Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
File:                     Kn-4HcfsycpmKnTuO347rS6k3nE.mft (raw, json)
Hash identifier:          3UlLVYMg1K93EU7mYAj0EdV4yzw4Tt3bhzjkeUos5ZU=
Subject key identifier:   70:4A:6A:57:0C:23:46:71:4F:98:10:A8:F1:E6:C3:53:35:B1:2D:4D
Authority key identifier: 2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71
Certificate issuer:       /CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71
Certificate serial:       0198D5F1CE7B5E57952F67BFC54C07B210B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
Manifest number:          38
Signing time:             Sat 23 Aug 2025 08:00:50 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:50 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:50 +0000
Files and hashes:         1: Kn-4HcfsycpmKnTuO347rS6k3nE.crl (hash: lOAIjIVoNhgp7Vd4pa8XPOrxK1Zc/v9vqd/MpZqMSFE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:ce:7b:5e:57:95:2f:67:bf:c5:4c:07:b2:10:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71
        Validity
            Not Before: Aug 23 08:00:50 2025 GMT
            Not After : Aug 24 08:00:50 2025 GMT
        Subject: CN=704a6a570c2346714f9810a8f1e6c35335b12d4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:9e:06:a2:df:f4:a5:39:28:89:6a:25:7d:2a:
                    9d:5a:3b:4d:91:9f:f6:39:10:64:50:3f:33:21:f0:
                    19:b4:1e:d5:0b:5b:2c:40:4c:46:bf:b8:d9:f8:09:
                    90:bc:c7:4b:20:8d:53:be:2a:6c:49:83:4f:2b:42:
                    bd:69:bf:4c:ec:e7:1e:57:23:f2:f7:8f:cd:3e:fc:
                    b1:03:c8:82:fa:7d:7b:19:53:f0:61:bd:57:1a:35:
                    b5:d3:b2:49:80:2d:8c:19:94:91:26:9b:b7:15:25:
                    aa:72:6e:ad:da:b3:14:e4:db:11:ce:44:d2:ce:49:
                    e4:a9:66:ba:20:76:fa:a8:b9:95:73:bd:65:51:e7:
                    a9:d7:d3:7f:56:5a:0e:8a:db:4b:e2:2c:a0:4e:4b:
                    e0:71:3b:e0:c7:db:a2:f6:d6:1e:71:ac:0d:7d:3b:
                    84:6e:91:1f:f3:f7:97:69:13:8b:14:6d:fc:8a:19:
                    af:97:49:97:53:6c:1d:b5:fe:58:b1:92:68:2e:fc:
                    7e:f6:76:61:8e:48:0a:92:e2:69:8d:a8:57:07:9b:
                    39:28:33:21:50:c4:60:bd:c2:72:a4:56:b8:b2:d7:
                    cc:1d:7b:3c:34:b0:c8:10:d2:f0:61:24:c2:0d:92:
                    7d:a7:46:81:ce:c3:4d:66:83:fc:38:a9:54:29:1b:
                    0e:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:4A:6A:57:0C:23:46:71:4F:98:10:A8:F1:E6:C3:53:35:B1:2D:4D
            X509v3 Authority Key Identifier:
                keyid:2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:41:76:79:64:d2:f4:39:a4:44:28:3e:e0:7f:ad:dd:be:d8:
         25:78:64:b4:a3:42:76:dc:05:39:69:a0:8a:87:31:28:f4:2d:
         d9:01:80:3a:a7:0e:71:9e:53:16:bd:14:55:b1:a0:46:6c:9e:
         0c:d9:58:b5:03:6f:f9:7e:64:aa:8f:55:98:62:26:8e:8d:16:
         07:57:fd:5d:49:f2:b3:2e:5e:18:c4:63:f9:c6:95:54:88:8b:
         77:3f:6e:90:19:5f:77:b5:ce:1d:e3:3d:51:bd:95:fb:93:86:
         d6:b4:5c:dd:13:56:68:22:19:3a:35:68:bb:75:da:5e:52:cc:
         8e:7c:59:93:f6:f8:0a:d0:ac:e4:82:e7:f6:7a:4d:fa:88:b5:
         67:29:98:d6:8e:32:64:a9:bd:58:b9:24:19:f1:fd:27:7c:6d:
         8f:ce:ce:f8:95:6a:0c:44:1d:4c:d3:bd:41:6c:aa:8d:01:d7:
         12:0b:32:22:b2:e5:66:57:e9:75:f5:d7:0d:0e:4f:14:9c:73:
         43:77:2d:1c:9f:db:6d:10:13:02:d4:0e:3d:8a:88:46:cd:c3:
         1b:1a:91:99:fa:ad:90:77:ec:d1:4f:d0:39:0b:a2:b5:33:ff:
         0c:cb:23:17:40:82:84:fb:f8:67:6b:d7:1e:4f:8f:a2:bd:93:
         95:6f:e5:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8c57XleVL2e/xUwHshC5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhN2ZiODFkYzdlY2M5Y2E2NjJhNzRlZTNiN2UzYmFkMmVh
NGRlNzEwHhcNMjUwODIzMDgwMDUwWhcNMjUwODI0MDgwMDUwWjAzMTEwLwYDVQQD
Eyg3MDRhNmE1NzBjMjM0NjcxNGY5ODEwYThmMWU2YzM1MzM1YjEyZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp4Got/0pTkoiWolfSqdWjtNkZ/2
ORBkUD8zIfAZtB7VC1ssQExGv7jZ+AmQvMdLII1TvipsSYNPK0K9ab9M7OceVyPy
94/NPvyxA8iC+n17GVPwYb1XGjW107JJgC2MGZSRJpu3FSWqcm6t2rMU5NsRzkTS
zknkqWa6IHb6qLmVc71lUeep19N/VloOittL4iygTkvgcTvgx9ui9tYecawNfTuE
bpEf8/eXaROLFG38ihmvl0mXU2wdtf5YsZJoLvx+9nZhjkgKkuJpjahXB5s5KDMh
UMRgvcJypFa4stfMHXs8NLDIENLwYSTCDZJ9p0aBzsNNZoP8OKlUKRsOJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBKalcMI0ZxT5gQqPHmw1M1sS1NMB8GA1UdIwQY
MBaAFCp/uB3H7MnKZip07jt+O60upN5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDct
NDViOGI4NTczNDE5LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDctNDViOGI4NTczNDE5
LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh0F2eWTS
9DmkRCg+4H+t3b7YJXhktKNCdtwFOWmgiocxKPQt2QGAOqcOcZ5TFr0UVbGgRmye
DNlYtQNv+X5kqo9VmGImjo0WB1f9XUnysy5eGMRj+caVVIiLdz9ukBlfd7XOHeM9
Ub2V+5OG1rRc3RNWaCIZOjVou3XaXlLMjnxZk/b4CtCs5ILn9npN+oi1ZymY1o4y
ZKm9WLkkGfH9J3xtj87O+JVqDEQdTNO9QWyqjQHXEgsyIrLlZlfpdfXXDQ5PFJxz
Q3ctHJ/bbRATAtQOPYqIRs3DGxqRmfqtkHfs0U/QOQuitTP/DMsjF0CChPv4Z2vX
Hk+Por2TlW/llw==
-----END CERTIFICATE-----