Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
File:                     ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft (raw, json)
Hash identifier:          DdubxqO5kGVPeHutNaB7LWULwenwl5G183kjCdznkok=
Subject key identifier:   1F:6B:3B:0D:40:D1:35:EC:F3:C0:1C:A7:ED:0A:97:65:A8:F9:44:71
Authority key identifier: 93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB
Certificate issuer:       /CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
Certificate serial:       0197493149B96B3A7BCEEC94C9B8C8D58D07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
Manifest number:          0D66
Signing time:             Sat 07 Jun 2025 07:00:56 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:56 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:56 +0000
Files and hashes:         1: ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl (hash: DeqTKrCjvSM40DK5Ynbs4dvk+aGnmNw6mJIiocw9Rzs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:49:b9:6b:3a:7b:ce:ec:94:c9:b8:c8:d5:8d:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
        Validity
            Not Before: Jun  7 07:00:56 2025 GMT
            Not After : Jun  8 07:00:56 2025 GMT
        Subject: CN=1f6b3b0d40d135ecf3c01ca7ed0a9765a8f94471
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:02:1f:4f:16:18:d4:37:17:f6:2b:02:84:72:
                    a7:58:ff:c9:8f:e3:12:b6:3b:9b:51:1a:c4:51:a7:
                    a9:db:1b:d9:0a:88:99:d7:34:22:d8:c0:96:60:f1:
                    7a:7d:28:80:d6:08:60:86:47:42:2b:93:9d:19:bc:
                    3b:73:d0:f7:7c:9e:82:cd:89:25:94:66:4a:16:5a:
                    6f:5c:28:6d:95:50:05:5f:07:d6:18:61:2a:04:5c:
                    9c:f2:ba:de:df:ff:83:5e:87:78:40:be:91:eb:4f:
                    7c:1a:40:a2:1e:7a:39:74:29:0b:1a:a1:3d:87:9d:
                    72:f2:84:68:ea:37:f8:56:6e:15:60:59:af:fa:53:
                    93:e9:a2:75:7e:f7:aa:6d:8a:b4:52:c1:0f:00:30:
                    37:54:02:ec:71:98:65:43:ca:08:c5:62:6b:83:65:
                    78:38:27:7a:e0:10:ea:95:45:60:c2:db:5f:e7:3d:
                    9d:ce:72:c1:5a:ab:fa:f3:0a:1f:80:f9:47:fd:21:
                    d6:c2:d2:97:0d:d4:06:9b:80:d0:a8:46:cd:eb:d3:
                    4f:ac:4c:23:d7:f6:f3:01:b5:89:f7:a9:a6:51:a2:
                    5d:44:90:d0:29:62:7e:21:76:96:63:5b:98:53:e6:
                    b3:06:ed:cc:be:37:43:c5:d9:89:c4:ee:c0:d2:d2:
                    35:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:6B:3B:0D:40:D1:35:EC:F3:C0:1C:A7:ED:0A:97:65:A8:F9:44:71
            X509v3 Authority Key Identifier:
                keyid:93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:79:1b:04:1b:b4:f4:d1:5d:73:68:05:c2:c1:09:76:70:1b:
         f8:b2:d0:33:4e:b5:25:1e:9f:6f:9d:46:6b:f5:76:c0:2e:ed:
         29:2e:55:68:ba:1f:f2:55:1d:72:14:54:d5:59:70:aa:82:0c:
         11:a9:b8:c5:b0:41:87:b1:ed:bf:03:8a:58:22:25:b4:77:75:
         2e:df:1a:0d:68:50:95:3b:5d:aa:5f:fe:d3:d5:b3:2c:00:3f:
         75:cb:51:af:87:77:b1:bd:11:f7:f9:e6:a4:e7:c6:21:08:be:
         9b:9d:ec:e3:63:89:fd:43:18:ca:2c:ac:17:36:68:16:5d:19:
         0c:4d:21:34:67:45:e9:7f:3c:0a:b1:1e:55:0b:b5:9c:c5:57:
         ef:fe:57:6b:92:83:68:1b:fc:23:eb:17:10:05:6c:c7:7c:ed:
         83:f7:6f:e2:64:c2:a4:6b:75:67:ec:ff:4c:d5:21:e9:01:83:
         3f:20:75:e1:9f:bf:78:be:02:b9:6f:a3:2e:a4:69:b1:9d:e6:
         a4:19:9b:69:4f:3d:c2:da:45:f8:b4:0e:74:8e:81:59:73:bb:
         cc:8a:fa:4f:30:f1:bd:50:8a:5c:05:52:69:43:b3:82:13:6c:
         25:a1:e4:81:4e:4b:b1:d6:97:b1:ab:c6:fa:a8:11:78:02:bf:
         7f:58:7d:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMUm5azp7zuyUybjI1Y0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMmZiODJiOGQwMjkwYjFjYTU4Y2M3ZjFiZWQ2M2U0ZTQz
N2EwY2IwHhcNMjUwNjA3MDcwMDU2WhcNMjUwNjA4MDcwMDU2WjAzMTEwLwYDVQQD
EygxZjZiM2IwZDQwZDEzNWVjZjNjMDFjYTdlZDBhOTc2NWE4Zjk0NDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAIfTxYY1DcX9isChHKnWP/Jj+MS
tjubURrEUaep2xvZCoiZ1zQi2MCWYPF6fSiA1ghghkdCK5OdGbw7c9D3fJ6CzYkl
lGZKFlpvXChtlVAFXwfWGGEqBFyc8rre3/+DXod4QL6R6098GkCiHno5dCkLGqE9
h51y8oRo6jf4Vm4VYFmv+lOT6aJ1fveqbYq0UsEPADA3VALscZhlQ8oIxWJrg2V4
OCd64BDqlUVgwttf5z2dznLBWqv68wofgPlH/SHWwtKXDdQGm4DQqEbN69NPrEwj
1/bzAbWJ96mmUaJdRJDQKWJ+IXaWY1uYU+azBu3MvjdDxdmJxO7A0tI1ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB9rOw1A0TXs88Acp+0Kl2Wo+URxMB8GA1UdIwQY
MBaAFJMvuCuNApCxyljMfxvtY+TkN6DLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQt
ODJkMzNmNGJhYzQ1LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQtODJkMzNmNGJhYzQ1
LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADnkbBBu0
9NFdc2gFwsEJdnAb+LLQM061JR6fb51Ga/V2wC7tKS5VaLof8lUdchRU1VlwqoIM
Eam4xbBBh7HtvwOKWCIltHd1Lt8aDWhQlTtdql/+09WzLAA/dctRr4d3sb0R9/nm
pOfGIQi+m53s42OJ/UMYyiysFzZoFl0ZDE0hNGdF6X88CrEeVQu1nMVX7/5Xa5KD
aBv8I+sXEAVsx3ztg/dv4mTCpGt1Z+z/TNUh6QGDPyB14Z+/eL4CuW+jLqRpsZ3m
pBmbaU89wtpF+LQOdI6BWXO7zIr6TzDxvVCKXAVSaUOzghNsJaHkgU5LsdaXsavG
+qgReAK/f1h9ew==
-----END CERTIFICATE-----