Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
File:                     ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft (raw, json)
Hash identifier:          mn2SkSBqOPImcgL5fnbzaLe7g1FZPtw/sv3JzYE8sfE=
Subject key identifier:   93:48:BC:F6:CA:59:65:9B:93:CD:E2:A8:A0:DD:41:2E:C3:3B:4B:AA
Authority key identifier: 93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB
Certificate issuer:       /CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
Certificate serial:       019D27A8F4617B240BC00657688D9A525FBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
Manifest number:          1070
Signing time:             Thu 26 Mar 2026 01:01:17 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:17 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:17 +0000
Files and hashes:         1: ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl (hash: yjOLabtacNDxpzdS5JNJwUK43OBpJ06iDec3P8CjHyg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a8:f4:61:7b:24:0b:c0:06:57:68:8d:9a:52:5f:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
        Validity
            Not Before: Mar 26 01:01:17 2026 GMT
            Not After : Mar 27 01:01:17 2026 GMT
        Subject: CN=9348bcf6ca59659b93cde2a8a0dd412ec33b4baa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:49:bd:a6:d1:a5:80:7b:90:1c:46:f6:e0:57:
                    1c:c7:3e:ab:66:bf:0d:30:7b:31:9e:05:80:2d:d1:
                    0a:87:be:94:ca:f5:34:3c:76:fe:50:9b:64:fc:16:
                    96:a4:85:fb:4e:c2:0b:94:08:18:28:9c:4d:bc:d9:
                    3d:33:86:31:05:de:16:9e:0e:ea:86:0c:4c:89:c0:
                    8e:5b:76:0b:3b:71:1f:cb:d6:e8:d3:98:80:63:e6:
                    6e:95:30:5f:4f:e8:d1:f7:f7:3d:c8:e7:20:9d:17:
                    a1:97:86:a3:6d:92:e1:10:f0:5b:3c:1e:b1:80:90:
                    e7:9e:d2:e5:97:23:03:92:cf:9e:a0:ed:35:d5:4d:
                    1d:04:91:4b:ca:de:99:14:dc:5f:58:4c:16:54:b4:
                    67:8b:ca:61:75:ec:12:fb:0b:19:0f:4e:33:c9:e6:
                    ed:2c:73:c6:7d:9d:bd:2e:d0:86:34:63:e9:d4:41:
                    14:5d:f4:0a:79:dc:03:53:ab:54:e1:4c:ee:02:6d:
                    4b:80:e9:41:2a:4e:74:32:9a:10:d4:1b:74:93:74:
                    10:30:6d:37:03:f7:4b:01:cd:8f:66:dd:f9:78:68:
                    d0:8a:bf:61:1a:56:27:11:ad:f9:f5:97:cb:c2:25:
                    a7:32:b5:fe:d4:a6:28:02:eb:9a:72:5b:e6:6a:b0:
                    3f:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:48:BC:F6:CA:59:65:9B:93:CD:E2:A8:A0:DD:41:2E:C3:3B:4B:AA
            X509v3 Authority Key Identifier:
                keyid:93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:8d:e7:3f:68:57:45:7f:cd:3d:65:d2:04:bb:f0:2f:70:f1:
         d3:d1:b2:6b:09:4c:0e:79:ee:a6:36:cb:af:1f:52:2a:29:07:
         e1:48:04:c3:3a:5b:5b:75:2b:77:e9:a6:a3:f8:ed:bd:97:21:
         13:4a:2e:89:6d:09:59:bb:a5:c2:4a:75:d4:cd:92:7a:4c:2f:
         06:00:20:7d:a1:c6:13:37:0e:19:fa:95:3a:95:c8:6f:1c:de:
         0b:8f:1c:ad:d5:de:8c:eb:9a:de:96:36:5f:fd:ce:11:55:80:
         44:e3:de:31:b6:c1:e7:03:cd:8e:45:5b:0b:f0:96:25:7b:31:
         7d:cb:6a:3d:24:5c:ae:2f:85:13:12:7c:f3:94:bf:da:7b:b8:
         23:37:26:1a:16:2b:f8:9f:09:37:f4:ef:27:8c:c9:e7:df:d7:
         58:3a:f0:66:d8:c8:1c:f4:8d:00:6a:20:8e:ed:a1:89:29:e8:
         59:f0:31:cf:e2:1b:88:c0:b4:73:4d:4f:0e:bc:0f:81:df:24:
         d5:fd:40:c8:2c:87:e4:68:65:17:a7:bb:ed:dc:64:88:27:ce:
         14:8a:a3:39:b4:f3:30:2b:14:74:c0:0d:fc:18:b4:17:1c:99:
         3b:46:b8:f9:0f:81:bd:a5:57:8f:b8:95:43:d2:b8:9e:4b:65:
         0d:ba:97:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqPRheyQLwAZXaI2aUl+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMmZiODJiOGQwMjkwYjFjYTU4Y2M3ZjFiZWQ2M2U0ZTQz
N2EwY2IwHhcNMjYwMzI2MDEwMTE3WhcNMjYwMzI3MDEwMTE3WjAzMTEwLwYDVQQD
Eyg5MzQ4YmNmNmNhNTk2NTliOTNjZGUyYThhMGRkNDEyZWMzM2I0YmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Em9ptGlgHuQHEb24Fccxz6rZr8N
MHsxngWALdEKh76UyvU0PHb+UJtk/BaWpIX7TsILlAgYKJxNvNk9M4YxBd4Wng7q
hgxMicCOW3YLO3Efy9bo05iAY+ZulTBfT+jR9/c9yOcgnRehl4ajbZLhEPBbPB6x
gJDnntLllyMDks+eoO011U0dBJFLyt6ZFNxfWEwWVLRni8phdewS+wsZD04zyebt
LHPGfZ29LtCGNGPp1EEUXfQKedwDU6tU4UzuAm1LgOlBKk50MpoQ1Bt0k3QQMG03
A/dLAc2PZt35eGjQir9hGlYnEa359ZfLwiWnMrX+1KYoAuuaclvmarA/AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJNIvPbKWWWbk83iqKDdQS7DO0uqMB8GA1UdIwQY
MBaAFJMvuCuNApCxyljMfxvtY+TkN6DLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQt
ODJkMzNmNGJhYzQ1LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQtODJkMzNmNGJhYzQ1
LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcY3nP2hX
RX/NPWXSBLvwL3Dx09GyawlMDnnupjbLrx9SKikH4UgEwzpbW3Urd+mmo/jtvZch
E0ouiW0JWbulwkp11M2SekwvBgAgfaHGEzcOGfqVOpXIbxzeC48crdXejOua3pY2
X/3OEVWAROPeMbbB5wPNjkVbC/CWJXsxfctqPSRcri+FExJ885S/2nu4IzcmGhYr
+J8JN/TvJ4zJ59/XWDrwZtjIHPSNAGogju2hiSnoWfAxz+IbiMC0c01PDrwPgd8k
1f1AyCyH5GhlF6e77dxkiCfOFIqjObTzMCsUdMAN/Bi0FxyZO0a4+Q+BvaVXj7iV
Q9K4nktlDbqXDA==
-----END CERTIFICATE-----