Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
File:                     COohU1NqgjgJmupmgIAfpEW_qd8.mft (raw, json)
Hash identifier:          ZWZAJ38yDsrxDhK/jz4r17ElDl0ETI+wSqDEymniYVI=
Subject key identifier:   0A:EB:1A:AC:88:E4:17:FC:A6:0B:52:7A:2C:32:C3:DC:3E:06:E4:A9
Authority key identifier: 08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF
Certificate issuer:       /CN=08ea2153536a8238099aea6680801fa445bfa9df
Certificate serial:       019765F22A94FC28C726A31B2F6B68D1C01C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
Manifest number:          14D2
Signing time:             Thu 12 Jun 2025 21:00:58 +0000
Manifest this update:     Thu 12 Jun 2025 21:00:58 +0000
Manifest next update:     Fri 13 Jun 2025 21:00:58 +0000
Files and hashes:         1: COohU1NqgjgJmupmgIAfpEW_qd8.crl (hash: ojrfHcOYGc4Kkpea2b+whCuEtq4sH4bWLuoLBVnaGDY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 21:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:f2:2a:94:fc:28:c7:26:a3:1b:2f:6b:68:d1:c0:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08ea2153536a8238099aea6680801fa445bfa9df
        Validity
            Not Before: Jun 12 21:00:58 2025 GMT
            Not After : Jun 13 21:00:58 2025 GMT
        Subject: CN=0aeb1aac88e417fca60b527a2c32c3dc3e06e4a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:25:87:c4:97:63:f3:bf:4c:af:dc:a8:0d:97:
                    f2:72:85:bb:cc:b1:f0:df:92:62:46:ed:ef:c9:f5:
                    fb:ad:25:39:d4:62:e8:36:f3:fe:64:2e:c1:90:bc:
                    a5:75:f5:13:03:54:1d:74:68:03:df:1e:5f:f7:15:
                    9e:49:73:8c:75:39:b1:4f:b4:63:53:3d:df:17:a9:
                    dc:85:09:0c:bd:dc:c2:47:a8:85:e7:44:21:37:4f:
                    32:f4:da:ca:32:09:3a:8e:af:3f:f1:af:b9:18:31:
                    b5:94:5c:65:68:f3:66:b1:30:82:0d:0e:b5:cf:05:
                    bd:93:0d:af:c8:23:48:94:76:be:d0:db:a5:3c:c3:
                    85:c9:9f:52:35:73:17:e7:cc:45:0d:46:1b:e3:ce:
                    a8:ad:99:2e:db:96:3e:f7:aa:31:0b:fe:0e:4a:af:
                    73:78:e9:06:b7:18:de:7e:21:d3:05:1e:7d:48:08:
                    14:2d:03:cd:29:43:e7:78:45:79:e2:12:ee:3c:ab:
                    5e:c5:50:22:f0:21:c4:de:51:09:55:a8:85:89:9b:
                    b1:f1:9c:9a:f1:1c:74:7d:90:3e:34:4c:30:c5:6d:
                    3a:4f:b6:59:e9:32:95:bd:37:76:d7:fe:24:63:c0:
                    6f:23:8e:e0:4f:d2:7a:7b:72:b1:4d:82:ce:89:15:
                    af:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:EB:1A:AC:88:E4:17:FC:A6:0B:52:7A:2C:32:C3:DC:3E:06:E4:A9
            X509v3 Authority Key Identifier:
                keyid:08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:51:23:1c:67:0e:d5:e4:83:05:f7:7d:9e:4f:9b:d1:cd:50:
         cc:44:e1:ba:5e:53:39:90:bc:98:82:bc:e6:52:0e:2a:6e:32:
         04:1d:16:8b:f1:87:32:48:10:45:ea:e6:c4:a4:39:12:76:07:
         54:57:72:68:0e:0c:26:9c:40:59:38:b3:b7:b6:f1:25:9f:52:
         6a:ca:bb:42:41:c0:be:96:db:f6:4d:60:61:1a:f6:fd:c7:0a:
         70:27:47:5a:aa:02:59:40:3f:11:94:24:6f:47:da:a5:52:1f:
         31:4c:33:84:9b:8d:f4:ea:a5:86:39:05:f3:ff:ff:e4:c3:34:
         df:a3:77:03:dc:22:09:49:ad:67:17:ab:c8:3e:d7:f7:ff:81:
         24:08:60:80:07:ce:2f:50:90:e0:23:5f:4b:96:63:9a:85:77:
         c4:e6:c3:0e:0c:6d:19:cb:c9:c3:18:f3:b0:cf:d0:d4:c5:03:
         2b:94:13:0c:0a:21:f1:cb:1f:9e:65:be:8c:91:f7:b5:72:61:
         69:b6:22:90:3d:1f:e4:10:26:88:36:2b:68:e8:8e:c4:c3:ae:
         99:d1:8e:e3:ba:bb:c2:fd:d5:b0:13:e8:9f:4f:5a:7c:66:ab:
         32:a0:6a:3e:55:9a:0f:a4:a5:56:7a:81:00:89:e6:51:86:69:
         c8:5e:77:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdl8iqU/CjHJqMbL2to0cAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZWEyMTUzNTM2YTgyMzgwOTlhZWE2NjgwODAxZmE0NDVi
ZmE5ZGYwHhcNMjUwNjEyMjEwMDU4WhcNMjUwNjEzMjEwMDU4WjAzMTEwLwYDVQQD
EygwYWViMWFhYzg4ZTQxN2ZjYTYwYjUyN2EyYzMyYzNkYzNlMDZlNGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSWHxJdj879Mr9yoDZfycoW7zLHw
35JiRu3vyfX7rSU51GLoNvP+ZC7BkLyldfUTA1QddGgD3x5f9xWeSXOMdTmxT7Rj
Uz3fF6nchQkMvdzCR6iF50QhN08y9NrKMgk6jq8/8a+5GDG1lFxlaPNmsTCCDQ61
zwW9kw2vyCNIlHa+0NulPMOFyZ9SNXMX58xFDUYb486orZku25Y+96oxC/4OSq9z
eOkGtxjefiHTBR59SAgULQPNKUPneEV54hLuPKtexVAi8CHE3lEJVaiFiZux8Zya
8Rx0fZA+NEwwxW06T7ZZ6TKVvTd21/4kY8BvI47gT9J6e3KxTYLOiRWv2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFArrGqyI5Bf8pgtSeiwyw9w+BuSpMB8GA1UdIwQY
MBaAFAjqIVNTaoI4CZrqZoCAH6RFv6nfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2It
YWUzN2JhMGExMDgxLzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2ItYWUzN2JhMGExMDgx
LzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ1EjHGcO
1eSDBfd9nk+b0c1QzEThul5TOZC8mIK85lIOKm4yBB0Wi/GHMkgQRermxKQ5EnYH
VFdyaA4MJpxAWTizt7bxJZ9Sasq7QkHAvpbb9k1gYRr2/ccKcCdHWqoCWUA/EZQk
b0fapVIfMUwzhJuN9OqlhjkF8///5MM036N3A9wiCUmtZxeryD7X9/+BJAhggAfO
L1CQ4CNfS5ZjmoV3xObDDgxtGcvJwxjzsM/Q1MUDK5QTDAoh8csfnmW+jJH3tXJh
abYikD0f5BAmiDYraOiOxMOumdGO47q7wv3VsBPon09afGarMqBqPlWaD6SlVnqB
AInmUYZpyF53SQ==
-----END CERTIFICATE-----