Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
File:                     ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft (raw, json)
Hash identifier:          Srmjq0FiaxBK52OF94Kp2VtWya0FD+28p1YS6g3Yftk=
Subject key identifier:   36:90:23:96:8D:0D:B7:CC:A7:A9:CB:A2:41:BE:FB:17:DD:C6:6E:1F
Authority key identifier: 93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB
Certificate issuer:       /CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
Certificate serial:       0196AAD5AE55EBBA71908B497C959044DD3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
Manifest number:          0D14
Signing time:             Wed 07 May 2025 13:00:52 +0000
Manifest this update:     Wed 07 May 2025 13:00:52 +0000
Manifest next update:     Thu 08 May 2025 13:00:52 +0000
Files and hashes:         1: ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl (hash: ssHJKY7IjVJ0HG1tefk369soNjrMt1k63xHvzeNOzsY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 13:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:aa:d5:ae:55:eb:ba:71:90:8b:49:7c:95:90:44:dd:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
        Validity
            Not Before: May  7 13:00:52 2025 GMT
            Not After : May  8 13:00:52 2025 GMT
        Subject: CN=369023968d0db7cca7a9cba241befb17ddc66e1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:b6:5b:0c:95:17:25:dd:19:f7:61:44:73:75:
                    e9:3f:54:fe:53:31:d9:4c:05:72:f1:7f:5d:6b:36:
                    a5:d8:8b:16:b7:b7:b0:77:f5:cf:80:a1:0f:94:f2:
                    32:16:ef:65:f3:dd:a6:de:59:07:1b:7d:0c:3d:ca:
                    48:40:61:aa:65:71:23:de:36:74:88:d5:3f:3b:80:
                    6d:f7:b5:74:cf:87:b9:8d:96:58:fa:bf:22:27:3c:
                    b4:72:b9:a9:0c:db:40:82:76:46:d7:93:97:c8:ee:
                    b5:66:29:e1:de:d7:46:2c:70:d2:42:3b:c4:0e:52:
                    c1:35:51:22:a0:4b:14:2c:71:ae:34:2e:21:89:4f:
                    94:55:cd:6d:cb:0e:1d:c0:b3:dd:5a:ab:e9:70:51:
                    ca:0c:9a:6b:c4:fb:9c:69:42:87:7f:f1:1c:01:0a:
                    32:de:5d:d4:f5:1f:6d:5c:31:e0:f4:7e:29:7e:08:
                    dc:11:52:73:30:32:cd:ce:94:38:8d:4a:38:36:66:
                    5a:04:22:4d:1f:2a:55:ac:bc:17:5d:53:a1:23:d0:
                    6f:08:58:18:8b:5a:7c:6c:e3:ca:96:80:fa:b4:19:
                    c0:f7:f3:5a:97:80:af:16:bc:56:9c:23:b4:f6:23:
                    d9:8e:fe:90:70:85:7e:fc:34:03:17:bf:48:51:ee:
                    bd:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:90:23:96:8D:0D:B7:CC:A7:A9:CB:A2:41:BE:FB:17:DD:C6:6E:1F
            X509v3 Authority Key Identifier:
                keyid:93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:46:ed:68:8c:ae:86:57:e2:79:d9:13:a6:67:fb:36:ec:10:
         db:69:b6:3a:d2:d7:28:1d:6e:cc:43:87:84:5d:7d:ca:14:47:
         f9:17:40:0e:14:76:c9:30:1a:74:f4:01:8f:7c:72:38:71:60:
         79:95:62:79:16:d1:eb:e3:0c:99:c1:6c:44:8c:2d:b3:d0:dc:
         bf:77:a9:e0:ef:f9:d5:30:ce:09:db:2f:53:76:9c:08:2e:19:
         05:2a:48:65:5b:7a:c3:1a:7b:c5:0d:00:db:c7:3a:c3:db:7b:
         ac:b0:87:5a:04:97:15:a7:c3:cf:d0:9c:17:34:db:9b:30:62:
         ea:9f:a7:10:97:0b:27:2a:f0:9d:ae:5f:31:85:5e:24:f5:41:
         30:4b:23:45:81:b9:53:77:97:cb:64:88:9f:c6:40:d4:bd:8d:
         2d:15:6e:49:99:be:12:2b:8f:cf:d0:a6:6a:47:63:7d:fb:9c:
         a4:98:2b:b0:45:9f:29:63:4d:f8:5e:bd:70:c4:c3:9b:82:fb:
         cf:1d:66:2e:a6:9e:76:44:16:c5:0f:fc:2e:57:b7:4e:60:60:
         3f:9b:9b:33:7e:05:55:67:01:c4:98:4e:79:26:22:76:18:5c:
         29:86:36:e3:d0:46:05:01:a1:ad:d5:d1:61:30:fb:f5:6d:2c:
         0d:dd:ae:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaq1a5V67pxkItJfJWQRN0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMmZiODJiOGQwMjkwYjFjYTU4Y2M3ZjFiZWQ2M2U0ZTQz
N2EwY2IwHhcNMjUwNTA3MTMwMDUyWhcNMjUwNTA4MTMwMDUyWjAzMTEwLwYDVQQD
EygzNjkwMjM5NjhkMGRiN2NjYTdhOWNiYTI0MWJlZmIxN2RkYzY2ZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bZbDJUXJd0Z92FEc3XpP1T+UzHZ
TAVy8X9dazal2IsWt7ewd/XPgKEPlPIyFu9l892m3lkHG30MPcpIQGGqZXEj3jZ0
iNU/O4Bt97V0z4e5jZZY+r8iJzy0crmpDNtAgnZG15OXyO61Zinh3tdGLHDSQjvE
DlLBNVEioEsULHGuNC4hiU+UVc1tyw4dwLPdWqvpcFHKDJprxPucaUKHf/EcAQoy
3l3U9R9tXDHg9H4pfgjcEVJzMDLNzpQ4jUo4NmZaBCJNHypVrLwXXVOhI9BvCFgY
i1p8bOPKloD6tBnA9/Nal4CvFrxWnCO09iPZjv6QcIV+/DQDF79IUe69eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDaQI5aNDbfMp6nLokG++xfdxm4fMB8GA1UdIwQY
MBaAFJMvuCuNApCxyljMfxvtY+TkN6DLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQt
ODJkMzNmNGJhYzQ1LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQtODJkMzNmNGJhYzQ1
LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnUbtaIyu
hlfiedkTpmf7NuwQ22m2OtLXKB1uzEOHhF19yhRH+RdADhR2yTAadPQBj3xyOHFg
eZVieRbR6+MMmcFsRIwts9Dcv3ep4O/51TDOCdsvU3acCC4ZBSpIZVt6wxp7xQ0A
28c6w9t7rLCHWgSXFafDz9CcFzTbmzBi6p+nEJcLJyrwna5fMYVeJPVBMEsjRYG5
U3eXy2SIn8ZA1L2NLRVuSZm+EiuPz9CmakdjffucpJgrsEWfKWNN+F69cMTDm4L7
zx1mLqaedkQWxQ/8Lle3TmBgP5ubM34FVWcBxJhOeSYidhhcKYY249BGBQGhrdXR
YTD79W0sDd2u5Q==
-----END CERTIFICATE-----