Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
File:                     KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json)
Hash identifier:          FONtGt6ejnJALbjnI0vazMUYreGeQubOCC2/TgxPx14=
Subject key identifier:   35:D6:0A:B3:90:F1:F8:7E:3B:C7:51:DC:19:39:38:B8:BC:DE:AB:98
Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26
Certificate issuer:       /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
Certificate serial:       01976D3D89F6A043E601C30069F44382E143
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 07:00:38 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:38 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:38 +0000
Files and hashes:         1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: Np5ol3QH5AObzuuE2bq9+R3Up8CH/hyEx6ZHNozZEOo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:89:f6:a0:43:e6:01:c3:00:69:f4:43:82:e1:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
        Validity
            Not Before: Jun 14 07:00:38 2025 GMT
            Not After : Jun 15 07:00:38 2025 GMT
        Subject: CN=35d60ab390f1f87e3bc751dc193938b8bcdeab98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:47:63:a2:4a:2d:8f:f7:1d:ea:3c:84:a4:c8:
                    ef:a6:a7:3f:e4:8a:2c:5e:2f:9f:ea:d6:6e:17:65:
                    ec:98:39:ed:99:fb:49:58:28:b7:48:23:38:bb:18:
                    cd:8c:58:68:49:e5:55:4f:02:4c:35:30:e2:f6:1c:
                    a5:10:7b:4c:c2:5c:8b:60:83:a4:d0:71:4e:dc:0e:
                    17:17:15:a7:d0:60:d9:22:79:72:6b:82:eb:ff:87:
                    2f:0f:dd:b8:cd:ae:d6:c0:27:46:b7:14:ca:08:9b:
                    27:7e:10:16:4b:e4:14:e0:cf:17:39:39:74:6d:4d:
                    a3:c7:c6:14:07:88:72:eb:28:7a:92:de:a5:b8:71:
                    ae:98:88:bd:c6:03:10:cb:bf:ba:bf:d0:d6:fd:20:
                    68:ba:ba:ea:e5:f3:3b:f9:7c:df:ab:e8:0f:0f:f1:
                    a3:0e:96:60:c3:e6:3e:a2:ef:d6:94:1c:66:7c:3b:
                    c5:46:a5:6b:9d:fd:fd:75:1c:03:93:74:1b:b7:0a:
                    aa:41:ea:95:4b:6c:a3:a9:44:18:8c:d6:d6:0b:6d:
                    7b:a7:31:30:f7:c8:1c:f3:a8:5a:d9:2e:2a:ca:0f:
                    e3:87:9a:be:5d:c7:c9:05:12:93:0b:a8:f8:e2:76:
                    ef:cb:f2:6a:ac:02:ca:dc:0b:0f:d0:4a:bf:b6:31:
                    47:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:D6:0A:B3:90:F1:F8:7E:3B:C7:51:DC:19:39:38:B8:BC:DE:AB:98
            X509v3 Authority Key Identifier:
                keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:d7:14:05:fc:6d:fd:bf:eb:52:fd:89:a3:08:88:48:cd:de:
         1a:aa:db:3d:53:a8:90:8a:92:88:86:d7:8e:e6:02:b0:c4:19:
         5b:3c:e7:57:4c:6b:e5:f7:17:ff:29:91:20:98:9d:5a:91:43:
         32:e1:d2:ba:2e:59:ad:11:df:56:77:83:e7:fe:15:eb:1e:a7:
         42:b4:55:51:40:7c:59:80:73:74:72:a3:7a:b3:08:34:a2:58:
         7d:51:b4:c9:08:24:66:02:c4:3e:55:c2:64:28:4a:6d:d5:bb:
         4b:cd:77:70:51:b5:3e:2a:6c:a8:96:63:da:72:e6:ad:04:a6:
         6a:fd:5f:67:04:ca:e8:19:c2:67:8c:9f:e7:60:a2:41:92:86:
         3f:a0:7c:36:c3:6b:db:99:c3:82:e3:37:e8:6e:67:e2:1f:54:
         b4:da:df:f8:70:89:94:50:1b:6a:84:79:93:90:62:fb:e2:5d:
         e8:03:7c:6d:aa:3d:a5:a0:ee:6d:7e:4e:0a:4a:f7:11:f6:fa:
         70:56:33:e7:0e:a9:a8:40:2d:7b:a6:9b:50:00:69:fb:03:58:
         88:75:49:89:0f:2a:c7:15:5d:9b:f6:a8:35:d2:12:04:c0:db:
         9d:f6:b3:dd:62:27:2a:7a:7b:5c:0a:a5:5d:bf:f8:82:48:c9:
         a8:79:98:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPYn2oEPmAcMAafRDguFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2
OGQ4MjYwHhcNMjUwNjE0MDcwMDM4WhcNMjUwNjE1MDcwMDM4WjAzMTEwLwYDVQQD
EygzNWQ2MGFiMzkwZjFmODdlM2JjNzUxZGMxOTM5MzhiOGJjZGVhYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0djokotj/cd6jyEpMjvpqc/5Ios
Xi+f6tZuF2XsmDntmftJWCi3SCM4uxjNjFhoSeVVTwJMNTDi9hylEHtMwlyLYIOk
0HFO3A4XFxWn0GDZInlya4Lr/4cvD924za7WwCdGtxTKCJsnfhAWS+QU4M8XOTl0
bU2jx8YUB4hy6yh6kt6luHGumIi9xgMQy7+6v9DW/SBourrq5fM7+Xzfq+gPD/Gj
DpZgw+Y+ou/WlBxmfDvFRqVrnf39dRwDk3QbtwqqQeqVS2yjqUQYjNbWC217pzEw
98gc86ha2S4qyg/jh5q+XcfJBRKTC6j44nbvy/JqrALK3AsP0Eq/tjFHYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDXWCrOQ8fh+O8dR3Bk5OLi83quYMB8GA1UdIwQY
MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt
NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy
LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcdcUBfxt
/b/rUv2JowiISM3eGqrbPVOokIqSiIbXjuYCsMQZWzznV0xr5fcX/ymRIJidWpFD
MuHSui5ZrRHfVneD5/4V6x6nQrRVUUB8WYBzdHKjerMINKJYfVG0yQgkZgLEPlXC
ZChKbdW7S813cFG1PipsqJZj2nLmrQSmav1fZwTK6BnCZ4yf52CiQZKGP6B8NsNr
25nDguM36G5n4h9UtNrf+HCJlFAbaoR5k5Bi++Jd6AN8bao9paDubX5OCkr3Efb6
cFYz5w6pqEAte6abUABp+wNYiHVJiQ8qxxVdm/aoNdISBMDbnfaz3WInKnp7XAql
Xb/4gkjJqHmYAg==
-----END CERTIFICATE-----