Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft
File:                     98_k1DTTh2RAV9JB6sb2nT7oHBI.mft (raw, json)
Hash identifier:          c0aTUk8YvXS2v5J7HlaejwP6E/TyIa1fI5q2qoH1wZc=
Subject key identifier:   C6:60:12:9B:16:94:FD:55:29:35:4F:AD:4B:6B:95:59:38:8D:49:38
Authority key identifier: F7:CF:E4:D4:34:D3:87:64:40:57:D2:41:EA:C6:F6:9D:3E:E8:1C:12
Certificate issuer:       /CN=f7cfe4d434d387644057d241eac6f69d3ee81c12
Certificate serial:       0197530FCEFB9C1721F384225868A61EF838
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/98_k1DTTh2RAV9JB6sb2nT7oHBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft
Manifest number:          07A7
Signing time:             Mon 09 Jun 2025 05:00:34 +0000
Manifest this update:     Mon 09 Jun 2025 05:00:34 +0000
Manifest next update:     Tue 10 Jun 2025 05:00:34 +0000
Files and hashes:         1: 98_k1DTTh2RAV9JB6sb2nT7oHBI.crl (hash: yWdxbjs2pjHct6tnSZH2wOsD4Wt6YsKZDF4dGVjr/ZI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/98_k1DTTh2RAV9JB6sb2nT7oHBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:0f:ce:fb:9c:17:21:f3:84:22:58:68:a6:1e:f8:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7cfe4d434d387644057d241eac6f69d3ee81c12
        Validity
            Not Before: Jun  9 05:00:34 2025 GMT
            Not After : Jun 10 05:00:34 2025 GMT
        Subject: CN=c660129b1694fd5529354fad4b6b9559388d4938
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:1a:a4:ff:cc:31:c4:e6:73:c0:ae:a1:85:1a:
                    a7:f6:c2:b5:d5:96:8f:b9:e5:ec:d5:2e:dc:90:ef:
                    55:32:e9:cc:8c:a4:72:39:e9:57:28:38:ed:25:25:
                    bb:4f:8b:8a:44:3d:4b:f2:3c:27:df:43:92:68:e0:
                    df:7a:9c:88:59:15:7f:ff:a5:c6:3f:79:fd:7e:7a:
                    a6:b2:a2:c9:6b:4e:37:66:9c:18:38:71:94:0b:bc:
                    4f:aa:2b:ff:d9:c9:b7:45:69:68:4f:81:88:e4:aa:
                    8f:04:05:dd:f6:34:2c:7e:86:b4:e2:d9:72:cc:f2:
                    c3:07:74:24:98:f6:9e:bc:f3:a5:b7:ca:9a:1e:1a:
                    c3:18:da:ca:95:0c:3c:d7:f1:d6:13:e6:38:8d:bd:
                    a6:a9:c6:36:30:ef:f4:a4:09:f5:6b:62:9d:82:ef:
                    a1:1d:4b:00:44:81:1f:2f:b4:96:d4:46:b3:15:46:
                    c2:6b:98:0c:c9:8c:55:b6:f5:d6:d2:a7:25:27:f7:
                    dc:28:5d:46:fb:d6:df:d9:7a:26:61:c4:c1:f7:6a:
                    25:55:43:b2:c2:01:10:5d:8e:85:5e:05:5c:2d:a5:
                    42:05:c0:72:c0:6a:b5:3e:10:32:cc:86:5f:42:aa:
                    a9:33:ca:3e:93:c9:15:f2:65:16:58:49:5a:15:02:
                    a7:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:60:12:9B:16:94:FD:55:29:35:4F:AD:4B:6B:95:59:38:8D:49:38
            X509v3 Authority Key Identifier:
                keyid:F7:CF:E4:D4:34:D3:87:64:40:57:D2:41:EA:C6:F6:9D:3E:E8:1C:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/98_k1DTTh2RAV9JB6sb2nT7oHBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:7b:46:9b:a7:62:6f:5f:fe:16:83:3d:80:fe:92:e6:19:f2:
         5a:eb:5b:a8:b6:27:57:4b:91:cc:2d:5d:44:0e:5e:50:f2:5c:
         be:1a:25:ce:fe:a7:a0:79:c3:0a:71:e2:1b:f4:28:29:ac:43:
         b9:9c:09:27:d1:6a:6f:7f:e6:52:99:42:9d:ad:99:fb:ee:93:
         47:94:a1:cd:d8:29:86:24:7b:0b:df:9a:a7:7e:64:85:5c:f1:
         25:06:3f:e8:71:78:f5:18:61:7f:e0:37:b9:2e:f9:49:48:d8:
         7f:af:36:7f:5a:ce:92:36:9a:70:3e:bc:ca:6e:54:9b:8d:5d:
         7d:69:e9:4b:d2:79:02:da:83:84:1a:87:c1:fe:33:3e:01:63:
         0c:48:f6:29:95:69:0e:71:c5:ab:86:10:85:6a:5e:37:fe:c9:
         93:95:3f:77:67:da:c7:59:fe:26:5f:55:e2:ea:a1:4c:02:7f:
         56:dd:54:89:2b:9e:1c:8c:dc:9a:b8:d9:c9:62:22:c8:ee:3c:
         73:e1:87:1e:41:1a:85:49:1f:d5:b4:5f:20:9e:7f:da:0a:56:
         cc:92:0b:a1:53:19:a3:e1:20:63:31:91:63:e7:5c:e9:38:e9:
         db:f4:9f:c1:1f:d8:a8:fa:51:59:61:7d:81:50:f3:38:b3:2c:
         a4:d9:f1:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTD877nBch84QiWGimHvg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3Y2ZlNGQ0MzRkMzg3NjQ0MDU3ZDI0MWVhYzZmNjlkM2Vl
ODFjMTIwHhcNMjUwNjA5MDUwMDM0WhcNMjUwNjEwMDUwMDM0WjAzMTEwLwYDVQQD
EyhjNjYwMTI5YjE2OTRmZDU1MjkzNTRmYWQ0YjZiOTU1OTM4OGQ0OTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRqk/8wxxOZzwK6hhRqn9sK11ZaP
ueXs1S7ckO9VMunMjKRyOelXKDjtJSW7T4uKRD1L8jwn30OSaODfepyIWRV//6XG
P3n9fnqmsqLJa043ZpwYOHGUC7xPqiv/2cm3RWloT4GI5KqPBAXd9jQsfoa04tly
zPLDB3QkmPaevPOlt8qaHhrDGNrKlQw81/HWE+Y4jb2mqcY2MO/0pAn1a2Kdgu+h
HUsARIEfL7SW1EazFUbCa5gMyYxVtvXW0qclJ/fcKF1G+9bf2XomYcTB92olVUOy
wgEQXY6FXgVcLaVCBcBywGq1PhAyzIZfQqqpM8o+k8kV8mUWWElaFQKnwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMZgEpsWlP1VKTVPrUtrlVk4jUk4MB8GA1UdIwQY
MBaAFPfP5NQ004dkQFfSQerG9p0+6BwSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOThfazFEVFRoMlJBVjlKQjZzYjJuVDdvSEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8wYzgwMDgtOGE1Mi00MTc2LWI2OTMt
YzQwNTQ0MjgxZWIwLzEvOThfazFEVFRoMlJBVjlKQjZzYjJuVDdvSEJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8wYzgwMDgtOGE1Mi00MTc2LWI2OTMtYzQwNTQ0MjgxZWIw
LzEvOThfazFEVFRoMlJBVjlKQjZzYjJuVDdvSEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKHtGm6di
b1/+FoM9gP6S5hnyWutbqLYnV0uRzC1dRA5eUPJcvholzv6noHnDCnHiG/QoKaxD
uZwJJ9Fqb3/mUplCna2Z++6TR5ShzdgphiR7C9+ap35khVzxJQY/6HF49Rhhf+A3
uS75SUjYf682f1rOkjaacD68ym5Um41dfWnpS9J5AtqDhBqHwf4zPgFjDEj2KZVp
DnHFq4YQhWpeN/7Jk5U/d2fax1n+Jl9V4uqhTAJ/Vt1UiSueHIzcmrjZyWIiyO48
c+GHHkEahUkf1bRfIJ5/2gpWzJILoVMZo+EgYzGRY+dc6Tjp2/SfwR/YqPpRWWF9
gVDzOLMspNnxtw==
-----END CERTIFICATE-----