Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft
File:                     COKNBckBhf5-Yq8c7iXIg7b-IjY.mft (raw, json)
Hash identifier:          ck2P23KhMHsF7m+9sqgCQXMRJyez90cjvZfEs7mX4sY=
Subject key identifier:   A1:49:D4:2A:A9:53:CF:E1:B2:09:DD:1D:EF:E8:E4:1F:D1:65:11:27
Authority key identifier: 08:E2:8D:05:C9:01:85:FE:7E:62:AF:1C:EE:25:C8:83:B6:FE:22:36
Certificate issuer:       /CN=08e28d05c90185fe7e62af1cee25c883b6fe2236
Certificate serial:       0199FB0F41CAA407A26D66F2DBC1E6A34BF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/COKNBckBhf5-Yq8c7iXIg7b-IjY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft
Manifest number:          063D
Signing time:             Sun 19 Oct 2025 06:01:44 +0000
Manifest this update:     Sun 19 Oct 2025 06:01:44 +0000
Manifest next update:     Mon 20 Oct 2025 06:01:44 +0000
Files and hashes:         1: COKNBckBhf5-Yq8c7iXIg7b-IjY.crl (hash: HSNtNtoMJSEYMervn9/mubIoE0wutw+7Pb7B1f7+FoY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/COKNBckBhf5-Yq8c7iXIg7b-IjY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:0f:41:ca:a4:07:a2:6d:66:f2:db:c1:e6:a3:4b:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08e28d05c90185fe7e62af1cee25c883b6fe2236
        Validity
            Not Before: Oct 19 06:01:44 2025 GMT
            Not After : Oct 20 06:01:44 2025 GMT
        Subject: CN=a149d42aa953cfe1b209dd1defe8e41fd1651127
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:7a:6f:b8:a7:7b:00:e1:4e:a0:2b:96:0c:9a:
                    61:4e:8a:0c:df:e2:2a:47:36:e2:b9:90:4d:4f:99:
                    1d:f2:69:31:25:b4:50:c4:54:42:1d:ae:03:cd:c7:
                    56:4f:1d:55:cb:64:48:42:4e:6d:a2:49:91:ee:c7:
                    ac:01:74:dd:7b:07:3f:41:8e:85:aa:60:21:46:8f:
                    c6:b9:c6:09:19:c5:4b:2a:35:90:77:f8:b9:3f:19:
                    40:d0:3e:42:4b:6c:3d:a0:c8:c8:e6:26:02:f1:3e:
                    24:c5:2f:29:3f:f4:c7:5a:e2:af:9e:0d:5e:82:b6:
                    21:34:2c:56:7c:e8:92:a7:b6:d0:00:d4:dc:80:72:
                    a8:40:26:67:37:e8:ec:ec:cf:b0:b6:df:e2:41:d9:
                    ca:81:44:66:7c:45:74:b9:6c:b8:b9:82:bb:e0:ad:
                    b6:ff:48:c6:34:36:13:30:1e:48:5b:8b:d9:cc:e4:
                    9a:e2:6d:13:73:89:d0:ba:9a:02:13:91:ad:f4:59:
                    d9:ba:d4:d9:36:f2:1e:44:f1:6e:c7:d0:09:63:c8:
                    12:13:0f:2b:1d:36:77:0f:21:a2:ea:33:15:ba:bf:
                    1c:49:0d:0b:78:d2:f6:31:02:0f:d2:99:93:e9:1e:
                    5c:d6:26:fd:a3:4b:a1:17:e0:ba:b4:97:af:a6:c3:
                    1b:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:49:D4:2A:A9:53:CF:E1:B2:09:DD:1D:EF:E8:E4:1F:D1:65:11:27
            X509v3 Authority Key Identifier:
                keyid:08:E2:8D:05:C9:01:85:FE:7E:62:AF:1C:EE:25:C8:83:B6:FE:22:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/COKNBckBhf5-Yq8c7iXIg7b-IjY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:c3:99:43:c4:73:ee:5a:6d:53:5c:67:21:f8:10:58:93:75:
         a4:9a:50:ff:f4:cd:26:40:78:44:2f:18:1f:da:2f:64:e6:4e:
         8f:e1:42:1c:22:db:95:67:54:b5:50:f2:3c:94:17:65:3f:92:
         97:1a:dd:ba:fc:c4:ce:b0:fc:0e:42:4c:56:73:01:c9:83:5b:
         15:ec:78:59:ef:5b:db:26:8e:d2:d2:fe:92:03:f8:9c:77:0b:
         2c:ef:ff:71:b3:6a:44:2d:79:ee:db:45:22:f9:58:ed:2c:09:
         76:22:2b:e1:8d:4c:e5:0f:4e:52:98:c7:35:3e:ce:dc:6c:db:
         69:da:3a:f5:d4:e4:91:98:d5:ad:c7:54:6a:4a:87:56:f1:12:
         09:51:b2:f7:2c:2a:5f:df:d8:c6:f4:66:34:3d:9e:98:11:e1:
         1c:31:55:64:ae:74:99:a9:b3:24:00:fb:69:8a:3a:64:7b:89:
         62:90:d3:e2:dd:9b:48:e9:a6:58:7a:48:d9:88:89:ab:15:e3:
         d6:f8:2c:de:e5:bc:8f:2c:04:b9:d6:5d:91:bc:83:d7:c3:45:
         26:2b:d0:f4:b8:42:66:b5:bc:26:68:d1:18:fb:35:56:e1:2f:
         50:bf:d9:11:14:9f:b9:31:81:de:4f:ec:91:c5:d0:8e:f6:83:
         18:21:57:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7D0HKpAeibWby28Hmo0v2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZTI4ZDA1YzkwMTg1ZmU3ZTYyYWYxY2VlMjVjODgzYjZm
ZTIyMzYwHhcNMjUxMDE5MDYwMTQ0WhcNMjUxMDIwMDYwMTQ0WjAzMTEwLwYDVQQD
EyhhMTQ5ZDQyYWE5NTNjZmUxYjIwOWRkMWRlZmU4ZTQxZmQxNjUxMTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XpvuKd7AOFOoCuWDJphTooM3+Iq
RzbiuZBNT5kd8mkxJbRQxFRCHa4DzcdWTx1Vy2RIQk5tokmR7sesAXTdewc/QY6F
qmAhRo/GucYJGcVLKjWQd/i5PxlA0D5CS2w9oMjI5iYC8T4kxS8pP/THWuKvng1e
grYhNCxWfOiSp7bQANTcgHKoQCZnN+js7M+wtt/iQdnKgURmfEV0uWy4uYK74K22
/0jGNDYTMB5IW4vZzOSa4m0Tc4nQupoCE5Gt9FnZutTZNvIeRPFux9AJY8gSEw8r
HTZ3DyGi6jMVur8cSQ0LeNL2MQIP0pmT6R5c1ib9o0uhF+C6tJevpsMb8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKFJ1CqpU8/hsgndHe/o5B/RZREnMB8GA1UdIwQY
MBaAFAjijQXJAYX+fmKvHO4lyIO2/iI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ09LTkJja0JoZjUtWXE4YzdpWElnN2ItSWpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS84ZDJiYTctYzZiNy00NzBiLTg1YWEt
MGM0N2E0MWYzYTkwLzEvQ09LTkJja0JoZjUtWXE4YzdpWElnN2ItSWpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS84ZDJiYTctYzZiNy00NzBiLTg1YWEtMGM0N2E0MWYzYTkw
LzEvQ09LTkJja0JoZjUtWXE4YzdpWElnN2ItSWpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJcOZQ8Rz
7lptU1xnIfgQWJN1pJpQ//TNJkB4RC8YH9ovZOZOj+FCHCLblWdUtVDyPJQXZT+S
lxrduvzEzrD8DkJMVnMByYNbFex4We9b2yaO0tL+kgP4nHcLLO//cbNqRC157ttF
IvlY7SwJdiIr4Y1M5Q9OUpjHNT7O3Gzbado69dTkkZjVrcdUakqHVvESCVGy9ywq
X9/YxvRmND2emBHhHDFVZK50mamzJAD7aYo6ZHuJYpDT4t2bSOmmWHpI2YiJqxXj
1vgs3uW8jywEudZdkbyD18NFJivQ9LhCZrW8JmjRGPs1VuEvUL/ZERSfuTGB3k/s
kcXQjvaDGCFXqA==
-----END CERTIFICATE-----