Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
File:                     KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json)
Hash identifier:          dHAkc67Pg1/pdp0dZqQu4+9brw7owu4ntfh72IHpDD8=
Subject key identifier:   CB:BF:7C:72:C7:CA:93:C5:13:DE:7B:EA:56:04:FC:4D:27:C9:90:3D
Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26
Certificate issuer:       /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
Certificate serial:       019D3865A7716E5783195B8F36309874A223
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:01:19 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:19 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:19 +0000
Files and hashes:         1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: ZieqVoeA6WaK7IpWr7tWmsBZJPDWIIfbbzwIxPzVztQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:a7:71:6e:57:83:19:5b:8f:36:30:98:74:a2:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
        Validity
            Not Before: Mar 29 07:01:19 2026 GMT
            Not After : Mar 30 07:01:19 2026 GMT
        Subject: CN=cbbf7c72c7ca93c513de7bea5604fc4d27c9903d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:a4:b1:98:06:a3:6a:5c:a0:98:02:a3:9e:fe:
                    b9:f7:84:7a:3d:ae:7c:db:89:64:63:99:a9:4f:12:
                    48:47:09:a5:18:b7:0e:b2:cb:4c:b4:99:30:3e:fe:
                    ae:0e:d2:6c:41:b8:4d:b0:43:56:8e:57:e4:38:8f:
                    f0:d9:29:8b:e3:f0:ab:9d:28:44:79:c8:e4:49:e0:
                    e1:ca:db:92:bd:e9:da:72:7d:31:fa:9a:d0:3f:80:
                    6e:dd:17:d5:13:a5:0b:6b:36:48:be:fb:b8:40:eb:
                    26:e6:24:02:b7:1b:2f:7c:9f:74:c5:b1:87:26:ad:
                    42:a2:05:b0:ed:0d:3e:5a:b7:e0:54:a1:aa:75:43:
                    f4:1b:66:ea:e7:07:1f:5a:c8:e1:dc:da:00:ec:60:
                    eb:12:fe:b4:64:77:7d:21:82:32:41:ac:cc:d4:ed:
                    86:ff:de:4e:10:9f:da:48:26:e1:97:39:af:ad:5b:
                    ee:04:37:37:b7:76:45:6e:2a:03:77:b5:cd:fd:ee:
                    c4:5f:54:f4:db:5f:42:ed:f4:01:08:5a:68:c6:6b:
                    fb:43:2f:78:7f:37:35:5c:9f:83:5a:e5:37:76:4e:
                    2d:da:01:85:4f:d0:b1:59:d1:ff:94:26:2c:72:0e:
                    19:11:96:40:77:43:d1:8b:8f:b9:13:5a:d2:d8:97:
                    0d:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:BF:7C:72:C7:CA:93:C5:13:DE:7B:EA:56:04:FC:4D:27:C9:90:3D
            X509v3 Authority Key Identifier:
                keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:f4:55:7f:29:b3:71:83:6c:1f:bc:23:69:f0:66:0c:ed:9a:
         92:c4:4c:19:59:ed:d3:11:47:35:f2:1a:8c:93:df:c8:21:2c:
         48:f5:15:c7:df:89:0a:9f:ca:c3:90:8e:19:0b:18:9a:56:be:
         8e:c9:ef:83:15:08:91:fa:7f:f4:0f:03:e6:7e:10:88:d1:be:
         f6:49:b0:bb:03:c4:a7:91:bd:f8:90:94:34:43:75:3b:f0:f8:
         b4:20:5b:74:23:37:9c:03:fe:16:98:47:9c:32:fa:5f:3c:37:
         bf:c7:fd:38:2b:95:38:90:12:22:9d:4a:a4:1b:26:d3:e4:be:
         2f:5c:0f:57:ed:29:58:fe:ed:b5:2d:19:1f:07:49:8f:6e:d4:
         27:9b:8a:5b:ff:c0:4d:de:88:f1:e2:7e:a5:db:26:99:f4:23:
         47:30:6f:9b:a3:36:e4:a3:0d:26:7a:eb:51:96:60:af:29:95:
         9b:fa:23:44:81:6d:8e:3d:dc:3e:b2:8a:90:f7:ea:0b:2e:cf:
         7a:8b:dd:6b:57:07:22:18:58:34:e8:a3:10:f8:ea:16:70:2c:
         80:f7:dc:d8:02:28:09:c4:4d:61:4c:b0:d7:72:5d:e7:5e:33:
         f0:66:08:5f:38:ae:5a:31:8d:31:ee:2e:ef:28:2b:2a:98:aa:
         a1:d7:02:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZadxbleDGVuPNjCYdKIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2
OGQ4MjYwHhcNMjYwMzI5MDcwMTE5WhcNMjYwMzMwMDcwMTE5WjAzMTEwLwYDVQQD
EyhjYmJmN2M3MmM3Y2E5M2M1MTNkZTdiZWE1NjA0ZmM0ZDI3Yzk5MDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaSxmAajalygmAKjnv6594R6Pa58
24lkY5mpTxJIRwmlGLcOsstMtJkwPv6uDtJsQbhNsENWjlfkOI/w2SmL4/CrnShE
ecjkSeDhytuSvenacn0x+prQP4Bu3RfVE6ULazZIvvu4QOsm5iQCtxsvfJ90xbGH
Jq1CogWw7Q0+WrfgVKGqdUP0G2bq5wcfWsjh3NoA7GDrEv60ZHd9IYIyQazM1O2G
/95OEJ/aSCbhlzmvrVvuBDc3t3ZFbioDd7XN/e7EX1T0219C7fQBCFpoxmv7Qy94
fzc1XJ+DWuU3dk4t2gGFT9CxWdH/lCYscg4ZEZZAd0PRi4+5E1rS2JcNmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMu/fHLHypPFE9576lYE/E0nyZA9MB8GA1UdIwQY
MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt
NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy
LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkvRVfymz
cYNsH7wjafBmDO2aksRMGVnt0xFHNfIajJPfyCEsSPUVx9+JCp/Kw5COGQsYmla+
jsnvgxUIkfp/9A8D5n4QiNG+9kmwuwPEp5G9+JCUNEN1O/D4tCBbdCM3nAP+FphH
nDL6Xzw3v8f9OCuVOJASIp1KpBsm0+S+L1wPV+0pWP7ttS0ZHwdJj27UJ5uKW//A
Td6I8eJ+pdsmmfQjRzBvm6M25KMNJnrrUZZgrymVm/ojRIFtjj3cPrKKkPfqCy7P
eovda1cHIhhYNOijEPjqFnAsgPfc2AIoCcRNYUyw13Jd514z8GYIXziuWjGNMe4u
7ygrKpiqodcCRg==
-----END CERTIFICATE-----