Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
File:                     knaysJMpLF-nXm4UwqSZrIR-QWs.mft (raw, json)
Hash identifier:          7Cu3tZ4zAqYrhFzVUOf5NSPyarrijUsApYcQ9UQTnLI=
Subject key identifier:   40:67:CA:84:17:0B:9E:FE:3C:52:66:DA:D2:D5:CE:43:A2:E4:07:AA
Authority key identifier: 92:76:B2:B0:93:29:2C:5F:A7:5E:6E:14:C2:A4:99:AC:84:7E:41:6B
Certificate issuer:       /CN=9276b2b093292c5fa75e6e14c2a499ac847e416b
Certificate serial:       019A2854522611AE46C1E8C256988BD1E971
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
Manifest number:          14C9
Signing time:             Tue 28 Oct 2025 01:00:05 +0000
Manifest this update:     Tue 28 Oct 2025 01:00:05 +0000
Manifest next update:     Wed 29 Oct 2025 01:00:05 +0000
Files and hashes:         1: knaysJMpLF-nXm4UwqSZrIR-QWs.crl (hash: s7Du354gHMdKA7jKJ8VaafB49MGS/m1ZxGkhMdqPtI8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 29 Oct 2025 00:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:28:54:52:26:11:ae:46:c1:e8:c2:56:98:8b:d1:e9:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9276b2b093292c5fa75e6e14c2a499ac847e416b
        Validity
            Not Before: Oct 28 01:00:05 2025 GMT
            Not After : Oct 29 01:00:05 2025 GMT
        Subject: CN=4067ca84170b9efe3c5266dad2d5ce43a2e407aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:99:f4:51:57:c7:16:2f:e5:52:10:b9:c2:3d:
                    d5:3e:3a:2f:f5:49:e7:57:3c:97:ae:e2:da:e1:8e:
                    e0:fc:19:b1:d4:3e:81:44:13:0c:f4:9f:b9:33:8d:
                    61:b6:03:a3:ed:13:1d:83:73:2c:a0:47:42:c5:84:
                    c5:60:0d:49:09:f8:4d:44:3c:9e:b2:4c:6b:0e:b9:
                    b5:af:4c:66:72:79:a4:b8:1e:1e:b1:53:51:37:99:
                    d1:c2:49:b2:01:25:a3:3a:42:82:e2:e6:09:0a:b6:
                    77:88:84:75:ed:df:7b:6b:e6:94:32:c9:15:a8:34:
                    65:24:af:c1:c0:a7:ae:03:2a:16:57:90:06:ca:7a:
                    35:65:4d:1f:dd:15:8f:eb:2d:39:e0:c6:f9:5d:5b:
                    69:7e:fa:24:4b:55:a4:d5:c7:f9:d1:7f:b4:bf:66:
                    bd:c6:ed:d7:3b:b7:6a:19:e9:e8:d6:8c:fd:ae:d3:
                    7e:ed:23:bc:be:c9:cf:16:18:d4:35:bd:06:6c:81:
                    4f:da:42:20:3a:ee:a8:ad:a9:bb:fc:8d:5b:9f:5f:
                    0e:5d:8d:5c:6b:0f:2a:95:af:7b:a0:b4:5b:e7:4c:
                    27:4e:79:c2:eb:b0:54:f4:f7:c6:a2:5d:c1:22:7e:
                    6b:89:8c:68:98:1f:70:e0:f1:2b:0a:68:9f:55:35:
                    51:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:67:CA:84:17:0B:9E:FE:3C:52:66:DA:D2:D5:CE:43:A2:E4:07:AA
            X509v3 Authority Key Identifier:
                keyid:92:76:B2:B0:93:29:2C:5F:A7:5E:6E:14:C2:A4:99:AC:84:7E:41:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:55:3c:ae:00:8c:d0:91:bb:1f:74:b7:4c:a1:22:19:0f:d1:
         23:ce:74:13:3d:21:95:46:79:ce:66:ce:5c:66:d5:23:15:16:
         31:ae:c6:ae:63:68:c1:a5:b8:9a:03:54:12:97:14:ca:33:e3:
         1b:95:b8:77:86:5a:18:d4:6f:c0:25:28:6a:1c:be:07:f2:6c:
         df:57:c6:7a:ae:71:10:86:e0:e0:41:8f:55:1b:8e:13:82:07:
         36:d3:da:de:e8:9c:a1:6a:e8:8f:9c:c6:37:99:58:5b:29:a0:
         41:67:81:7d:f5:7a:77:3d:9c:78:88:dc:ee:eb:f1:8c:03:d3:
         64:d5:b2:38:aa:67:77:5e:84:bb:b9:a4:cd:0e:df:34:c0:e7:
         5b:0e:03:0f:a7:04:b8:c3:d4:7b:a2:c6:bd:37:ab:c9:7a:08:
         9b:1b:db:03:ac:67:51:db:d1:09:04:62:32:b7:4c:d6:a4:20:
         28:e3:dc:d8:51:6d:45:f8:5a:95:42:cd:ae:49:cb:d0:f5:e8:
         0a:b2:93:21:a8:87:50:46:ba:11:c0:4e:dd:b4:00:a9:ee:ae:
         82:e9:27:17:06:d8:86:d1:6d:d9:8c:11:bc:f3:b9:be:ba:ae:
         4f:77:9f:fb:bd:68:80:49:90:86:0b:ab:7b:f5:08:09:58:86:
         d0:23:47:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZooVFImEa5GwejCVpiL0elxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNzZiMmIwOTMyOTJjNWZhNzVlNmUxNGMyYTQ5OWFjODQ3
ZTQxNmIwHhcNMjUxMDI4MDEwMDA1WhcNMjUxMDI5MDEwMDA1WjAzMTEwLwYDVQQD
Eyg0MDY3Y2E4NDE3MGI5ZWZlM2M1MjY2ZGFkMmQ1Y2U0M2EyZTQwN2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Jn0UVfHFi/lUhC5wj3VPjov9Unn
VzyXruLa4Y7g/Bmx1D6BRBMM9J+5M41htgOj7RMdg3MsoEdCxYTFYA1JCfhNRDye
skxrDrm1r0xmcnmkuB4esVNRN5nRwkmyASWjOkKC4uYJCrZ3iIR17d97a+aUMskV
qDRlJK/BwKeuAyoWV5AGyno1ZU0f3RWP6y054Mb5XVtpfvokS1Wk1cf50X+0v2a9
xu3XO7dqGeno1oz9rtN+7SO8vsnPFhjUNb0GbIFP2kIgOu6oram7/I1bn18OXY1c
aw8qla97oLRb50wnTnnC67BU9PfGol3BIn5riYxomB9w4PErCmifVTVROQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBnyoQXC57+PFJm2tLVzkOi5AeqMB8GA1UdIwQY
MBaAFJJ2srCTKSxfp15uFMKkmayEfkFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8zZmE5MmYtY2FiZC00MTNiLWFlNWMt
NjliNzMzY2JjNTI4LzEva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8zZmE5MmYtY2FiZC00MTNiLWFlNWMtNjliNzMzY2JjNTI4
LzEva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb1U8rgCM
0JG7H3S3TKEiGQ/RI850Ez0hlUZ5zmbOXGbVIxUWMa7GrmNowaW4mgNUEpcUyjPj
G5W4d4ZaGNRvwCUoahy+B/Js31fGeq5xEIbg4EGPVRuOE4IHNtPa3uicoWroj5zG
N5lYWymgQWeBffV6dz2ceIjc7uvxjAPTZNWyOKpnd16Eu7mkzQ7fNMDnWw4DD6cE
uMPUe6LGvTeryXoImxvbA6xnUdvRCQRiMrdM1qQgKOPc2FFtRfhalULNrknL0PXo
CrKTIaiHUEa6EcBO3bQAqe6uguknFwbYhtFt2YwRvPO5vrquT3ef+71ogEmQhgur
e/UICViG0CNHFg==
-----END CERTIFICATE-----