa:9d:ae:15:02:d6:1f:26:37:99:fd:a4:5a:39:
                    7b:61:6f:3d:3e:66:43:c1:b4:84:22:70:e1:ed:c9:
                    24:66:b5:1e:14:f4:29:50:d7:f0:a4:01:2a:0b:81:
                    37:47:0a:38:f3:6a:0b:3d:6e:3d:a0:d4:3c:5e:da:
                    98:a8:8d:67:44:70:98:c8:b1:40:3e:a1:2d:24:05:
                    45:77:ab:05:ec:e1:b3:48:e9:91:88:cd:56:30:43:
                    ca:4a:5a:d7:ef:9b:ee:d0:62:5a:aa:96:5d:43:56:
                    2d:0f:5f:e9:9b:3f:d0:75:27:da:ca:1c:61:8e:c0:
                    b1:db:6d:ec:e8:69:3e:2d:a6:91:7d:0d:5d:0b:8b:
                    87:57:82:df:09:74:2b:14:26:72:b2:0e:7f:4f:6d:
                    60:d8:8d:59:0f:e9:b5:82:ee:1d:e3:d4:2f:18:c5:
                    af:59:5b:e4:f0:36:17:ef:a5:40:3d:8b:47:a0:ba:
                    a0:99:76:34:68:d7:79:13:ea:b7:f0:28:a9:14:08:
                    aa:f4:23:8e:5c:8b:7e:61:c4:0c:de:fc:2a:0a:15:
                    5a:21:be:f0:91:05:ae:20:31:89:56:74:c4:2a:0b:
                    13:6f:3d:19:59:4c:db:b4:fe:4c:05:98:3b:8c:b0:
                    f3:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:69:5D:42:DF:A9:73:AE:02:B8:66:1A:E6:1A:6D:6A:97:EB:D0:11
            X509v3 Authority Key Identifier:
                keyid:2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:e5:38:b2:88:eb:26:83:d9:42:7a:a6:89:80:35:40:7b:97:
         71:76:3d:5b:41:75:da:06:36:87:2c:18:89:be:65:23:c5:23:
         e3:4f:23:45:67:1b:82:ee:18:03:4d:cc:ec:b6:0f:4f:e1:73:
         91:99:f7:2a:8e:38:a3:3f:21:55:05:93:d0:e3:ef:0e:57:f9:
         3f:94:a3:c3:36:b5:3e:70:12:04:71:3f:fd:27:f0:e0:0a:58:
         a4:53:b8:43:dd:25:4e:d8:04:35:d5:d7:57:24:d4:6f:e8:56:
         85:ac:29:df:58:8a:c7:f8:6f:d5:ec:1d:90:23:d5:5f:6b:2e:
         16:f2:49:9b:b2:72:70:04:5a:51:8f:7f:0e:10:d0:82:b6:97:
         91:f0:9d:3a:39:fd:df:13:7d:9a:d5:96:72:60:e5:73:e6:0b:
         0a:57:62:63:35:94:60:9e:3a:d5:47:67:e4:38:6e:54:ed:0b:
         2a:ac:88:c2:7f:fc:55:0d:87:f9:2c:d7:ad:3f:d5:e6:2e:a7:
         63:4c:21:63:df:ca:fc:72:4f:28:a8:5c:5f:18:35:fc:e4:c5:
         74:11:ef:50:89:ea:9a:4f:d5:a6:85:c6:5b:1e:98:5d:d7:d8:
         b3:dd:4f:5d:86:3c:75:0d:5a:79:ed:eb:75:fa:15:38:be:8f:
         90:26:3e:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMPlaoI7op6dq+ishNOKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhN2ZiODFkYzdlY2M5Y2E2NjJhNzRlZTNiN2UzYmFkMmVh
NGRlNzEwHhcNMjUwOTA3MDgwMDM2WhcNMjUwOTA4MDgwMDM2WjAzMTEwLwYDVQQD
Eyg1YjY5NWQ0MmRmYTk3M2FlMDJiODY2MWFlNjFhNmQ2YTk3ZWJkMDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5tkYpExnj19L2n6wlJg+p2uFQLW
HyY3mf2kWjl7YW89PmZDwbSEInDh7ckkZrUeFPQpUNfwpAEqC4E3Rwo482oLPW49
oNQ8XtqYqI1nRHCYyLFAPqEtJAVFd6sF7OGzSOmRiM1WMEPKSlrX75vu0GJaqpZd
Q1YtD1/pmz/QdSfayhxhjsCx223s6Gk+LaaRfQ1dC4uHV4LfCXQrFCZysg5/T21g
2I1ZD+m1gu4d49QvGMWvWVvk8DYX76VAPYtHoLqgmXY0aNd5E+q38CipFAiq9COO
XIt+YcQM3vwqChVaIb7wkQWuIDGJVnTEKgsTbz0ZWUzbtP5MBZg7jLDz3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFtpXULfqXOuArhmGuYabWqX69ARMB8GA1UdIwQY
MBaAFCp/uB3H7MnKZip07jt+O60upN5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDct
NDViOGI4NTczNDE5LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDctNDViOGI4NTczNDE5
LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIOU4sojr
JoPZQnqmiYA1QHuXcXY9W0F12gY2hywYib5lI8Uj408jRWcbgu4YA03M7LYPT+Fz
kZn3Ko44oz8hVQWT0OPvDlf5P5Sjwza1PnASBHE//Sfw4ApYpFO4Q90lTtgENdXX
VyTUb+hWhawp31iKx/hv1ewdkCPVX2suFvJJm7JycARaUY9/DhDQgraXkfCdOjn9
3xN9mtWWcmDlc+YLCldiYzWUYJ461Udn5DhuVO0LKqyIwn/8VQ2H+SzXrT/V5i6n
Y0whY9/K/HJPKKhcXxg1/OTFdBHvUInqmk/VpoXGWx6YXdfYs91PXYY8dQ1aee3r
dfoVOL6PkCY++Q==
-----END CERTIFICATE-----