Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft
File:                     KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft (raw, json)
Hash identifier:          lIFnZ5nKuymBtj1LBDRVT+u5PQgMOxMy/utHUSFlCB8=
Subject key identifier:   1F:C4:D1:D4:2D:53:3A:A5:17:24:7B:69:6C:D0:9B:FA:10:03:37:58
Authority key identifier: 2A:71:48:C4:61:F5:E7:7E:10:7A:F7:35:66:A2:7E:34:35:61:DC:1D
Certificate issuer:       /CN=2a7148c461f5e77e107af73566a27e343561dc1d
Certificate serial:       019653499C93DC7F5ABFBAF384B5EC04EC7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KnFIxGH1534Qevc1ZqJ-NDVh3B0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 13:00:55 +0000
Manifest this update:     Sun 20 Apr 2025 13:00:55 +0000
Manifest next update:     Mon 21 Apr 2025 13:00:55 +0000
Files and hashes:         1: KnFIxGH1534Qevc1ZqJ-NDVh3B0.crl (hash: mbR0iwgpkwL6neJNF1hblnvddFEpffdLDEmgDB4ioT4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KnFIxGH1534Qevc1ZqJ-NDVh3B0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 13:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:49:9c:93:dc:7f:5a:bf:ba:f3:84:b5:ec:04:ec:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a7148c461f5e77e107af73566a27e343561dc1d
        Validity
            Not Before: Apr 20 13:00:55 2025 GMT
            Not After : Apr 21 13:00:55 2025 GMT
        Subject: CN=1fc4d1d42d533aa517247b696cd09bfa10033758
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:f1:7f:84:d7:d8:1e:92:f7:bc:c6:cc:98:8e:
                    76:2b:3d:d5:48:e6:b0:d8:79:43:39:4a:53:fe:53:
                    eb:19:ff:aa:3f:f5:53:26:37:9f:e5:ed:3d:5f:42:
                    d1:ac:23:e9:16:8d:ee:20:45:86:bd:a6:11:a4:cc:
                    c9:be:7e:51:c9:97:ca:14:80:49:dc:b9:e9:64:b2:
                    cd:3e:e0:1b:3e:48:8f:3d:f5:98:3a:c8:b1:3a:3a:
                    d2:43:90:c4:01:64:df:49:8c:c2:19:a4:4e:a9:ba:
                    8a:11:3a:88:f1:b2:96:53:54:3f:41:ec:6a:43:16:
                    c8:45:f6:e4:db:16:cc:8b:b2:6e:36:a6:34:69:b3:
                    74:25:81:a7:72:77:09:fc:87:e9:01:69:5b:25:4e:
                    4e:a0:09:c8:9c:b6:53:f1:6d:d2:bf:4e:f0:93:84:
                    9f:1d:d0:92:cd:44:c6:8c:7a:4f:a3:ba:a0:5f:0e:
                    3c:fd:27:e8:8e:2b:54:cb:8e:05:f7:ca:f5:62:b9:
                    c9:da:38:d8:96:e0:cf:46:0c:69:cb:b8:ca:85:91:
                    ce:54:96:da:a9:96:ad:1f:fb:09:1c:ce:be:91:da:
                    60:2f:c8:52:98:28:da:20:70:ac:3c:72:91:58:38:
                    9e:f0:ad:fd:ae:c2:54:a4:a6:52:59:3f:3e:6a:a1:
                    22:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:C4:D1:D4:2D:53:3A:A5:17:24:7B:69:6C:D0:9B:FA:10:03:37:58
            X509v3 Authority Key Identifier:
                keyid:2A:71:48:C4:61:F5:E7:7E:10:7A:F7:35:66:A2:7E:34:35:61:DC:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KnFIxGH1534Qevc1ZqJ-NDVh3B0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:ba:2e:3a:88:72:96:8e:52:89:c2:89:89:8b:6b:d5:09:1a:
         0e:d7:35:fe:a1:45:96:bb:cb:d7:2e:42:63:5d:e2:fa:bd:98:
         7d:09:90:9e:35:74:0a:ae:2e:08:52:bb:da:86:56:46:05:41:
         98:d5:65:73:54:2f:02:e6:90:fe:07:8a:bd:2f:c7:06:59:61:
         81:85:25:f0:0a:df:cf:44:a1:e4:2b:b8:ba:9a:4e:96:26:23:
         9e:c8:18:ab:67:30:b3:bf:fb:fa:21:2d:38:c5:cc:21:35:c3:
         68:93:10:74:9c:fa:a5:73:de:c3:bb:66:18:0a:4a:c4:11:4c:
         c2:e1:f3:be:3a:f0:a4:dd:86:9e:48:74:ab:ce:26:28:98:38:
         0e:04:9e:4d:60:07:16:8e:79:a9:e5:74:29:28:95:4f:26:a6:
         94:fe:9b:f5:83:4c:cd:20:16:8b:73:8e:a5:d5:d8:bf:32:58:
         0a:f8:a8:15:f3:c7:4e:30:16:36:0d:cf:79:6e:50:bc:35:a3:
         db:be:f7:92:68:f6:bd:77:51:30:80:76:6a:45:47:d0:54:75:
         2e:df:de:c6:6e:e3:50:44:b5:ec:78:9c:86:c8:d0:ba:fe:6a:
         27:dc:a6:1f:30:b7:76:83:99:f8:46:0b:93:a0:28:30:c3:5f:
         e1:92:2f:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTSZyT3H9av7rzhLXsBOx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNzE0OGM0NjFmNWU3N2UxMDdhZjczNTY2YTI3ZTM0MzU2
MWRjMWQwHhcNMjUwNDIwMTMwMDU1WhcNMjUwNDIxMTMwMDU1WjAzMTEwLwYDVQQD
EygxZmM0ZDFkNDJkNTMzYWE1MTcyNDdiNjk2Y2QwOWJmYTEwMDMzNzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivF/hNfYHpL3vMbMmI52Kz3VSOaw
2HlDOUpT/lPrGf+qP/VTJjef5e09X0LRrCPpFo3uIEWGvaYRpMzJvn5RyZfKFIBJ
3LnpZLLNPuAbPkiPPfWYOsixOjrSQ5DEAWTfSYzCGaROqbqKETqI8bKWU1Q/Qexq
QxbIRfbk2xbMi7JuNqY0abN0JYGncncJ/IfpAWlbJU5OoAnInLZT8W3Sv07wk4Sf
HdCSzUTGjHpPo7qgXw48/SfojitUy44F98r1YrnJ2jjYluDPRgxpy7jKhZHOVJba
qZatH/sJHM6+kdpgL8hSmCjaIHCsPHKRWDie8K39rsJUpKZSWT8+aqEiowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB/E0dQtUzqlFyR7aWzQm/oQAzdYMB8GA1UdIwQY
MBaAFCpxSMRh9ed+EHr3NWaifjQ1YdwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS25GSXhHSDE1MzRRZXZjMVpxSi1ORFZoM0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85YWZhZjUtZTY5Ni00ODNlLTgzNjUt
MzRlZmQ1YjllOWNkLzEvS25GSXhHSDE1MzRRZXZjMVpxSi1ORFZoM0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85YWZhZjUtZTY5Ni00ODNlLTgzNjUtMzRlZmQ1YjllOWNk
LzEvS25GSXhHSDE1MzRRZXZjMVpxSi1ORFZoM0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh7ouOohy
lo5SicKJiYtr1QkaDtc1/qFFlrvL1y5CY13i+r2YfQmQnjV0Cq4uCFK72oZWRgVB
mNVlc1QvAuaQ/geKvS/HBllhgYUl8Arfz0Sh5Cu4uppOliYjnsgYq2cws7/7+iEt
OMXMITXDaJMQdJz6pXPew7tmGApKxBFMwuHzvjrwpN2Gnkh0q84mKJg4DgSeTWAH
Fo55qeV0KSiVTyamlP6b9YNMzSAWi3OOpdXYvzJYCvioFfPHTjAWNg3PeW5QvDWj
2773kmj2vXdRMIB2akVH0FR1Lt/exm7jUES17HichsjQuv5qJ9ymHzC3doOZ+EYL
k6AoMMNf4ZIvIA==
-----END CERTIFICATE-----