Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
File:                     COohU1NqgjgJmupmgIAfpEW_qd8.mft (raw, json)
Hash identifier:          v8iIm3i92gZy801fZC4EBoQ1wuD65fGnCZ3SfQc7ujA=
Subject key identifier:   4A:A2:22:35:46:93:5C:13:03:DB:E3:D5:05:F9:F7:47:80:20:A9:4C
Authority key identifier: 08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF
Certificate issuer:       /CN=08ea2153536a8238099aea6680801fa445bfa9df
Certificate serial:       019A2109430F5198677B6C779F04580AA93C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
Manifest number:          163C
Signing time:             Sun 26 Oct 2025 15:00:46 +0000
Manifest this update:     Sun 26 Oct 2025 15:00:46 +0000
Manifest next update:     Mon 27 Oct 2025 15:00:46 +0000
Files and hashes:         1: COohU1NqgjgJmupmgIAfpEW_qd8.crl (hash: WM/SAPaoa+AyxysnrtBUhK0Np07lqjJAdEpITVjRjK0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 Oct 2025 12:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:21:09:43:0f:51:98:67:7b:6c:77:9f:04:58:0a:a9:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08ea2153536a8238099aea6680801fa445bfa9df
        Validity
            Not Before: Oct 26 15:00:46 2025 GMT
            Not After : Oct 27 15:00:46 2025 GMT
        Subject: CN=4aa2223546935c1303dbe3d505f9f7478020a94c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:5c:fa:d7:e1:a2:a9:de:38:7b:fd:94:9e:fc:
                    b4:42:79:36:f8:cf:e0:1c:32:a0:14:a1:f3:7b:55:
                    82:30:3a:cf:0d:57:1e:2a:ce:09:f1:87:c5:b8:93:
                    07:3a:35:33:95:cb:e7:53:e1:48:e4:77:75:f6:59:
                    85:59:86:0f:26:5e:b5:5c:c7:b6:86:30:ff:bb:a0:
                    1c:0d:9b:9a:cd:45:ff:bc:17:23:7b:14:4e:a7:bb:
                    9e:45:e7:19:18:e3:4e:6d:bb:67:50:20:78:ab:e8:
                    8d:c5:fb:f1:be:c5:90:d6:27:d9:ee:ee:31:aa:3d:
                    7d:89:e1:e3:32:58:c9:71:02:a6:94:bd:b4:21:da:
                    32:b8:be:09:73:90:a8:08:7e:e2:19:3a:44:03:e0:
                    0a:f7:ef:ee:d6:a0:24:25:80:3f:a1:09:86:e3:9f:
                    51:2f:10:98:84:86:40:50:ad:f6:3a:e9:a4:d4:ca:
                    b5:51:53:59:f5:ea:94:b2:14:0e:2a:53:fe:34:58:
                    b5:a6:0b:ed:7f:06:10:c4:ab:ee:88:97:d9:f7:b2:
                    18:e1:5f:2b:12:49:1c:9c:25:ab:97:6f:f4:db:ed:
                    c0:43:60:71:7e:6d:36:45:53:8f:e8:f6:fb:10:71:
                    31:dd:86:3b:29:cf:cd:00:b6:95:e7:ab:6a:cb:bd:
                    12:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:A2:22:35:46:93:5C:13:03:DB:E3:D5:05:F9:F7:47:80:20:A9:4C
            X509v3 Authority Key Identifier:
                keyid:08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:9c:31:05:fd:64:8f:07:f9:3a:40:44:7b:1a:bf:52:48:d1:
         1b:65:03:5c:32:54:22:4c:36:d8:dc:72:1a:ae:e4:5f:3d:24:
         67:ff:47:36:13:8b:b1:99:ac:38:a8:aa:cf:b5:1f:38:e0:b7:
         b3:dc:40:03:b1:39:e5:d7:d0:fc:d6:52:5f:45:a4:b0:4f:ec:
         15:2d:6f:35:34:67:7d:8b:7a:48:10:76:fc:0b:fb:d0:f0:1e:
         ca:f9:0d:b8:e0:31:8b:d9:57:e4:c7:b6:5c:a4:80:fb:31:25:
         75:ea:bd:40:88:23:2c:07:82:32:82:1e:59:44:cd:4e:c0:79:
         da:42:55:44:d8:e9:29:46:bc:88:5c:43:f4:02:17:cd:d7:d2:
         56:55:22:ae:ff:86:2b:75:38:9e:87:aa:4b:ef:d2:87:f7:22:
         c0:49:36:35:a6:21:67:12:e8:5e:0a:cb:26:19:66:b1:0c:2f:
         20:51:89:bf:37:f2:26:96:6a:10:5c:af:11:47:27:fc:30:a6:
         41:25:99:13:36:93:cd:45:05:0d:ff:aa:25:43:a3:fe:c9:87:
         14:79:68:78:b6:47:69:fe:73:bf:15:3a:48:7b:39:16:73:ee:
         fc:55:9a:a5:b4:82:cf:74:92:02:81:d2:72:63:89:bc:86:52:
         aa:88:e6:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZohCUMPUZhne2x3nwRYCqk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZWEyMTUzNTM2YTgyMzgwOTlhZWE2NjgwODAxZmE0NDVi
ZmE5ZGYwHhcNMjUxMDI2MTUwMDQ2WhcNMjUxMDI3MTUwMDQ2WjAzMTEwLwYDVQQD
Eyg0YWEyMjIzNTQ2OTM1YzEzMDNkYmUzZDUwNWY5Zjc0NzgwMjBhOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Vz61+Giqd44e/2Unvy0Qnk2+M/g
HDKgFKHze1WCMDrPDVceKs4J8YfFuJMHOjUzlcvnU+FI5Hd19lmFWYYPJl61XMe2
hjD/u6AcDZuazUX/vBcjexROp7ueRecZGONObbtnUCB4q+iNxfvxvsWQ1ifZ7u4x
qj19ieHjMljJcQKmlL20IdoyuL4Jc5CoCH7iGTpEA+AK9+/u1qAkJYA/oQmG459R
LxCYhIZAUK32Oumk1Mq1UVNZ9eqUshQOKlP+NFi1pgvtfwYQxKvuiJfZ97IY4V8r
EkkcnCWrl2/02+3AQ2Bxfm02RVOP6Pb7EHEx3YY7Kc/NALaV56tqy70SqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqiIjVGk1wTA9vj1QX590eAIKlMMB8GA1UdIwQY
MBaAFAjqIVNTaoI4CZrqZoCAH6RFv6nfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2It
YWUzN2JhMGExMDgxLzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2ItYWUzN2JhMGExMDgx
LzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU5wxBf1k
jwf5OkBEexq/UkjRG2UDXDJUIkw22NxyGq7kXz0kZ/9HNhOLsZmsOKiqz7UfOOC3
s9xAA7E55dfQ/NZSX0WksE/sFS1vNTRnfYt6SBB2/Av70PAeyvkNuOAxi9lX5Me2
XKSA+zEldeq9QIgjLAeCMoIeWUTNTsB52kJVRNjpKUa8iFxD9AIXzdfSVlUirv+G
K3U4noeqS+/Sh/ciwEk2NaYhZxLoXgrLJhlmsQwvIFGJvzfyJpZqEFyvEUcn/DCm
QSWZEzaTzUUFDf+qJUOj/smHFHloeLZHaf5zvxU6SHs5FnPu/FWapbSCz3SSAoHS
cmOJvIZSqojmUQ==
-----END CERTIFICATE-----