Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft
File:                     COKNBckBhf5-Yq8c7iXIg7b-IjY.mft (raw, json)
Hash identifier:          uABm+7gTjbw2sQlybMwOF3hKA/dfmNDkdMUP8sOeY98=
Subject key identifier:   38:40:F0:36:22:3F:C7:4A:97:62:18:57:5B:76:78:CC:25:CA:53:7A
Authority key identifier: 08:E2:8D:05:C9:01:85:FE:7E:62:AF:1C:EE:25:C8:83:B6:FE:22:36
Certificate issuer:       /CN=08e28d05c90185fe7e62af1cee25c883b6fe2236
Certificate serial:       0198D5BC13496E831E61440CE75B42056AF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/COKNBckBhf5-Yq8c7iXIg7b-IjY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft
Manifest number:          05A5
Signing time:             Sat 23 Aug 2025 07:02:09 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:09 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:09 +0000
Files and hashes:         1: COKNBckBhf5-Yq8c7iXIg7b-IjY.crl (hash: DkojWaT80qM+w4mk3Vm7s9cQJZy3oD3dXfqirS6wEFQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/COKNBckBhf5-Yq8c7iXIg7b-IjY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:13:49:6e:83:1e:61:44:0c:e7:5b:42:05:6a:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08e28d05c90185fe7e62af1cee25c883b6fe2236
        Validity
            Not Before: Aug 23 07:02:09 2025 GMT
            Not After : Aug 24 07:02:09 2025 GMT
        Subject: CN=3840f036223fc74a976218575b7678cc25ca537a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c9:11:32:fa:e3:af:9a:fe:d6:ef:98:c0:ac:
                    46:f2:27:88:29:6c:da:32:46:81:1a:c6:f7:c1:03:
                    32:b5:6d:13:6e:c3:bc:33:8d:09:63:85:77:1a:ca:
                    bf:33:d3:74:8d:99:b3:86:8f:f6:e9:08:e6:fa:12:
                    14:7f:1d:08:7a:65:c1:8c:2c:f5:5e:16:1a:8a:2c:
                    ba:28:ee:ce:d8:3e:d8:82:2b:97:f4:4b:f9:12:cb:
                    b8:36:93:40:0c:df:1f:64:2e:96:64:ce:f1:ac:d8:
                    8b:22:fa:d8:e7:b9:4f:eb:0e:0f:70:c4:9f:cf:2c:
                    f4:35:8c:f7:5a:cf:46:68:73:dc:fd:aa:93:23:6e:
                    6d:a8:f9:85:0d:b2:78:23:21:ae:a4:9f:e0:f5:b6:
                    6f:99:d3:7a:bc:2f:80:55:97:ec:f7:8b:8d:c7:99:
                    8e:23:12:cd:10:b2:bc:ec:8b:4f:ff:0e:37:d4:c1:
                    ac:a9:9a:e4:1a:9f:28:3e:41:2f:fa:64:00:8b:5d:
                    84:11:a7:ce:3b:2b:bd:d2:33:4c:06:87:74:7c:da:
                    fa:40:6c:a6:0b:af:a7:74:c6:a4:66:0d:15:db:00:
                    e3:55:e4:41:7d:7f:07:13:a1:6a:1a:88:1c:15:45:
                    0d:f8:83:c8:f8:3e:36:73:3b:46:03:6d:98:53:38:
                    a7:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:40:F0:36:22:3F:C7:4A:97:62:18:57:5B:76:78:CC:25:CA:53:7A
            X509v3 Authority Key Identifier:
                keyid:08:E2:8D:05:C9:01:85:FE:7E:62:AF:1C:EE:25:C8:83:B6:FE:22:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/COKNBckBhf5-Yq8c7iXIg7b-IjY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:4d:56:86:ae:e7:eb:e4:b3:a3:b2:42:d8:f0:e4:21:fb:e0:
         fd:57:af:00:c0:03:7e:2c:59:4f:e6:67:1a:17:d4:b0:21:82:
         f6:3a:69:84:84:53:d7:d2:9d:bc:80:46:cc:2d:c9:3a:45:45:
         fa:4c:d9:8a:52:16:9a:4c:bc:20:12:1e:00:28:98:7b:a3:78:
         cf:20:fa:c6:e5:5c:bb:63:db:40:f0:a5:d7:28:22:ae:5a:ab:
         03:61:e6:cb:ef:3a:91:99:21:26:2b:89:11:08:01:0b:a5:fa:
         c4:1c:68:ae:15:d1:7d:9e:66:31:34:e2:4c:6b:82:35:bf:ca:
         0f:55:96:6e:02:2d:c4:44:c5:9a:8c:9b:c6:f7:02:94:28:41:
         73:bd:bc:7a:6b:f2:d1:82:d8:53:95:f9:74:42:aa:af:24:a3:
         9a:e1:a5:41:c5:06:c8:51:1c:c9:9a:13:62:6d:b2:5d:d8:16:
         b9:b6:18:b6:12:e0:2c:c0:c3:36:30:a6:73:e0:35:17:d7:fe:
         50:47:2a:22:d9:29:f6:e9:23:6f:20:d6:f9:03:97:ce:8f:16:
         0a:0c:fb:20:14:05:fc:bb:f5:9b:7e:ec:e8:7d:9f:11:16:55:
         14:dc:53:02:4d:75:14:d3:ee:b2:2e:8e:19:88:26:ef:90:35:
         d0:ae:75:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvBNJboMeYUQM51tCBWr5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZTI4ZDA1YzkwMTg1ZmU3ZTYyYWYxY2VlMjVjODgzYjZm
ZTIyMzYwHhcNMjUwODIzMDcwMjA5WhcNMjUwODI0MDcwMjA5WjAzMTEwLwYDVQQD
EygzODQwZjAzNjIyM2ZjNzRhOTc2MjE4NTc1Yjc2NzhjYzI1Y2E1MzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApckRMvrjr5r+1u+YwKxG8ieIKWza
MkaBGsb3wQMytW0TbsO8M40JY4V3Gsq/M9N0jZmzho/26Qjm+hIUfx0IemXBjCz1
XhYaiiy6KO7O2D7YgiuX9Ev5Esu4NpNADN8fZC6WZM7xrNiLIvrY57lP6w4PcMSf
zyz0NYz3Ws9GaHPc/aqTI25tqPmFDbJ4IyGupJ/g9bZvmdN6vC+AVZfs94uNx5mO
IxLNELK87ItP/w431MGsqZrkGp8oPkEv+mQAi12EEafOOyu90jNMBod0fNr6QGym
C6+ndMakZg0V2wDjVeRBfX8HE6FqGogcFUUN+IPI+D42cztGA22YUzinxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhA8DYiP8dKl2IYV1t2eMwlylN6MB8GA1UdIwQY
MBaAFAjijQXJAYX+fmKvHO4lyIO2/iI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ09LTkJja0JoZjUtWXE4YzdpWElnN2ItSWpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS84ZDJiYTctYzZiNy00NzBiLTg1YWEt
MGM0N2E0MWYzYTkwLzEvQ09LTkJja0JoZjUtWXE4YzdpWElnN2ItSWpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS84ZDJiYTctYzZiNy00NzBiLTg1YWEtMGM0N2E0MWYzYTkw
LzEvQ09LTkJja0JoZjUtWXE4YzdpWElnN2ItSWpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaU1Whq7n
6+Szo7JC2PDkIfvg/VevAMADfixZT+ZnGhfUsCGC9jpphIRT19KdvIBGzC3JOkVF
+kzZilIWmky8IBIeACiYe6N4zyD6xuVcu2PbQPCl1ygirlqrA2Hmy+86kZkhJiuJ
EQgBC6X6xBxorhXRfZ5mMTTiTGuCNb/KD1WWbgItxETFmoybxvcClChBc728emvy
0YLYU5X5dEKqrySjmuGlQcUGyFEcyZoTYm2yXdgWubYYthLgLMDDNjCmc+A1F9f+
UEcqItkp9ukjbyDW+QOXzo8WCgz7IBQF/Lv1m37s6H2fERZVFNxTAk11FNPusi6O
GYgm75A10K51sQ==
-----END CERTIFICATE-----