Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
File:                     COohU1NqgjgJmupmgIAfpEW_qd8.mft (raw, json)
Hash identifier:          7FbJAqJOQznuKsDh6jNoLE7Uju1CLygk2kiAFip43D0=
Subject key identifier:   90:AB:E4:18:4A:13:77:B3:33:33:58:FE:CD:8B:20:BB:0B:7C:93:2C
Authority key identifier: 08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF
Certificate issuer:       /CN=08ea2153536a8238099aea6680801fa445bfa9df
Certificate serial:       019767E09116FF8E05B569D25CB3FEBAEB11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
Manifest number:          14D3
Signing time:             Fri 13 Jun 2025 06:00:59 +0000
Manifest this update:     Fri 13 Jun 2025 06:00:59 +0000
Manifest next update:     Sat 14 Jun 2025 06:00:59 +0000
Files and hashes:         1: COohU1NqgjgJmupmgIAfpEW_qd8.crl (hash: +HJ8EdABMT9cTahQvpdh7DTb/1nx7aHo1d/BrjH/cIc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:e0:91:16:ff:8e:05:b5:69:d2:5c:b3:fe:ba:eb:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08ea2153536a8238099aea6680801fa445bfa9df
        Validity
            Not Before: Jun 13 06:00:59 2025 GMT
            Not After : Jun 14 06:00:59 2025 GMT
        Subject: CN=90abe4184a1377b3333358fecd8b20bb0b7c932c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:1b:59:5c:1b:02:b6:98:49:fe:33:76:a2:a9:
                    b8:62:00:db:32:8c:8e:98:23:2e:b0:2c:e2:c8:da:
                    0e:30:3e:61:01:cc:c2:ae:30:f7:bc:79:97:8f:07:
                    e8:60:3b:5c:a6:6b:0b:f4:63:ac:22:a7:ac:ce:55:
                    7c:0f:c4:ee:9e:c3:c7:5e:b0:b2:4f:c7:d7:6c:bd:
                    b3:e9:92:8c:68:9b:fd:f1:7e:dc:4a:07:85:13:6a:
                    34:97:13:5d:d8:1b:b7:9c:4f:83:e9:ab:77:ad:14:
                    1a:0f:87:0e:a6:1d:85:57:b6:78:5b:f0:e8:e1:c1:
                    c4:d7:2a:ec:f7:9a:c5:c8:09:60:a9:f0:0d:b6:5d:
                    1b:31:8d:24:eb:2c:05:e6:f3:8b:a7:af:12:bf:3e:
                    bc:b5:4c:53:ea:29:2a:36:27:30:ff:a8:e8:a0:fe:
                    bd:81:e7:59:94:23:16:db:95:e6:16:75:4d:a2:96:
                    ae:87:18:40:53:24:e1:3c:ec:ad:02:80:bd:0d:18:
                    2f:d5:91:36:5e:b6:21:f1:0d:f3:0e:5c:a9:7f:d9:
                    39:83:2d:fd:35:37:a1:5d:62:f4:1e:f9:95:b3:c3:
                    cf:35:25:0f:b5:03:66:68:f3:bf:80:bb:3f:eb:75:
                    e9:27:f1:e3:38:8e:38:d4:25:21:1c:e0:42:ef:c2:
                    98:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:AB:E4:18:4A:13:77:B3:33:33:58:FE:CD:8B:20:BB:0B:7C:93:2C
            X509v3 Authority Key Identifier:
                keyid:08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:4e:21:a9:bf:2c:45:a5:c6:11:75:9e:78:3c:0f:2a:ec:c6:
         31:c9:73:be:d6:ef:61:12:ba:5a:3f:a2:ce:4b:ce:da:11:95:
         37:9e:45:86:61:45:c4:34:db:d1:38:3a:bf:9e:25:c0:1c:0b:
         f0:0a:f2:38:72:9e:f8:2d:3a:25:21:c0:5d:bd:75:37:b2:a3:
         8b:ed:ad:7a:b5:b4:40:1d:ba:05:21:09:33:ca:b9:47:e9:0d:
         49:d6:17:ba:7f:d8:4c:86:35:96:3c:e6:ef:5a:ab:e5:f8:1b:
         c2:a1:e8:87:6b:b8:78:4d:6d:3f:58:ba:9b:0b:2e:c9:2a:dc:
         89:50:a6:f1:de:10:3c:66:de:b6:fe:bc:f0:d2:f5:2a:c2:58:
         5d:a8:30:f0:68:35:8b:97:25:f5:d5:ec:75:f8:a9:64:70:d8:
         88:24:dd:fd:b5:0e:27:6f:d0:9c:2b:01:ed:d8:f4:8a:5a:88:
         42:1b:a4:db:fb:70:0b:dd:c4:ae:9e:0c:b3:ba:67:25:06:f7:
         4a:e1:4c:71:e7:2a:72:78:2c:bb:e9:34:19:f6:b6:ea:72:ef:
         4e:d2:fe:06:6b:8c:ef:b7:90:e4:bc:da:20:29:2e:60:60:ab:
         69:db:d0:b1:07:2e:bb:2c:7e:04:e1:3e:60:d2:34:23:e1:88:
         0c:fd:ec:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdn4JEW/44FtWnSXLP+uusRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZWEyMTUzNTM2YTgyMzgwOTlhZWE2NjgwODAxZmE0NDVi
ZmE5ZGYwHhcNMjUwNjEzMDYwMDU5WhcNMjUwNjE0MDYwMDU5WjAzMTEwLwYDVQQD
Eyg5MGFiZTQxODRhMTM3N2IzMzMzMzU4ZmVjZDhiMjBiYjBiN2M5MzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhtZXBsCtphJ/jN2oqm4YgDbMoyO
mCMusCziyNoOMD5hAczCrjD3vHmXjwfoYDtcpmsL9GOsIqeszlV8D8TunsPHXrCy
T8fXbL2z6ZKMaJv98X7cSgeFE2o0lxNd2Bu3nE+D6at3rRQaD4cOph2FV7Z4W/Do
4cHE1yrs95rFyAlgqfANtl0bMY0k6ywF5vOLp68Svz68tUxT6ikqNicw/6jooP69
gedZlCMW25XmFnVNopauhxhAUyThPOytAoC9DRgv1ZE2XrYh8Q3zDlypf9k5gy39
NTehXWL0HvmVs8PPNSUPtQNmaPO/gLs/63XpJ/HjOI441CUhHOBC78KYkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJCr5BhKE3ezMzNY/s2LILsLfJMsMB8GA1UdIwQY
MBaAFAjqIVNTaoI4CZrqZoCAH6RFv6nfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2It
YWUzN2JhMGExMDgxLzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2ItYWUzN2JhMGExMDgx
LzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQk4hqb8s
RaXGEXWeeDwPKuzGMclzvtbvYRK6Wj+izkvO2hGVN55FhmFFxDTb0Tg6v54lwBwL
8AryOHKe+C06JSHAXb11N7Kji+2terW0QB26BSEJM8q5R+kNSdYXun/YTIY1ljzm
71qr5fgbwqHoh2u4eE1tP1i6mwsuySrciVCm8d4QPGbetv688NL1KsJYXagw8Gg1
i5cl9dXsdfipZHDYiCTd/bUOJ2/QnCsB7dj0ilqIQhuk2/twC93Erp4Ms7pnJQb3
SuFMcecqcngsu+k0Gfa26nLvTtL+BmuM77eQ5LzaICkuYGCradvQsQcuuyx+BOE+
YNI0I+GIDP3sbw==
-----END CERTIFICATE-----
Generated at Fri Jun 13 08:16:22 2025 by rpki-client