Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
File:                     KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json)
Hash identifier:          RYCHKw5KItXHE1Qm+kWYRKx3wlN1l/rsr8pppxRBTu8=
Subject key identifier:   6C:76:D4:98:A3:B0:06:98:31:C7:A7:E5:F1:0F:57:D5:7C:61:A0:31
Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26
Certificate issuer:       /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
Certificate serial:       019CAD59DBCAE88D227B997FBF475E22C2E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
Manifest number:          1844
Signing time:             Mon 02 Mar 2026 07:01:13 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:13 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:13 +0000
Files and hashes:         1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: Apzw1wPm4rfIRUXP6KuQww3jLKSVBqIsbZ7L1fokQoI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:db:ca:e8:8d:22:7b:99:7f:bf:47:5e:22:c2:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
        Validity
            Not Before: Mar  2 07:01:13 2026 GMT
            Not After : Mar  3 07:01:13 2026 GMT
        Subject: CN=6c76d498a3b0069831c7a7e5f10f57d57c61a031
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b9:67:af:a0:76:ba:ba:91:bb:ee:27:6f:a9:
                    9f:d1:ca:6e:a6:8d:39:16:ba:9a:3d:70:6f:ec:0d:
                    bb:ae:20:f1:5b:45:b1:08:11:6f:51:d6:9d:8d:09:
                    da:99:95:e3:c6:9e:47:b8:bb:0b:c7:07:90:97:49:
                    ff:95:d3:cc:29:97:16:fa:2f:84:5d:17:ca:18:bf:
                    f7:38:d2:cf:ff:95:23:3a:84:4f:f9:39:d5:cd:40:
                    c0:71:db:91:60:51:be:c0:8c:ff:67:c6:20:8e:dc:
                    e0:78:2a:f3:0d:da:4b:83:7a:76:0c:e0:0d:56:cf:
                    f0:0d:d2:d9:f9:e3:b9:7a:54:9f:ab:d1:54:eb:63:
                    5b:3d:be:9a:ac:93:c3:bf:00:8e:4a:00:21:bf:4b:
                    40:9f:9b:f6:40:03:bd:d1:90:1e:41:1e:21:b6:92:
                    a8:bb:f2:d8:ee:55:70:e2:7e:22:e3:f2:85:b8:4f:
                    f8:6a:45:9f:41:3e:9d:86:5d:00:8e:a8:6a:41:db:
                    02:ea:1c:b3:f1:fb:a9:68:83:31:2b:82:d1:16:f5:
                    22:6c:b4:32:ab:12:0e:4e:56:b5:8b:5d:71:80:0d:
                    9b:be:db:35:fe:57:57:60:e2:fb:75:a1:35:4e:69:
                    8a:82:97:e1:5e:d9:84:c1:b8:04:47:dc:45:f4:6e:
                    86:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:76:D4:98:A3:B0:06:98:31:C7:A7:E5:F1:0F:57:D5:7C:61:A0:31
            X509v3 Authority Key Identifier:
                keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:31:de:3f:c7:72:29:84:84:e5:0d:ba:d7:5f:d3:69:87:53:
         51:2e:b8:97:41:8c:6c:bf:4c:a0:d7:00:1c:bf:24:2a:38:f5:
         9a:6f:bb:60:9c:c4:77:ca:40:8f:a5:f9:bc:64:9c:42:f8:29:
         d7:6a:d6:7d:27:47:c3:28:c8:74:4c:4c:e2:8c:1a:27:fd:8c:
         75:b7:8d:e0:b6:3a:73:a2:f2:71:30:a3:91:67:2f:3c:77:2b:
         0d:2b:13:aa:bf:05:64:89:c4:43:fc:f8:aa:43:f5:aa:65:15:
         86:cd:39:26:a9:e1:7b:0b:5b:50:6f:dc:8f:e9:a9:9f:51:3a:
         91:8f:e3:5f:64:a6:79:32:25:80:bb:d7:e0:f6:40:0d:f1:78:
         69:15:30:be:0f:3b:91:31:97:53:fe:8b:55:ed:a0:73:92:5a:
         64:4a:a4:a7:fe:dc:79:0c:32:bc:c0:b4:bb:a1:e0:53:24:db:
         49:44:b8:79:8a:ba:81:6f:2c:cc:f0:6b:fe:82:22:2d:0d:3d:
         7d:3b:b3:e6:fe:76:4c:ba:fe:1e:bf:92:e2:46:73:43:53:7e:
         41:6e:c2:3f:7b:36:8f:ae:56:2b:c4:a2:33:08:97:77:34:34:
         b1:57:17:43:c4:44:9c:90:92:82:c0:7d:79:04:27:a0:55:62:
         e8:e3:65:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWdvK6I0ie5l/v0deIsLkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2
OGQ4MjYwHhcNMjYwMzAyMDcwMTEzWhcNMjYwMzAzMDcwMTEzWjAzMTEwLwYDVQQD
Eyg2Yzc2ZDQ5OGEzYjAwNjk4MzFjN2E3ZTVmMTBmNTdkNTdjNjFhMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLlnr6B2urqRu+4nb6mf0cpupo05
FrqaPXBv7A27riDxW0WxCBFvUdadjQnamZXjxp5HuLsLxweQl0n/ldPMKZcW+i+E
XRfKGL/3ONLP/5UjOoRP+TnVzUDAcduRYFG+wIz/Z8YgjtzgeCrzDdpLg3p2DOAN
Vs/wDdLZ+eO5elSfq9FU62NbPb6arJPDvwCOSgAhv0tAn5v2QAO90ZAeQR4htpKo
u/LY7lVw4n4i4/KFuE/4akWfQT6dhl0AjqhqQdsC6hyz8fupaIMxK4LRFvUibLQy
qxIOTla1i11xgA2bvts1/ldXYOL7daE1TmmKgpfhXtmEwbgER9xF9G6GLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGx21JijsAaYMcen5fEPV9V8YaAxMB8GA1UdIwQY
MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt
NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy
LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlTHeP8dy
KYSE5Q2611/TaYdTUS64l0GMbL9MoNcAHL8kKjj1mm+7YJzEd8pAj6X5vGScQvgp
12rWfSdHwyjIdExM4owaJ/2MdbeN4LY6c6LycTCjkWcvPHcrDSsTqr8FZInEQ/z4
qkP1qmUVhs05JqnhewtbUG/cj+mpn1E6kY/jX2SmeTIlgLvX4PZADfF4aRUwvg87
kTGXU/6LVe2gc5JaZEqkp/7ceQwyvMC0u6HgUyTbSUS4eYq6gW8szPBr/oIiLQ09
fTuz5v52TLr+Hr+S4kZzQ1N+QW7CP3s2j65WK8SiMwiXdzQ0sVcXQ8REnJCSgsB9
eQQnoFVi6ONlGQ==
-----END CERTIFICATE-----