Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
File:                     COohU1NqgjgJmupmgIAfpEW_qd8.mft (raw, json)
Hash identifier:          FtKILIWJ2cMIwm7ZuBevOpa2UgNglPxpM9/hH77T2sQ=
Subject key identifier:   28:72:4D:24:01:B5:75:27:38:6C:06:2E:9C:AB:BD:63:C8:0D:BA:04
Authority key identifier: 08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF
Certificate issuer:       /CN=08ea2153536a8238099aea6680801fa445bfa9df
Certificate serial:       0196613BE8E747FA7B51C074F15AAD88D339
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
Manifest number:          144B
Signing time:             Wed 23 Apr 2025 06:00:38 +0000
Manifest this update:     Wed 23 Apr 2025 06:00:38 +0000
Manifest next update:     Thu 24 Apr 2025 06:00:38 +0000
Files and hashes:         1: COohU1NqgjgJmupmgIAfpEW_qd8.crl (hash: x8llBSSk7CuqzkUrBCmj2rAUZma9LoEJcOO3Qu8lTGo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 24 Apr 2025 06:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:61:3b:e8:e7:47:fa:7b:51:c0:74:f1:5a:ad:88:d3:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08ea2153536a8238099aea6680801fa445bfa9df
        Validity
            Not Before: Apr 23 06:00:38 2025 GMT
            Not After : Apr 24 06:00:38 2025 GMT
        Subject: CN=28724d2401b57527386c062e9cabbd63c80dba04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:03:98:80:3b:08:ff:9d:d0:f6:e4:ad:1c:e8:
                    f6:37:dc:b5:07:8d:22:ab:dc:a5:d1:a4:7a:bc:97:
                    91:db:8d:8b:3c:b4:cc:fe:49:e5:40:f0:a8:48:29:
                    1b:b3:8a:6b:ab:de:a9:a5:f4:68:d9:6a:df:1d:d2:
                    31:1a:31:23:2e:34:a3:0e:e5:09:61:50:ba:d3:f2:
                    e7:78:81:04:6d:51:58:01:06:c9:b6:05:ef:75:82:
                    11:24:75:9a:a9:32:b4:dd:d6:ae:43:75:93:69:11:
                    1c:7c:1e:9e:0a:ad:8b:21:76:3c:61:c5:cc:b2:ed:
                    c6:09:d8:a6:e9:c2:f5:a3:12:57:79:8d:4d:7f:f8:
                    68:fa:ae:df:56:73:c7:e9:0c:3f:b0:2c:ea:07:55:
                    81:be:d7:06:ee:95:f2:40:b9:55:02:d4:16:43:88:
                    19:20:0f:6d:ee:d5:23:cd:d4:ad:20:fe:59:ca:26:
                    82:92:cb:e3:8c:5b:3b:9a:19:2d:cf:f8:88:be:d0:
                    77:18:42:15:46:cf:a1:79:d7:4f:a4:f5:70:ab:a8:
                    ee:e2:91:8a:8b:ca:49:c4:9c:05:a4:10:22:74:fb:
                    48:e9:2d:f8:72:cc:cc:e6:7d:48:5d:f9:98:17:d3:
                    73:2c:be:ed:0e:45:ad:32:90:a9:c8:57:4c:35:42:
                    84:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:72:4D:24:01:B5:75:27:38:6C:06:2E:9C:AB:BD:63:C8:0D:BA:04
            X509v3 Authority Key Identifier:
                keyid:08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:85:19:38:e5:86:89:0c:93:c8:a5:ca:de:67:78:f5:14:ed:
         7a:a6:de:37:22:b1:6e:58:42:9c:00:20:07:3b:a8:96:db:4a:
         ee:b4:34:ea:1c:1b:50:e6:20:51:9a:d2:39:df:88:02:f3:05:
         25:f3:81:b7:f9:98:ff:69:ab:9a:83:36:9c:7c:cf:76:6f:54:
         ce:bd:bb:82:9f:47:41:b9:fc:9d:41:ee:6e:9f:dd:1f:61:7c:
         c5:54:b0:13:06:4c:75:35:d3:dc:bf:f3:bd:7c:82:71:38:0a:
         b0:8b:85:1e:fa:49:97:56:4a:b0:e5:7d:3f:d3:e3:dd:f9:bd:
         68:74:a5:2f:19:6b:fd:af:c2:b1:a6:09:81:15:c7:d8:56:e1:
         ff:2f:73:b4:89:71:89:e6:a6:9d:df:81:5d:60:18:52:65:2e:
         a3:d9:f7:88:7c:da:07:88:da:7f:9c:60:ff:34:b1:1b:ac:3c:
         b6:e5:21:64:6a:38:90:05:22:af:f7:ee:46:ce:00:cb:cb:b0:
         fe:de:70:c2:cf:5d:07:7a:54:4f:2b:30:59:28:65:47:2a:1b:
         27:46:33:77:20:97:99:24:ca:e9:03:b3:85:a7:1f:d0:bf:da:
         ca:a4:3e:69:6e:61:fe:1a:f4:fa:7d:e5:fb:71:b6:47:a3:79:
         dc:7b:0a:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZhO+jnR/p7UcB08VqtiNM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZWEyMTUzNTM2YTgyMzgwOTlhZWE2NjgwODAxZmE0NDVi
ZmE5ZGYwHhcNMjUwNDIzMDYwMDM4WhcNMjUwNDI0MDYwMDM4WjAzMTEwLwYDVQQD
EygyODcyNGQyNDAxYjU3NTI3Mzg2YzA2MmU5Y2FiYmQ2M2M4MGRiYTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQOYgDsI/53Q9uStHOj2N9y1B40i
q9yl0aR6vJeR242LPLTM/knlQPCoSCkbs4prq96ppfRo2WrfHdIxGjEjLjSjDuUJ
YVC60/LneIEEbVFYAQbJtgXvdYIRJHWaqTK03dauQ3WTaREcfB6eCq2LIXY8YcXM
su3GCdim6cL1oxJXeY1Nf/ho+q7fVnPH6Qw/sCzqB1WBvtcG7pXyQLlVAtQWQ4gZ
IA9t7tUjzdStIP5ZyiaCksvjjFs7mhktz/iIvtB3GEIVRs+heddPpPVwq6ju4pGK
i8pJxJwFpBAidPtI6S34cszM5n1IXfmYF9NzLL7tDkWtMpCpyFdMNUKEqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChyTSQBtXUnOGwGLpyrvWPIDboEMB8GA1UdIwQY
MBaAFAjqIVNTaoI4CZrqZoCAH6RFv6nfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2It
YWUzN2JhMGExMDgxLzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2ItYWUzN2JhMGExMDgx
LzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfoUZOOWG
iQyTyKXK3md49RTteqbeNyKxblhCnAAgBzuolttK7rQ06hwbUOYgUZrSOd+IAvMF
JfOBt/mY/2mrmoM2nHzPdm9Uzr27gp9HQbn8nUHubp/dH2F8xVSwEwZMdTXT3L/z
vXyCcTgKsIuFHvpJl1ZKsOV9P9Pj3fm9aHSlLxlr/a/CsaYJgRXH2Fbh/y9ztIlx
ieamnd+BXWAYUmUuo9n3iHzaB4jaf5xg/zSxG6w8tuUhZGo4kAUir/fuRs4Ay8uw
/t5wws9dB3pUTyswWShlRyobJ0YzdyCXmSTK6QOzhacf0L/ayqQ+aW5h/hr0+n3l
+3G2R6N53HsKWw==
-----END CERTIFICATE-----