Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
File:                     KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json)
Hash identifier:          Hgfy6ntqovySM7TnzTo5Z2Qf129DIJmXjPOX94iGqSk=
Subject key identifier:   33:2A:5B:BF:B9:26:50:67:42:2D:3F:8E:28:58:5B:48:F2:9A:70:5B
Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26
Certificate issuer:       /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
Certificate serial:       0198D660640A8C56F9D0A2B6E4752FF82F10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 10:01:37 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:37 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:37 +0000
Files and hashes:         1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: 8HtHPuQdIza7qMkl9IU+905MAy+oeivDy6ZW7IXzCkQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:64:0a:8c:56:f9:d0:a2:b6:e4:75:2f:f8:2f:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
        Validity
            Not Before: Aug 23 10:01:37 2025 GMT
            Not After : Aug 24 10:01:37 2025 GMT
        Subject: CN=332a5bbfb9265067422d3f8e28585b48f29a705b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0b:b1:e2:68:81:f6:74:b5:cc:88:20:05:d1:
                    a2:3e:de:74:62:4d:f2:4d:48:a9:d7:59:f2:6f:67:
                    aa:77:1f:28:1c:90:35:0b:8f:1c:28:25:56:36:f9:
                    fa:8f:e1:8e:d2:75:ba:c4:57:33:c5:3a:88:36:b3:
                    c4:1a:c8:18:29:bf:14:64:ff:9a:da:0a:e4:44:4f:
                    06:f8:f5:d1:78:80:f0:58:6f:93:c4:41:19:78:42:
                    50:bc:60:bb:3e:4f:0b:88:b2:38:9f:1e:f4:12:de:
                    b5:f1:9e:67:49:69:c7:8d:9a:71:3e:58:1a:a8:9e:
                    87:cc:02:e8:6a:9e:33:2d:a5:d8:64:06:0d:b6:56:
                    b2:8d:a0:88:b1:d6:27:53:07:7f:03:50:74:b3:e1:
                    29:56:8a:0b:be:cd:54:1b:d4:ba:6a:2c:d3:61:e2:
                    7e:bb:1f:7d:0a:72:84:00:5f:5b:2f:21:30:83:76:
                    a0:ad:3a:14:0b:50:36:e5:7a:fe:cf:aa:12:04:6e:
                    5c:09:24:16:85:db:b3:3c:64:4b:6e:c4:28:ac:e9:
                    d2:7d:82:d9:6c:e3:82:39:32:72:ce:35:90:38:bc:
                    fc:2f:94:4d:67:81:ca:e2:1f:ab:62:35:91:aa:ea:
                    fb:30:26:54:ac:c5:d5:91:97:e9:a0:45:34:d3:c6:
                    dd:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:2A:5B:BF:B9:26:50:67:42:2D:3F:8E:28:58:5B:48:F2:9A:70:5B
            X509v3 Authority Key Identifier:
                keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:ca:8b:17:82:52:1e:c0:b3:de:a5:ce:61:12:53:49:b9:48:
         97:20:89:d3:a2:1a:d0:73:8a:ec:60:dd:9c:db:90:d0:35:ba:
         0f:24:e6:0f:2f:28:5b:ff:1d:19:3e:88:55:a8:0d:e5:62:2b:
         6f:f2:d5:ba:9f:58:08:f3:36:a4:c4:91:31:44:d3:46:41:d5:
         7f:1b:ca:88:1c:e8:96:5b:3e:52:a6:b4:35:9f:0e:50:67:ca:
         b6:58:9e:a7:09:06:6c:be:e7:29:45:a3:04:da:6d:04:17:e5:
         f5:89:12:a2:ac:32:51:bf:a8:e1:db:2b:75:44:25:b5:f0:34:
         7a:39:fb:33:ec:35:06:ea:79:ce:99:3f:f0:cd:90:b9:11:62:
         d5:d4:74:b1:94:54:4b:76:a1:aa:11:65:a3:8f:37:10:e3:a0:
         79:6f:8a:0f:bd:47:19:69:a8:23:28:29:8a:51:25:bf:37:7b:
         0d:e2:39:c9:18:3d:b1:11:b7:e1:38:3c:0d:d2:3e:c7:0b:4e:
         ae:6a:e7:13:38:78:8d:ee:25:b6:91:35:b5:27:22:54:ff:54:
         3d:86:eb:88:6e:72:c5:a3:df:e9:20:1e:37:7e:4e:f2:81:90:
         e1:d8:9d:e0:5b:ac:5d:9c:f2:be:ac:ce:97:b5:31:28:dd:d4:
         c3:a3:87:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYGQKjFb50KK25HUv+C8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2
OGQ4MjYwHhcNMjUwODIzMTAwMTM3WhcNMjUwODI0MTAwMTM3WjAzMTEwLwYDVQQD
EygzMzJhNWJiZmI5MjY1MDY3NDIyZDNmOGUyODU4NWI0OGYyOWE3MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQux4miB9nS1zIggBdGiPt50Yk3y
TUip11nyb2eqdx8oHJA1C48cKCVWNvn6j+GO0nW6xFczxTqINrPEGsgYKb8UZP+a
2grkRE8G+PXReIDwWG+TxEEZeEJQvGC7Pk8LiLI4nx70Et618Z5nSWnHjZpxPlga
qJ6HzALoap4zLaXYZAYNtlayjaCIsdYnUwd/A1B0s+EpVooLvs1UG9S6aizTYeJ+
ux99CnKEAF9bLyEwg3agrToUC1A25Xr+z6oSBG5cCSQWhduzPGRLbsQorOnSfYLZ
bOOCOTJyzjWQOLz8L5RNZ4HK4h+rYjWRqur7MCZUrMXVkZfpoEU008bd9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDMqW7+5JlBnQi0/jihYW0jymnBbMB8GA1UdIwQY
MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt
NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy
LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiMqLF4JS
HsCz3qXOYRJTSblIlyCJ06Ia0HOK7GDdnNuQ0DW6DyTmDy8oW/8dGT6IVagN5WIr
b/LVup9YCPM2pMSRMUTTRkHVfxvKiBzolls+Uqa0NZ8OUGfKtliepwkGbL7nKUWj
BNptBBfl9YkSoqwyUb+o4dsrdUQltfA0ejn7M+w1Bup5zpk/8M2QuRFi1dR0sZRU
S3ahqhFlo483EOOgeW+KD71HGWmoIygpilElvzd7DeI5yRg9sRG34Tg8DdI+xwtO
rmrnEzh4je4ltpE1tSciVP9UPYbriG5yxaPf6SAeN35O8oGQ4did4FusXZzyvqzO
l7UxKN3Uw6OHVQ==
-----END CERTIFICATE-----