Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
File:                     KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json)
Hash identifier:          XrNo5BwryNo4lJf5cQAoiM2E61slfttl+SnIDJpqwCs=
Subject key identifier:   B2:EE:E6:78:62:6A:86:BF:5E:BA:AA:FA:66:36:C0:EA:DA:BB:34:D0
Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26
Certificate issuer:       /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
Certificate serial:       0197B6A1012C0300EA5FDE2F46A6528C5498
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:01:34 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:34 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:34 +0000
Files and hashes:         1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: 7v6DCwrwfhMO7E705JlJFS/+fOyWEar2G7VDa4v4MkY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:01:2c:03:00:ea:5f:de:2f:46:a6:52:8c:54:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
        Validity
            Not Before: Jun 28 13:01:34 2025 GMT
            Not After : Jun 29 13:01:34 2025 GMT
        Subject: CN=b2eee678626a86bf5ebaaafa6636c0eadabb34d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:12:74:1e:5c:bd:3b:2c:24:eb:21:8e:a0:34:
                    3c:41:ed:05:49:00:fa:06:94:6d:8a:89:dd:d9:ff:
                    9c:c5:0c:3e:80:9d:f8:87:a7:75:2c:14:ee:c6:b6:
                    b4:16:fe:73:17:e1:89:47:ba:09:f5:14:99:03:e5:
                    0b:f4:63:d0:30:13:98:f9:ee:fd:97:d5:9a:7e:1c:
                    b9:60:1a:04:a8:0e:dc:a4:1d:ec:a9:e7:d0:e4:e3:
                    5d:88:76:96:7e:d1:39:7e:38:0b:5c:d7:86:ba:2d:
                    0d:75:14:4e:ea:14:7c:65:00:04:be:a5:44:cc:c8:
                    48:9a:d5:93:54:f0:a8:52:8f:73:f5:71:d2:34:cd:
                    83:98:29:c2:d7:9a:03:44:30:ac:6c:25:7d:cc:3f:
                    df:f9:8f:71:1b:30:f2:a2:44:4c:b5:18:37:4b:f3:
                    a1:f9:2a:45:62:89:65:bc:35:27:c1:f8:16:6f:8a:
                    18:6b:fe:d7:97:f7:57:a6:79:64:d6:be:14:a6:41:
                    46:7d:5f:1a:6f:c0:43:2b:5f:72:f9:98:4e:00:e5:
                    73:b4:5f:4e:4c:7e:6f:3a:d0:dd:0e:c1:59:99:cb:
                    40:94:ab:b7:e3:17:cb:08:ef:4e:db:80:2c:69:50:
                    c6:14:c9:04:97:0c:27:b7:c5:da:ac:4f:77:a9:fb:
                    d2:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:EE:E6:78:62:6A:86:BF:5E:BA:AA:FA:66:36:C0:EA:DA:BB:34:D0
            X509v3 Authority Key Identifier:
                keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:58:a3:7a:ac:05:83:37:b7:21:0a:2a:4d:0b:80:e2:6f:d7:
         e6:19:e0:49:de:28:f7:d2:24:a3:bf:20:b9:63:dc:ce:f8:80:
         49:bc:e0:57:17:3d:70:b9:6d:d4:be:97:1e:d4:51:5e:47:9d:
         7b:6c:73:b9:ee:2f:60:92:01:1b:9e:96:d7:a7:63:a8:15:ff:
         59:23:f0:8c:2d:86:2f:e1:f8:79:83:6a:42:91:7d:11:e1:c3:
         77:b6:c2:ce:26:15:07:82:94:70:22:87:c5:30:ac:dc:60:da:
         7d:41:d0:31:e6:25:62:34:cd:96:34:33:7d:df:0e:3f:ad:4d:
         ad:f5:04:24:d0:b4:f3:27:a8:f2:ce:28:bb:bc:e8:58:2c:e8:
         f1:69:70:e6:ac:10:45:c5:22:16:68:f3:b7:46:19:64:b7:04:
         45:cb:aa:e6:9b:ea:ec:0f:e2:be:e9:72:62:20:09:20:cc:59:
         98:08:00:4e:8c:d5:1b:54:cd:24:1d:49:8b:ec:ed:03:4e:17:
         b2:ac:6d:86:e3:f1:a0:bf:4d:64:84:45:80:41:d6:24:8c:33:
         3f:21:d5:ef:86:82:00:01:78:87:6e:c3:5f:c5:b7:07:c9:a0:
         80:0c:1b:f0:32:1a:13:79:a3:18:7f:fb:51:31:e6:f4:44:2b:
         5d:eb:ff:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oQEsAwDqX94vRqZSjFSYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2
OGQ4MjYwHhcNMjUwNjI4MTMwMTM0WhcNMjUwNjI5MTMwMTM0WjAzMTEwLwYDVQQD
EyhiMmVlZTY3ODYyNmE4NmJmNWViYWFhZmE2NjM2YzBlYWRhYmIzNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RJ0Hly9Oywk6yGOoDQ8Qe0FSQD6
BpRtiond2f+cxQw+gJ34h6d1LBTuxra0Fv5zF+GJR7oJ9RSZA+UL9GPQMBOY+e79
l9Wafhy5YBoEqA7cpB3sqefQ5ONdiHaWftE5fjgLXNeGui0NdRRO6hR8ZQAEvqVE
zMhImtWTVPCoUo9z9XHSNM2DmCnC15oDRDCsbCV9zD/f+Y9xGzDyokRMtRg3S/Oh
+SpFYollvDUnwfgWb4oYa/7Xl/dXpnlk1r4UpkFGfV8ab8BDK19y+ZhOAOVztF9O
TH5vOtDdDsFZmctAlKu34xfLCO9O24AsaVDGFMkElwwnt8XarE93qfvSPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLLu5nhiaoa/Xrqq+mY2wOrauzTQMB8GA1UdIwQY
MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt
NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy
LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHFijeqwF
gze3IQoqTQuA4m/X5hngSd4o99Iko78guWPczviASbzgVxc9cLlt1L6XHtRRXked
e2xzue4vYJIBG56W16djqBX/WSPwjC2GL+H4eYNqQpF9EeHDd7bCziYVB4KUcCKH
xTCs3GDafUHQMeYlYjTNljQzfd8OP61NrfUEJNC08yeo8s4ou7zoWCzo8Wlw5qwQ
RcUiFmjzt0YZZLcERcuq5pvq7A/ivulyYiAJIMxZmAgATozVG1TNJB1Ji+ztA04X
sqxthuPxoL9NZIRFgEHWJIwzPyHV74aCAAF4h27DX8W3B8mggAwb8DIaE3mjGH/7
UTHm9EQrXev/ig==
-----END CERTIFICATE-----