Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft
File:                     K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft (raw, json)
Hash identifier:          9EeTChAn2MebedwariNhVYx371SHdgSZSGjHGMVPiaE=
Subject key identifier:   FD:DD:F6:F1:4A:BB:34:86:53:8B:7A:9C:D6:F2:92:6E:54:24:71:43
Authority key identifier: 2B:49:E8:84:A4:41:F0:4B:7F:5E:2E:D4:74:B5:84:7E:83:21:2B:CB
Certificate issuer:       /CN=2b49e884a441f04b7f5e2ed474b5847e83212bcb
Certificate serial:       01991809163A174DE8DDB20BC3551B13FA47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K0nohKRB8Et_Xi7UdLWEfoMhK8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft
Manifest number:          1667
Signing time:             Fri 05 Sep 2025 04:01:12 +0000
Manifest this update:     Fri 05 Sep 2025 04:01:12 +0000
Manifest next update:     Sat 06 Sep 2025 04:01:12 +0000
Files and hashes:         1: K0nohKRB8Et_Xi7UdLWEfoMhK8s.crl (hash: NgAj3PadQjfM5xbvH7m+oO05TuW8FvmyIlQg08cFZMg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K0nohKRB8Et_Xi7UdLWEfoMhK8s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:09:16:3a:17:4d:e8:dd:b2:0b:c3:55:1b:13:fa:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b49e884a441f04b7f5e2ed474b5847e83212bcb
        Validity
            Not Before: Sep  5 04:01:12 2025 GMT
            Not After : Sep  6 04:01:12 2025 GMT
        Subject: CN=fdddf6f14abb3486538b7a9cd6f2926e54247143
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:e6:d0:18:4a:dd:05:c1:4f:b9:de:47:64:5c:
                    ff:c7:80:68:54:61:b2:98:39:5b:1d:96:da:1e:61:
                    a8:75:77:92:44:ad:18:dd:05:91:66:2e:bf:e4:0e:
                    2f:c0:29:53:89:4e:72:53:5a:00:48:32:68:f6:ed:
                    33:b6:32:24:44:73:6a:c3:7e:17:21:33:e8:9f:37:
                    2e:3a:ed:1e:97:25:f1:47:76:72:be:bb:1d:d3:4c:
                    7d:7c:38:f7:b9:fa:8b:58:26:18:9b:87:e8:59:d1:
                    e7:a2:65:ad:0e:0f:88:a7:c9:83:39:fc:d7:46:c8:
                    17:57:82:3f:13:11:e9:12:18:48:16:51:e5:76:bb:
                    21:a1:4e:91:34:8e:92:ea:91:0d:11:2c:eb:0c:80:
                    9b:80:bb:6e:3b:21:bc:ad:2c:18:f6:86:cb:4d:9c:
                    89:5e:8e:8e:5a:ed:b2:f3:f7:04:db:ac:2d:10:1a:
                    e5:03:b5:b8:f1:e4:55:c6:f3:c9:d6:bd:db:c4:a6:
                    42:cc:9a:79:ea:1c:69:fd:57:c4:2b:07:ed:ab:0f:
                    0c:7c:d2:9d:f3:88:da:89:d3:91:06:31:22:5f:f7:
                    93:ec:7b:af:f7:af:43:43:80:8d:36:c1:9a:94:81:
                    53:de:8f:92:70:58:2f:38:d4:71:e2:ea:7c:d6:9c:
                    8c:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:DD:F6:F1:4A:BB:34:86:53:8B:7A:9C:D6:F2:92:6E:54:24:71:43
            X509v3 Authority Key Identifier:
                keyid:2B:49:E8:84:A4:41:F0:4B:7F:5E:2E:D4:74:B5:84:7E:83:21:2B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K0nohKRB8Et_Xi7UdLWEfoMhK8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:aa:32:3a:e5:83:a2:41:48:d8:a8:9d:60:7c:11:f4:af:16:
         4b:50:5f:55:1c:3d:b3:28:4d:65:88:14:4c:35:dd:53:d9:a1:
         79:31:7b:3c:11:c1:d1:17:be:ce:13:ef:77:3d:14:8d:73:80:
         c1:60:3c:8f:0b:03:e4:59:72:32:78:ac:6c:1d:5f:d5:85:76:
         e5:22:87:5b:c1:3c:b5:49:b0:ef:c3:b5:0d:56:bd:57:26:04:
         dc:e9:3e:91:10:a7:9c:56:2a:e2:9e:42:9d:18:48:c5:e0:e4:
         69:b0:9f:97:1a:86:ac:8a:9c:03:ee:6a:3b:4d:26:d5:d6:61:
         3b:8c:0f:f7:60:68:06:86:c9:0f:5a:48:56:2f:d0:b8:8d:89:
         66:46:12:5b:20:29:e8:af:ed:7a:8c:e2:c8:3d:f7:ad:21:20:
         8e:89:89:98:12:b8:cc:a0:ce:81:b7:0c:e6:78:ee:1b:a0:e9:
         f5:e6:ae:f3:e2:67:6b:d4:e9:7e:9c:c2:e9:47:57:49:04:62:
         c8:e8:55:c3:2e:dc:62:5b:54:ec:e8:d6:0f:79:c3:02:54:ac:
         33:a6:5d:f0:90:aa:41:a7:49:9d:2d:2b:69:55:16:f2:8d:9a:
         14:70:c6:f6:30:0f:e4:9d:10:1c:e7:d8:dc:e8:38:8c:d2:c6:
         a1:2c:60:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCRY6F03o3bILw1UbE/pHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNDllODg0YTQ0MWYwNGI3ZjVlMmVkNDc0YjU4NDdlODMy
MTJiY2IwHhcNMjUwOTA1MDQwMTEyWhcNMjUwOTA2MDQwMTEyWjAzMTEwLwYDVQQD
EyhmZGRkZjZmMTRhYmIzNDg2NTM4YjdhOWNkNmYyOTI2ZTU0MjQ3MTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+bQGErdBcFPud5HZFz/x4BoVGGy
mDlbHZbaHmGodXeSRK0Y3QWRZi6/5A4vwClTiU5yU1oASDJo9u0ztjIkRHNqw34X
ITPonzcuOu0elyXxR3Zyvrsd00x9fDj3ufqLWCYYm4foWdHnomWtDg+Ip8mDOfzX
RsgXV4I/ExHpEhhIFlHldrshoU6RNI6S6pENESzrDICbgLtuOyG8rSwY9obLTZyJ
Xo6OWu2y8/cE26wtEBrlA7W48eRVxvPJ1r3bxKZCzJp56hxp/VfEKwftqw8MfNKd
84jaidORBjEiX/eT7Huv969DQ4CNNsGalIFT3o+ScFgvONRx4up81pyM2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP3d9vFKuzSGU4t6nNbykm5UJHFDMB8GA1UdIwQY
MBaAFCtJ6ISkQfBLf14u1HS1hH6DISvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzBub2hLUkI4RXRfWGk3VWRMV0Vmb01oSzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hZjUyOGMtZmY0MS00ZWVmLThhOTMt
NDJkZDk4NWNkN2IwLzEvSzBub2hLUkI4RXRfWGk3VWRMV0Vmb01oSzhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hZjUyOGMtZmY0MS00ZWVmLThhOTMtNDJkZDk4NWNkN2Iw
LzEvSzBub2hLUkI4RXRfWGk3VWRMV0Vmb01oSzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYaoyOuWD
okFI2KidYHwR9K8WS1BfVRw9syhNZYgUTDXdU9mheTF7PBHB0Re+zhPvdz0UjXOA
wWA8jwsD5FlyMnisbB1f1YV25SKHW8E8tUmw78O1DVa9VyYE3Ok+kRCnnFYq4p5C
nRhIxeDkabCflxqGrIqcA+5qO00m1dZhO4wP92BoBobJD1pIVi/QuI2JZkYSWyAp
6K/teoziyD33rSEgjomJmBK4zKDOgbcM5njuG6Dp9eau8+Jna9TpfpzC6UdXSQRi
yOhVwy7cYltU7OjWD3nDAlSsM6Zd8JCqQadJnS0raVUW8o2aFHDG9jAP5J0QHOfY
3Og4jNLGoSxgEg==
-----END CERTIFICATE-----