Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
File:                     COohU1NqgjgJmupmgIAfpEW_qd8.mft (raw, json)
Hash identifier:          V1IscYCw1ecxhuMkOldN/akYZQ1NkGpyR1tOe2g9py8=
Subject key identifier:   52:4C:19:8F:E9:41:D9:20:FA:EF:8C:74:CE:72:60:00:A4:E4:FB:A0
Authority key identifier: 08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF
Certificate issuer:       /CN=08ea2153536a8238099aea6680801fa445bfa9df
Certificate serial:       019769CEEC63C56A0D8F8618D0FFAF107A74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
Manifest number:          14D4
Signing time:             Fri 13 Jun 2025 15:00:57 +0000
Manifest this update:     Fri 13 Jun 2025 15:00:57 +0000
Manifest next update:     Sat 14 Jun 2025 15:00:57 +0000
Files and hashes:         1: COohU1NqgjgJmupmgIAfpEW_qd8.crl (hash: jBFBpr0i2IJHnmohbe5agFoUmytEWrildnvykC0KTto=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 15:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:ce:ec:63:c5:6a:0d:8f:86:18:d0:ff:af:10:7a:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08ea2153536a8238099aea6680801fa445bfa9df
        Validity
            Not Before: Jun 13 15:00:57 2025 GMT
            Not After : Jun 14 15:00:57 2025 GMT
        Subject: CN=524c198fe941d920faef8c74ce726000a4e4fba0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:b7:4d:27:d1:0c:04:dd:4c:84:82:4d:2a:a8:
                    56:f7:6e:22:ab:a1:0d:d1:03:77:82:c2:08:88:f6:
                    52:96:80:20:7f:57:f4:81:50:37:d7:87:b8:22:a3:
                    d0:7e:75:12:d3:05:81:56:b3:34:81:41:26:33:87:
                    a4:62:ff:27:6d:53:61:11:8e:b8:f9:5d:0f:90:13:
                    d4:61:84:a6:8b:4d:b2:0c:53:07:02:51:0f:fa:c9:
                    ce:ad:4a:93:5b:29:34:3b:35:89:dd:70:4b:44:5f:
                    2b:65:af:54:76:78:87:8e:61:a1:cd:7f:67:99:f4:
                    22:f5:a7:bf:c7:23:8c:3c:94:95:9d:5b:68:5f:af:
                    4e:a1:c1:16:db:aa:74:68:43:ea:c6:a5:8b:a5:cd:
                    28:04:d7:d3:55:65:83:3f:86:e1:bd:19:29:3f:83:
                    51:1b:a1:df:8c:e7:cf:bf:0d:57:46:8c:0c:bd:22:
                    56:89:1b:84:eb:e6:00:4c:47:78:75:fa:16:7d:cf:
                    39:fd:9c:f5:2c:8b:93:9e:6e:bc:5d:ed:b3:76:a0:
                    e0:d5:d8:ad:79:57:dc:3e:b0:65:60:d5:1a:57:d3:
                    31:2f:ee:65:5b:5f:cf:6e:93:ea:85:43:07:01:ac:
                    7a:f6:b9:c5:38:3a:32:4a:74:16:b0:02:57:69:b2:
                    87:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:4C:19:8F:E9:41:D9:20:FA:EF:8C:74:CE:72:60:00:A4:E4:FB:A0
            X509v3 Authority Key Identifier:
                keyid:08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:e2:19:0c:24:21:db:c6:d8:23:f0:65:7a:de:0b:48:3d:77:
         3f:64:ef:8d:f3:77:34:98:95:87:68:e4:37:e2:11:dd:dd:9a:
         1d:3d:00:fa:ab:48:7d:15:1a:77:3c:6a:9e:af:19:03:86:15:
         d3:6d:54:25:3e:3f:47:83:87:84:d5:0f:6c:9e:11:b5:b9:88:
         ac:ca:1b:bf:d9:5b:45:f7:a0:fa:22:50:3e:99:d3:02:4d:fc:
         e4:2f:88:2c:96:0b:6b:22:f9:ea:83:de:38:f5:9d:1e:02:f2:
         73:33:f2:24:16:a1:22:82:bc:00:cc:7c:9d:eb:34:e6:c1:2f:
         df:1f:8b:ce:7d:c3:8e:fc:b5:d7:b2:c2:ec:16:9b:af:52:17:
         ab:c0:20:8c:6c:5e:a6:19:de:0d:ff:9a:64:50:03:b0:de:a2:
         90:ad:ec:1c:a2:08:13:20:28:2a:4f:af:47:63:cf:53:fa:fe:
         5d:9c:a8:81:a6:65:46:d7:43:46:4c:47:2f:a3:30:11:d7:a5:
         20:f5:97:4e:0e:d7:7e:59:a5:f1:a9:a7:bf:23:38:f7:f7:be:
         a1:fe:c1:75:e5:a0:c2:fc:57:66:ad:ac:d5:0e:b8:90:9b:35:
         ce:74:c4:dd:e4:ae:3a:f3:85:6c:35:91:68:88:da:9b:c5:12:
         de:04:4a:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzuxjxWoNj4YY0P+vEHp0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZWEyMTUzNTM2YTgyMzgwOTlhZWE2NjgwODAxZmE0NDVi
ZmE5ZGYwHhcNMjUwNjEzMTUwMDU3WhcNMjUwNjE0MTUwMDU3WjAzMTEwLwYDVQQD
Eyg1MjRjMTk4ZmU5NDFkOTIwZmFlZjhjNzRjZTcyNjAwMGE0ZTRmYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LdNJ9EMBN1MhIJNKqhW924iq6EN
0QN3gsIIiPZSloAgf1f0gVA314e4IqPQfnUS0wWBVrM0gUEmM4ekYv8nbVNhEY64
+V0PkBPUYYSmi02yDFMHAlEP+snOrUqTWyk0OzWJ3XBLRF8rZa9UdniHjmGhzX9n
mfQi9ae/xyOMPJSVnVtoX69OocEW26p0aEPqxqWLpc0oBNfTVWWDP4bhvRkpP4NR
G6HfjOfPvw1XRowMvSJWiRuE6+YATEd4dfoWfc85/Zz1LIuTnm68Xe2zdqDg1dit
eVfcPrBlYNUaV9MxL+5lW1/PbpPqhUMHAax69rnFODoySnQWsAJXabKHdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJMGY/pQdkg+u+MdM5yYACk5PugMB8GA1UdIwQY
MBaAFAjqIVNTaoI4CZrqZoCAH6RFv6nfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2It
YWUzN2JhMGExMDgxLzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2ItYWUzN2JhMGExMDgx
LzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARuIZDCQh
28bYI/Blet4LSD13P2TvjfN3NJiVh2jkN+IR3d2aHT0A+qtIfRUadzxqnq8ZA4YV
021UJT4/R4OHhNUPbJ4RtbmIrMobv9lbRfeg+iJQPpnTAk385C+ILJYLayL56oPe
OPWdHgLyczPyJBahIoK8AMx8nes05sEv3x+Lzn3Djvy117LC7Babr1IXq8AgjGxe
phneDf+aZFADsN6ikK3sHKIIEyAoKk+vR2PPU/r+XZyogaZlRtdDRkxHL6MwEdel
IPWXTg7Xflml8amnvyM49/e+of7BdeWgwvxXZq2s1Q64kJs1znTE3eSuOvOFbDWR
aIjam8US3gRKkw==
-----END CERTIFICATE-----