Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
File:                     KNX3dyLGFlf4HJ965JznKbWA9ng.mft (raw, json)
Hash identifier:          wyVtBZlRVPnwNuDibHkEMiQySxQ9BZsyAy1m9KafSpE=
Subject key identifier:   A1:79:BA:26:BE:F7:00:BD:62:63:E9:07:09:ED:CB:92:1D:BB:29:13
Authority key identifier: 28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78
Certificate issuer:       /CN=28d5f77722c61657f81c9f7ae49ce729b580f678
Certificate serial:       0196BD814E9E3E042C5E616D8F4136D4C33B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
Manifest number:          1531
Signing time:             Sun 11 May 2025 04:01:30 +0000
Manifest this update:     Sun 11 May 2025 04:01:30 +0000
Manifest next update:     Mon 12 May 2025 04:01:30 +0000
Files and hashes:         1: KNX3dyLGFlf4HJ965JznKbWA9ng.crl (hash: Jtn5DFrDTmj5+TPfT9/0bjBowq3jv4y/Utmbr6yuhlI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 04:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:81:4e:9e:3e:04:2c:5e:61:6d:8f:41:36:d4:c3:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28d5f77722c61657f81c9f7ae49ce729b580f678
        Validity
            Not Before: May 11 04:01:30 2025 GMT
            Not After : May 12 04:01:30 2025 GMT
        Subject: CN=a179ba26bef700bd6263e90709edcb921dbb2913
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:07:da:3a:53:58:6c:c2:63:7c:18:6a:6d:88:
                    ef:24:fe:cd:1d:ff:7c:eb:94:42:93:c8:e3:81:d6:
                    55:70:42:d1:49:c4:76:3b:28:6f:52:1b:ce:16:55:
                    cc:7d:1c:69:cc:e7:29:69:7f:cf:eb:21:a0:a5:8e:
                    33:6e:ad:3d:7c:e8:1a:9b:43:4b:b3:9b:e4:b5:cf:
                    24:87:29:93:5a:4f:8f:e6:6e:5f:57:13:63:28:ac:
                    ef:f7:45:2a:e7:ef:53:6f:93:cb:38:51:ec:46:d1:
                    c4:24:f1:6f:57:5b:79:03:ff:ad:31:cc:20:d5:ce:
                    31:64:17:8b:32:31:cb:59:b1:7c:44:68:e1:7a:2c:
                    6f:4b:67:a7:ba:40:1a:00:5c:11:1b:23:8b:22:d1:
                    8d:93:4f:28:da:7f:5a:e9:f2:52:68:07:89:6a:ed:
                    c2:4e:c7:0e:ea:43:0a:4e:f7:38:d5:45:89:d1:6a:
                    53:65:5c:74:34:36:7a:a8:3f:d0:61:03:40:ba:90:
                    f7:34:1c:6a:2f:d3:98:df:42:7c:60:41:ce:ba:0d:
                    13:7d:5f:35:53:28:b1:fd:17:ba:d9:09:ff:8e:44:
                    f2:7d:63:ee:37:5d:63:b0:c5:fe:e9:b0:d8:da:26:
                    9c:02:8a:68:c0:31:8c:87:3e:fe:a3:82:b5:34:30:
                    54:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:79:BA:26:BE:F7:00:BD:62:63:E9:07:09:ED:CB:92:1D:BB:29:13
            X509v3 Authority Key Identifier:
                keyid:28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:85:b4:b2:b1:9a:6a:08:a4:a2:ec:3e:c6:f3:91:27:89:f8:
         63:2f:50:08:c8:1b:90:d0:f0:c0:1b:71:2b:fe:ad:be:9d:01:
         5f:30:1d:e9:bc:d2:f8:ea:32:29:85:7c:73:2e:3e:13:fb:68:
         ea:7b:db:fa:02:51:61:06:42:a2:9d:eb:12:0d:ee:74:8f:3d:
         b2:bb:cf:81:84:b0:03:9c:f2:63:54:83:1f:1a:15:e3:1f:6e:
         e5:94:f6:67:34:56:a5:a7:dc:05:c9:50:75:97:15:a5:fc:02:
         a4:54:10:2c:4e:72:17:2f:91:8b:93:0f:7d:68:84:c9:ef:1d:
         e9:57:42:0c:69:6c:03:02:ef:96:1e:2d:0a:7f:ac:d6:ce:7b:
         79:7b:fa:89:cf:a8:c1:51:69:00:b6:84:95:27:31:57:6e:97:
         ca:13:11:ca:41:9e:ca:19:90:35:34:66:05:d6:b6:05:7d:91:
         23:19:22:24:cf:90:c9:89:b0:c0:6b:84:bd:d1:d0:01:e7:e5:
         70:59:b3:f3:6f:d2:c3:ca:7d:50:00:c3:cb:1d:dd:88:7b:20:
         19:12:87:2c:f0:ad:e8:bd:e8:b0:0b:1d:98:29:04:c3:cb:10:
         66:d9:6b:62:42:e3:54:99:33:a5:f8:14:c9:67:4c:8c:0c:df:
         00:59:0c:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9gU6ePgQsXmFtj0E21MM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZDVmNzc3MjJjNjE2NTdmODFjOWY3YWU0OWNlNzI5YjU4
MGY2NzgwHhcNMjUwNTExMDQwMTMwWhcNMjUwNTEyMDQwMTMwWjAzMTEwLwYDVQQD
EyhhMTc5YmEyNmJlZjcwMGJkNjI2M2U5MDcwOWVkY2I5MjFkYmIyOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgfaOlNYbMJjfBhqbYjvJP7NHf98
65RCk8jjgdZVcELRScR2OyhvUhvOFlXMfRxpzOcpaX/P6yGgpY4zbq09fOgam0NL
s5vktc8khymTWk+P5m5fVxNjKKzv90Uq5+9Tb5PLOFHsRtHEJPFvV1t5A/+tMcwg
1c4xZBeLMjHLWbF8RGjheixvS2enukAaAFwRGyOLItGNk08o2n9a6fJSaAeJau3C
TscO6kMKTvc41UWJ0WpTZVx0NDZ6qD/QYQNAupD3NBxqL9OY30J8YEHOug0TfV81
Uyix/Re62Qn/jkTyfWPuN11jsMX+6bDY2iacAopowDGMhz7+o4K1NDBUwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKF5uia+9wC9YmPpBwnty5IduykTMB8GA1UdIwQY
MBaAFCjV93cixhZX+ByfeuSc5ym1gPZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDkt
NjFiZThhMDZmM2FmLzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDktNjFiZThhMDZmM2Fm
LzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk4W0srGa
agikouw+xvORJ4n4Yy9QCMgbkNDwwBtxK/6tvp0BXzAd6bzS+OoyKYV8cy4+E/to
6nvb+gJRYQZCop3rEg3udI89srvPgYSwA5zyY1SDHxoV4x9u5ZT2ZzRWpafcBclQ
dZcVpfwCpFQQLE5yFy+Ri5MPfWiEye8d6VdCDGlsAwLvlh4tCn+s1s57eXv6ic+o
wVFpALaElScxV26XyhMRykGeyhmQNTRmBda2BX2RIxkiJM+QyYmwwGuEvdHQAefl
cFmz82/Sw8p9UADDyx3diHsgGRKHLPCt6L3osAsdmCkEw8sQZtlrYkLjVJkzpfgU
yWdMjAzfAFkMzg==
-----END CERTIFICATE-----