Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
File:                     KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json)
Hash identifier:          3U0Kd98cU0a/InzlW0ZbxBBad+N6xjOyG5Qa6AJLN/s=
Subject key identifier:   D2:D3:0C:45:ED:2A:8C:8D:E4:A8:1C:8E:2A:24:B4:33:60:4C:F5:DA
Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26
Certificate issuer:       /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
Certificate serial:       0198835650FAE58D2E9BA2F167581C57BD65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
Manifest number:          161C
Signing time:             Thu 07 Aug 2025 07:02:08 +0000
Manifest this update:     Thu 07 Aug 2025 07:02:08 +0000
Manifest next update:     Fri 08 Aug 2025 07:02:08 +0000
Files and hashes:         1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: 1osZ6UvUB7Nu7DFkcVpnMLYl9zrkFrCOixlZekXua3s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 07:02:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:83:56:50:fa:e5:8d:2e:9b:a2:f1:67:58:1c:57:bd:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
        Validity
            Not Before: Aug  7 07:02:08 2025 GMT
            Not After : Aug  8 07:02:08 2025 GMT
        Subject: CN=d2d30c45ed2a8c8de4a81c8e2a24b433604cf5da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ac:8d:ef:02:1d:8e:f7:42:3b:79:41:5d:9f:
                    4f:19:b5:eb:7e:ef:cb:d1:38:11:95:40:ff:74:bd:
                    a5:72:0e:8c:6f:6f:84:39:02:01:8b:3f:ec:d8:84:
                    6d:02:37:8a:58:f9:08:13:e4:7a:aa:c6:57:4a:e2:
                    10:90:41:ae:78:6c:3a:df:3e:d2:80:7c:31:ba:57:
                    78:e5:55:c1:85:7a:1c:96:5f:f6:d8:df:3b:0f:dd:
                    a5:37:14:c3:d7:64:0a:6d:0d:aa:14:0f:65:0b:ed:
                    3b:d9:71:59:84:aa:ac:1a:67:d2:69:75:a9:91:97:
                    0b:c2:64:1d:7c:c5:cc:a5:83:25:95:b8:4c:8b:97:
                    33:cf:7b:98:48:de:4d:0c:15:fc:a4:48:1f:93:53:
                    3d:1f:0a:20:52:13:c5:39:75:4f:53:cb:7d:5c:df:
                    95:e3:3c:6a:b8:95:76:bf:93:42:fc:a9:a1:1e:7d:
                    23:88:16:99:f8:3f:aa:16:c5:1a:e3:df:e5:8e:15:
                    5f:a7:3a:65:7c:ff:b0:a8:57:53:e1:e0:18:83:c3:
                    ce:ef:f7:e4:83:d1:8b:cc:19:3a:f7:e0:0a:f1:d8:
                    db:8c:09:46:f2:a1:78:2d:b1:c8:b0:2c:2e:52:0a:
                    c1:4f:c9:41:c7:b0:5a:21:21:f1:ad:29:f0:7b:ba:
                    38:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:D3:0C:45:ED:2A:8C:8D:E4:A8:1C:8E:2A:24:B4:33:60:4C:F5:DA
            X509v3 Authority Key Identifier:
                keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:62:1e:60:42:71:5b:95:e3:a6:8e:9e:e2:79:f7:43:fe:a2:
         1e:22:fb:7b:d6:9f:cc:0c:29:b2:69:d8:6d:1f:4c:a7:a2:61:
         7c:39:19:64:71:ae:2a:ad:b5:ce:62:7b:6e:9c:bf:b6:8e:1f:
         46:9e:58:09:bf:81:59:15:d0:5d:31:84:ef:b2:9c:d4:a0:27:
         99:81:79:34:5f:10:3f:ee:24:35:c4:6d:de:4b:50:d9:2c:66:
         43:12:12:a9:4a:56:28:0f:ad:12:7f:f6:4d:c9:69:d4:f9:1e:
         8b:c6:9a:60:63:3a:13:58:46:e8:e5:da:8a:61:c5:97:4a:f2:
         08:f1:79:dd:a9:d0:67:75:6d:13:0c:77:d9:b5:41:2a:09:2e:
         85:52:64:05:20:bc:a7:d2:3a:57:92:cd:e2:2f:b1:56:b5:fd:
         28:fb:c7:e3:1a:0a:46:34:c6:34:03:61:ac:61:49:fb:3c:c8:
         a5:63:47:9f:86:3f:d3:3d:65:57:62:f7:cf:9e:a4:e1:bd:39:
         fd:e7:13:02:b0:5d:da:b4:0b:a6:d4:d0:6f:2f:f9:61:0d:57:
         34:dd:16:52:90:8d:2a:a5:b0:e3:25:40:7c:3a:1d:49:9e:95:
         41:67:45:b6:fc:1d:12:f9:20:60:e3:78:d7:3b:a8:a7:f2:a6:
         a0:eb:c8:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiDVlD65Y0um6LxZ1gcV71lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2
OGQ4MjYwHhcNMjUwODA3MDcwMjA4WhcNMjUwODA4MDcwMjA4WjAzMTEwLwYDVQQD
EyhkMmQzMGM0NWVkMmE4YzhkZTRhODFjOGUyYTI0YjQzMzYwNGNmNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqyN7wIdjvdCO3lBXZ9PGbXrfu/L
0TgRlUD/dL2lcg6Mb2+EOQIBiz/s2IRtAjeKWPkIE+R6qsZXSuIQkEGueGw63z7S
gHwxuld45VXBhXocll/22N87D92lNxTD12QKbQ2qFA9lC+072XFZhKqsGmfSaXWp
kZcLwmQdfMXMpYMllbhMi5czz3uYSN5NDBX8pEgfk1M9HwogUhPFOXVPU8t9XN+V
4zxquJV2v5NC/KmhHn0jiBaZ+D+qFsUa49/ljhVfpzplfP+wqFdT4eAYg8PO7/fk
g9GLzBk69+AK8djbjAlG8qF4LbHIsCwuUgrBT8lBx7BaISHxrSnwe7o4vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLTDEXtKoyN5KgcjioktDNgTPXaMB8GA1UdIwQY
MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt
NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy
LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGGIeYEJx
W5Xjpo6e4nn3Q/6iHiL7e9afzAwpsmnYbR9Mp6JhfDkZZHGuKq21zmJ7bpy/to4f
Rp5YCb+BWRXQXTGE77Kc1KAnmYF5NF8QP+4kNcRt3ktQ2SxmQxISqUpWKA+tEn/2
Tclp1Pkei8aaYGM6E1hG6OXaimHFl0ryCPF53anQZ3VtEwx32bVBKgkuhVJkBSC8
p9I6V5LN4i+xVrX9KPvH4xoKRjTGNANhrGFJ+zzIpWNHn4Y/0z1lV2L3z56k4b05
/ecTArBd2rQLptTQby/5YQ1XNN0WUpCNKqWw4yVAfDodSZ6VQWdFtvwdEvkgYON4
1zuop/KmoOvIOA==
-----END CERTIFICATE-----