Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
File:                     Kn-4HcfsycpmKnTuO347rS6k3nE.mft (raw, json)
Hash identifier:          6Hti1eM8rJcrPCJrZG3lQQcqG8o+Q2HVFdSgRjrhCUI=
Subject key identifier:   FA:C5:4D:F6:3B:D3:CE:2B:CF:9E:93:5E:78:33:74:F8:EB:33:B5:4B
Authority key identifier: 2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71
Certificate issuer:       /CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71
Certificate serial:       019A7149D1397EF89AAF90CDEDEE4AFF836C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
Manifest number:          010D
Signing time:             Tue 11 Nov 2025 05:00:54 +0000
Manifest this update:     Tue 11 Nov 2025 05:00:54 +0000
Manifest next update:     Wed 12 Nov 2025 05:00:54 +0000
Files and hashes:         1: Kn-4HcfsycpmKnTuO347rS6k3nE.crl (hash: oXo+uGTzEZPn3lNUrl/i8cAkobGoP8HRoZtQ1LPEmxE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:49:d1:39:7e:f8:9a:af:90:cd:ed:ee:4a:ff:83:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71
        Validity
            Not Before: Nov 11 05:00:54 2025 GMT
            Not After : Nov 12 05:00:54 2025 GMT
        Subject: CN=fac54df63bd3ce2bcf9e935e783374f8eb33b54b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ec:1f:80:0a:80:0e:4f:b6:78:a4:2d:8a:e5:
                    cd:58:f4:14:62:02:d3:9a:84:35:8f:05:b1:14:da:
                    58:5c:13:4a:92:d7:4e:6a:9f:c9:c4:1c:e3:27:d3:
                    9f:2f:b8:ae:d3:21:69:cc:90:f3:cc:ad:67:7b:75:
                    d4:ec:76:ed:34:7d:60:4f:74:7e:65:b4:08:01:c0:
                    04:2b:20:95:15:28:9f:ee:4e:c8:39:bc:ef:44:b4:
                    85:34:99:a4:7b:3e:b9:58:87:1d:27:10:56:78:d4:
                    de:bd:83:5b:d9:f4:2a:1a:d6:ef:a2:be:d8:ef:56:
                    05:92:1c:a5:14:99:11:b6:fa:5e:f0:9f:29:49:6a:
                    52:8d:60:72:e9:4e:9e:04:c3:45:a6:a8:31:cb:60:
                    f7:5b:5d:ec:5b:95:8e:4c:68:d9:a5:a5:a9:43:72:
                    f2:72:d0:33:24:3c:c6:29:e9:bc:55:e8:78:90:f9:
                    fd:53:0a:80:9f:05:7b:e8:86:13:ba:33:39:f3:9c:
                    17:14:00:7f:06:7a:09:04:a4:5b:f6:53:f7:60:7a:
                    cd:5e:25:51:24:87:77:59:86:54:ec:34:35:9a:51:
                    2d:8e:0a:3b:c7:bb:a2:8a:8c:75:51:aa:43:d4:b4:
                    e5:42:d5:f2:de:84:0f:b6:d3:20:00:5e:d2:06:81:
                    69:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:C5:4D:F6:3B:D3:CE:2B:CF:9E:93:5E:78:33:74:F8:EB:33:B5:4B
            X509v3 Authority Key Identifier:
                keyid:2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:88:42:8b:6f:07:8d:7a:5f:2c:80:a3:64:64:ea:95:45:df:
         8f:4f:f3:ad:5c:13:e3:06:bc:bc:0b:62:2d:69:b2:10:b5:68:
         70:6f:09:64:4c:bf:e6:b8:15:a4:e3:66:4b:40:66:63:f3:06:
         27:7e:c3:bf:89:46:c1:a8:9a:27:36:de:42:64:80:f6:90:e1:
         77:32:89:fc:56:18:b0:4c:81:ad:94:37:9f:31:19:40:2a:16:
         12:c5:69:98:6d:4a:8a:bc:3d:15:1f:cd:67:24:1b:d3:57:6d:
         5c:d6:45:ff:f4:c2:80:1a:6a:50:61:7e:14:d5:a3:88:88:69:
         11:8a:77:60:aa:31:9f:13:ac:3a:2e:56:32:dc:e8:a2:19:5c:
         71:38:13:f0:e7:80:4c:42:08:ca:fc:50:57:a6:90:a5:f4:a1:
         b2:b8:89:86:7e:29:cb:44:2e:66:88:ac:ea:18:d7:67:f1:a0:
         90:18:25:e5:e7:0c:63:ad:cf:0c:d4:64:ad:78:bf:ae:5a:4c:
         94:3a:3c:9c:42:fd:29:1e:27:73:4e:66:9c:f2:6a:35:1b:31:
         b2:2e:11:f4:27:9b:17:a6:79:9e:d5:44:25:6b:cf:95:84:f1:
         2f:4e:a6:cc:a0:34:d0:aa:98:b9:99:39:5e:70:23:00:b4:91:
         a0:35:92:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSdE5fviar5DN7e5K/4NsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhN2ZiODFkYzdlY2M5Y2E2NjJhNzRlZTNiN2UzYmFkMmVh
NGRlNzEwHhcNMjUxMTExMDUwMDU0WhcNMjUxMTEyMDUwMDU0WjAzMTEwLwYDVQQD
EyhmYWM1NGRmNjNiZDNjZTJiY2Y5ZTkzNWU3ODMzNzRmOGViMzNiNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuwfgAqADk+2eKQtiuXNWPQUYgLT
moQ1jwWxFNpYXBNKktdOap/JxBzjJ9OfL7iu0yFpzJDzzK1ne3XU7HbtNH1gT3R+
ZbQIAcAEKyCVFSif7k7IObzvRLSFNJmkez65WIcdJxBWeNTevYNb2fQqGtbvor7Y
71YFkhylFJkRtvpe8J8pSWpSjWBy6U6eBMNFpqgxy2D3W13sW5WOTGjZpaWpQ3Ly
ctAzJDzGKem8Veh4kPn9UwqAnwV76IYTujM585wXFAB/BnoJBKRb9lP3YHrNXiVR
JId3WYZU7DQ1mlEtjgo7x7uiiox1UapD1LTlQtXy3oQPttMgAF7SBoFpfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrFTfY7084rz56TXngzdPjrM7VLMB8GA1UdIwQY
MBaAFCp/uB3H7MnKZip07jt+O60upN5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDct
NDViOGI4NTczNDE5LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDctNDViOGI4NTczNDE5
LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmIhCi28H
jXpfLICjZGTqlUXfj0/zrVwT4wa8vAtiLWmyELVocG8JZEy/5rgVpONmS0BmY/MG
J37Dv4lGwaiaJzbeQmSA9pDhdzKJ/FYYsEyBrZQ3nzEZQCoWEsVpmG1Kirw9FR/N
ZyQb01dtXNZF//TCgBpqUGF+FNWjiIhpEYp3YKoxnxOsOi5WMtzoohlccTgT8OeA
TEIIyvxQV6aQpfShsriJhn4py0QuZois6hjXZ/GgkBgl5ecMY63PDNRkrXi/rlpM
lDo8nEL9KR4nc05mnPJqNRsxsi4R9CebF6Z5ntVEJWvPlYTxL06mzKA00KqYuZk5
XnAjALSRoDWS0A==
-----END CERTIFICATE-----