Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
File:                     COohU1NqgjgJmupmgIAfpEW_qd8.mft (raw, json)
Hash identifier:          ZX45kSqR7iQXx2eMRCXrtkV/QCP1yernvFGPOHNHaXw=
Subject key identifier:   3F:C1:36:3F:E1:23:BE:53:15:B8:42:96:50:A7:2C:39:20:92:7C:7A
Authority key identifier: 08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF
Certificate issuer:       /CN=08ea2153536a8238099aea6680801fa445bfa9df
Certificate serial:       01975A5C2515C803688FECE9D3E26AA5920A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
Manifest number:          14CC
Signing time:             Tue 10 Jun 2025 15:01:17 +0000
Manifest this update:     Tue 10 Jun 2025 15:01:17 +0000
Manifest next update:     Wed 11 Jun 2025 15:01:17 +0000
Files and hashes:         1: COohU1NqgjgJmupmgIAfpEW_qd8.crl (hash: l1FLQlnsh/l2cyVYpbvAhWQYLCNXJ+P8lq9vQ0+Q/Yk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 15:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5a:5c:25:15:c8:03:68:8f:ec:e9:d3:e2:6a:a5:92:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08ea2153536a8238099aea6680801fa445bfa9df
        Validity
            Not Before: Jun 10 15:01:17 2025 GMT
            Not After : Jun 11 15:01:17 2025 GMT
        Subject: CN=3fc1363fe123be5315b8429650a72c3920927c7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:fe:87:7b:bb:1a:f5:d8:94:9a:3e:a1:6f:9f:
                    ce:bb:3c:33:0a:9b:3d:0e:da:29:ff:b7:8c:59:ef:
                    de:5b:93:33:d1:6d:e3:17:95:e8:2c:56:7a:0c:8a:
                    ec:84:ad:28:98:a1:e1:5f:75:fa:c5:9d:e7:b4:4c:
                    51:20:f4:52:72:0f:9d:ea:e2:2d:b5:fe:f0:0f:bc:
                    b8:87:7c:76:25:f6:91:87:e0:f5:57:ca:dd:cf:26:
                    f7:b9:f6:a6:f9:f5:dd:bb:c6:47:64:8d:11:66:d9:
                    47:20:1b:1b:09:47:84:3e:4e:35:d5:39:86:02:1e:
                    0a:96:71:a3:7e:83:08:d0:3a:94:26:6d:b4:14:a1:
                    f6:ed:71:68:c5:cf:e2:d0:57:1a:e3:ef:d9:2b:0a:
                    95:4a:ca:ec:42:53:8c:3d:7e:ea:f9:97:de:a3:db:
                    2e:a9:ef:df:1f:66:ce:5e:4b:49:0d:38:50:f7:b8:
                    3e:b7:01:8f:3e:9a:8a:dc:68:35:e0:1a:39:71:e4:
                    ed:14:51:59:3b:cf:a9:02:dd:66:8f:15:38:2e:1e:
                    9e:95:39:fa:26:a8:a8:ff:30:71:94:25:30:3e:fb:
                    23:21:a6:98:c3:2d:c2:bb:90:b4:12:97:69:19:59:
                    cd:b3:e3:4d:08:93:e4:15:92:12:15:5d:62:70:d3:
                    ab:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:C1:36:3F:E1:23:BE:53:15:B8:42:96:50:A7:2C:39:20:92:7C:7A
            X509v3 Authority Key Identifier:
                keyid:08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:dd:50:8f:8c:0b:ec:62:74:f1:d2:ee:a1:34:ae:5b:ff:8f:
         a8:d9:69:f4:c7:6e:a4:da:82:54:98:2b:0d:d1:5c:f3:2a:40:
         fb:90:a2:9f:90:41:b7:29:a6:28:97:5e:47:3c:87:7d:60:7f:
         ab:e9:a6:3e:79:ee:01:f2:01:83:e1:53:ee:2c:e2:90:3e:64:
         8c:d9:6b:9b:79:fd:5f:be:d1:62:ea:31:a6:82:03:0a:77:a3:
         a0:d9:92:e7:e7:5d:8e:b9:fc:10:fd:7d:2e:fb:4c:3d:a7:55:
         f0:72:de:b3:d6:02:e9:b6:f8:5b:30:ca:3e:b9:21:d5:67:05:
         6c:ec:f8:68:34:a6:88:9e:df:fc:85:b7:6c:a0:d7:b9:f5:b8:
         66:2c:11:7e:c5:30:0b:52:19:ac:81:38:5d:d1:01:9b:4a:db:
         0c:c3:b3:15:50:33:07:6f:c9:8f:83:9e:32:13:d8:ca:5c:e3:
         f9:17:0b:80:ad:9c:8b:9b:74:2e:af:a8:1f:d7:20:c4:8d:5a:
         7f:4f:6f:63:49:7f:9f:ce:24:2b:d2:1c:2c:6a:f5:30:16:ef:
         7e:99:24:34:b9:7e:3c:3d:3a:1a:d9:27:4b:39:e0:33:fb:6b:
         1c:b5:8b:92:bc:40:e6:75:83:00:d1:9e:79:4d:83:db:e7:1e:
         62:48:64:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdaXCUVyANoj+zp0+JqpZIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZWEyMTUzNTM2YTgyMzgwOTlhZWE2NjgwODAxZmE0NDVi
ZmE5ZGYwHhcNMjUwNjEwMTUwMTE3WhcNMjUwNjExMTUwMTE3WjAzMTEwLwYDVQQD
EygzZmMxMzYzZmUxMjNiZTUzMTViODQyOTY1MGE3MmMzOTIwOTI3YzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf6He7sa9diUmj6hb5/OuzwzCps9
Dtop/7eMWe/eW5Mz0W3jF5XoLFZ6DIrshK0omKHhX3X6xZ3ntExRIPRScg+d6uIt
tf7wD7y4h3x2JfaRh+D1V8rdzyb3ufam+fXdu8ZHZI0RZtlHIBsbCUeEPk411TmG
Ah4KlnGjfoMI0DqUJm20FKH27XFoxc/i0Fca4+/ZKwqVSsrsQlOMPX7q+Zfeo9su
qe/fH2bOXktJDThQ97g+twGPPpqK3Gg14Bo5ceTtFFFZO8+pAt1mjxU4Lh6elTn6
Jqio/zBxlCUwPvsjIaaYwy3Cu5C0EpdpGVnNs+NNCJPkFZISFV1icNOrjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/BNj/hI75TFbhCllCnLDkgknx6MB8GA1UdIwQY
MBaAFAjqIVNTaoI4CZrqZoCAH6RFv6nfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2It
YWUzN2JhMGExMDgxLzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2ItYWUzN2JhMGExMDgx
LzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD91Qj4wL
7GJ08dLuoTSuW/+PqNlp9MdupNqCVJgrDdFc8ypA+5Cin5BBtymmKJdeRzyHfWB/
q+mmPnnuAfIBg+FT7izikD5kjNlrm3n9X77RYuoxpoIDCnejoNmS5+ddjrn8EP19
LvtMPadV8HLes9YC6bb4WzDKPrkh1WcFbOz4aDSmiJ7f/IW3bKDXufW4ZiwRfsUw
C1IZrIE4XdEBm0rbDMOzFVAzB2/Jj4OeMhPYylzj+RcLgK2ci5t0Lq+oH9cgxI1a
f09vY0l/n84kK9IcLGr1MBbvfpkkNLl+PD06GtknSzngM/trHLWLkrxA5nWDANGe
eU2D2+ceYkhkeQ==
-----END CERTIFICATE-----