Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
File:                     COohU1NqgjgJmupmgIAfpEW_qd8.mft (raw, json)
Hash identifier:          fLAwmNTectO6W/CAydQWR967K1+j0OrxtbLdxfEyVwA=
Subject key identifier:   78:07:BB:76:90:3D:51:D9:A0:24:61:C1:F0:D2:63:A2:EE:DF:F0:A8
Authority key identifier: 08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF
Certificate issuer:       /CN=08ea2153536a8238099aea6680801fa445bfa9df
Certificate serial:       018F215C22F695D195940B3C684F1B9D0C45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
Manifest number:          108A
Signing time:             Sat 27 Apr 2024 21:00:37 +0000
Manifest this update:     Sat 27 Apr 2024 21:00:37 +0000
Manifest next update:     Sun 28 Apr 2024 21:00:37 +0000
Files and hashes:         1: COohU1NqgjgJmupmgIAfpEW_qd8.crl (hash: 1ZC6XXxGgWWq2W7LtmRSgON9RV8tvphnFPh+hIIohbw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 28 Apr 2024 20:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:21:5c:22:f6:95:d1:95:94:0b:3c:68:4f:1b:9d:0c:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08ea2153536a8238099aea6680801fa445bfa9df
        Validity
            Not Before: Apr 27 21:00:37 2024 GMT
            Not After : Apr 28 21:00:37 2024 GMT
        Subject: CN=7807bb76903d51d9a02461c1f0d263a2eedff0a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:12:a1:8e:ef:21:e3:a5:d0:fc:93:38:09:02:
                    49:a1:5e:b3:af:e9:bb:44:34:38:f1:df:13:9e:24:
                    fe:f1:a5:37:73:5c:af:17:b0:08:37:5c:d0:68:7e:
                    7b:71:32:f1:82:3c:97:83:ad:56:7e:5d:ba:78:99:
                    d5:29:b5:30:84:4c:da:45:51:34:09:89:d7:71:e0:
                    ab:54:07:86:bc:1d:cc:c7:cf:79:a3:85:35:f2:8c:
                    f4:95:c6:e4:a8:1d:76:eb:14:6c:de:6d:cb:65:e1:
                    1b:cf:d1:0e:8b:f0:d5:7f:db:e2:40:b8:a9:c4:3f:
                    27:a5:f2:24:b7:c4:07:1d:df:47:82:67:e2:14:84:
                    49:e3:9f:b5:d6:c9:d5:f5:1d:d0:3d:0a:e0:dd:eb:
                    8a:fe:6a:95:c7:e6:76:5a:d5:13:eb:50:25:bc:c4:
                    3e:0c:25:ec:41:53:4f:f6:3e:a6:2d:50:62:bc:60:
                    6a:8c:03:48:71:67:0a:5b:8c:da:93:54:f3:18:ae:
                    e4:b2:5d:2d:0e:9e:ff:6d:b8:8f:63:9d:4f:6c:b8:
                    79:07:69:4a:d1:78:49:ba:85:55:10:66:0b:81:29:
                    cd:ca:9b:32:4a:1c:57:7c:ce:f5:90:af:a8:1c:b4:
                    6b:39:a6:a0:a0:9f:c7:38:11:7d:0c:75:3a:e1:24:
                    04:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:07:BB:76:90:3D:51:D9:A0:24:61:C1:F0:D2:63:A2:EE:DF:F0:A8
            X509v3 Authority Key Identifier:
                keyid:08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:f9:1a:ad:77:b6:3f:b4:3e:18:71:1b:d4:e3:b9:a9:86:00:
         5d:b8:72:2e:f3:3f:3e:6b:e2:08:46:c7:fe:41:dd:fd:0f:57:
         77:eb:74:f4:61:5d:bd:2c:0a:bf:b5:f8:2b:ff:9e:85:40:c3:
         53:a1:72:86:bd:d5:9e:6b:9c:4f:f2:ee:bd:41:be:1f:23:7b:
         7d:e0:5d:09:65:00:13:d5:25:e0:df:23:0f:0f:2c:70:1a:3e:
         47:c2:d7:bb:d1:97:14:95:d3:18:cb:cb:8e:4c:2b:9a:35:2c:
         51:40:d4:b3:0c:8e:c8:5e:81:4f:3c:f0:3e:39:04:23:0f:90:
         cb:ca:a4:88:b0:e2:b4:69:fd:10:36:9f:06:8b:43:d6:c8:88:
         9e:c6:25:dc:e2:89:58:d7:99:8d:ce:b1:2e:9c:15:7c:df:81:
         01:ac:0a:59:72:e9:5d:f6:76:41:85:66:3b:57:78:ae:e8:29:
         f9:c7:09:65:40:5c:21:0b:1c:91:01:5b:bb:a4:f4:21:ac:04:
         02:15:74:ba:cf:b7:c4:25:eb:a2:4a:fb:99:ad:08:47:3d:e0:
         5a:8c:e5:83:71:51:5d:f6:e6:7a:0e:74:1a:38:a2:63:e5:d1:
         47:a2:a0:9e:7b:99:a6:1a:ad:e2:ec:72:37:70:7b:4c:09:b8:
         00:f4:2c:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8hXCL2ldGVlAs8aE8bnQxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZWEyMTUzNTM2YTgyMzgwOTlhZWE2NjgwODAxZmE0NDVi
ZmE5ZGYwHhcNMjQwNDI3MjEwMDM3WhcNMjQwNDI4MjEwMDM3WjAzMTEwLwYDVQQD
Eyg3ODA3YmI3NjkwM2Q1MWQ5YTAyNDYxYzFmMGQyNjNhMmVlZGZmMGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhKhju8h46XQ/JM4CQJJoV6zr+m7
RDQ48d8TniT+8aU3c1yvF7AIN1zQaH57cTLxgjyXg61Wfl26eJnVKbUwhEzaRVE0
CYnXceCrVAeGvB3Mx895o4U18oz0lcbkqB126xRs3m3LZeEbz9EOi/DVf9viQLip
xD8npfIkt8QHHd9HgmfiFIRJ45+11snV9R3QPQrg3euK/mqVx+Z2WtUT61AlvMQ+
DCXsQVNP9j6mLVBivGBqjANIcWcKW4zak1TzGK7ksl0tDp7/bbiPY51PbLh5B2lK
0XhJuoVVEGYLgSnNypsyShxXfM71kK+oHLRrOaagoJ/HOBF9DHU64SQE/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgHu3aQPVHZoCRhwfDSY6Lu3/CoMB8GA1UdIwQY
MBaAFAjqIVNTaoI4CZrqZoCAH6RFv6nfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2It
YWUzN2JhMGExMDgxLzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2ItYWUzN2JhMGExMDgx
LzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANvkarXe2
P7Q+GHEb1OO5qYYAXbhyLvM/PmviCEbH/kHd/Q9Xd+t09GFdvSwKv7X4K/+ehUDD
U6Fyhr3VnmucT/LuvUG+HyN7feBdCWUAE9Ul4N8jDw8scBo+R8LXu9GXFJXTGMvL
jkwrmjUsUUDUswyOyF6BTzzwPjkEIw+Qy8qkiLDitGn9EDafBotD1siInsYl3OKJ
WNeZjc6xLpwVfN+BAawKWXLpXfZ2QYVmO1d4rugp+ccJZUBcIQsckQFbu6T0IawE
AhV0us+3xCXrokr7ma0IRz3gWozlg3FRXfbmeg50GjiiY+XRR6KgnnuZphqt4uxy
N3B7TAm4APQsfw==
-----END CERTIFICATE-----