Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
File:                     ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft (raw, json)
Hash identifier:          MztU8oompmwus2uCrcbpzBvR9QhwAPes4fj4EushQAA=
Subject key identifier:   AE:E9:44:5B:F9:BC:16:CA:08:9A:5D:A1:D2:FF:DD:8E:1A:22:F5:E0
Authority key identifier: 93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB
Certificate issuer:       /CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
Certificate serial:       01967A8DC8D69C079B1B02820C17CE94516F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
Manifest number:          0CFB
Signing time:             Mon 28 Apr 2025 04:00:34 +0000
Manifest this update:     Mon 28 Apr 2025 04:00:34 +0000
Manifest next update:     Tue 29 Apr 2025 04:00:34 +0000
Files and hashes:         1: ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl (hash: VtJ0OwphC4m/wNZF0KyTczmIQ/w5cxecV/pC79ggDC0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 04:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7a:8d:c8:d6:9c:07:9b:1b:02:82:0c:17:ce:94:51:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb
        Validity
            Not Before: Apr 28 04:00:34 2025 GMT
            Not After : Apr 29 04:00:34 2025 GMT
        Subject: CN=aee9445bf9bc16ca089a5da1d2ffdd8e1a22f5e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:54:f2:e4:12:78:a6:63:be:ff:9a:7f:d5:5d:
                    11:c8:1a:b5:ab:31:9c:1b:9c:f0:53:e3:d5:0c:93:
                    ae:18:57:fc:e7:e8:90:ac:3d:6e:56:f2:35:ef:81:
                    87:aa:a3:9d:34:7c:e8:52:13:9d:04:bf:30:0a:af:
                    f4:d8:6b:6a:9b:36:a6:69:0b:a4:56:b6:18:18:11:
                    b7:c0:78:24:7f:99:5a:29:b5:9f:a2:76:41:f3:05:
                    7d:0e:05:18:82:ac:49:12:74:8d:a4:6b:77:56:ac:
                    7c:4e:98:db:bd:18:d5:68:51:39:02:81:bd:3b:85:
                    28:45:0a:6b:cd:79:f2:64:ea:73:04:fd:27:84:32:
                    51:75:35:b3:cd:47:f2:8c:a6:43:df:53:e5:64:e6:
                    6b:e2:ae:6f:b4:22:77:47:7a:b9:47:e9:a2:c2:d2:
                    a1:c1:1b:ff:52:98:de:4b:82:74:c4:1a:f7:85:1f:
                    6c:7a:41:e5:b7:1b:d1:e9:06:88:7e:46:f9:d5:9f:
                    3f:6c:b8:40:7a:4d:fd:1d:3b:7a:d5:ba:58:af:d5:
                    ec:22:e0:85:7f:46:93:cb:24:c4:e7:62:9c:87:e3:
                    49:2f:a6:b0:63:c6:4b:d0:90:3d:c0:63:cc:31:5c:
                    3f:1e:9d:bb:3c:1d:57:e7:cc:02:a3:24:e6:77:f6:
                    72:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:E9:44:5B:F9:BC:16:CA:08:9A:5D:A1:D2:FF:DD:8E:1A:22:F5:E0
            X509v3 Authority Key Identifier:
                keyid:93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:b2:a0:75:46:25:02:b5:47:ce:96:d9:55:ff:03:27:cb:a0:
         58:00:c4:e4:cd:ef:85:45:e6:2e:b4:b7:63:87:99:5e:de:18:
         62:35:91:3b:da:ce:7f:0d:d5:46:af:18:c0:29:14:be:6f:df:
         6e:63:f0:17:6e:6b:4e:9c:15:9d:13:f9:8a:7e:90:52:76:4f:
         3b:02:89:3f:77:ee:aa:84:dd:b9:f2:c2:0d:90:83:30:fe:ad:
         8a:88:c5:a8:a6:e6:71:90:c0:98:0a:b7:e1:6c:ed:e6:a0:13:
         f5:ac:bd:1d:a7:39:bc:01:33:d2:f4:b3:87:69:27:a6:e8:fd:
         38:52:c0:21:fd:25:9e:b6:43:a9:fa:91:4b:c9:b6:cb:6e:8f:
         9c:20:8f:d7:00:86:ab:c0:e2:a8:07:60:e0:39:62:a5:05:c7:
         07:ca:d2:ed:8d:f7:70:14:19:24:dd:01:8b:f6:20:76:4a:6b:
         58:1c:51:55:56:64:6b:19:90:01:59:f6:3a:1c:fc:c4:ff:37:
         25:ec:e6:39:df:d6:cb:4e:02:72:73:6d:ff:6f:9c:31:03:20:
         0d:68:9d:f4:7d:08:f4:8f:1c:b5:8b:0c:a1:74:64:fe:0d:86:
         cd:4e:e2:5d:ef:5c:11:34:80:b5:e5:6a:08:62:d2:96:34:70:
         45:e2:b2:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6jcjWnAebGwKCDBfOlFFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMmZiODJiOGQwMjkwYjFjYTU4Y2M3ZjFiZWQ2M2U0ZTQz
N2EwY2IwHhcNMjUwNDI4MDQwMDM0WhcNMjUwNDI5MDQwMDM0WjAzMTEwLwYDVQQD
EyhhZWU5NDQ1YmY5YmMxNmNhMDg5YTVkYTFkMmZmZGQ4ZTFhMjJmNWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFTy5BJ4pmO+/5p/1V0RyBq1qzGc
G5zwU+PVDJOuGFf85+iQrD1uVvI174GHqqOdNHzoUhOdBL8wCq/02GtqmzamaQuk
VrYYGBG3wHgkf5laKbWfonZB8wV9DgUYgqxJEnSNpGt3Vqx8TpjbvRjVaFE5AoG9
O4UoRQprzXnyZOpzBP0nhDJRdTWzzUfyjKZD31PlZOZr4q5vtCJ3R3q5R+miwtKh
wRv/UpjeS4J0xBr3hR9sekHltxvR6QaIfkb51Z8/bLhAek39HTt61bpYr9XsIuCF
f0aTyyTE52Kch+NJL6awY8ZL0JA9wGPMMVw/Hp27PB1X58wCoyTmd/ZynQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK7pRFv5vBbKCJpdodL/3Y4aIvXgMB8GA1UdIwQY
MBaAFJMvuCuNApCxyljMfxvtY+TkN6DLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQt
ODJkMzNmNGJhYzQ1LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQtODJkMzNmNGJhYzQ1
LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAebKgdUYl
ArVHzpbZVf8DJ8ugWADE5M3vhUXmLrS3Y4eZXt4YYjWRO9rOfw3VRq8YwCkUvm/f
bmPwF25rTpwVnRP5in6QUnZPOwKJP3fuqoTdufLCDZCDMP6tiojFqKbmcZDAmAq3
4Wzt5qAT9ay9Hac5vAEz0vSzh2knpuj9OFLAIf0lnrZDqfqRS8m2y26PnCCP1wCG
q8DiqAdg4DlipQXHB8rS7Y33cBQZJN0Bi/YgdkprWBxRVVZkaxmQAVn2Ohz8xP83
JezmOd/Wy04CcnNt/2+cMQMgDWid9H0I9I8ctYsMoXRk/g2GzU7iXe9cETSAteVq
CGLSljRwReKyAQ==
-----END CERTIFICATE-----