Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
File:                     KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json)
Hash identifier:          NOqHRVfmJUnRh0hbD5OLpS3bCe/r+TbQZa3U2oy0dNw=
Subject key identifier:   7C:2B:B6:B5:91:53:77:99:45:52:91:33:7F:17:4F:E8:F5:4E:94:E1
Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26
Certificate issuer:       /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
Certificate serial:       019A71B82CA06704C3B5F5A2BCF447403011
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:01:26 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:26 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:26 +0000
Files and hashes:         1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: OmuhS4ngFfWi/4kLEpbG4YmbyjXhew86GY4222YB59s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:2c:a0:67:04:c3:b5:f5:a2:bc:f4:47:40:30:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
        Validity
            Not Before: Nov 11 07:01:26 2025 GMT
            Not After : Nov 12 07:01:26 2025 GMT
        Subject: CN=7c2bb6b591537799455291337f174fe8f54e94e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:51:63:49:6a:d8:8e:86:ac:86:1b:1e:f0:8e:
                    31:34:69:d6:a1:a8:e9:09:a2:81:e4:08:af:9f:c3:
                    bf:ee:3d:10:e4:0f:be:ee:0c:aa:6b:b9:fe:3b:81:
                    c2:5d:76:7d:b5:5b:2e:e8:55:89:34:7f:a3:8d:fa:
                    5c:a8:3e:74:c1:7c:b6:e6:80:ff:84:b1:4b:0b:d3:
                    df:56:e6:cf:6f:7e:a3:10:45:17:25:d1:43:cb:96:
                    0f:6e:df:24:67:0b:24:73:28:fb:27:6c:b1:84:d1:
                    5b:ac:43:1d:1f:dd:75:b7:3c:f7:84:0f:cf:c3:a7:
                    a4:8c:16:9b:ff:4d:13:ff:38:b9:c0:ae:da:1e:db:
                    ab:49:95:2a:c2:5c:a5:70:0e:9f:6a:a3:b3:a0:5e:
                    91:93:4a:20:74:fb:5b:cd:a7:9f:da:b0:46:0c:15:
                    2b:1e:0b:78:0b:b7:04:54:f3:bc:74:dc:39:cd:4d:
                    de:06:d5:3c:5e:4c:d8:f2:70:d8:a5:08:64:bf:36:
                    36:53:73:6d:3b:cb:70:01:61:4b:8b:aa:1e:8c:10:
                    24:d0:73:03:f6:6d:28:19:f5:7e:de:b8:47:36:c3:
                    60:52:21:92:d0:e9:3b:64:8c:bc:75:86:dd:b1:1e:
                    af:9e:13:7d:07:50:a1:5d:72:6b:fa:e3:90:32:dc:
                    57:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:2B:B6:B5:91:53:77:99:45:52:91:33:7F:17:4F:E8:F5:4E:94:E1
            X509v3 Authority Key Identifier:
                keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:26:25:a6:80:bf:db:e4:2a:54:8d:b7:6a:31:fe:54:7d:6b:
         ff:41:09:07:fc:c1:69:b9:e5:7e:78:af:b7:e9:07:ff:45:d9:
         a4:71:d6:34:40:fc:18:6c:b7:ba:68:74:a6:bf:d2:f3:f8:5f:
         63:7e:19:a3:ef:cc:4c:5a:3c:59:45:99:ea:22:c8:49:9e:5d:
         0d:f4:95:45:e6:45:f2:39:d4:49:48:1a:bd:e4:e0:b4:10:a2:
         9c:08:e8:5d:64:1f:37:d4:ba:b9:72:28:bf:0c:01:4c:9c:0e:
         22:4f:8a:e4:7b:35:8c:3a:c8:7d:b6:d7:e6:a8:6a:ad:e6:3e:
         86:3f:63:2c:a8:f4:7c:e5:ba:38:d8:d9:4e:33:95:2c:8e:79:
         9d:91:fe:37:d8:5f:49:b2:49:54:64:2a:ef:c9:fc:e3:81:eb:
         d9:b8:97:4f:92:50:3e:dd:ae:d0:92:2d:b6:07:3d:a7:5b:43:
         4e:ba:0c:f5:63:a4:e2:58:fb:64:4a:57:dd:be:9d:0e:16:2e:
         12:65:72:1d:5a:b7:6a:84:56:ad:d2:4e:87:31:0e:30:60:e5:
         69:4b:ad:16:1c:d3:f3:4e:a6:5b:6b:df:04:e0:15:6a:17:3a:
         cc:19:d8:0e:46:8e:fa:60:3b:58:89:92:cd:24:e7:d5:8f:ae:
         96:91:3f:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuCygZwTDtfWivPRHQDARMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2
OGQ4MjYwHhcNMjUxMTExMDcwMTI2WhcNMjUxMTEyMDcwMTI2WjAzMTEwLwYDVQQD
Eyg3YzJiYjZiNTkxNTM3Nzk5NDU1MjkxMzM3ZjE3NGZlOGY1NGU5NGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlFjSWrYjoashhse8I4xNGnWoajp
CaKB5Aivn8O/7j0Q5A++7gyqa7n+O4HCXXZ9tVsu6FWJNH+jjfpcqD50wXy25oD/
hLFLC9PfVubPb36jEEUXJdFDy5YPbt8kZwskcyj7J2yxhNFbrEMdH911tzz3hA/P
w6ekjBab/00T/zi5wK7aHturSZUqwlylcA6faqOzoF6Rk0ogdPtbzaef2rBGDBUr
Hgt4C7cEVPO8dNw5zU3eBtU8XkzY8nDYpQhkvzY2U3NtO8twAWFLi6oejBAk0HMD
9m0oGfV+3rhHNsNgUiGS0Ok7ZIy8dYbdsR6vnhN9B1ChXXJr+uOQMtxX4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwrtrWRU3eZRVKRM38XT+j1TpThMB8GA1UdIwQY
MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt
NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy
LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACiYlpoC/
2+QqVI23ajH+VH1r/0EJB/zBabnlfnivt+kH/0XZpHHWNED8GGy3umh0pr/S8/hf
Y34Zo+/MTFo8WUWZ6iLISZ5dDfSVReZF8jnUSUgaveTgtBCinAjoXWQfN9S6uXIo
vwwBTJwOIk+K5Hs1jDrIfbbX5qhqreY+hj9jLKj0fOW6ONjZTjOVLI55nZH+N9hf
SbJJVGQq78n844Hr2biXT5JQPt2u0JIttgc9p1tDTroM9WOk4lj7ZEpX3b6dDhYu
EmVyHVq3aoRWrdJOhzEOMGDlaUutFhzT806mW2vfBOAVahc6zBnYDkaO+mA7WImS
zSTn1Y+ulpE/5A==
-----END CERTIFICATE-----