Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
File:                     knaysJMpLF-nXm4UwqSZrIR-QWs.mft (raw, json)
Hash identifier:          ifkaEELvfKQOv2L5oY2zRpGVHmJaKfGU0i9FjMx189Q=
Subject key identifier:   8D:67:58:6E:65:39:34:C4:1C:B0:3F:17:01:DD:5E:9E:25:28:7D:CC
Authority key identifier: 92:76:B2:B0:93:29:2C:5F:A7:5E:6E:14:C2:A4:99:AC:84:7E:41:6B
Certificate issuer:       /CN=9276b2b093292c5fa75e6e14c2a499ac847e416b
Certificate serial:       019923A08A212931CAF7DF2D0BD6C7A4EF72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
Manifest number:          1442
Signing time:             Sun 07 Sep 2025 10:02:27 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:27 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:27 +0000
Files and hashes:         1: knaysJMpLF-nXm4UwqSZrIR-QWs.crl (hash: OkkMFCWoi1rxpS2OI0fxOMFf4DJRGOlzXwtgwtJbhnU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:8a:21:29:31:ca:f7:df:2d:0b:d6:c7:a4:ef:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9276b2b093292c5fa75e6e14c2a499ac847e416b
        Validity
            Not Before: Sep  7 10:02:27 2025 GMT
            Not After : Sep  8 10:02:27 2025 GMT
        Subject: CN=8d67586e653934c41cb03f1701dd5e9e25287dcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ec:09:25:f3:e8:41:98:b9:c0:48:a7:32:24:
                    18:7f:6a:cd:3b:8e:6d:ce:b9:a2:55:98:76:24:ff:
                    69:37:56:1a:c5:8e:5c:59:63:c3:db:f1:d1:ef:ef:
                    1b:9e:6f:8c:ef:9f:11:b5:1a:8d:97:e0:99:b1:81:
                    89:53:3b:89:31:78:2f:a7:97:94:d1:05:06:7f:b8:
                    cb:f1:b1:d6:f3:e4:9a:7e:a1:c5:51:e6:7c:f9:f8:
                    2b:59:a2:f1:6c:33:8a:6d:80:e5:63:d7:90:99:30:
                    9b:75:42:37:ed:f3:1f:9a:52:1d:5c:ce:70:e9:08:
                    b3:b8:69:17:24:b8:0f:b4:86:dd:64:63:ca:91:70:
                    ef:15:a5:e8:51:66:9e:9c:8d:24:62:4e:62:69:40:
                    8f:93:20:1a:55:75:fd:21:7e:02:a2:c1:da:b4:74:
                    cd:c8:9b:f5:24:14:73:0b:c5:a7:8a:7a:91:a5:c8:
                    f5:91:86:21:4c:f5:ab:52:74:e5:29:6f:77:ae:95:
                    ff:da:7c:da:21:eb:e9:7a:67:c4:e8:79:0c:59:cc:
                    c1:3f:55:0a:3a:2e:ea:36:3c:80:72:fa:ec:b7:93:
                    d4:d3:cd:63:e1:0c:90:34:cd:b2:82:76:19:e4:39:
                    10:45:8f:76:68:9d:f1:f3:51:4d:f2:fe:23:08:75:
                    c4:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:67:58:6E:65:39:34:C4:1C:B0:3F:17:01:DD:5E:9E:25:28:7D:CC
            X509v3 Authority Key Identifier:
                keyid:92:76:B2:B0:93:29:2C:5F:A7:5E:6E:14:C2:A4:99:AC:84:7E:41:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:4f:a7:99:82:18:7e:3b:80:74:79:33:df:6d:ce:bb:00:bc:
         be:a4:89:61:3d:59:9c:a8:ee:31:58:e1:2d:6c:06:a3:79:89:
         ec:7c:80:3d:ad:b5:f5:ab:94:38:9c:86:1f:c2:91:fb:af:ad:
         25:c5:f2:01:2d:b1:a2:e6:98:93:84:e9:cd:dc:76:e7:8f:c7:
         fe:22:c7:9e:f5:1a:4a:7f:7b:46:8b:d6:e9:95:3d:34:91:c0:
         f2:65:99:3c:00:64:4b:06:bb:b6:45:3b:65:2c:64:7e:3e:f3:
         15:ed:51:40:5f:cb:0e:c1:4f:00:14:74:86:a8:68:29:c2:ee:
         73:4e:e1:10:ce:df:06:9a:88:d3:5e:fb:10:e4:fa:da:2c:3b:
         89:04:38:2f:f8:89:00:46:32:22:e0:a8:59:94:e0:ce:99:a3:
         c8:e5:6c:9a:71:e8:84:22:00:22:52:8b:c4:2c:3b:ef:92:0c:
         35:98:99:df:de:44:b7:04:34:2c:d1:9d:b5:b2:e8:e6:da:d6:
         22:cd:bc:8a:05:31:5b:af:71:44:d6:e8:c7:dc:81:a2:97:02:
         fb:31:ec:3e:0b:4e:df:32:93:4c:b0:c8:f2:df:46:a5:f3:f5:
         df:5d:6e:36:7f:17:a0:44:a8:a2:50:1e:ac:91:5e:a2:03:f1:
         cf:33:03:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoIohKTHK998tC9bHpO9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNzZiMmIwOTMyOTJjNWZhNzVlNmUxNGMyYTQ5OWFjODQ3
ZTQxNmIwHhcNMjUwOTA3MTAwMjI3WhcNMjUwOTA4MTAwMjI3WjAzMTEwLwYDVQQD
Eyg4ZDY3NTg2ZTY1MzkzNGM0MWNiMDNmMTcwMWRkNWU5ZTI1Mjg3ZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+wJJfPoQZi5wEinMiQYf2rNO45t
zrmiVZh2JP9pN1YaxY5cWWPD2/HR7+8bnm+M758RtRqNl+CZsYGJUzuJMXgvp5eU
0QUGf7jL8bHW8+SafqHFUeZ8+fgrWaLxbDOKbYDlY9eQmTCbdUI37fMfmlIdXM5w
6QizuGkXJLgPtIbdZGPKkXDvFaXoUWaenI0kYk5iaUCPkyAaVXX9IX4CosHatHTN
yJv1JBRzC8WninqRpcj1kYYhTPWrUnTlKW93rpX/2nzaIevpemfE6HkMWczBP1UK
Oi7qNjyAcvrst5PU081j4QyQNM2ygnYZ5DkQRY92aJ3x81FN8v4jCHXE0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1nWG5lOTTEHLA/FwHdXp4lKH3MMB8GA1UdIwQY
MBaAFJJ2srCTKSxfp15uFMKkmayEfkFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8zZmE5MmYtY2FiZC00MTNiLWFlNWMt
NjliNzMzY2JjNTI4LzEva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8zZmE5MmYtY2FiZC00MTNiLWFlNWMtNjliNzMzY2JjNTI4
LzEva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhU+nmYIY
fjuAdHkz323OuwC8vqSJYT1ZnKjuMVjhLWwGo3mJ7HyAPa219auUOJyGH8KR+6+t
JcXyAS2xouaYk4Tpzdx254/H/iLHnvUaSn97RovW6ZU9NJHA8mWZPABkSwa7tkU7
ZSxkfj7zFe1RQF/LDsFPABR0hqhoKcLuc07hEM7fBpqI0177EOT62iw7iQQ4L/iJ
AEYyIuCoWZTgzpmjyOVsmnHohCIAIlKLxCw775IMNZiZ395EtwQ0LNGdtbLo5trW
Is28igUxW69xRNbox9yBopcC+zHsPgtO3zKTTLDI8t9GpfP1311uNn8XoESoolAe
rJFeogPxzzMDfQ==
-----END CERTIFICATE-----