Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
File:                     KNX3dyLGFlf4HJ965JznKbWA9ng.mft (raw, json)
Hash identifier:          AdCdAPd6XYjx+IA0pNY04sFdfgPxd5zwR9wRX2Md4X8=
Subject key identifier:   CE:B1:11:74:D3:07:1C:22:32:3B:67:F1:E6:D0:D4:61:24:9C:E9:23
Authority key identifier: 28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78
Certificate issuer:       /CN=28d5f77722c61657f81c9f7ae49ce729b580f678
Certificate serial:       0197B88F71A7562C9C6FE5FB5CD5E989E509
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 22:01:37 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:37 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:37 +0000
Files and hashes:         1: KNX3dyLGFlf4HJ965JznKbWA9ng.crl (hash: UGrHfKX9tr36sjR3tDxR/r2EK2Pk9uj76Wy0tgdxCgI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:71:a7:56:2c:9c:6f:e5:fb:5c:d5:e9:89:e5:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28d5f77722c61657f81c9f7ae49ce729b580f678
        Validity
            Not Before: Jun 28 22:01:37 2025 GMT
            Not After : Jun 29 22:01:37 2025 GMT
        Subject: CN=ceb11174d3071c22323b67f1e6d0d461249ce923
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4b:31:c0:55:11:07:bf:33:8b:ef:26:a8:d9:
                    35:5f:e7:b1:49:73:09:d1:43:47:cd:b2:b5:db:85:
                    c0:e1:aa:9f:08:bf:7c:f2:d1:e9:6e:a4:e8:96:88:
                    76:03:fe:d2:6e:1d:01:a4:65:bc:fb:4d:c2:c5:ad:
                    73:a9:eb:7d:d1:e8:9f:a5:e1:e2:0a:36:bb:a5:d2:
                    dd:c2:66:88:c5:5b:b5:c7:8e:2f:ce:25:96:52:c8:
                    41:a5:a3:eb:69:d2:9d:7f:ea:a9:60:ff:f4:bf:92:
                    c0:f1:77:b9:e1:4d:95:88:02:0d:80:4d:9b:fc:53:
                    b9:a1:89:8e:fe:06:fd:c7:f4:78:56:cf:5c:60:f9:
                    77:b3:a5:21:2e:6c:9c:e7:54:56:0d:50:0b:c4:22:
                    b7:e3:da:4c:46:f7:02:21:78:d0:a8:02:1c:cd:83:
                    36:f1:c7:80:20:5a:6a:c0:7c:47:98:7f:52:db:a1:
                    ce:c5:33:8c:63:e0:2e:6c:b2:ec:e9:72:50:03:9d:
                    fb:0d:58:b2:b7:b5:d2:9f:c7:c2:c8:e3:75:47:97:
                    d9:51:98:ea:b8:72:42:0e:48:3b:5d:4f:47:22:51:
                    69:74:cf:96:87:8d:27:e6:c6:3a:c9:0a:fb:6e:21:
                    69:4b:53:e4:c1:f8:15:2b:e9:b7:b4:95:4b:52:2a:
                    70:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:B1:11:74:D3:07:1C:22:32:3B:67:F1:E6:D0:D4:61:24:9C:E9:23
            X509v3 Authority Key Identifier:
                keyid:28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:60:aa:d4:4c:a0:23:34:f4:df:b7:20:c0:9a:ce:51:d3:3a:
         30:e5:a4:03:9f:d5:26:2b:a3:d5:61:87:76:a8:89:f0:35:43:
         2b:46:99:c7:53:26:6b:57:6a:ef:22:3d:61:14:81:d8:20:e2:
         e0:05:21:ed:26:ab:fe:9a:93:cd:48:88:7a:a2:cf:ea:81:c5:
         33:4b:6a:09:67:91:13:b5:81:69:89:9e:3b:b1:2b:64:1c:15:
         90:2d:e2:96:82:bb:2b:e4:a7:71:9f:0b:0f:ac:b3:16:8a:54:
         5f:e2:26:46:ae:39:73:64:1b:f4:77:43:d3:f2:c9:0f:67:0a:
         55:b5:0a:d7:9f:22:ad:82:6e:36:36:12:a0:8f:3e:8d:2d:34:
         a5:e9:50:02:b9:41:d2:63:41:c6:65:65:26:71:44:0f:9f:d9:
         89:b4:0a:94:b7:e3:1b:1b:9f:b3:72:e4:1e:fb:68:ef:aa:af:
         5a:90:ba:7b:93:b2:52:8a:db:ff:0f:6d:43:73:4a:3d:e5:21:
         43:5e:38:b0:a0:c4:47:63:c9:fc:64:49:7b:b1:a0:73:b2:79:
         5d:f6:4c:5e:5f:15:9c:03:04:08:cb:17:99:b3:75:f7:e8:4d:
         9a:4d:a8:6a:d4:c9:92:3e:4d:99:30:4c:d8:38:3a:77:fe:53:
         b3:b0:85:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j3GnViycb+X7XNXpieUJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZDVmNzc3MjJjNjE2NTdmODFjOWY3YWU0OWNlNzI5YjU4
MGY2NzgwHhcNMjUwNjI4MjIwMTM3WhcNMjUwNjI5MjIwMTM3WjAzMTEwLwYDVQQD
EyhjZWIxMTE3NGQzMDcxYzIyMzIzYjY3ZjFlNmQwZDQ2MTI0OWNlOTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUsxwFURB78zi+8mqNk1X+exSXMJ
0UNHzbK124XA4aqfCL988tHpbqToloh2A/7Sbh0BpGW8+03Cxa1zqet90eifpeHi
Cja7pdLdwmaIxVu1x44vziWWUshBpaPradKdf+qpYP/0v5LA8Xe54U2ViAINgE2b
/FO5oYmO/gb9x/R4Vs9cYPl3s6UhLmyc51RWDVALxCK349pMRvcCIXjQqAIczYM2
8ceAIFpqwHxHmH9S26HOxTOMY+AubLLs6XJQA537DViyt7XSn8fCyON1R5fZUZjq
uHJCDkg7XU9HIlFpdM+Wh40n5sY6yQr7biFpS1PkwfgVK+m3tJVLUipwGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM6xEXTTBxwiMjtn8ebQ1GEknOkjMB8GA1UdIwQY
MBaAFCjV93cixhZX+ByfeuSc5ym1gPZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDkt
NjFiZThhMDZmM2FmLzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDktNjFiZThhMDZmM2Fm
LzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiWCq1Eyg
IzT037cgwJrOUdM6MOWkA5/VJiuj1WGHdqiJ8DVDK0aZx1Mma1dq7yI9YRSB2CDi
4AUh7Sar/pqTzUiIeqLP6oHFM0tqCWeRE7WBaYmeO7ErZBwVkC3iloK7K+SncZ8L
D6yzFopUX+ImRq45c2Qb9HdD0/LJD2cKVbUK158irYJuNjYSoI8+jS00pelQArlB
0mNBxmVlJnFED5/ZibQKlLfjGxufs3LkHvto76qvWpC6e5OyUorb/w9tQ3NKPeUh
Q144sKDER2PJ/GRJe7Ggc7J5XfZMXl8VnAMECMsXmbN19+hNmk2oatTJkj5NmTBM
2Dg6d/5Ts7CFyw==
-----END CERTIFICATE-----