Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft
File:                     KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft (raw, json)
Hash identifier:          vkw9yEM0HiFEcOowjlnGPIIfp4yOp53xUr4lcr3ZmYQ=
Subject key identifier:   B2:C0:CF:C3:64:8E:1C:DD:8F:E5:DB:DC:A9:B5:BC:29:AA:AE:51:67
Authority key identifier: 2A:71:48:C4:61:F5:E7:7E:10:7A:F7:35:66:A2:7E:34:35:61:DC:1D
Certificate issuer:       /CN=2a7148c461f5e77e107af73566a27e343561dc1d
Certificate serial:       0195903D8C55B5AAA9D4133F977D84863BF8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KnFIxGH1534Qevc1ZqJ-NDVh3B0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft
Manifest number:          1495
Signing time:             Thu 13 Mar 2025 16:01:47 +0000
Manifest this update:     Thu 13 Mar 2025 16:01:47 +0000
Manifest next update:     Fri 14 Mar 2025 16:01:47 +0000
Files and hashes:         1: KnFIxGH1534Qevc1ZqJ-NDVh3B0.crl (hash: jk10gOlKPE0bFVKUsA6Vv3zLonUXnNn7DitMgeWvEEE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KnFIxGH1534Qevc1ZqJ-NDVh3B0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:90:3d:8c:55:b5:aa:a9:d4:13:3f:97:7d:84:86:3b:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a7148c461f5e77e107af73566a27e343561dc1d
        Validity
            Not Before: Mar 13 16:01:47 2025 GMT
            Not After : Mar 14 16:01:47 2025 GMT
        Subject: CN=b2c0cfc3648e1cdd8fe5dbdca9b5bc29aaae5167
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:1d:39:af:5d:8d:4c:3d:67:55:3f:10:6c:ac:
                    c2:04:bf:4f:b8:6f:3f:ec:9c:e0:13:3a:3a:e2:17:
                    9b:0f:ea:5d:c2:47:38:08:8b:ae:8e:95:cd:fd:fe:
                    e4:00:ab:be:19:49:d8:a0:fa:53:8a:bb:18:d8:fc:
                    8d:93:b3:b2:b9:10:bb:8b:ff:6c:45:ce:45:fc:03:
                    1d:b7:75:11:02:83:a5:a4:73:d5:47:0b:53:66:e5:
                    5a:ce:d8:2e:5d:28:79:1f:b8:6a:43:04:6c:8f:d5:
                    45:67:36:14:a1:15:43:52:96:91:16:fb:e7:0b:3d:
                    f9:7f:77:50:b6:b9:4e:ca:8c:a1:c7:9b:86:f3:f4:
                    ba:fa:85:74:c0:48:ae:e6:83:8e:2b:c0:88:64:cd:
                    15:cc:7f:c4:5d:77:10:92:2a:48:29:bb:4e:56:4e:
                    17:6f:99:dd:93:56:60:59:72:19:69:09:6e:05:39:
                    e7:93:b0:eb:38:cf:c5:5f:d4:52:e4:1a:c6:6d:77:
                    ca:99:33:04:82:5c:88:8f:40:69:18:b2:52:fd:74:
                    94:bd:0f:68:5c:73:31:02:14:89:a2:7b:ac:01:dd:
                    26:41:68:83:da:54:3c:b2:3d:2a:de:30:ff:3f:9a:
                    0a:7f:7f:f2:e6:72:ce:7d:88:07:18:bc:f5:5f:2a:
                    63:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:C0:CF:C3:64:8E:1C:DD:8F:E5:DB:DC:A9:B5:BC:29:AA:AE:51:67
            X509v3 Authority Key Identifier:
                keyid:2A:71:48:C4:61:F5:E7:7E:10:7A:F7:35:66:A2:7E:34:35:61:DC:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KnFIxGH1534Qevc1ZqJ-NDVh3B0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:bb:e3:36:85:5d:8d:b9:97:93:ce:f5:10:2a:1a:27:da:2e:
         83:41:a0:2c:18:39:0c:94:95:20:af:2d:f7:6f:79:53:2a:aa:
         f4:6a:6b:c6:ca:34:5c:e8:58:cd:d2:fc:f1:18:4e:19:9d:8e:
         b8:9c:09:27:bf:7b:c2:0b:64:68:fb:65:2d:10:1b:d9:5d:88:
         e8:23:72:4d:7b:19:1a:b7:3b:4b:5a:59:fa:66:6c:13:55:56:
         e2:be:3e:0c:b7:e9:ad:8a:4f:42:6f:ec:0d:4e:a5:8f:6a:b0:
         57:a3:5a:c1:8e:7e:36:8c:ae:7a:a5:97:bc:1b:c0:14:45:41:
         d7:1a:64:81:e2:02:5a:1b:d2:82:4d:68:7e:43:8a:14:85:e8:
         08:fb:c9:f0:08:4f:b8:02:46:e4:06:36:45:17:e4:1f:97:54:
         ba:9c:d8:60:98:d7:12:de:f9:ef:b1:58:44:07:e6:03:a0:3d:
         d5:46:c1:32:ff:03:4a:54:c3:b4:f4:73:ae:dc:94:7f:c3:a4:
         18:56:3e:05:71:43:06:b3:c3:01:f5:b6:63:6d:a1:a6:14:eb:
         ec:68:2e:1b:89:66:c8:48:d4:81:25:ff:9f:ae:40:84:2c:88:
         94:5b:66:67:6a:57:95:b0:7a:d9:3e:dd:1d:ca:63:cf:d6:5a:
         87:bf:5f:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWQPYxVtaqp1BM/l32Ehjv4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNzE0OGM0NjFmNWU3N2UxMDdhZjczNTY2YTI3ZTM0MzU2
MWRjMWQwHhcNMjUwMzEzMTYwMTQ3WhcNMjUwMzE0MTYwMTQ3WjAzMTEwLwYDVQQD
EyhiMmMwY2ZjMzY0OGUxY2RkOGZlNWRiZGNhOWI1YmMyOWFhYWU1MTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzR05r12NTD1nVT8QbKzCBL9PuG8/
7JzgEzo64hebD+pdwkc4CIuujpXN/f7kAKu+GUnYoPpTirsY2PyNk7OyuRC7i/9s
Rc5F/AMdt3URAoOlpHPVRwtTZuVaztguXSh5H7hqQwRsj9VFZzYUoRVDUpaRFvvn
Cz35f3dQtrlOyoyhx5uG8/S6+oV0wEiu5oOOK8CIZM0VzH/EXXcQkipIKbtOVk4X
b5ndk1ZgWXIZaQluBTnnk7DrOM/FX9RS5BrGbXfKmTMEglyIj0BpGLJS/XSUvQ9o
XHMxAhSJonusAd0mQWiD2lQ8sj0q3jD/P5oKf3/y5nLOfYgHGLz1XypjNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLLAz8Nkjhzdj+Xb3Km1vCmqrlFnMB8GA1UdIwQY
MBaAFCpxSMRh9ed+EHr3NWaifjQ1YdwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS25GSXhHSDE1MzRRZXZjMVpxSi1ORFZoM0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85YWZhZjUtZTY5Ni00ODNlLTgzNjUt
MzRlZmQ1YjllOWNkLzEvS25GSXhHSDE1MzRRZXZjMVpxSi1ORFZoM0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85YWZhZjUtZTY5Ni00ODNlLTgzNjUtMzRlZmQ1YjllOWNk
LzEvS25GSXhHSDE1MzRRZXZjMVpxSi1ORFZoM0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgLvjNoVd
jbmXk871ECoaJ9oug0GgLBg5DJSVIK8t9295Uyqq9Gprxso0XOhYzdL88RhOGZ2O
uJwJJ797wgtkaPtlLRAb2V2I6CNyTXsZGrc7S1pZ+mZsE1VW4r4+DLfprYpPQm/s
DU6lj2qwV6NawY5+NoyueqWXvBvAFEVB1xpkgeICWhvSgk1ofkOKFIXoCPvJ8AhP
uAJG5AY2RRfkH5dUupzYYJjXEt7577FYRAfmA6A91UbBMv8DSlTDtPRzrtyUf8Ok
GFY+BXFDBrPDAfW2Y22hphTr7GguG4lmyEjUgSX/n65AhCyIlFtmZ2pXlbB62T7d
Hcpjz9Zah79ffA==
-----END CERTIFICATE-----