Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
File:                     COohU1NqgjgJmupmgIAfpEW_qd8.mft (raw, json)
Hash identifier:          mnVkfaHFKsVx3RIBOIvpOyV5kowJagBT9zxxrJk/J8g=
Subject key identifier:   74:54:09:16:4C:52:FE:58:CF:2D:9C:48:CC:8C:3E:17:A5:74:BE:03
Authority key identifier: 08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF
Certificate issuer:       /CN=08ea2153536a8238099aea6680801fa445bfa9df
Certificate serial:       019511346F4564B52620E0E647CE42AB83AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
Manifest number:          139D
Signing time:             Mon 17 Feb 2025 00:00:03 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:03 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:03 +0000
Files and hashes:         1: COohU1NqgjgJmupmgIAfpEW_qd8.crl (hash: bz69ljxTahwAvCHGPvmpg+M4s9Qg/cP6y2TMScUQ4e0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:34:6f:45:64:b5:26:20:e0:e6:47:ce:42:ab:83:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08ea2153536a8238099aea6680801fa445bfa9df
        Validity
            Not Before: Feb 17 00:00:03 2025 GMT
            Not After : Feb 18 00:00:03 2025 GMT
        Subject: CN=745409164c52fe58cf2d9c48cc8c3e17a574be03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:ca:d6:44:ad:37:50:6e:08:7a:0f:96:86:b0:
                    65:cb:c5:26:8b:23:10:d2:11:95:1b:e1:4b:bc:54:
                    7a:7f:ac:9a:87:bf:c6:e1:5d:de:61:9c:65:4f:2d:
                    2d:9c:56:88:de:61:b9:87:d6:2d:e1:7d:4a:7a:60:
                    f4:bb:bd:cd:ed:a4:b2:79:c7:d5:38:a8:41:40:fa:
                    a9:06:a8:43:e6:75:2e:9a:f9:80:62:4d:c6:c0:d1:
                    a0:53:41:f9:0d:65:fd:c9:62:ee:14:c5:8a:8a:ff:
                    d2:71:3d:3f:ff:28:87:ae:49:1d:f7:b4:6e:40:5d:
                    9e:d9:8a:b6:6f:ef:d8:d4:91:a5:10:b0:f8:58:d8:
                    d7:e1:9f:c0:f4:9c:e8:97:51:c2:b1:78:29:23:b6:
                    27:9f:7b:e3:a2:d9:4f:93:18:34:f6:e8:72:60:3c:
                    41:74:c1:29:20:5a:37:b1:df:fd:1f:b8:94:fb:35:
                    e7:ed:08:0f:df:a6:4b:86:74:5b:67:0f:82:4b:87:
                    a3:66:d5:48:0e:e1:a1:72:bb:81:ac:14:02:26:56:
                    da:e5:a5:ce:c2:a4:5c:4a:a6:55:cb:5f:7b:70:14:
                    3e:98:ee:d8:cc:7a:e3:dd:00:2f:cf:92:43:71:f0:
                    e1:a0:2c:02:31:6f:44:d6:b4:58:fb:6e:cf:be:8d:
                    3c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:54:09:16:4C:52:FE:58:CF:2D:9C:48:CC:8C:3E:17:A5:74:BE:03
            X509v3 Authority Key Identifier:
                keyid:08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:39:30:f0:b4:d4:68:c5:f3:a6:3d:e3:6b:1f:28:6c:d2:ac:
         af:f4:51:28:f4:f0:1c:98:6f:be:b9:da:c6:60:94:33:df:d0:
         81:d4:61:9e:df:11:66:21:2f:e4:d3:c1:61:b0:d0:fc:45:30:
         c7:3f:c8:4d:43:2d:69:4b:4a:48:c7:5b:ce:cc:07:24:9b:81:
         0c:11:c1:74:45:cd:74:09:e6:0f:24:80:c0:47:6f:32:89:5b:
         13:20:42:52:b3:91:61:fb:99:5d:22:21:ef:f2:89:6d:96:ac:
         e7:3b:31:73:cb:24:b5:80:67:7c:0e:67:9c:f1:02:52:11:b2:
         eb:b2:4d:57:04:8d:30:0a:52:5a:95:24:c0:68:ab:04:b7:6a:
         c7:90:18:11:19:df:de:f8:d6:11:dd:fa:8a:49:18:84:a4:f3:
         fa:25:59:e6:7c:fa:3d:fd:1e:36:e4:a8:86:a8:0f:bc:dc:15:
         47:ea:80:97:4a:d3:35:97:a9:5e:00:09:f2:09:06:71:11:7a:
         87:46:12:b9:45:85:13:be:93:39:70:63:3a:a7:1e:05:c9:fa:
         4f:87:4a:66:e2:04:14:6a:3f:d5:13:e4:ed:2e:2b:7c:e0:99:
         26:c0:fa:27:e6:1a:79:b8:78:af:16:d2:aa:08:d9:b7:a5:b0:
         41:82:7b:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNG9FZLUmIODmR85Cq4OrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZWEyMTUzNTM2YTgyMzgwOTlhZWE2NjgwODAxZmE0NDVi
ZmE5ZGYwHhcNMjUwMjE3MDAwMDAzWhcNMjUwMjE4MDAwMDAzWjAzMTEwLwYDVQQD
Eyg3NDU0MDkxNjRjNTJmZTU4Y2YyZDljNDhjYzhjM2UxN2E1NzRiZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MrWRK03UG4Ieg+WhrBly8UmiyMQ
0hGVG+FLvFR6f6yah7/G4V3eYZxlTy0tnFaI3mG5h9Yt4X1KemD0u73N7aSyecfV
OKhBQPqpBqhD5nUumvmAYk3GwNGgU0H5DWX9yWLuFMWKiv/ScT0//yiHrkkd97Ru
QF2e2Yq2b+/Y1JGlELD4WNjX4Z/A9Jzol1HCsXgpI7Ynn3vjotlPkxg09uhyYDxB
dMEpIFo3sd/9H7iU+zXn7QgP36ZLhnRbZw+CS4ejZtVIDuGhcruBrBQCJlba5aXO
wqRcSqZVy197cBQ+mO7YzHrj3QAvz5JDcfDhoCwCMW9E1rRY+27Pvo08uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHRUCRZMUv5Yzy2cSMyMPheldL4DMB8GA1UdIwQY
MBaAFAjqIVNTaoI4CZrqZoCAH6RFv6nfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2It
YWUzN2JhMGExMDgxLzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2ItYWUzN2JhMGExMDgx
LzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAezkw8LTU
aMXzpj3jax8obNKsr/RRKPTwHJhvvrnaxmCUM9/QgdRhnt8RZiEv5NPBYbDQ/EUw
xz/ITUMtaUtKSMdbzswHJJuBDBHBdEXNdAnmDySAwEdvMolbEyBCUrORYfuZXSIh
7/KJbZas5zsxc8sktYBnfA5nnPECUhGy67JNVwSNMApSWpUkwGirBLdqx5AYERnf
3vjWEd36ikkYhKTz+iVZ5nz6Pf0eNuSohqgPvNwVR+qAl0rTNZepXgAJ8gkGcRF6
h0YSuUWFE76TOXBjOqceBcn6T4dKZuIEFGo/1RPk7S4rfOCZJsD6J+Yaebh4rxbS
qgjZt6WwQYJ79Q==
-----END CERTIFICATE-----