Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
File:                     ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft (raw, json)
Hash identifier:          XLN14G/otCNDEMKmvFIvkYp2J4Sj25ZKAWUqJGJmrs4=
Subject key identifier:   3D:CF:F1:8C:E7:73:8F:85:51:A5:3B:1A:C9:33:A7:C0:A0:91:4D:5E
Authority key identifier: 93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB
Certificate issuer:       /CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
Certificate serial:       0198D705F6E4D566DA958B3ED649FC6BB078
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
Manifest number:          0E34
Signing time:             Sat 23 Aug 2025 13:02:28 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:28 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:28 +0000
Files and hashes:         1: ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl (hash: XHwHoaAphFkyboqeC94jLeXyOzvgzXfdBNcGKCg/dBw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:f6:e4:d5:66:da:95:8b:3e:d6:49:fc:6b:b0:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
        Validity
            Not Before: Aug 23 13:02:28 2025 GMT
            Not After : Aug 24 13:02:28 2025 GMT
        Subject: CN=3dcff18ce7738f8551a53b1ac933a7c0a0914d5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:3f:9b:6c:54:c9:c1:59:2b:21:49:f0:4f:0a:
                    fc:bb:42:f3:4f:96:61:57:63:4f:ec:ff:83:63:68:
                    64:2b:f1:ae:5c:b0:1d:02:f1:7a:31:ef:e6:ca:6f:
                    45:ff:dd:a1:e4:1a:9f:21:8f:23:ee:8c:10:de:e5:
                    1f:07:5b:8e:58:96:4c:de:7f:3c:e2:1b:cf:d9:e7:
                    6b:dd:cd:3d:76:72:86:40:fa:cc:24:77:5c:2a:68:
                    db:73:84:24:f9:fd:6e:35:82:ad:7f:c3:9e:74:22:
                    c6:46:8a:a5:ac:07:e3:f0:5c:d0:61:e6:a1:c1:6a:
                    37:fe:fe:20:15:52:32:f1:ad:2a:35:45:6d:ba:40:
                    9c:36:3f:e0:cb:b8:99:64:ed:bb:9a:d9:6d:57:0a:
                    b3:e8:a0:30:91:c6:a3:77:5b:6d:78:c9:f5:2f:f9:
                    a7:0f:a9:08:48:4a:00:c2:11:13:42:25:e3:81:25:
                    fe:a1:20:a2:d9:93:67:d2:cd:c4:84:36:fb:4d:47:
                    50:07:89:ed:9f:a5:d9:eb:c2:1a:e3:93:5b:37:63:
                    c1:67:5a:7c:32:7c:06:6b:7c:73:3e:f6:08:ec:0c:
                    f1:19:34:56:38:6b:3c:3a:93:3a:f7:66:06:eb:25:
                    a2:9a:f9:9d:06:f2:be:5d:19:7b:79:eb:54:c1:93:
                    6f:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:CF:F1:8C:E7:73:8F:85:51:A5:3B:1A:C9:33:A7:C0:A0:91:4D:5E
            X509v3 Authority Key Identifier:
                keyid:93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cb:20:a7:79:c6:21:b0:91:0d:08:91:77:3c:66:4b:8e:ef:65:
         76:43:0d:f9:e5:33:73:b4:76:f1:49:87:bb:15:13:af:f0:a0:
         66:33:db:a0:3e:78:ab:b9:ad:12:30:62:d3:5f:33:16:57:4b:
         57:91:79:65:ee:63:12:6a:49:bc:a5:83:8c:29:fb:54:5c:ad:
         12:2b:7c:d8:98:8c:c4:4c:23:de:00:1b:5f:a7:96:11:26:03:
         b2:3e:cd:e3:25:35:56:c9:98:9f:1b:f0:de:a6:fd:8d:ce:88:
         79:25:79:2c:25:4e:65:fe:67:92:8b:f4:ed:3b:09:d2:e1:ff:
         db:1a:09:45:5b:ae:29:19:61:36:b1:05:87:8c:d5:00:be:9a:
         89:d4:c6:d6:ae:58:cb:d4:34:11:2c:f3:bc:28:a8:de:97:ca:
         00:06:79:cb:b3:e9:24:ec:b4:ca:10:29:14:3e:f3:c4:17:fd:
         41:24:02:c3:cd:a5:85:72:07:6a:ce:b3:9f:8c:c5:64:86:af:
         7c:eb:67:43:08:bd:ff:4e:e8:aa:0c:2e:3e:31:5e:62:99:42:
         4f:53:b4:53:b9:7d:04:8f:03:36:32:f6:97:bd:e1:4f:ab:85:
         9a:f6:2b:5e:98:d9:08:bf:9a:3f:f0:08:a9:ef:d1:f6:66:d9:
         9e:96:b5:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBfbk1WbalYs+1kn8a7B4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMmZiODJiOGQwMjkwYjFjYTU4Y2M3ZjFiZWQ2M2U0ZTQz
N2EwY2IwHhcNMjUwODIzMTMwMjI4WhcNMjUwODI0MTMwMjI4WjAzMTEwLwYDVQQD
EygzZGNmZjE4Y2U3NzM4Zjg1NTFhNTNiMWFjOTMzYTdjMGEwOTE0ZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0D+bbFTJwVkrIUnwTwr8u0LzT5Zh
V2NP7P+DY2hkK/GuXLAdAvF6Me/mym9F/92h5BqfIY8j7owQ3uUfB1uOWJZM3n88
4hvP2edr3c09dnKGQPrMJHdcKmjbc4Qk+f1uNYKtf8OedCLGRoqlrAfj8FzQYeah
wWo3/v4gFVIy8a0qNUVtukCcNj/gy7iZZO27mtltVwqz6KAwkcajd1tteMn1L/mn
D6kISEoAwhETQiXjgSX+oSCi2ZNn0s3EhDb7TUdQB4ntn6XZ68Ia45NbN2PBZ1p8
MnwGa3xzPvYI7AzxGTRWOGs8OpM692YG6yWimvmdBvK+XRl7eetUwZNvmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3P8Yznc4+FUaU7Gskzp8CgkU1eMB8GA1UdIwQY
MBaAFJMvuCuNApCxyljMfxvtY+TkN6DLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQt
ODJkMzNmNGJhYzQ1LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQtODJkMzNmNGJhYzQ1
LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyyCnecYh
sJENCJF3PGZLju9ldkMN+eUzc7R28UmHuxUTr/CgZjPboD54q7mtEjBi018zFldL
V5F5Ze5jEmpJvKWDjCn7VFytEit82JiMxEwj3gAbX6eWESYDsj7N4yU1VsmYnxvw
3qb9jc6IeSV5LCVOZf5nkov07TsJ0uH/2xoJRVuuKRlhNrEFh4zVAL6aidTG1q5Y
y9Q0ESzzvCio3pfKAAZ5y7PpJOy0yhApFD7zxBf9QSQCw82lhXIHas6zn4zFZIav
fOtnQwi9/07oqgwuPjFeYplCT1O0U7l9BI8DNjL2l73hT6uFmvYrXpjZCL+aP/AI
qe/R9mbZnpa1fQ==
-----END CERTIFICATE-----