Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
File:                     KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json)
Hash identifier:          RULNNXwM1TiVHuL9jlnxtKC4G4cUN6cYUFqV+98W8Ro=
Subject key identifier:   84:D6:A6:30:E9:B4:36:B4:82:D2:E5:6C:E9:51:1C:80:2C:A7:66:76
Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26
Certificate issuer:       /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
Certificate serial:       01968391823CD508A2B3E98D89BE6598E206
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
Manifest number:          1513
Signing time:             Tue 29 Apr 2025 22:01:13 +0000
Manifest this update:     Tue 29 Apr 2025 22:01:13 +0000
Manifest next update:     Wed 30 Apr 2025 22:01:13 +0000
Files and hashes:         1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: w7QKxgiMsXYwabTmFTiFfABJc1T+cFrSPHJvsVnSRh0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 22:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:91:82:3c:d5:08:a2:b3:e9:8d:89:be:65:98:e2:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
        Validity
            Not Before: Apr 29 22:01:13 2025 GMT
            Not After : Apr 30 22:01:13 2025 GMT
        Subject: CN=84d6a630e9b436b482d2e56ce9511c802ca76676
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:dd:48:a3:18:92:35:b5:8e:b3:d4:07:92:51:
                    7e:07:14:df:b6:8e:bf:b4:22:27:bd:6b:3a:96:9c:
                    63:77:b4:27:0b:13:21:5a:3d:3f:d7:5b:23:50:16:
                    af:c7:3d:cc:3c:60:bb:26:00:a4:2e:cc:82:5f:25:
                    db:ff:01:00:6b:cc:a0:ac:6a:5e:de:a3:d3:50:54:
                    67:b6:dd:8c:c6:c1:f4:25:b3:ea:4b:86:f1:5c:55:
                    42:5e:12:b0:7a:c8:f2:4f:a9:96:99:1d:d8:43:79:
                    02:84:3f:5c:8d:d1:66:0b:b5:9b:6e:dd:88:9e:93:
                    2d:65:fc:13:69:9f:4a:85:d7:ea:9a:b0:1e:d7:cc:
                    47:6c:f9:aa:b5:3a:9f:a8:7b:0b:82:c4:85:98:82:
                    ff:a4:96:2e:e3:5b:39:3d:ac:90:0c:aa:ad:39:e5:
                    be:9e:45:38:87:ae:57:99:f4:5d:2c:59:aa:e8:3f:
                    37:b9:20:49:22:ef:00:12:db:ef:89:8f:04:79:7a:
                    33:dc:53:39:19:7b:dc:30:6a:45:4b:63:11:d1:69:
                    9e:de:d4:b6:85:6c:70:17:5c:80:9c:53:86:34:97:
                    5f:f2:99:05:a5:f9:e7:5f:e8:87:46:96:7b:c5:10:
                    76:39:a5:3d:e0:07:3c:c5:2c:c9:f9:cb:c4:06:42:
                    95:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:D6:A6:30:E9:B4:36:B4:82:D2:E5:6C:E9:51:1C:80:2C:A7:66:76
            X509v3 Authority Key Identifier:
                keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:f5:0f:31:1c:4f:23:15:52:6e:05:4b:c9:e8:6f:f5:b9:e8:
         9a:4f:bf:c9:ed:bf:b5:c4:84:9e:20:cb:f7:f1:ce:20:17:06:
         95:bc:c0:ab:0d:1b:75:c5:21:41:4e:64:0e:de:10:63:6d:c5:
         11:84:26:0a:9e:b5:13:36:54:51:a2:85:6b:3f:85:e4:c1:8f:
         d0:9b:c0:1b:22:1a:99:a8:e9:a6:f1:e3:78:cc:09:8e:a2:85:
         9d:01:15:34:77:9c:ac:6d:4f:d3:34:b0:fc:37:11:ef:fb:1d:
         aa:f7:a7:44:62:0f:89:68:f5:ff:58:87:f6:a3:c5:85:88:1c:
         9a:a8:fd:32:59:d3:64:73:78:77:0c:d0:1b:db:36:7a:0b:6d:
         4d:d1:8a:79:08:f5:68:25:a8:7d:f7:c4:54:6d:22:8c:f0:d7:
         70:39:42:8a:22:25:56:40:f7:15:cd:62:af:cc:6c:a0:4d:c8:
         c8:3b:a0:ca:7c:49:46:15:d2:cf:f9:b1:5a:8c:3a:e7:ec:8c:
         38:48:0d:d1:9c:70:89:3f:84:bc:f0:49:11:3f:51:2d:e2:a9:
         51:cf:c6:58:f2:4a:8e:3e:d7:8d:bd:84:0c:af:90:c1:c2:50:
         c9:db:8e:c9:45:26:36:38:7d:4d:73:e0:ed:6d:52:79:9b:6f:
         8b:f5:39:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDkYI81Qiis+mNib5lmOIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2
OGQ4MjYwHhcNMjUwNDI5MjIwMTEzWhcNMjUwNDMwMjIwMTEzWjAzMTEwLwYDVQQD
Eyg4NGQ2YTYzMGU5YjQzNmI0ODJkMmU1NmNlOTUxMWM4MDJjYTc2Njc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt1IoxiSNbWOs9QHklF+BxTfto6/
tCInvWs6lpxjd7QnCxMhWj0/11sjUBavxz3MPGC7JgCkLsyCXyXb/wEAa8ygrGpe
3qPTUFRntt2MxsH0JbPqS4bxXFVCXhKwesjyT6mWmR3YQ3kChD9cjdFmC7Wbbt2I
npMtZfwTaZ9KhdfqmrAe18xHbPmqtTqfqHsLgsSFmIL/pJYu41s5PayQDKqtOeW+
nkU4h65XmfRdLFmq6D83uSBJIu8AEtvviY8EeXoz3FM5GXvcMGpFS2MR0Wme3tS2
hWxwF1yAnFOGNJdf8pkFpfnnX+iHRpZ7xRB2OaU94Ac8xSzJ+cvEBkKVWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFITWpjDptDa0gtLlbOlRHIAsp2Z2MB8GA1UdIwQY
MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt
NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy
LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfvUPMRxP
IxVSbgVLyehv9bnomk+/ye2/tcSEniDL9/HOIBcGlbzAqw0bdcUhQU5kDt4QY23F
EYQmCp61EzZUUaKFaz+F5MGP0JvAGyIamajppvHjeMwJjqKFnQEVNHecrG1P0zSw
/DcR7/sdqvenRGIPiWj1/1iH9qPFhYgcmqj9MlnTZHN4dwzQG9s2egttTdGKeQj1
aCWofffEVG0ijPDXcDlCiiIlVkD3Fc1ir8xsoE3IyDugynxJRhXSz/mxWow65+yM
OEgN0ZxwiT+EvPBJET9RLeKpUc/GWPJKjj7Xjb2EDK+QwcJQyduOyUUmNjh9TXPg
7W1SeZtvi/U5Ig==
-----END CERTIFICATE-----