Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
File:                     KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json)
Hash identifier:          r4fqOdn7q/6e4sD/ObMWJTbJ1FtwMbp/GokyXHoSUKM=
Subject key identifier:   FF:33:A5:5F:7C:8B:5F:63:39:6A:BF:9E:F4:EC:63:22:AB:4A:91:86
Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26
Certificate issuer:       /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
Certificate serial:       019D2703D7B99DE7591941A92A8DBD904A22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
Manifest number:          1883
Signing time:             Wed 25 Mar 2026 22:00:56 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:56 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:56 +0000
Files and hashes:         1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: 1aZvE4gzac4xMaj5DoWOePwGbutLoi5lidOjTqZmcp0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:d7:b9:9d:e7:59:19:41:a9:2a:8d:bd:90:4a:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
        Validity
            Not Before: Mar 25 22:00:56 2026 GMT
            Not After : Mar 26 22:00:56 2026 GMT
        Subject: CN=ff33a55f7c8b5f63396abf9ef4ec6322ab4a9186
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:37:b7:ec:7f:42:08:3a:92:2f:47:43:0d:84:
                    0c:9e:75:ff:44:b8:58:c5:6e:6c:77:24:09:d4:d1:
                    97:f1:6c:d9:fd:c7:28:ac:22:59:fa:63:fc:d5:48:
                    0f:b8:4e:98:c5:14:1b:8c:d0:10:38:6f:77:ee:e5:
                    9e:de:ab:6e:c9:4b:2d:8b:1a:26:2b:84:0b:3f:7b:
                    d9:1a:da:da:f5:88:75:1d:02:9a:78:43:5e:86:8c:
                    5b:fc:8f:51:ff:8c:77:7d:bd:ab:f9:a1:04:e5:92:
                    03:c1:2f:2a:5c:5c:e0:1e:a9:4c:8d:a7:84:d0:ef:
                    f6:f6:2c:75:34:61:93:fe:ab:61:91:19:dc:23:8d:
                    14:54:e6:af:1c:57:27:9d:9f:d8:19:66:e2:b2:a5:
                    16:6f:84:87:3f:ff:42:d1:09:c0:9d:4c:6f:11:cc:
                    06:62:54:a2:ef:67:f0:53:ff:85:31:ca:0b:55:d3:
                    2e:b6:b3:d5:90:dc:ef:96:7e:80:03:cb:de:b4:99:
                    4d:55:fb:6e:ba:1d:f5:36:39:d2:74:b9:28:65:a3:
                    59:9e:72:fc:c4:4e:d8:51:f4:ca:bc:a8:aa:ac:89:
                    68:9b:3e:6b:eb:f1:58:da:f5:25:6a:1c:bc:a8:33:
                    86:7c:2d:95:b7:65:d7:12:79:c4:1c:38:0e:ab:44:
                    ad:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:33:A5:5F:7C:8B:5F:63:39:6A:BF:9E:F4:EC:63:22:AB:4A:91:86
            X509v3 Authority Key Identifier:
                keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:87:2d:e8:cc:79:58:a8:27:ff:66:bb:ef:3f:cd:2a:f4:ac:
         bb:94:b7:a6:08:c6:ee:a5:8f:4d:7a:80:13:b0:01:ef:1f:60:
         c8:ff:71:c0:1a:ad:69:21:bc:ef:b2:43:dc:cc:0d:6e:78:03:
         50:a7:a0:ea:73:aa:51:9e:f5:d8:11:c8:10:cf:46:b6:88:62:
         fe:9c:3b:67:6b:c6:3c:a5:fa:f3:4a:b0:91:a4:b2:b4:e5:35:
         51:25:43:91:26:5e:98:63:e3:1f:90:94:ae:88:c6:cb:ab:ae:
         80:bc:d2:66:67:b3:2d:8e:0c:34:54:9a:05:19:44:84:93:e1:
         59:4d:9b:15:c8:05:ff:10:75:0c:9f:68:49:39:a2:d1:94:0b:
         9b:78:53:a5:24:b8:c7:7f:0a:60:54:ae:08:84:e1:23:80:fd:
         09:3b:5b:57:c6:10:38:5a:2e:3a:9b:a0:e8:e0:02:cf:82:9b:
         bd:5c:18:4f:72:a4:6d:13:11:c5:9f:b7:c3:c8:ac:1f:82:30:
         5b:2f:a0:c9:72:3e:b9:9b:5a:44:38:2e:c9:fe:0b:96:89:c8:
         ef:d6:f6:fd:4b:16:0b:75:2e:01:f7:53:a7:f0:87:3b:75:0c:
         66:0a:b8:4f:72:46:54:7d:cc:93:31:9f:87:e3:36:33:e0:d1:
         58:87:f3:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA9e5nedZGUGpKo29kEoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2
OGQ4MjYwHhcNMjYwMzI1MjIwMDU2WhcNMjYwMzI2MjIwMDU2WjAzMTEwLwYDVQQD
EyhmZjMzYTU1ZjdjOGI1ZjYzMzk2YWJmOWVmNGVjNjMyMmFiNGE5MTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4je37H9CCDqSL0dDDYQMnnX/RLhY
xW5sdyQJ1NGX8WzZ/ccorCJZ+mP81UgPuE6YxRQbjNAQOG937uWe3qtuyUstixom
K4QLP3vZGtra9Yh1HQKaeENehoxb/I9R/4x3fb2r+aEE5ZIDwS8qXFzgHqlMjaeE
0O/29ix1NGGT/qthkRncI40UVOavHFcnnZ/YGWbisqUWb4SHP/9C0QnAnUxvEcwG
YlSi72fwU/+FMcoLVdMutrPVkNzvln6AA8vetJlNVftuuh31NjnSdLkoZaNZnnL8
xE7YUfTKvKiqrIlomz5r6/FY2vUlahy8qDOGfC2Vt2XXEnnEHDgOq0StOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8zpV98i19jOWq/nvTsYyKrSpGGMB8GA1UdIwQY
MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt
NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy
LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGYct6Mx5
WKgn/2a77z/NKvSsu5S3pgjG7qWPTXqAE7AB7x9gyP9xwBqtaSG877JD3MwNbngD
UKeg6nOqUZ712BHIEM9Gtohi/pw7Z2vGPKX680qwkaSytOU1USVDkSZemGPjH5CU
rojGy6uugLzSZmezLY4MNFSaBRlEhJPhWU2bFcgF/xB1DJ9oSTmi0ZQLm3hTpSS4
x38KYFSuCIThI4D9CTtbV8YQOFouOpug6OACz4KbvVwYT3KkbRMRxZ+3w8isH4Iw
Wy+gyXI+uZtaRDguyf4LlonI79b2/UsWC3UuAfdTp/CHO3UMZgq4T3JGVH3MkzGf
h+M2M+DRWIfzjw==
-----END CERTIFICATE-----