Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
File:                     KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json)
Hash identifier:          dvjx10vhOODQ5MhRgFAjMo44wYBhmH/5UcFawPX5g4A=
Subject key identifier:   F4:19:CB:E2:6A:F0:0E:72:06:23:5A:3E:E0:BF:29:68:CC:C4:29:7E
Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26
Certificate issuer:       /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
Certificate serial:       0199FBEB39749E5DC0F69CCEEBCC45555EE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:02:00 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:00 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:00 +0000
Files and hashes:         1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: pvOwUAYwTSTb4IsZkFCT6xd30YSN2O2Dwsayabgya30=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:39:74:9e:5d:c0:f6:9c:ce:eb:cc:45:55:5e:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
        Validity
            Not Before: Oct 19 10:02:00 2025 GMT
            Not After : Oct 20 10:02:00 2025 GMT
        Subject: CN=f419cbe26af00e7206235a3ee0bf2968ccc4297e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:61:3f:2d:58:46:4b:29:d1:34:83:e9:60:f3:
                    c8:78:23:97:52:2f:c6:ba:a6:75:ff:a6:45:58:29:
                    53:6d:91:24:b7:7d:d1:30:3c:9d:91:23:30:d4:58:
                    3d:8b:51:19:3d:2d:84:d3:a4:c8:47:71:61:a4:98:
                    08:31:2f:90:3a:3e:0c:aa:44:43:b5:fa:30:91:88:
                    09:92:f3:64:93:74:ca:c0:31:92:57:e4:92:91:5e:
                    47:6f:22:2c:fb:b6:df:09:51:c5:0d:c7:25:58:c1:
                    8f:a3:42:92:58:9a:75:a6:41:fd:24:a7:b6:f8:62:
                    50:55:03:72:d2:11:63:24:f2:63:8f:1f:f1:d6:08:
                    67:81:ab:74:0a:de:98:b0:99:a8:c8:4c:4b:5a:35:
                    7c:7c:3b:50:90:0d:ca:6b:66:be:97:80:f5:5c:41:
                    b6:ab:32:ba:ab:74:28:d6:21:70:cf:0f:5c:66:8c:
                    96:df:cd:b7:3f:ad:76:f8:dc:cd:9e:60:64:d9:54:
                    f5:0d:e6:25:11:18:5b:36:c8:30:8c:77:2c:f9:58:
                    6e:62:35:d7:20:2a:69:f5:cb:c0:0c:65:c4:80:e0:
                    5b:a2:04:a0:78:5e:3d:ec:58:e4:c8:91:f7:09:53:
                    16:f9:37:8f:1c:ac:a2:8f:f8:6a:34:72:3d:3b:4f:
                    fa:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:19:CB:E2:6A:F0:0E:72:06:23:5A:3E:E0:BF:29:68:CC:C4:29:7E
            X509v3 Authority Key Identifier:
                keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:ca:0c:41:f3:b9:92:07:1f:08:7f:f4:48:b9:a5:1b:c9:ed:
         b3:89:9b:ed:97:d8:ed:be:2b:03:f2:70:2e:0a:53:50:77:c3:
         c6:d0:20:43:c9:a2:a0:c8:bd:87:2c:e3:0d:46:eb:33:46:03:
         14:f1:84:3e:2e:0c:67:c0:07:3e:f7:6d:9a:1f:d8:1a:cb:63:
         b8:bc:fe:6e:25:3b:ba:0d:4c:4e:cf:64:ee:00:99:4c:77:78:
         b1:8a:7a:a7:30:52:e2:31:a8:58:d5:eb:74:69:90:5b:29:1d:
         75:c3:00:72:7b:e2:b8:34:08:63:27:9e:72:6b:73:f1:0d:26:
         77:52:cb:f9:30:1b:0f:96:e2:47:04:9d:2a:7b:ec:e2:77:de:
         8e:cf:17:52:e4:cc:af:80:c4:2a:57:40:ba:41:78:ac:6e:f6:
         7d:d9:ce:76:14:49:05:ef:04:07:6f:27:e0:2e:0b:b6:08:00:
         f8:af:2d:23:d6:8f:9d:f2:50:60:81:ce:1b:a0:82:bf:78:01:
         00:9d:03:1c:75:9e:bd:d8:28:36:24:bc:6d:64:7a:5b:d1:aa:
         97:4c:1b:ec:f3:0c:d6:db:ed:03:d3:e0:46:fb:d5:0a:2b:32:
         d4:f5:cd:cc:9d:88:ca:73:76:b8:85:2b:be:71:95:56:07:37:
         f7:cc:71:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76zl0nl3A9pzO68xFVV7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2
OGQ4MjYwHhcNMjUxMDE5MTAwMjAwWhcNMjUxMDIwMTAwMjAwWjAzMTEwLwYDVQQD
EyhmNDE5Y2JlMjZhZjAwZTcyMDYyMzVhM2VlMGJmMjk2OGNjYzQyOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmE/LVhGSynRNIPpYPPIeCOXUi/G
uqZ1/6ZFWClTbZEkt33RMDydkSMw1Fg9i1EZPS2E06TIR3FhpJgIMS+QOj4MqkRD
tfowkYgJkvNkk3TKwDGSV+SSkV5HbyIs+7bfCVHFDcclWMGPo0KSWJp1pkH9JKe2
+GJQVQNy0hFjJPJjjx/x1ghngat0Ct6YsJmoyExLWjV8fDtQkA3Ka2a+l4D1XEG2
qzK6q3Qo1iFwzw9cZoyW3823P612+NzNnmBk2VT1DeYlERhbNsgwjHcs+VhuYjXX
ICpp9cvADGXEgOBbogSgeF497FjkyJH3CVMW+TePHKyij/hqNHI9O0/6GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQZy+Jq8A5yBiNaPuC/KWjMxCl+MB8GA1UdIwQY
MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt
NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy
LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD8oMQfO5
kgcfCH/0SLmlG8nts4mb7ZfY7b4rA/JwLgpTUHfDxtAgQ8mioMi9hyzjDUbrM0YD
FPGEPi4MZ8AHPvdtmh/YGstjuLz+biU7ug1MTs9k7gCZTHd4sYp6pzBS4jGoWNXr
dGmQWykddcMAcnviuDQIYyeecmtz8Q0md1LL+TAbD5biRwSdKnvs4nfejs8XUuTM
r4DEKldAukF4rG72fdnOdhRJBe8EB28n4C4LtggA+K8tI9aPnfJQYIHOG6CCv3gB
AJ0DHHWevdgoNiS8bWR6W9Gql0wb7PMM1tvtA9PgRvvVCisy1PXNzJ2IynN2uIUr
vnGVVgc398xx8w==
-----END CERTIFICATE-----