Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
File:                     ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft (raw, json)
Hash identifier:          8JJxuNL3IbqMpBNu8Vs4MMFKfyJpfrtHLojB3+8hyeY=
Subject key identifier:   71:5D:DD:F5:72:59:01:6D:58:46:56:94:2C:1E:8E:72:3D:B9:05:B1
Authority key identifier: 93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB
Certificate issuer:       /CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
Certificate serial:       0199FC8F496D79FB115F7F10C15766E69EE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
Manifest number:          0ECC
Signing time:             Sun 19 Oct 2025 13:01:12 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:12 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:12 +0000
Files and hashes:         1: ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl (hash: 6vKNjt1Ata2dZzSJMCEby4kHzc4bgThiB/+7AbAX8fM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:49:6d:79:fb:11:5f:7f:10:c1:57:66:e6:9e:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
        Validity
            Not Before: Oct 19 13:01:12 2025 GMT
            Not After : Oct 20 13:01:12 2025 GMT
        Subject: CN=715dddf57259016d584656942c1e8e723db905b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c7:00:38:62:2c:84:08:36:e9:4d:ec:d9:c4:
                    95:99:1f:8e:e3:7e:ca:fd:73:48:43:93:ca:a3:9a:
                    33:e3:87:45:41:59:3a:3a:c2:2a:cd:f7:3b:54:4b:
                    12:ce:a4:33:e0:c5:ea:be:68:09:be:14:97:1f:0e:
                    3b:4d:4f:d0:93:60:83:67:9a:2a:0c:8f:f7:8c:f6:
                    28:0a:34:5b:1e:6e:df:71:03:04:d5:6a:8c:14:02:
                    59:fd:7c:91:af:d9:6b:c8:48:c3:35:46:8f:ab:91:
                    43:6b:e2:56:df:87:7e:d7:d8:11:09:c6:6b:15:40:
                    d9:3f:84:72:31:68:49:2d:d0:75:09:2d:5f:01:86:
                    aa:53:51:cc:4a:aa:2c:e9:ee:12:1f:7a:5d:36:48:
                    e1:5f:a4:ac:56:7a:dc:3b:d1:17:ae:17:ac:b5:5d:
                    d0:ea:8e:36:0e:9b:e4:51:aa:ad:28:51:80:93:35:
                    1a:aa:e0:6f:b5:33:ea:32:aa:bb:61:47:8c:f0:ef:
                    e4:5f:9b:83:5e:e9:28:aa:cb:b2:33:2f:44:09:83:
                    0b:9c:3f:9f:c6:29:c4:9b:45:00:7e:1b:ac:5e:99:
                    49:f8:21:b9:ea:87:ca:3b:07:59:4a:8d:c4:82:33:
                    b1:10:fe:e4:db:11:2d:48:77:ad:d2:19:9a:56:36:
                    d4:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:5D:DD:F5:72:59:01:6D:58:46:56:94:2C:1E:8E:72:3D:B9:05:B1
            X509v3 Authority Key Identifier:
                keyid:93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:49:1d:f1:e1:13:e9:be:43:06:d1:a9:28:19:73:5e:f1:5f:
         ee:9e:ac:54:34:af:68:bf:ba:b6:d4:6a:2c:fb:0e:8f:14:88:
         bc:4a:3b:6b:6b:89:f9:aa:88:84:ac:00:01:18:47:cf:1e:dd:
         36:67:eb:cd:ed:06:9a:f2:d6:f7:c8:75:1e:d9:a3:21:51:d2:
         1c:7d:91:28:f1:fc:f4:ee:45:8e:f3:2c:ec:2a:a1:d4:2a:3a:
         e5:db:80:59:67:3e:c6:88:8f:27:7a:6d:7f:b6:22:80:cf:51:
         63:33:87:0c:cb:81:c5:f1:7b:18:eb:ec:6c:bd:12:cf:61:92:
         25:e0:7e:09:09:0f:35:ab:99:12:24:4e:48:95:d9:c4:1d:32:
         e1:31:2d:35:cb:24:36:ff:08:e7:38:ae:86:1e:53:30:64:98:
         bd:83:fd:6d:c3:da:d4:d8:e8:93:98:47:4f:d9:ad:5c:d9:51:
         10:b9:8f:c1:83:a2:84:9d:45:d0:f4:5d:80:2e:64:b3:82:60:
         ae:87:74:67:2a:b2:21:86:00:12:8f:78:0a:4c:54:cc:b0:e8:
         93:2e:4b:bb:eb:02:11:0f:88:a5:95:90:c7:16:7c:02:af:92:
         e3:a3:4f:8a:02:a2:7a:b9:48:04:03:cd:62:b5:d6:0e:a7:ea:
         13:c6:70:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j0ltefsRX38QwVdm5p7mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMmZiODJiOGQwMjkwYjFjYTU4Y2M3ZjFiZWQ2M2U0ZTQz
N2EwY2IwHhcNMjUxMDE5MTMwMTEyWhcNMjUxMDIwMTMwMTEyWjAzMTEwLwYDVQQD
Eyg3MTVkZGRmNTcyNTkwMTZkNTg0NjU2OTQyYzFlOGU3MjNkYjkwNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmscAOGIshAg26U3s2cSVmR+O437K
/XNIQ5PKo5oz44dFQVk6OsIqzfc7VEsSzqQz4MXqvmgJvhSXHw47TU/Qk2CDZ5oq
DI/3jPYoCjRbHm7fcQME1WqMFAJZ/XyRr9lryEjDNUaPq5FDa+JW34d+19gRCcZr
FUDZP4RyMWhJLdB1CS1fAYaqU1HMSqos6e4SH3pdNkjhX6SsVnrcO9EXrhestV3Q
6o42DpvkUaqtKFGAkzUaquBvtTPqMqq7YUeM8O/kX5uDXukoqsuyMy9ECYMLnD+f
xinEm0UAfhusXplJ+CG56ofKOwdZSo3EgjOxEP7k2xEtSHet0hmaVjbUBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHFd3fVyWQFtWEZWlCwejnI9uQWxMB8GA1UdIwQY
MBaAFJMvuCuNApCxyljMfxvtY+TkN6DLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQt
ODJkMzNmNGJhYzQ1LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQtODJkMzNmNGJhYzQ1
LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO0kd8eET
6b5DBtGpKBlzXvFf7p6sVDSvaL+6ttRqLPsOjxSIvEo7a2uJ+aqIhKwAARhHzx7d
Nmfrze0GmvLW98h1HtmjIVHSHH2RKPH89O5FjvMs7Cqh1Co65duAWWc+xoiPJ3pt
f7YigM9RYzOHDMuBxfF7GOvsbL0Sz2GSJeB+CQkPNauZEiROSJXZxB0y4TEtNcsk
Nv8I5ziuhh5TMGSYvYP9bcPa1Njok5hHT9mtXNlRELmPwYOihJ1F0PRdgC5ks4Jg
rod0ZyqyIYYAEo94CkxUzLDoky5Lu+sCEQ+IpZWQxxZ8Aq+S46NPigKierlIBAPN
YrXWDqfqE8ZwZw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:22:18 2025 by rpki-client