Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft
File:                     98_k1DTTh2RAV9JB6sb2nT7oHBI.mft (raw, json)
Hash identifier:          knzoD2mInmbXrTj8Mi1YIRLZIVHcU8gp4BfIMH3uYE4=
Subject key identifier:   F5:5B:F2:1A:7D:D9:BA:08:7A:68:FC:54:1F:02:39:96:A0:26:31:E8
Authority key identifier: F7:CF:E4:D4:34:D3:87:64:40:57:D2:41:EA:C6:F6:9D:3E:E8:1C:12
Certificate issuer:       /CN=f7cfe4d434d387644057d241eac6f69d3ee81c12
Certificate serial:       019D39408DB630EDEB0DAEEFD9363B24ED43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/98_k1DTTh2RAV9JB6sb2nT7oHBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft
Manifest number:          0AB5
Signing time:             Sun 29 Mar 2026 11:00:25 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:25 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:25 +0000
Files and hashes:         1: 98_k1DTTh2RAV9JB6sb2nT7oHBI.crl (hash: A1EaQGv7Uwg+Jc3grcoGahuk9J4pOkzdu0ZmoHCKvc4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/98_k1DTTh2RAV9JB6sb2nT7oHBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:8d:b6:30:ed:eb:0d:ae:ef:d9:36:3b:24:ed:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7cfe4d434d387644057d241eac6f69d3ee81c12
        Validity
            Not Before: Mar 29 11:00:25 2026 GMT
            Not After : Mar 30 11:00:25 2026 GMT
        Subject: CN=f55bf21a7dd9ba087a68fc541f023996a02631e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ba:a4:27:bb:1f:6f:54:08:76:48:66:12:0a:
                    8f:94:cf:0a:b0:d4:0b:f3:c7:f4:6e:c9:5a:cf:c1:
                    db:b0:6a:e8:2e:17:a8:a2:e6:31:56:c5:05:2c:b0:
                    3b:ed:b0:ee:88:f4:8e:52:02:95:d4:23:98:ba:95:
                    df:18:d6:d6:28:41:c6:0f:7f:e7:1d:6f:e2:b0:65:
                    c0:e4:51:57:53:e2:ff:f4:af:40:51:8e:eb:c6:a5:
                    2b:c6:28:34:6f:9e:fc:65:6b:24:76:d9:9b:8d:57:
                    83:1c:e8:f2:0c:67:2f:15:64:cd:0c:71:f4:83:cb:
                    a0:3b:bd:78:85:fd:de:02:9d:5d:c5:e9:1a:09:39:
                    2b:c8:4e:58:1a:47:6f:b4:a8:27:8c:e0:c6:b4:ab:
                    6c:de:b9:86:49:d5:ea:df:3e:cf:e7:54:e7:b1:4a:
                    a9:a9:03:33:6d:7f:bb:ad:3a:7b:14:2c:39:40:92:
                    18:3a:94:49:2a:bf:18:2d:15:6a:63:8e:3e:4a:fd:
                    12:5d:04:29:01:26:41:59:89:15:cf:86:4d:d3:c7:
                    5b:9f:30:9f:e9:ba:aa:74:d7:2d:5b:a5:a7:e3:f5:
                    ac:a4:f0:27:25:29:29:53:5b:8b:20:23:5f:09:68:
                    5c:e2:d6:96:8c:1d:e3:16:35:bd:92:e3:43:7c:68:
                    d9:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:5B:F2:1A:7D:D9:BA:08:7A:68:FC:54:1F:02:39:96:A0:26:31:E8
            X509v3 Authority Key Identifier:
                keyid:F7:CF:E4:D4:34:D3:87:64:40:57:D2:41:EA:C6:F6:9D:3E:E8:1C:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/98_k1DTTh2RAV9JB6sb2nT7oHBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0c8008-8a52-4176-b693-c40544281eb0/1/98_k1DTTh2RAV9JB6sb2nT7oHBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:52:31:77:ff:3a:80:a1:2d:a8:b4:43:97:e7:ad:21:a1:f9:
         c2:52:c2:b0:d2:7e:8f:1a:24:49:67:eb:5f:47:41:22:24:01:
         a7:48:94:23:d4:58:90:89:d5:05:9a:8d:5f:0d:7e:43:38:9c:
         a9:f6:cc:6a:7e:e5:96:76:28:b4:e6:b7:e9:1a:91:63:67:ee:
         29:3a:69:eb:6e:76:dd:18:3b:1f:1d:19:c4:35:eb:bf:aa:78:
         f8:d0:b9:a7:11:b7:5e:73:85:b2:d4:ed:fd:b4:d3:2e:fd:c5:
         5e:02:1f:86:4f:64:18:25:e2:3b:25:54:ae:81:bd:13:a6:ee:
         a5:20:a0:9c:5d:12:f4:48:ce:00:6a:e7:70:b3:f3:10:33:8c:
         9d:93:82:b8:a9:06:fa:f4:d6:98:9e:8d:4d:15:06:b8:07:c1:
         4d:19:f6:d1:03:5d:61:c8:b4:38:e2:39:d0:f6:d3:bd:fa:dc:
         2e:c7:e2:80:00:38:cc:e7:5b:aa:ea:f8:5a:8b:fe:ed:a4:d7:
         5d:47:d7:68:67:34:6e:a0:0f:2b:78:ba:a5:0a:be:1a:33:04:
         68:94:1f:75:45:a1:2c:a7:a2:58:42:5e:db:40:41:bd:cb:71:
         7b:99:84:11:76:02:db:72:2c:79:3d:7a:64:88:b7:65:d7:77:
         41:47:05:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QI22MO3rDa7v2TY7JO1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3Y2ZlNGQ0MzRkMzg3NjQ0MDU3ZDI0MWVhYzZmNjlkM2Vl
ODFjMTIwHhcNMjYwMzI5MTEwMDI1WhcNMjYwMzMwMTEwMDI1WjAzMTEwLwYDVQQD
EyhmNTViZjIxYTdkZDliYTA4N2E2OGZjNTQxZjAyMzk5NmEwMjYzMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLqkJ7sfb1QIdkhmEgqPlM8KsNQL
88f0bslaz8HbsGroLheoouYxVsUFLLA77bDuiPSOUgKV1COYupXfGNbWKEHGD3/n
HW/isGXA5FFXU+L/9K9AUY7rxqUrxig0b578ZWskdtmbjVeDHOjyDGcvFWTNDHH0
g8ugO714hf3eAp1dxekaCTkryE5YGkdvtKgnjODGtKts3rmGSdXq3z7P51TnsUqp
qQMzbX+7rTp7FCw5QJIYOpRJKr8YLRVqY44+Sv0SXQQpASZBWYkVz4ZN08dbnzCf
6bqqdNctW6Wn4/WspPAnJSkpU1uLICNfCWhc4taWjB3jFjW9kuNDfGjZmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPVb8hp92boIemj8VB8COZagJjHoMB8GA1UdIwQY
MBaAFPfP5NQ004dkQFfSQerG9p0+6BwSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOThfazFEVFRoMlJBVjlKQjZzYjJuVDdvSEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8wYzgwMDgtOGE1Mi00MTc2LWI2OTMt
YzQwNTQ0MjgxZWIwLzEvOThfazFEVFRoMlJBVjlKQjZzYjJuVDdvSEJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8wYzgwMDgtOGE1Mi00MTc2LWI2OTMtYzQwNTQ0MjgxZWIw
LzEvOThfazFEVFRoMlJBVjlKQjZzYjJuVDdvSEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuVIxd/86
gKEtqLRDl+etIaH5wlLCsNJ+jxokSWfrX0dBIiQBp0iUI9RYkInVBZqNXw1+Qzic
qfbMan7llnYotOa36RqRY2fuKTpp62523Rg7Hx0ZxDXrv6p4+NC5pxG3XnOFstTt
/bTTLv3FXgIfhk9kGCXiOyVUroG9E6bupSCgnF0S9EjOAGrncLPzEDOMnZOCuKkG
+vTWmJ6NTRUGuAfBTRn20QNdYci0OOI50PbTvfrcLsfigAA4zOdbqur4Wov+7aTX
XUfXaGc0bqAPK3i6pQq+GjMEaJQfdUWhLKeiWEJe20BBvctxe5mEEXYC23IseT16
ZIi3Zdd3QUcFxQ==
-----END CERTIFICATE-----