Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
File:                     KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json)
Hash identifier:          LM0nzzZCyk3T0J1AdYodEoryLqZRlUkyuZZCseMy37Q=
Subject key identifier:   B4:2C:1C:A6:F5:10:84:A7:D5:29:B3:9E:9A:22:72:DA:C2:06:AC:5A
Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26
Certificate issuer:       /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
Certificate serial:       019A54BF9A7C40A5DC15D99EB8466B00B799
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
Manifest number:          170D
Signing time:             Wed 05 Nov 2025 16:00:34 +0000
Manifest this update:     Wed 05 Nov 2025 16:00:34 +0000
Manifest next update:     Thu 06 Nov 2025 16:00:34 +0000
Files and hashes:         1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: +v+VCitf+O/ZsRJF8E1DkNzKxvyP817LuCBJTIW3NLc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 12:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:54:bf:9a:7c:40:a5:dc:15:d9:9e:b8:46:6b:00:b7:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
        Validity
            Not Before: Nov  5 16:00:34 2025 GMT
            Not After : Nov  6 16:00:34 2025 GMT
        Subject: CN=b42c1ca6f51084a7d529b39e9a2272dac206ac5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:11:0e:30:f3:11:fb:41:19:ac:a1:85:33:21:
                    07:d8:1e:31:68:aa:a2:39:52:90:63:2f:99:4f:03:
                    0c:e3:f8:e3:6b:c3:68:e8:6e:c0:c5:43:31:f4:ae:
                    9e:d6:8d:13:31:43:c0:d6:eb:25:9d:3a:70:a3:05:
                    c4:66:e7:d5:9e:34:e3:7b:b1:ee:c7:ef:92:5a:fc:
                    e6:26:2c:38:e8:6f:32:82:97:b9:66:61:ea:b4:85:
                    ae:58:3e:73:99:96:c3:22:96:ff:a5:71:57:71:a4:
                    8f:66:2c:31:05:c9:23:7d:0a:0c:d3:94:3e:96:35:
                    df:2b:45:98:14:c2:a3:5c:d0:86:ad:c8:38:d8:d7:
                    b1:6f:d0:39:51:6c:1d:71:2f:51:8b:74:ba:34:95:
                    6f:f8:62:20:29:47:37:d1:55:32:db:0b:15:cd:c8:
                    f0:24:87:be:2e:3f:80:63:62:9d:d1:9e:d9:8c:48:
                    86:5f:b6:37:3e:ce:31:0f:35:7d:23:a5:6f:8f:e6:
                    b9:1e:a1:d7:07:cd:76:86:47:59:e2:65:88:0a:a4:
                    f9:54:46:14:c4:da:18:b0:88:45:f7:ed:68:b6:fa:
                    b5:df:ce:0a:78:fc:e3:82:a4:84:b6:be:90:9f:86:
                    16:21:34:ec:03:0b:56:5d:bf:7a:f5:7b:90:0a:26:
                    6c:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:2C:1C:A6:F5:10:84:A7:D5:29:B3:9E:9A:22:72:DA:C2:06:AC:5A
            X509v3 Authority Key Identifier:
                keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:2a:78:97:ee:53:37:3e:36:c2:af:a9:77:ef:cc:cc:23:50:
         03:6c:aa:46:4f:2c:ff:6d:53:c0:b6:0f:2a:8f:b5:be:ce:47:
         ff:fc:11:50:26:22:5c:ed:f7:30:73:2c:1d:67:79:8b:cd:ef:
         c3:47:e8:a1:b0:7d:fc:73:b7:4a:82:13:2d:17:c3:71:2a:e6:
         28:09:8c:de:54:8e:ae:ea:13:4c:81:5d:e7:1f:c1:9a:68:96:
         6f:b6:95:c7:92:a2:d0:82:ca:f9:84:a9:06:aa:50:85:b0:ca:
         96:29:21:19:3f:80:16:27:c6:f4:e8:23:14:cc:7b:f5:6c:21:
         c7:22:51:ef:c3:9b:9c:2d:5d:5f:ad:e2:28:92:9f:59:c4:0e:
         a8:8f:a4:99:e3:dc:71:60:f9:6f:d7:d1:0f:4e:c8:b9:85:4d:
         56:81:cf:2f:a2:22:61:be:dc:1f:06:c8:f4:2a:a2:b4:09:b0:
         f1:59:46:bf:ee:93:f2:d2:b2:39:3b:64:df:fe:bf:af:2e:bc:
         a5:c9:a9:47:3f:54:32:68:7d:fe:70:14:bd:24:e0:2d:c1:08:
         8c:4f:32:e2:d7:47:59:2f:57:ab:38:a8:11:40:44:e0:c6:2d:
         aa:88:da:cf:16:ab:ca:10:a1:8e:ca:28:e6:61:0a:5e:98:62:
         15:f1:56:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUv5p8QKXcFdmeuEZrALeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2
OGQ4MjYwHhcNMjUxMTA1MTYwMDM0WhcNMjUxMTA2MTYwMDM0WjAzMTEwLwYDVQQD
EyhiNDJjMWNhNmY1MTA4NGE3ZDUyOWIzOWU5YTIyNzJkYWMyMDZhYzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hEOMPMR+0EZrKGFMyEH2B4xaKqi
OVKQYy+ZTwMM4/jja8No6G7AxUMx9K6e1o0TMUPA1uslnTpwowXEZufVnjTje7Hu
x++SWvzmJiw46G8ygpe5ZmHqtIWuWD5zmZbDIpb/pXFXcaSPZiwxBckjfQoM05Q+
ljXfK0WYFMKjXNCGrcg42Nexb9A5UWwdcS9Ri3S6NJVv+GIgKUc30VUy2wsVzcjw
JIe+Lj+AY2Kd0Z7ZjEiGX7Y3Ps4xDzV9I6Vvj+a5HqHXB812hkdZ4mWICqT5VEYU
xNoYsIhF9+1otvq1384KePzjgqSEtr6Qn4YWITTsAwtWXb969XuQCiZsEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQsHKb1EISn1SmznpoictrCBqxaMB8GA1UdIwQY
MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt
NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy
LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGip4l+5T
Nz42wq+pd+/MzCNQA2yqRk8s/21TwLYPKo+1vs5H//wRUCYiXO33MHMsHWd5i83v
w0foobB9/HO3SoITLRfDcSrmKAmM3lSOruoTTIFd5x/BmmiWb7aVx5Ki0ILK+YSp
BqpQhbDKlikhGT+AFifG9OgjFMx79WwhxyJR78ObnC1dX63iKJKfWcQOqI+kmePc
cWD5b9fRD07IuYVNVoHPL6IiYb7cHwbI9CqitAmw8VlGv+6T8tKyOTtk3/6/ry68
pcmpRz9UMmh9/nAUvSTgLcEIjE8y4tdHWS9XqzioEUBE4MYtqojazxaryhChjsoo
5mEKXphiFfFWQQ==
-----END CERTIFICATE-----