Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
File:                     898KdcnvaBuNIzZ9vo7a0FPzvZU.mft (raw, json)
Hash identifier:          gw6H/vuBbBHI3MpFk3UBk/4Hg7HtW2YTLXd63y3Y1Wg=
Subject key identifier:   49:3C:C3:31:A5:10:00:F5:BD:73:22:57:E6:98:FF:22:12:53:68:26
Authority key identifier: F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95
Certificate issuer:       /CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
Certificate serial:       019F1755141E22747073BEEA0B8C0822F6F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
Manifest number:          1985
Signing time:             Tue 30 Jun 2026 07:01:19 +0000
Manifest this update:     Tue 30 Jun 2026 07:01:19 +0000
Manifest next update:     Wed 01 Jul 2026 07:01:19 +0000
Files and hashes:         1: 898KdcnvaBuNIzZ9vo7a0FPzvZU.crl (hash: NeJwexdoRYQdUOWIRHqdNaOw6ma6ljE3/REC1Y5S5/8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 07:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:55:14:1e:22:74:70:73:be:ea:0b:8c:08:22:f6:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
        Validity
            Not Before: Jun 30 07:01:19 2026 GMT
            Not After : Jul  1 07:01:19 2026 GMT
        Subject: CN=493cc331a51000f5bd732257e698ff2212536826
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:6a:0d:04:a5:b5:b5:92:3e:93:e3:84:e7:87:
                    dd:8b:94:c1:93:72:d9:a9:08:d7:a7:b9:3a:98:f2:
                    86:21:82:4b:db:68:b9:bb:09:3b:a9:7e:7c:3e:72:
                    1f:15:c9:41:15:7f:13:93:49:cb:da:13:18:c4:12:
                    97:4f:f3:70:fd:9f:30:69:b6:bd:0a:cb:24:9f:de:
                    60:68:b6:32:9a:02:b6:c2:0e:4e:20:41:6f:87:fc:
                    f0:c5:3d:28:2b:1e:34:aa:b3:a7:d2:d1:93:92:03:
                    14:a7:35:73:69:3b:76:33:2c:92:39:45:20:c6:b6:
                    c0:ac:77:68:3d:fb:5c:46:82:38:7d:c4:6f:e4:ec:
                    c5:53:16:e4:e1:6b:1d:c5:8b:8e:ea:80:ec:6f:72:
                    13:86:87:58:7c:0f:6d:22:ca:38:a6:fd:ca:d3:61:
                    18:19:3a:72:9f:b8:d1:de:97:1e:a7:16:9f:21:ca:
                    41:16:7c:64:a8:05:52:03:9f:d2:60:6e:73:02:a7:
                    fd:36:51:6d:a4:ec:9c:2b:0e:2f:78:b1:d7:c5:c3:
                    54:0f:1f:69:9c:26:70:41:44:71:fa:74:c5:0f:62:
                    c7:68:d0:43:b9:69:a8:1b:d8:c2:69:06:63:cb:8b:
                    69:52:bc:ad:6e:eb:a9:0f:b7:4b:5e:46:a4:1f:10:
                    43:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:3C:C3:31:A5:10:00:F5:BD:73:22:57:E6:98:FF:22:12:53:68:26
            X509v3 Authority Key Identifier:
                keyid:F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:43:b2:7a:d8:52:5a:48:d0:80:2a:59:11:ae:12:ae:0e:05:
         60:7a:ba:1c:8b:65:22:a7:a3:b2:fc:c8:6d:67:63:3f:be:73:
         03:e4:b1:84:81:f2:fc:df:0b:d5:75:e0:e4:d2:fd:4a:36:23:
         92:68:0f:02:71:48:c5:9b:53:e9:fd:6a:a1:b0:9c:d5:be:5f:
         7d:57:c1:e3:84:31:2c:e5:b3:56:b3:a8:39:a8:5a:85:e8:85:
         38:ff:3a:3a:17:43:3c:ad:aa:22:ef:4e:95:b7:f0:9e:34:e4:
         02:aa:24:b6:57:85:33:87:99:b5:c9:66:5d:47:31:04:06:00:
         93:8e:e4:e6:2c:b3:1b:d8:97:98:72:4e:73:d3:24:9f:54:a5:
         32:e3:09:26:8e:b2:cc:ce:d9:75:e4:7f:d3:f5:00:f4:22:b8:
         16:63:36:d2:b1:e9:27:57:e4:11:50:93:bf:9a:16:f8:e8:5a:
         b6:c8:90:ff:30:bf:d7:08:d3:d9:31:8b:15:e4:93:eb:81:75:
         6b:d1:29:55:c4:5b:bc:f8:e0:bf:c4:ac:8c:8a:04:5c:2e:bf:
         43:6f:a6:a7:62:6a:7e:0c:7c:bf:0a:3f:e8:17:6f:be:d0:12:
         c4:ba:38:64:f1:c6:05:b2:d7:19:d4:76:d3:f5:fc:39:08:7c:
         10:b3:b0:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XVRQeInRwc77qC4wIIvb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZGYwYTc1YzllZjY4MWI4ZDIzMzY3ZGJlOGVkYWQwNTNm
M2JkOTUwHhcNMjYwNjMwMDcwMTE5WhcNMjYwNzAxMDcwMTE5WjAzMTEwLwYDVQQD
Eyg0OTNjYzMzMWE1MTAwMGY1YmQ3MzIyNTdlNjk4ZmYyMjEyNTM2ODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGoNBKW1tZI+k+OE54fdi5TBk3LZ
qQjXp7k6mPKGIYJL22i5uwk7qX58PnIfFclBFX8Tk0nL2hMYxBKXT/Nw/Z8waba9
Csskn95gaLYymgK2wg5OIEFvh/zwxT0oKx40qrOn0tGTkgMUpzVzaTt2MyySOUUg
xrbArHdoPftcRoI4fcRv5OzFUxbk4WsdxYuO6oDsb3IThodYfA9tIso4pv3K02EY
GTpyn7jR3pcepxafIcpBFnxkqAVSA5/SYG5zAqf9NlFtpOycKw4veLHXxcNUDx9p
nCZwQURx+nTFD2LHaNBDuWmoG9jCaQZjy4tpUrytbuupD7dLXkakHxBDewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEk8wzGlEAD1vXMiV+aY/yISU2gmMB8GA1UdIwQY
MBaAFPPfCnXJ72gbjSM2fb6O2tBT872VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUt
YWI4YWJjYzY5MDE2LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUtYWI4YWJjYzY5MDE2
LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtUOyethS
WkjQgCpZEa4Srg4FYHq6HItlIqejsvzIbWdjP75zA+SxhIHy/N8L1XXg5NL9SjYj
kmgPAnFIxZtT6f1qobCc1b5ffVfB44QxLOWzVrOoOahaheiFOP86OhdDPK2qIu9O
lbfwnjTkAqoktleFM4eZtclmXUcxBAYAk47k5iyzG9iXmHJOc9Mkn1SlMuMJJo6y
zM7ZdeR/0/UA9CK4FmM20rHpJ1fkEVCTv5oW+OhatsiQ/zC/1wjT2TGLFeST64F1
a9EpVcRbvPjgv8SsjIoEXC6/Q2+mp2Jqfgx8vwo/6BdvvtASxLo4ZPHGBbLXGdR2
0/X8OQh8ELOwEg==
-----END CERTIFICATE-----