Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
File:                     KNX3dyLGFlf4HJ965JznKbWA9ng.mft (raw, json)
Hash identifier:          kUeZgqESFkAp47Xx72IU4iJk0bCs48JuMPukUvp668M=
Subject key identifier:   4C:D6:2A:8F:48:41:B4:51:37:AC:B8:D0:43:3D:07:D8:79:90:D2:F5
Authority key identifier: 28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78
Certificate issuer:       /CN=28d5f77722c61657f81c9f7ae49ce729b580f678
Certificate serial:       01974E57F33203B42B18AF2EAC7E53DCADA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
Manifest number:          157C
Signing time:             Sun 08 Jun 2025 07:01:15 +0000
Manifest this update:     Sun 08 Jun 2025 07:01:15 +0000
Manifest next update:     Mon 09 Jun 2025 07:01:15 +0000
Files and hashes:         1: KNX3dyLGFlf4HJ965JznKbWA9ng.crl (hash: +2n02vPdNETYllWWOJDmG/4VDZTaGKcIIBFXOrSvCv8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:f3:32:03:b4:2b:18:af:2e:ac:7e:53:dc:ad:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28d5f77722c61657f81c9f7ae49ce729b580f678
        Validity
            Not Before: Jun  8 07:01:15 2025 GMT
            Not After : Jun  9 07:01:15 2025 GMT
        Subject: CN=4cd62a8f4841b45137acb8d0433d07d87990d2f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:82:64:f0:c9:25:2e:ee:b9:0e:bc:9b:d1:14:
                    f5:f0:58:c7:07:cc:1d:33:b1:e8:fd:10:87:3f:84:
                    a2:68:52:10:54:d4:56:1d:93:13:f6:f0:9d:bc:48:
                    0f:5b:3a:ce:2d:b5:05:68:8d:a1:49:15:fe:45:d6:
                    0d:ae:0e:cf:60:29:3b:54:67:db:32:6c:e8:0c:85:
                    bd:ba:6a:4f:e1:9b:2d:95:46:2a:f1:8d:4e:cd:43:
                    a8:64:22:fe:b5:13:2e:74:59:fa:83:d7:93:84:02:
                    14:9e:69:fd:62:02:c0:aa:01:c0:7c:0d:69:90:c8:
                    aa:80:5b:1b:ce:2a:e5:d2:5f:f9:d4:38:db:c0:27:
                    6a:6c:78:f5:de:df:f2:5e:7e:69:39:6f:94:16:53:
                    63:0c:4b:e8:68:3d:a7:ef:dd:82:b5:71:dd:dd:48:
                    e1:74:24:dc:11:db:ad:8f:11:03:0d:d8:7c:77:8e:
                    dc:58:77:37:4a:22:52:51:29:74:4f:4d:e6:5b:c2:
                    82:52:c9:7a:7a:fc:c0:57:7a:f0:96:a6:92:4b:52:
                    6d:7b:5d:94:c7:f3:10:f1:de:cf:18:db:b8:93:f0:
                    22:35:10:e9:5b:a0:00:8b:0f:ec:1d:cd:ee:e9:ec:
                    d1:66:bb:89:c2:2a:8e:e9:57:a2:24:b8:cf:c7:b2:
                    06:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:D6:2A:8F:48:41:B4:51:37:AC:B8:D0:43:3D:07:D8:79:90:D2:F5
            X509v3 Authority Key Identifier:
                keyid:28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:cf:0e:38:55:08:dc:a4:03:bb:8e:fd:20:c7:3b:f9:a5:2a:
         a8:8f:3b:f6:db:58:38:6d:18:ec:8d:da:45:f8:76:fe:fe:fc:
         7f:40:b1:2b:95:40:8b:86:5b:4e:79:a2:91:45:b6:17:f9:c6:
         d1:92:6d:a0:74:b0:5f:55:fb:e7:44:c4:1b:40:50:8d:a5:3b:
         71:bd:68:84:04:46:99:2d:16:a0:8f:4c:70:20:96:85:26:25:
         9a:85:8b:22:66:55:42:e7:90:e3:cd:89:35:52:5c:63:19:12:
         cb:bf:af:c1:2a:a9:29:71:8f:d9:5c:95:92:4b:a3:10:da:30:
         75:e7:53:27:12:6e:ef:06:3c:fd:12:e4:66:8f:30:a4:a8:4e:
         41:0e:da:16:4b:e4:c3:a8:8f:c7:42:e1:35:27:a6:fe:3d:44:
         8b:e4:0e:5b:4a:ad:d6:16:ec:2b:f8:96:b7:0f:2e:e3:9d:67:
         fd:6c:aa:a3:b9:05:a6:b3:e0:d2:b7:88:4d:6c:f0:6c:6b:db:
         bb:e8:f6:b2:ce:d6:02:7a:60:fd:33:73:00:36:1b:2f:4b:d6:
         96:7c:44:ad:80:25:a5:8c:51:99:0d:1b:fd:c8:b9:e9:43:e0:
         6d:2f:23:d7:77:b9:ad:6c:dd:aa:27:7a:06:a5:e7:a3:e3:1f:
         2b:c5:c1:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV/MyA7QrGK8urH5T3K2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZDVmNzc3MjJjNjE2NTdmODFjOWY3YWU0OWNlNzI5YjU4
MGY2NzgwHhcNMjUwNjA4MDcwMTE1WhcNMjUwNjA5MDcwMTE1WjAzMTEwLwYDVQQD
Eyg0Y2Q2MmE4ZjQ4NDFiNDUxMzdhY2I4ZDA0MzNkMDdkODc5OTBkMmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoJk8MklLu65Dryb0RT18FjHB8wd
M7Ho/RCHP4SiaFIQVNRWHZMT9vCdvEgPWzrOLbUFaI2hSRX+RdYNrg7PYCk7VGfb
MmzoDIW9umpP4ZstlUYq8Y1OzUOoZCL+tRMudFn6g9eThAIUnmn9YgLAqgHAfA1p
kMiqgFsbzirl0l/51DjbwCdqbHj13t/yXn5pOW+UFlNjDEvoaD2n792CtXHd3Ujh
dCTcEdutjxEDDdh8d47cWHc3SiJSUSl0T03mW8KCUsl6evzAV3rwlqaSS1Jte12U
x/MQ8d7PGNu4k/AiNRDpW6AAiw/sHc3u6ezRZruJwiqO6VeiJLjPx7IGyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEzWKo9IQbRRN6y40EM9B9h5kNL1MB8GA1UdIwQY
MBaAFCjV93cixhZX+ByfeuSc5ym1gPZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDkt
NjFiZThhMDZmM2FmLzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDktNjFiZThhMDZmM2Fm
LzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZM8OOFUI
3KQDu479IMc7+aUqqI879ttYOG0Y7I3aRfh2/v78f0CxK5VAi4ZbTnmikUW2F/nG
0ZJtoHSwX1X750TEG0BQjaU7cb1ohARGmS0WoI9McCCWhSYlmoWLImZVQueQ482J
NVJcYxkSy7+vwSqpKXGP2VyVkkujENowdedTJxJu7wY8/RLkZo8wpKhOQQ7aFkvk
w6iPx0LhNSem/j1Ei+QOW0qt1hbsK/iWtw8u451n/Wyqo7kFprPg0reITWzwbGvb
u+j2ss7WAnpg/TNzADYbL0vWlnxErYAlpYxRmQ0b/ci56UPgbS8j13e5rWzdqid6
BqXno+MfK8XBpQ==
-----END CERTIFICATE-----