Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
File:                     ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft (raw, json)
Hash identifier:          bXHlIHVtqkrTcit6ezC0MFwwglLeTwoe3llbT43uQ/c=
Subject key identifier:   73:BF:CE:C2:A0:C3:CD:43:F2:F1:EE:6F:B6:AB:58:C3:47:E1:60:CD
Authority key identifier: 93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB
Certificate issuer:       /CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
Certificate serial:       0194BA845C9272AB1E2868FC38931A53829D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
Manifest number:          0C13
Signing time:             Fri 31 Jan 2025 04:00:24 +0000
Manifest this update:     Fri 31 Jan 2025 04:00:24 +0000
Manifest next update:     Sat 01 Feb 2025 04:00:24 +0000
Files and hashes:         1: ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl (hash: wF88crt/dHN4iC3B3Rkt7jysmQqHOs4kw4d+MNcMXfk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 04:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:84:5c:92:72:ab:1e:28:68:fc:38:93:1a:53:82:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
        Validity
            Not Before: Jan 31 04:00:24 2025 GMT
            Not After : Feb  1 04:00:24 2025 GMT
        Subject: CN=73bfcec2a0c3cd43f2f1ee6fb6ab58c347e160cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:0b:20:12:ce:6d:36:b9:7a:44:ba:16:e8:7a:
                    8c:bc:ae:af:90:22:d8:32:33:06:29:e8:70:ce:7d:
                    36:18:bf:e2:9e:09:bb:a1:92:12:d5:56:10:9e:12:
                    af:f5:00:2d:bf:1f:0b:11:95:2f:23:06:79:38:a1:
                    32:33:96:8b:75:43:bc:46:6d:36:20:24:76:f9:fc:
                    63:6f:6b:29:ad:0e:ef:d2:2b:76:6e:8b:58:d5:9c:
                    45:45:4d:f8:fc:f2:f0:8a:3a:e3:f9:0a:c3:56:b3:
                    40:ef:18:9f:af:27:fa:97:a5:1b:1e:f3:6d:83:a0:
                    26:f6:d9:3f:3e:bc:68:55:d1:08:29:6f:7b:2d:68:
                    87:49:eb:39:6f:17:28:26:91:cc:89:c6:15:9a:46:
                    12:64:1a:54:12:24:5e:fd:3a:a9:86:b6:3d:13:72:
                    79:59:eb:f8:b7:8e:b1:81:5b:ab:e8:60:70:1d:d1:
                    f5:5f:5c:a7:a9:35:41:34:00:e0:e0:38:a6:53:b2:
                    3e:2c:fb:88:04:f2:38:2d:07:89:65:f3:f8:0f:91:
                    c9:47:fc:43:31:7e:50:cf:8f:cd:71:d5:49:f6:e2:
                    66:c6:52:6f:f2:fd:9f:ef:75:cd:f3:c1:c2:e7:1c:
                    9b:01:bd:e3:81:5f:60:b7:de:8b:a0:3b:48:b9:79:
                    35:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:BF:CE:C2:A0:C3:CD:43:F2:F1:EE:6F:B6:AB:58:C3:47:E1:60:CD
            X509v3 Authority Key Identifier:
                keyid:93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         de:5a:30:3a:a8:85:45:c6:ea:55:82:f9:13:22:ba:2c:5e:4b:
         21:00:c3:eb:6c:9c:35:91:d6:4f:e0:eb:55:b9:bf:91:10:5f:
         4d:a8:1f:99:1b:f5:7f:47:e1:bc:c4:1a:6f:73:56:77:f4:06:
         14:63:9a:e7:d3:9d:1b:d2:c1:b4:89:e8:c9:32:0b:59:cd:35:
         b3:28:b3:94:f6:68:57:05:1a:4d:89:97:18:24:8c:e5:9a:db:
         ce:02:c5:24:f3:a0:37:d3:cc:d3:0d:b4:db:f1:d9:7a:c0:c9:
         41:4c:70:67:5e:0e:2b:d6:fb:af:db:11:c7:c9:4f:6b:08:35:
         15:0f:90:c7:8b:4f:c2:8e:89:7a:b2:81:03:ba:66:5a:04:0e:
         b1:50:ec:45:c5:fe:4d:97:c1:28:ec:43:87:b3:54:33:64:7e:
         18:50:b9:89:91:46:0d:d8:57:6f:88:bd:06:ed:32:d8:5c:66:
         bb:2e:1e:95:8b:a2:a7:c7:e5:d2:a7:a7:e1:2f:98:30:23:db:
         da:19:25:2e:05:19:a6:02:5d:69:b1:53:6c:ab:d8:aa:f6:9b:
         6b:de:5c:f7:a0:e3:78:d0:88:ea:7e:98:ba:ae:03:e2:32:5e:
         f0:94:78:ae:88:4e:4b:4e:ae:c6:31:76:26:af:c3:6d:37:14:
         ec:f3:36:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6hFyScqseKGj8OJMaU4KdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMmZiODJiOGQwMjkwYjFjYTU4Y2M3ZjFiZWQ2M2U0ZTQz
N2EwY2IwHhcNMjUwMTMxMDQwMDI0WhcNMjUwMjAxMDQwMDI0WjAzMTEwLwYDVQQD
Eyg3M2JmY2VjMmEwYzNjZDQzZjJmMWVlNmZiNmFiNThjMzQ3ZTE2MGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gsgEs5tNrl6RLoW6HqMvK6vkCLY
MjMGKehwzn02GL/ingm7oZIS1VYQnhKv9QAtvx8LEZUvIwZ5OKEyM5aLdUO8Rm02
ICR2+fxjb2sprQ7v0it2botY1ZxFRU34/PLwijrj+QrDVrNA7xifryf6l6UbHvNt
g6Am9tk/PrxoVdEIKW97LWiHSes5bxcoJpHMicYVmkYSZBpUEiRe/TqphrY9E3J5
Wev4t46xgVur6GBwHdH1X1ynqTVBNADg4DimU7I+LPuIBPI4LQeJZfP4D5HJR/xD
MX5Qz4/NcdVJ9uJmxlJv8v2f73XN88HC5xybAb3jgV9gt96LoDtIuXk1nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHO/zsKgw81D8vHub7arWMNH4WDNMB8GA1UdIwQY
MBaAFJMvuCuNApCxyljMfxvtY+TkN6DLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQt
ODJkMzNmNGJhYzQ1LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQtODJkMzNmNGJhYzQ1
LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3lowOqiF
RcbqVYL5EyK6LF5LIQDD62ycNZHWT+DrVbm/kRBfTagfmRv1f0fhvMQab3NWd/QG
FGOa59OdG9LBtInoyTILWc01syizlPZoVwUaTYmXGCSM5ZrbzgLFJPOgN9PM0w20
2/HZesDJQUxwZ14OK9b7r9sRx8lPawg1FQ+Qx4tPwo6JerKBA7pmWgQOsVDsRcX+
TZfBKOxDh7NUM2R+GFC5iZFGDdhXb4i9Bu0y2Fxmuy4elYuip8fl0qen4S+YMCPb
2hklLgUZpgJdabFTbKvYqvaba95c96DjeNCI6n6Yuq4D4jJe8JR4rohOS06uxjF2
Jq/DbTcU7PM2oQ==
-----END CERTIFICATE-----