Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
File:                     ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft (raw, json)
Hash identifier:          5hB6GSIhmILrP3ZNfJhHgcl5gTJYVM3BbHKHQqczCvU=
Subject key identifier:   DF:E5:B0:B7:CD:84:B9:EB:A9:31:3B:33:5D:C8:62:99:CD:38:24:DF
Authority key identifier: 93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB
Certificate issuer:       /CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
Certificate serial:       01976FD0C8FBC83290BC4671B1647CFD7F39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
Manifest number:          0D7A
Signing time:             Sat 14 Jun 2025 19:00:43 +0000
Manifest this update:     Sat 14 Jun 2025 19:00:43 +0000
Manifest next update:     Sun 15 Jun 2025 19:00:43 +0000
Files and hashes:         1: ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl (hash: cXqBcOpK/9K7esE/o9pg5KYgSrsj77zriLWvzs0FDgY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:d0:c8:fb:c8:32:90:bc:46:71:b1:64:7c:fd:7f:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
        Validity
            Not Before: Jun 14 19:00:43 2025 GMT
            Not After : Jun 15 19:00:43 2025 GMT
        Subject: CN=dfe5b0b7cd84b9eba9313b335dc86299cd3824df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:2a:4f:36:f7:57:c7:b5:8b:d8:5e:a8:d2:9b:
                    5b:85:e1:c2:1c:c9:0f:5e:97:8a:60:3d:30:4e:75:
                    61:c1:bd:f7:54:22:b5:32:04:b0:a4:fc:3b:9a:df:
                    d3:ce:82:78:1a:db:e4:a4:6f:0a:b1:91:28:cc:e7:
                    9c:dd:6d:74:48:77:a6:ea:63:51:3b:55:38:91:94:
                    85:c0:83:87:45:2e:b6:66:eb:a4:11:e0:26:22:e3:
                    ec:73:87:20:a0:69:db:e3:ec:b3:48:19:8e:ca:64:
                    f6:a9:10:04:1d:ae:94:6c:cf:56:06:31:ff:e4:3b:
                    29:6b:44:0e:36:94:db:ed:ad:b7:2c:c1:9b:fd:ce:
                    4d:b1:34:f6:35:ae:4b:da:f3:8a:ae:16:b2:a8:7d:
                    12:ba:4a:a7:ea:6f:75:f0:d0:70:4c:8f:40:b3:73:
                    4b:8f:ff:24:53:fa:32:0b:a2:4d:f0:e5:fb:f6:41:
                    65:5b:75:d1:82:f4:4d:bd:28:46:d3:25:d1:02:a6:
                    a7:18:3b:44:85:47:de:78:83:14:68:cf:2e:3a:ed:
                    f9:68:79:cb:6f:64:ad:5a:9a:8f:5e:1d:78:28:21:
                    dd:e0:0b:91:65:f2:40:f9:3f:ce:6d:98:90:fc:52:
                    86:8d:32:b3:dc:1f:43:bd:31:b0:d1:c0:82:d6:11:
                    bd:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:E5:B0:B7:CD:84:B9:EB:A9:31:3B:33:5D:C8:62:99:CD:38:24:DF
            X509v3 Authority Key Identifier:
                keyid:93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:ff:c0:12:68:e3:1c:71:b4:9f:bf:62:2d:34:af:85:86:d1:
         8a:44:af:e4:05:d5:05:ef:58:68:1b:b5:aa:57:b8:85:81:1d:
         f4:ca:ec:f3:c2:47:1f:a5:71:c9:4f:12:5c:62:84:0c:ab:d5:
         d7:90:c7:ac:fd:61:20:a6:e7:80:49:db:61:2c:30:44:75:2e:
         f1:a8:57:77:a5:cc:98:49:fb:c0:70:3e:85:e9:18:72:85:c2:
         af:4e:ab:c1:58:70:2d:c6:96:3f:e7:8c:3a:3f:1b:6e:2a:2c:
         0e:66:c6:d0:b7:a0:c6:6b:e1:1c:3c:ff:be:86:af:cf:76:97:
         3e:c3:bb:1e:54:de:da:c6:5c:b3:38:27:46:7d:0d:51:8c:0d:
         f8:c4:ca:80:7d:00:82:52:ee:30:37:90:a8:4d:29:a5:18:a1:
         3c:91:a7:d3:41:72:d9:d4:c5:8b:71:69:e7:fa:5d:7c:61:da:
         30:3e:a6:a2:90:8d:7b:7a:09:e9:f2:d5:5f:d1:34:5e:7e:ee:
         08:0b:24:ae:57:ad:19:2f:86:75:73:cf:7b:11:7f:db:e9:46:
         a2:2b:05:96:dc:42:30:36:76:2c:c5:f7:0d:4b:66:b1:de:a9:
         52:5a:98:a7:4d:bc:00:56:6e:be:8a:dc:26:c5:f5:49:da:9a:
         58:ec:f0:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdv0Mj7yDKQvEZxsWR8/X85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMmZiODJiOGQwMjkwYjFjYTU4Y2M3ZjFiZWQ2M2U0ZTQz
N2EwY2IwHhcNMjUwNjE0MTkwMDQzWhcNMjUwNjE1MTkwMDQzWjAzMTEwLwYDVQQD
EyhkZmU1YjBiN2NkODRiOWViYTkzMTNiMzM1ZGM4NjI5OWNkMzgyNGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkypPNvdXx7WL2F6o0ptbheHCHMkP
XpeKYD0wTnVhwb33VCK1MgSwpPw7mt/TzoJ4GtvkpG8KsZEozOec3W10SHem6mNR
O1U4kZSFwIOHRS62ZuukEeAmIuPsc4cgoGnb4+yzSBmOymT2qRAEHa6UbM9WBjH/
5Dspa0QONpTb7a23LMGb/c5NsTT2Na5L2vOKrhayqH0Sukqn6m918NBwTI9As3NL
j/8kU/oyC6JN8OX79kFlW3XRgvRNvShG0yXRAqanGDtEhUfeeIMUaM8uOu35aHnL
b2StWpqPXh14KCHd4AuRZfJA+T/ObZiQ/FKGjTKz3B9DvTGw0cCC1hG9gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/lsLfNhLnrqTE7M13IYpnNOCTfMB8GA1UdIwQY
MBaAFJMvuCuNApCxyljMfxvtY+TkN6DLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQt
ODJkMzNmNGJhYzQ1LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQtODJkMzNmNGJhYzQ1
LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkf/AEmjj
HHG0n79iLTSvhYbRikSv5AXVBe9YaBu1qle4hYEd9Mrs88JHH6VxyU8SXGKEDKvV
15DHrP1hIKbngEnbYSwwRHUu8ahXd6XMmEn7wHA+hekYcoXCr06rwVhwLcaWP+eM
Oj8bbiosDmbG0LegxmvhHDz/voavz3aXPsO7HlTe2sZcszgnRn0NUYwN+MTKgH0A
glLuMDeQqE0ppRihPJGn00Fy2dTFi3Fp5/pdfGHaMD6mopCNe3oJ6fLVX9E0Xn7u
CAskrletGS+GdXPPexF/2+lGoisFltxCMDZ2LMX3DUtmsd6pUlqYp028AFZuvorc
JsX1SdqaWOzw5g==
-----END CERTIFICATE-----