Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
File:                     Kn-4HcfsycpmKnTuO347rS6k3nE.mft (raw, json)
Hash identifier:          CxPp3ZgzkwK1lw/Y/rXfHMcLlNx1LUqhygEoS4o8ZrE=
Subject key identifier:   56:12:32:66:2F:C3:5E:A0:50:7E:6C:B1:7F:E5:E0:00:AE:CC:19:54
Authority key identifier: 2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71
Certificate issuer:       /CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71
Certificate serial:       0199FB7C9E1C5F5A0F6414D38A43D697145C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
Manifest number:          D0
Signing time:             Sun 19 Oct 2025 08:01:11 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:11 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:11 +0000
Files and hashes:         1: Kn-4HcfsycpmKnTuO347rS6k3nE.crl (hash: dN77jO4NaWArthASlfXKOk6bKWu5Koqk6Z5Yz8deTUQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:9e:1c:5f:5a:0f:64:14:d3:8a:43:d6:97:14:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71
        Validity
            Not Before: Oct 19 08:01:11 2025 GMT
            Not After : Oct 20 08:01:11 2025 GMT
        Subject: CN=561232662fc35ea0507e6cb17fe5e000aecc1954
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:c2:75:d5:b8:1a:0e:08:41:a5:11:9f:42:50:
                    ce:6b:bd:6a:53:05:ce:36:03:26:28:02:5f:c5:d9:
                    eb:36:96:55:b5:e2:a0:27:e4:6b:17:d8:e4:2e:84:
                    01:4a:cd:71:a0:2b:68:a3:17:43:c1:b4:c2:bc:ef:
                    b6:e4:88:dc:50:35:53:2b:9f:df:b6:fd:a6:1d:43:
                    98:50:32:c9:04:b8:9c:8a:f3:e0:db:ef:6a:6f:0f:
                    ad:3a:3a:f4:86:f0:af:77:c4:14:44:2b:e5:96:c5:
                    06:43:21:5f:68:75:a3:3e:91:37:3e:6d:dc:3f:1a:
                    02:e1:87:f3:8b:32:81:ea:32:c8:80:84:5f:a6:e6:
                    48:ff:8a:60:82:f3:df:e3:66:68:f0:10:a2:25:69:
                    7f:57:4f:48:07:80:4d:ff:94:76:11:ef:2d:77:a9:
                    f3:7b:af:8f:eb:28:f8:a0:03:db:b7:d0:44:5d:31:
                    95:4b:45:8a:83:9d:1e:4b:dd:47:a0:45:80:33:46:
                    eb:d4:7d:52:ba:da:42:08:62:5f:88:ff:1d:7e:25:
                    bc:49:cb:26:72:c0:46:7a:7c:a1:f6:12:e9:e4:b4:
                    27:4f:69:59:83:ae:43:22:a8:81:34:1f:29:f6:4d:
                    5c:8c:81:bd:0d:47:f5:f2:dd:58:a2:7b:b8:56:44:
                    99:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:12:32:66:2F:C3:5E:A0:50:7E:6C:B1:7F:E5:E0:00:AE:CC:19:54
            X509v3 Authority Key Identifier:
                keyid:2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:ce:d2:f3:aa:71:4e:b7:5d:39:c4:48:21:fe:61:73:b2:a8:
         fd:cd:de:8d:50:b7:d0:6d:7e:c6:10:bb:de:6a:e9:96:6e:56:
         55:cc:bc:af:91:67:e4:0f:78:81:7f:7d:fa:32:b2:f9:97:d5:
         8e:8a:e6:ab:73:da:39:a3:a1:ce:18:85:ba:fb:7a:d7:8a:17:
         c5:18:8a:22:cf:76:07:f6:69:b3:4f:9b:5d:5d:3b:9c:86:ed:
         4a:23:81:72:10:08:66:1a:a3:6a:5d:05:d3:db:b3:19:5a:f4:
         7d:c7:2d:66:5e:4d:d1:7c:d8:10:17:65:2a:90:68:38:71:62:
         29:4e:dd:ab:b7:d4:34:49:de:69:c5:a8:45:80:91:65:a7:9c:
         88:31:29:c4:97:97:a0:31:7a:e0:65:c1:18:6c:54:64:b3:4f:
         7c:98:13:c5:6d:18:21:d4:e4:16:31:24:da:78:7f:de:70:35:
         e7:2b:72:d2:1b:a6:93:84:81:39:ef:d5:ac:ac:36:c8:48:74:
         72:67:99:39:1e:ec:e5:f1:6d:90:b3:2b:47:e1:d6:98:cc:bf:
         87:cf:0c:fb:fc:14:7f:09:fb:33:70:d4:78:48:11:42:3f:c7:
         6c:60:20:ca:e1:d3:c6:a2:23:7a:48:fd:39:30:18:12:e8:bd:
         63:f1:f0:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fJ4cX1oPZBTTikPWlxRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhN2ZiODFkYzdlY2M5Y2E2NjJhNzRlZTNiN2UzYmFkMmVh
NGRlNzEwHhcNMjUxMDE5MDgwMTExWhcNMjUxMDIwMDgwMTExWjAzMTEwLwYDVQQD
Eyg1NjEyMzI2NjJmYzM1ZWEwNTA3ZTZjYjE3ZmU1ZTAwMGFlY2MxOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8J11bgaDghBpRGfQlDOa71qUwXO
NgMmKAJfxdnrNpZVteKgJ+RrF9jkLoQBSs1xoCtooxdDwbTCvO+25IjcUDVTK5/f
tv2mHUOYUDLJBLicivPg2+9qbw+tOjr0hvCvd8QURCvllsUGQyFfaHWjPpE3Pm3c
PxoC4YfzizKB6jLIgIRfpuZI/4pggvPf42Zo8BCiJWl/V09IB4BN/5R2Ee8td6nz
e6+P6yj4oAPbt9BEXTGVS0WKg50eS91HoEWAM0br1H1SutpCCGJfiP8dfiW8Scsm
csBGenyh9hLp5LQnT2lZg65DIqiBNB8p9k1cjIG9DUf18t1Yonu4VkSZPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFYSMmYvw16gUH5ssX/l4ACuzBlUMB8GA1UdIwQY
MBaAFCp/uB3H7MnKZip07jt+O60upN5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDct
NDViOGI4NTczNDE5LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDctNDViOGI4NTczNDE5
LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEs7S86px
TrddOcRIIf5hc7Ko/c3ejVC30G1+xhC73mrplm5WVcy8r5Fn5A94gX99+jKy+ZfV
jormq3PaOaOhzhiFuvt614oXxRiKIs92B/Zps0+bXV07nIbtSiOBchAIZhqjal0F
09uzGVr0fcctZl5N0XzYEBdlKpBoOHFiKU7dq7fUNEneacWoRYCRZaeciDEpxJeX
oDF64GXBGGxUZLNPfJgTxW0YIdTkFjEk2nh/3nA15yty0humk4SBOe/VrKw2yEh0
cmeZOR7s5fFtkLMrR+HWmMy/h88M+/wUfwn7M3DUeEgRQj/HbGAgyuHTxqIjekj9
OTAYEui9Y/Hw+A==
-----END CERTIFICATE-----