Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft
File:                     98_k1DTTh2RAV9JB6sb2nT7oHBI.mft (raw, json)
Hash identifier:          Jm/UC2yXOKIqGGsS6mjViTP5KNLVzVv9mdF0C5abLXA=
Subject key identifier:   2B:99:5E:12:84:B1:17:BF:5B:25:91:03:1D:24:E9:82:4C:A8:B9:C1
Authority key identifier: F7:CF:E4:D4:34:D3:87:64:40:57:D2:41:EA:C6:F6:9D:3E:E8:1C:12
Certificate issuer:       /CN=f7cfe4d434d387644057d241eac6f69d3ee81c12
Certificate serial:       019644B2451AF61D67EA63A3876D381E73C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/98_k1DTTh2RAV9JB6sb2nT7oHBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft
Manifest number:          071B
Signing time:             Thu 17 Apr 2025 17:00:55 +0000
Manifest this update:     Thu 17 Apr 2025 17:00:55 +0000
Manifest next update:     Fri 18 Apr 2025 17:00:55 +0000
Files and hashes:         1: 98_k1DTTh2RAV9JB6sb2nT7oHBI.crl (hash: 0w76Q4NiRWMqRO8UhuWyl/IaCHVIWBMgtfTpAD5Ulyw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/98_k1DTTh2RAV9JB6sb2nT7oHBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:44:b2:45:1a:f6:1d:67:ea:63:a3:87:6d:38:1e:73:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7cfe4d434d387644057d241eac6f69d3ee81c12
        Validity
            Not Before: Apr 17 17:00:55 2025 GMT
            Not After : Apr 18 17:00:55 2025 GMT
        Subject: CN=2b995e1284b117bf5b2591031d24e9824ca8b9c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:56:fe:05:d2:9c:89:43:e0:5e:2d:a5:2f:63:
                    6b:a2:2c:74:29:86:b3:0b:69:3c:c5:b0:ce:bd:0c:
                    cc:51:ef:a2:c6:e4:61:2a:76:d4:fc:81:a8:8c:b1:
                    81:a8:74:c2:bf:1e:e2:d3:b7:34:e0:08:ab:c0:0d:
                    c6:54:5e:6a:8b:ab:b7:e8:a9:e8:b0:04:85:ce:2f:
                    35:26:e1:1c:25:0a:e8:5c:b6:ae:7b:64:bb:94:2b:
                    8a:64:13:ad:40:c8:8a:4d:11:2e:b8:d3:a3:f3:9b:
                    9a:5a:0d:9f:74:81:9c:e3:9d:f9:9c:ed:4d:1a:a6:
                    b7:ba:48:60:0f:a7:ec:0a:76:01:05:1b:31:20:f9:
                    53:f8:df:c3:32:86:cf:82:25:0e:90:e9:12:ff:ef:
                    c6:a1:cd:21:87:4c:02:57:3a:0f:8d:f8:ee:f7:ca:
                    35:e4:77:e0:cf:c7:5a:59:1a:15:43:3a:22:c7:a1:
                    d5:97:80:28:0f:f6:f6:59:bf:34:85:c2:16:f4:91:
                    32:58:a2:a9:4f:e0:6d:47:59:68:b2:1c:56:ef:34:
                    f9:23:ec:3b:8f:29:2a:c9:52:67:85:09:ed:33:3b:
                    70:04:44:05:b7:22:1a:15:c2:09:e4:79:a1:87:54:
                    97:66:46:a5:3e:9f:f9:88:53:57:56:96:1b:a2:f0:
                    48:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:99:5E:12:84:B1:17:BF:5B:25:91:03:1D:24:E9:82:4C:A8:B9:C1
            X509v3 Authority Key Identifier:
                keyid:F7:CF:E4:D4:34:D3:87:64:40:57:D2:41:EA:C6:F6:9D:3E:E8:1C:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/98_k1DTTh2RAV9JB6sb2nT7oHBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:f4:17:f5:46:38:e8:f8:57:23:6d:62:3c:62:03:26:f0:3f:
         72:a6:20:80:94:24:91:39:c9:0b:4b:84:9e:b3:3f:f4:9f:75:
         03:55:24:c3:11:2a:ab:d2:52:4f:06:a3:72:0e:19:0a:b4:69:
         47:9b:3e:e3:7e:36:10:1b:63:48:2c:ab:3d:40:29:83:2a:fc:
         2f:6a:38:70:02:39:62:34:0c:67:98:c2:6f:2e:b9:b1:f8:b2:
         64:28:07:b0:86:38:51:a0:22:c8:d8:1e:f5:4d:84:e9:f8:8a:
         ed:d4:30:f1:05:d0:62:a4:5d:a0:04:7e:8e:67:ce:63:71:80:
         ca:dc:6c:09:62:d1:7b:f3:bc:35:63:b2:e0:e6:39:3e:7b:f4:
         8a:cd:8b:3c:e5:61:c0:e7:12:0b:c4:56:44:76:6d:b3:8f:03:
         33:f9:a4:9b:94:1f:43:bd:ba:ea:14:9c:d4:99:8b:8f:63:b5:
         2c:db:56:d0:a0:e0:57:73:cd:19:de:25:e1:4c:15:7f:ba:1f:
         7b:6f:c8:dd:33:a0:e0:6d:32:e7:eb:8a:c1:df:59:22:6d:e6:
         18:6b:aa:d2:60:3b:21:57:17:6d:81:6b:72:a8:fe:72:0d:9a:
         2d:58:59:7f:41:b8:20:d0:3c:74:0f:94:2b:6b:dc:81:ab:01:
         46:23:c2:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZEskUa9h1n6mOjh204HnPCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3Y2ZlNGQ0MzRkMzg3NjQ0MDU3ZDI0MWVhYzZmNjlkM2Vl
ODFjMTIwHhcNMjUwNDE3MTcwMDU1WhcNMjUwNDE4MTcwMDU1WjAzMTEwLwYDVQQD
EygyYjk5NWUxMjg0YjExN2JmNWIyNTkxMDMxZDI0ZTk4MjRjYThiOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFb+BdKciUPgXi2lL2Nroix0KYaz
C2k8xbDOvQzMUe+ixuRhKnbU/IGojLGBqHTCvx7i07c04AirwA3GVF5qi6u36Kno
sASFzi81JuEcJQroXLaue2S7lCuKZBOtQMiKTREuuNOj85uaWg2fdIGc4535nO1N
Gqa3ukhgD6fsCnYBBRsxIPlT+N/DMobPgiUOkOkS/+/Goc0hh0wCVzoPjfju98o1
5Hfgz8daWRoVQzoix6HVl4AoD/b2Wb80hcIW9JEyWKKpT+BtR1loshxW7zT5I+w7
jykqyVJnhQntMztwBEQFtyIaFcIJ5Hmhh1SXZkalPp/5iFNXVpYbovBIZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCuZXhKEsRe/WyWRAx0k6YJMqLnBMB8GA1UdIwQY
MBaAFPfP5NQ004dkQFfSQerG9p0+6BwSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOThfazFEVFRoMlJBVjlKQjZzYjJuVDdvSEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8wYzgwMDgtOGE1Mi00MTc2LWI2OTMt
YzQwNTQ0MjgxZWIwLzEvOThfazFEVFRoMlJBVjlKQjZzYjJuVDdvSEJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8wYzgwMDgtOGE1Mi00MTc2LWI2OTMtYzQwNTQ0MjgxZWIw
LzEvOThfazFEVFRoMlJBVjlKQjZzYjJuVDdvSEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASfQX9UY4
6PhXI21iPGIDJvA/cqYggJQkkTnJC0uEnrM/9J91A1UkwxEqq9JSTwajcg4ZCrRp
R5s+4342EBtjSCyrPUApgyr8L2o4cAI5YjQMZ5jCby65sfiyZCgHsIY4UaAiyNge
9U2E6fiK7dQw8QXQYqRdoAR+jmfOY3GAytxsCWLRe/O8NWOy4OY5Pnv0is2LPOVh
wOcSC8RWRHZts48DM/mkm5QfQ7266hSc1JmLj2O1LNtW0KDgV3PNGd4l4UwVf7of
e2/I3TOg4G0y5+uKwd9ZIm3mGGuq0mA7IVcXbYFrcqj+cg2aLVhZf0G4INA8dA+U
K2vcgasBRiPCFA==
-----END CERTIFICATE-----