Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
File:                     ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft (raw, json)
Hash identifier:          rjetsTb9+uxSi7Vu2FLJUZe8zLF+/evVHBitt7HXvwk=
Subject key identifier:   B2:55:7E:7B:70:F4:A6:0A:E6:B7:7D:1C:34:3A:A9:39:AD:C0:0A:F9
Authority key identifier: 93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB
Certificate issuer:       /CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
Certificate serial:       019A706E0707F6E88E4797DD866B5C13CE13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
Manifest number:          0F08
Signing time:             Tue 11 Nov 2025 01:00:50 +0000
Manifest this update:     Tue 11 Nov 2025 01:00:50 +0000
Manifest next update:     Wed 12 Nov 2025 01:00:50 +0000
Files and hashes:         1: ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl (hash: BWgeii0GjD+Q7l5DCS8ETYVs3x6vQDcR8YCF9NFaR1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6e:07:07:f6:e8:8e:47:97:dd:86:6b:5c:13:ce:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
        Validity
            Not Before: Nov 11 01:00:50 2025 GMT
            Not After : Nov 12 01:00:50 2025 GMT
        Subject: CN=b2557e7b70f4a60ae6b77d1c343aa939adc00af9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:a2:04:6d:b8:dd:e3:f5:e2:be:80:79:b4:d5:
                    53:c7:a5:b8:d3:41:f4:65:59:bc:da:45:49:44:df:
                    cc:7e:9e:7d:11:7d:8a:6b:9e:4b:29:19:dc:c8:fa:
                    9a:21:73:a9:dc:d9:38:66:b2:62:31:f1:9b:a0:68:
                    66:a2:4a:46:f0:db:d5:b1:72:3b:16:6d:01:9c:76:
                    b1:37:6c:b7:f7:76:24:a9:48:78:6d:3f:e3:b3:9f:
                    ab:54:3a:41:2f:49:f4:f7:09:3d:b8:4d:70:a0:93:
                    60:fa:8b:0d:21:cb:00:88:0e:c1:10:c8:e5:e9:c2:
                    c9:1e:b9:eb:ad:14:f0:59:aa:17:71:ca:a0:43:f3:
                    d0:24:9f:d3:9c:78:51:43:98:fd:93:84:c3:c0:09:
                    1f:de:7a:a7:93:bc:f7:42:b7:0a:cd:ec:50:ce:35:
                    f9:6f:77:41:b8:6a:2f:96:17:c4:0c:b6:09:0b:35:
                    35:41:ba:81:d2:5f:99:32:e0:ff:76:a3:20:f8:71:
                    4f:06:8b:f4:2d:13:cc:3a:a7:a7:97:9f:08:fb:75:
                    30:4d:e7:1f:27:85:e7:9c:b3:d8:b2:c6:de:c6:7a:
                    46:d5:ab:92:92:51:ee:71:04:dd:d9:fc:9d:21:3f:
                    87:76:5e:69:e3:ac:8b:cb:a4:73:35:f1:90:9e:74:
                    6b:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:55:7E:7B:70:F4:A6:0A:E6:B7:7D:1C:34:3A:A9:39:AD:C0:0A:F9
            X509v3 Authority Key Identifier:
                keyid:93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:57:cd:ac:af:46:ff:60:f1:7f:be:3e:63:4a:9e:d0:40:a9:
         d9:5f:73:bb:d6:20:56:13:9a:26:86:d0:14:71:f9:92:32:9a:
         12:dc:36:11:c6:0a:05:0b:6c:1a:35:6e:ff:a6:f5:4f:4e:b0:
         0a:dc:9b:11:f0:75:45:61:b6:e0:4b:c2:dc:6c:d6:19:92:e2:
         23:24:84:9a:5a:e3:cf:3d:7e:68:ea:f8:f7:f5:b0:81:35:51:
         f1:de:37:d3:06:32:42:a0:47:7d:b5:a7:6c:8a:cb:2b:1f:d2:
         da:48:9c:a4:5c:0e:14:9f:95:73:ec:51:75:81:9a:74:e3:8b:
         5e:53:4d:f3:dc:a9:19:e6:a1:d8:65:47:ea:b6:0f:e6:f0:5a:
         d6:ea:0a:e5:d2:9f:b2:db:85:5e:f1:30:56:26:12:f7:ce:5b:
         1f:14:83:c6:c3:54:cd:ff:1d:ae:fb:a8:5b:16:86:92:a8:c8:
         b5:ba:90:de:c5:a5:1f:84:89:69:d8:58:25:a7:02:e0:80:39:
         61:9b:59:de:24:d6:90:c0:1c:27:04:bb:2d:dc:b9:66:d6:28:
         11:ee:33:01:4d:81:c7:18:31:c1:47:ea:ce:7d:33:ce:bf:c0:
         0d:b5:bd:67:91:05:ed:74:9f:3c:50:7c:4f:e7:cb:dc:18:5e:
         13:b9:00:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbgcH9uiOR5fdhmtcE84TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMmZiODJiOGQwMjkwYjFjYTU4Y2M3ZjFiZWQ2M2U0ZTQz
N2EwY2IwHhcNMjUxMTExMDEwMDUwWhcNMjUxMTEyMDEwMDUwWjAzMTEwLwYDVQQD
EyhiMjU1N2U3YjcwZjRhNjBhZTZiNzdkMWMzNDNhYTkzOWFkYzAwYWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKIEbbjd4/XivoB5tNVTx6W400H0
ZVm82kVJRN/Mfp59EX2Ka55LKRncyPqaIXOp3Nk4ZrJiMfGboGhmokpG8NvVsXI7
Fm0BnHaxN2y393YkqUh4bT/js5+rVDpBL0n09wk9uE1woJNg+osNIcsAiA7BEMjl
6cLJHrnrrRTwWaoXccqgQ/PQJJ/TnHhRQ5j9k4TDwAkf3nqnk7z3QrcKzexQzjX5
b3dBuGovlhfEDLYJCzU1QbqB0l+ZMuD/dqMg+HFPBov0LRPMOqenl58I+3UwTecf
J4XnnLPYssbexnpG1auSklHucQTd2fydIT+Hdl5p46yLy6RzNfGQnnRrfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLJVfntw9KYK5rd9HDQ6qTmtwAr5MB8GA1UdIwQY
MBaAFJMvuCuNApCxyljMfxvtY+TkN6DLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQt
ODJkMzNmNGJhYzQ1LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQtODJkMzNmNGJhYzQ1
LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOlfNrK9G
/2Dxf74+Y0qe0ECp2V9zu9YgVhOaJobQFHH5kjKaEtw2EcYKBQtsGjVu/6b1T06w
CtybEfB1RWG24EvC3GzWGZLiIySEmlrjzz1+aOr49/WwgTVR8d430wYyQqBHfbWn
bIrLKx/S2kicpFwOFJ+Vc+xRdYGadOOLXlNN89ypGeah2GVH6rYP5vBa1uoK5dKf
stuFXvEwViYS985bHxSDxsNUzf8drvuoWxaGkqjItbqQ3sWlH4SJadhYJacC4IA5
YZtZ3iTWkMAcJwS7Ldy5ZtYoEe4zAU2BxxgxwUfqzn0zzr/ADbW9Z5EF7XSfPFB8
T+fL3BheE7kAzw==
-----END CERTIFICATE-----