Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
File:                     KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json)
Hash identifier:          gzSVDtdUIzl17/b1kmiUGzCidzm32efJoISWkDE0pto=
Subject key identifier:   40:3F:BB:59:73:08:45:C0:ED:C9:4F:B5:2D:BF:58:49:F0:8D:4C:BC
Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26
Certificate issuer:       /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
Certificate serial:       01974A7AD29581A0DEA1AA4E1FA498315C9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 13:00:52 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:52 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:52 +0000
Files and hashes:         1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: COeOINlvxS06YsQRvDR2IdPORtA/EkavGl+6WYfNu8Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:d2:95:81:a0:de:a1:aa:4e:1f:a4:98:31:5c:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
        Validity
            Not Before: Jun  7 13:00:52 2025 GMT
            Not After : Jun  8 13:00:52 2025 GMT
        Subject: CN=403fbb59730845c0edc94fb52dbf5849f08d4cbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:42:12:95:aa:39:23:99:e6:37:60:3e:12:0f:
                    b3:fe:ff:03:8d:00:8a:90:87:62:84:2c:36:22:5e:
                    b0:13:cd:0c:a1:23:38:e3:2e:ae:a5:20:57:de:97:
                    67:0c:3d:9d:61:48:5d:32:0a:d9:ef:9b:1a:5d:d1:
                    ff:30:94:2f:81:4b:d7:52:22:cb:9a:27:a6:f8:47:
                    d4:a8:0f:ed:66:c9:f6:80:45:aa:cf:69:ab:97:6b:
                    68:5f:d6:3e:09:11:eb:6b:11:96:70:8c:b2:81:51:
                    df:0b:ed:0e:2c:90:2f:48:bb:e6:00:ca:e4:3b:17:
                    f8:bf:7e:af:13:1a:d2:d4:30:dc:74:fb:87:6b:bd:
                    bc:29:50:6a:96:9c:34:1b:a5:8b:c7:fd:ae:c2:53:
                    d3:78:70:c9:15:55:d0:93:29:af:a1:cc:06:d7:e7:
                    c0:c3:de:48:41:00:58:49:a0:67:cc:9d:ea:50:f7:
                    b2:a1:0e:b9:ff:da:35:e4:f7:bc:89:bc:d1:81:62:
                    5f:c5:cd:e7:93:eb:60:c0:14:06:6d:f0:6a:c7:7f:
                    bf:85:2a:d5:5b:82:b4:62:ef:ab:d7:88:2c:f4:18:
                    4c:c6:12:60:ba:b1:49:f1:c6:c3:f9:9f:5a:89:07:
                    7b:67:95:0c:65:47:a5:f9:fc:2a:5e:89:ed:36:3f:
                    2f:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:3F:BB:59:73:08:45:C0:ED:C9:4F:B5:2D:BF:58:49:F0:8D:4C:BC
            X509v3 Authority Key Identifier:
                keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:b9:5e:51:1d:57:7c:ec:48:24:6c:eb:03:98:a1:dd:d4:d4:
         bb:df:6e:cc:9e:04:ed:96:82:7d:de:fe:4b:94:44:71:cf:46:
         60:69:ae:91:37:b1:31:bf:48:61:63:ec:8a:c9:65:76:40:6c:
         df:07:72:fc:2f:fd:37:10:40:96:f9:df:73:39:00:82:98:d8:
         5a:db:23:40:da:c0:0a:b2:20:1c:48:dd:69:db:b4:ee:3f:85:
         18:b4:f7:06:b8:a1:4d:3a:c0:bc:99:87:d2:6e:b0:af:78:f8:
         45:3f:46:5e:bc:f9:00:05:6a:8f:03:7c:e2:9e:8c:ba:a7:e2:
         58:69:b0:83:a6:88:85:0e:87:d6:4c:35:9d:27:a7:ce:57:5e:
         08:4f:5a:41:54:65:5d:1c:b8:1b:62:db:01:c3:69:8b:9a:83:
         fe:11:ed:c9:5d:40:76:ea:18:3d:98:ec:9c:82:fa:d2:78:aa:
         33:1f:a2:21:50:c8:ff:ba:37:ff:fc:9a:8b:d2:94:18:33:a5:
         ea:ef:56:28:a2:08:c8:ab:b0:67:d3:5d:6e:bf:59:d1:78:84:
         f4:9d:88:db:f8:53:a8:69:1b:45:21:a5:90:44:74:3d:f0:04:
         bc:cc:59:84:4a:c6:36:04:7e:83:4d:d3:ea:af:9d:6b:0f:78:
         c1:37:e1:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKetKVgaDeoapOH6SYMVyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2
OGQ4MjYwHhcNMjUwNjA3MTMwMDUyWhcNMjUwNjA4MTMwMDUyWjAzMTEwLwYDVQQD
Eyg0MDNmYmI1OTczMDg0NWMwZWRjOTRmYjUyZGJmNTg0OWYwOGQ0Y2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkISlao5I5nmN2A+Eg+z/v8DjQCK
kIdihCw2Il6wE80MoSM44y6upSBX3pdnDD2dYUhdMgrZ75saXdH/MJQvgUvXUiLL
miem+EfUqA/tZsn2gEWqz2mrl2toX9Y+CRHraxGWcIyygVHfC+0OLJAvSLvmAMrk
Oxf4v36vExrS1DDcdPuHa728KVBqlpw0G6WLx/2uwlPTeHDJFVXQkymvocwG1+fA
w95IQQBYSaBnzJ3qUPeyoQ65/9o15Pe8ibzRgWJfxc3nk+tgwBQGbfBqx3+/hSrV
W4K0Yu+r14gs9BhMxhJgurFJ8cbD+Z9aiQd7Z5UMZUel+fwqXontNj8vHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEA/u1lzCEXA7clPtS2/WEnwjUy8MB8GA1UdIwQY
MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt
NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy
LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY7leUR1X
fOxIJGzrA5ih3dTUu99uzJ4E7ZaCfd7+S5REcc9GYGmukTexMb9IYWPsislldkBs
3wdy/C/9NxBAlvnfczkAgpjYWtsjQNrACrIgHEjdadu07j+FGLT3BrihTTrAvJmH
0m6wr3j4RT9GXrz5AAVqjwN84p6MuqfiWGmwg6aIhQ6H1kw1nSenzldeCE9aQVRl
XRy4G2LbAcNpi5qD/hHtyV1AduoYPZjsnIL60niqMx+iIVDI/7o3//yai9KUGDOl
6u9WKKIIyKuwZ9Ndbr9Z0XiE9J2I2/hTqGkbRSGlkER0PfAEvMxZhErGNgR+g03T
6q+daw94wTfhqw==
-----END CERTIFICATE-----