Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft
File:                     98_k1DTTh2RAV9JB6sb2nT7oHBI.mft (raw, json)
Hash identifier:          lQMFBIlr5EZDEJ0mftIXxoTuKA7bOUhZVieXCggSFns=
Subject key identifier:   8C:FC:E4:49:0E:51:0C:9C:5A:93:0C:08:24:4C:8B:64:FE:38:28:4F
Authority key identifier: F7:CF:E4:D4:34:D3:87:64:40:57:D2:41:EA:C6:F6:9D:3E:E8:1C:12
Certificate issuer:       /CN=f7cfe4d434d387644057d241eac6f69d3ee81c12
Certificate serial:       019A729330123C23B15DAEDF990C6EDCD16F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/98_k1DTTh2RAV9JB6sb2nT7oHBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft
Manifest number:          0945
Signing time:             Tue 11 Nov 2025 11:00:39 +0000
Manifest this update:     Tue 11 Nov 2025 11:00:39 +0000
Manifest next update:     Wed 12 Nov 2025 11:00:39 +0000
Files and hashes:         1: 98_k1DTTh2RAV9JB6sb2nT7oHBI.crl (hash: x9znJbVtL5QhNLbipbEhGJEfxOpduc6iiHK7uWq2a38=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/98_k1DTTh2RAV9JB6sb2nT7oHBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:30:12:3c:23:b1:5d:ae:df:99:0c:6e:dc:d1:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7cfe4d434d387644057d241eac6f69d3ee81c12
        Validity
            Not Before: Nov 11 11:00:39 2025 GMT
            Not After : Nov 12 11:00:39 2025 GMT
        Subject: CN=8cfce4490e510c9c5a930c08244c8b64fe38284f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f0:90:53:ab:52:6a:ba:89:b5:14:42:de:04:
                    8d:de:70:30:f0:bc:f0:8c:d2:a0:04:88:1a:11:e3:
                    58:63:bb:b4:48:90:21:25:0f:78:cb:e1:8b:4f:b0:
                    c0:c0:df:c8:71:96:48:b8:7c:3a:f0:8f:b1:45:40:
                    6e:e1:44:03:ce:37:58:64:7a:c5:6b:0f:46:e0:d9:
                    38:e2:9f:cf:94:83:c2:c8:40:7f:1f:d5:75:26:46:
                    3f:7b:c1:39:c3:87:f7:f6:d9:42:04:0d:40:65:48:
                    c8:49:8b:a7:70:be:cc:df:6a:6c:4a:e2:0d:bf:a5:
                    ca:38:88:08:4f:1e:64:a9:9e:4f:43:15:42:68:16:
                    4b:b1:0c:47:0a:a5:c2:eb:ee:be:a6:be:9c:8d:d1:
                    18:e1:da:8e:4f:49:6b:4d:5c:75:c9:1e:ac:b1:bd:
                    86:96:48:e9:97:ef:90:a5:9d:96:eb:64:5b:70:05:
                    2e:13:ae:43:f0:e1:93:fe:53:9c:1a:0c:81:1d:0e:
                    1e:04:7c:05:49:d7:1c:ce:4b:5e:92:ac:2c:2a:e1:
                    c2:eb:aa:63:58:27:38:8e:60:29:11:aa:9d:90:55:
                    32:e8:76:48:3a:b0:2f:aa:89:b7:2b:ef:12:cc:34:
                    3b:74:11:c3:d4:ef:a6:16:1e:5f:65:cb:0a:97:b9:
                    4d:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:FC:E4:49:0E:51:0C:9C:5A:93:0C:08:24:4C:8B:64:FE:38:28:4F
            X509v3 Authority Key Identifier:
                keyid:F7:CF:E4:D4:34:D3:87:64:40:57:D2:41:EA:C6:F6:9D:3E:E8:1C:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/98_k1DTTh2RAV9JB6sb2nT7oHBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:f6:e2:06:bf:3c:48:c7:20:50:4f:af:d0:2f:27:1d:01:d2:
         03:3b:56:9c:ff:a0:4c:0e:d5:1d:52:b1:7b:8d:da:32:a6:29:
         79:46:f4:11:8f:1b:d1:52:14:e6:8a:fe:e2:f4:3a:f4:d9:a6:
         d6:e3:2d:f4:14:c6:dd:ab:7d:f0:f4:c9:48:5c:1a:3e:ad:5c:
         a6:87:39:a7:dc:e9:06:cf:5d:8c:38:54:bb:67:35:f1:ee:82:
         25:41:eb:af:0e:4f:1b:03:51:75:75:b2:35:1c:2a:1e:a5:6f:
         80:6e:c4:5a:cc:69:1f:61:88:d6:b7:cd:0c:22:b1:d2:65:09:
         86:b9:e2:b8:f5:4d:f3:f3:2a:d3:c0:a6:4c:a3:d5:5e:f8:72:
         20:c1:3b:58:3a:b9:71:b8:48:e1:9a:f0:66:34:3a:1f:2f:2a:
         ba:6f:9e:30:1f:25:90:d0:3a:07:0a:0c:6e:26:55:f3:73:c8:
         04:b0:42:63:9f:cd:83:85:84:12:a1:20:c3:8e:84:72:b6:10:
         12:02:94:c3:a4:44:4b:38:57:7a:43:be:4f:24:71:7a:00:b1:
         41:ba:d4:ee:e8:73:ce:af:13:15:99:b6:95:fb:6a:5c:d6:04:
         b6:2e:fe:64:e0:4a:2c:fe:8f:93:26:b7:70:0b:0c:af:31:ca:
         ba:62:20:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpykzASPCOxXa7fmQxu3NFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3Y2ZlNGQ0MzRkMzg3NjQ0MDU3ZDI0MWVhYzZmNjlkM2Vl
ODFjMTIwHhcNMjUxMTExMTEwMDM5WhcNMjUxMTEyMTEwMDM5WjAzMTEwLwYDVQQD
Eyg4Y2ZjZTQ0OTBlNTEwYzljNWE5MzBjMDgyNDRjOGI2NGZlMzgyODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/CQU6tSarqJtRRC3gSN3nAw8Lzw
jNKgBIgaEeNYY7u0SJAhJQ94y+GLT7DAwN/IcZZIuHw68I+xRUBu4UQDzjdYZHrF
aw9G4Nk44p/PlIPCyEB/H9V1JkY/e8E5w4f39tlCBA1AZUjISYuncL7M32psSuIN
v6XKOIgITx5kqZ5PQxVCaBZLsQxHCqXC6+6+pr6cjdEY4dqOT0lrTVx1yR6ssb2G
lkjpl++QpZ2W62RbcAUuE65D8OGT/lOcGgyBHQ4eBHwFSdcczktekqwsKuHC66pj
WCc4jmApEaqdkFUy6HZIOrAvqom3K+8SzDQ7dBHD1O+mFh5fZcsKl7lNWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIz85EkOUQycWpMMCCRMi2T+OChPMB8GA1UdIwQY
MBaAFPfP5NQ004dkQFfSQerG9p0+6BwSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOThfazFEVFRoMlJBVjlKQjZzYjJuVDdvSEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8wYzgwMDgtOGE1Mi00MTc2LWI2OTMt
YzQwNTQ0MjgxZWIwLzEvOThfazFEVFRoMlJBVjlKQjZzYjJuVDdvSEJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8wYzgwMDgtOGE1Mi00MTc2LWI2OTMtYzQwNTQ0MjgxZWIw
LzEvOThfazFEVFRoMlJBVjlKQjZzYjJuVDdvSEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApvbiBr88
SMcgUE+v0C8nHQHSAztWnP+gTA7VHVKxe43aMqYpeUb0EY8b0VIU5or+4vQ69Nmm
1uMt9BTG3at98PTJSFwaPq1cpoc5p9zpBs9djDhUu2c18e6CJUHrrw5PGwNRdXWy
NRwqHqVvgG7EWsxpH2GI1rfNDCKx0mUJhrniuPVN8/Mq08CmTKPVXvhyIME7WDq5
cbhI4ZrwZjQ6Hy8qum+eMB8lkNA6BwoMbiZV83PIBLBCY5/Ng4WEEqEgw46EcrYQ
EgKUw6RESzhXekO+TyRxegCxQbrU7uhzzq8TFZm2lftqXNYEti7+ZOBKLP6Pkya3
cAsMrzHKumIg3g==
-----END CERTIFICATE-----