Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft
File:                     COKNBckBhf5-Yq8c7iXIg7b-IjY.mft (raw, json)
Hash identifier:          14OQ1IOgf/1SlB1ksEd82nNZfLk8Zq910fllcDMIA5A=
Subject key identifier:   B9:C4:2A:A0:8E:65:E0:8E:49:B6:F3:88:D5:D7:DC:D2:18:B2:11:27
Authority key identifier: 08:E2:8D:05:C9:01:85:FE:7E:62:AF:1C:EE:25:C8:83:B6:FE:22:36
Certificate issuer:       /CN=08e28d05c90185fe7e62af1cee25c883b6fe2236
Certificate serial:       0197B5FC3658104B31B90A287D557F3EAC50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/COKNBckBhf5-Yq8c7iXIg7b-IjY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft
Manifest number:          0510
Signing time:             Sat 28 Jun 2025 10:01:34 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:34 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:34 +0000
Files and hashes:         1: COKNBckBhf5-Yq8c7iXIg7b-IjY.crl (hash: VY9UjI9PJKKhqYuASi0ZuZ5wKKNruZzQWcU72PdF6Oo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/COKNBckBhf5-Yq8c7iXIg7b-IjY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fc:36:58:10:4b:31:b9:0a:28:7d:55:7f:3e:ac:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08e28d05c90185fe7e62af1cee25c883b6fe2236
        Validity
            Not Before: Jun 28 10:01:34 2025 GMT
            Not After : Jun 29 10:01:34 2025 GMT
        Subject: CN=b9c42aa08e65e08e49b6f388d5d7dcd218b21127
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:47:d2:e5:5e:c7:11:65:db:5a:fb:3f:44:b8:
                    42:49:38:c7:4c:86:d7:27:74:96:3e:0a:6a:16:5e:
                    70:e1:1e:c7:84:12:d6:ca:c8:a6:ec:77:b4:9e:0d:
                    fc:21:ec:72:57:ed:70:54:ad:9c:9f:4c:6e:77:c7:
                    7d:b0:4e:13:d5:0b:99:47:28:6b:22:e7:3d:6d:7d:
                    bb:22:02:c8:51:38:e5:50:bc:95:4a:7f:c7:8c:c2:
                    ae:6d:7a:30:83:43:ff:4d:ca:19:98:9d:35:d6:26:
                    af:ab:03:dc:dc:25:91:c6:1d:34:6b:90:85:b5:33:
                    f1:38:fd:03:2d:b3:9c:0e:c7:12:a8:31:bd:18:d8:
                    8e:83:c3:c1:7f:89:cd:a9:1e:71:35:02:7b:e5:ab:
                    28:e2:9c:1a:15:cb:3f:f3:3c:14:29:37:a6:d3:a8:
                    27:31:cc:25:97:6b:35:60:24:e2:7d:a5:b2:78:a8:
                    c0:2e:4d:c7:27:f2:7b:9a:9d:05:55:c7:27:90:0e:
                    1f:c0:d3:0d:da:5f:08:a7:ff:15:53:c0:d0:0f:55:
                    09:f8:56:08:fa:c8:70:de:2e:28:c7:b7:e6:67:0f:
                    3e:4a:aa:2c:e9:e0:32:73:ca:02:d3:24:b5:5d:11:
                    19:55:1f:65:77:ff:9e:c1:ff:d8:ed:71:89:3b:58:
                    46:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:C4:2A:A0:8E:65:E0:8E:49:B6:F3:88:D5:D7:DC:D2:18:B2:11:27
            X509v3 Authority Key Identifier:
                keyid:08:E2:8D:05:C9:01:85:FE:7E:62:AF:1C:EE:25:C8:83:B6:FE:22:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/COKNBckBhf5-Yq8c7iXIg7b-IjY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:a1:ee:04:22:37:f2:c6:db:75:25:44:f4:3f:37:e6:2b:a6:
         61:5d:3d:ea:05:0f:98:18:2f:2a:e0:6c:38:fa:a9:93:9b:28:
         07:80:58:41:2f:d9:cf:b9:a0:91:62:43:ab:82:03:54:0d:06:
         57:de:39:7e:55:53:c7:a0:05:21:75:0c:8d:05:5f:b0:8e:77:
         dd:bc:1d:e9:1b:79:45:78:3b:9d:c3:b6:cc:21:75:bf:1f:92:
         ad:0d:a0:85:e4:ea:89:dc:05:c9:85:4f:b2:c4:4f:25:30:6d:
         dc:2f:5e:12:70:da:d0:ee:ed:f6:b1:b7:9b:d2:c6:7d:75:02:
         83:59:33:2d:22:b2:25:46:eb:37:4e:31:05:22:53:00:08:c4:
         f6:40:ed:e9:74:95:3e:62:6f:37:f3:a3:41:81:6c:43:a9:2a:
         cb:90:02:c1:31:ef:a1:e7:36:10:39:ab:c5:b1:36:40:98:29:
         b2:87:82:15:e9:1f:1a:c9:cc:4b:8b:01:73:e8:16:80:02:55:
         4d:0f:c7:a7:f7:da:9f:99:d3:31:47:74:60:34:6b:11:2a:34:
         30:bc:73:26:91:a2:7b:c2:f8:e3:64:2c:9e:92:93:63:cb:c4:
         44:e9:b4:cb:36:ed:d8:4d:e2:46:6c:51:b6:59:28:81:84:8c:
         c8:38:eb:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1/DZYEEsxuQoofVV/PqxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZTI4ZDA1YzkwMTg1ZmU3ZTYyYWYxY2VlMjVjODgzYjZm
ZTIyMzYwHhcNMjUwNjI4MTAwMTM0WhcNMjUwNjI5MTAwMTM0WjAzMTEwLwYDVQQD
EyhiOWM0MmFhMDhlNjVlMDhlNDliNmYzODhkNWQ3ZGNkMjE4YjIxMTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEfS5V7HEWXbWvs/RLhCSTjHTIbX
J3SWPgpqFl5w4R7HhBLWysim7He0ng38IexyV+1wVK2cn0xud8d9sE4T1QuZRyhr
Iuc9bX27IgLIUTjlULyVSn/HjMKubXowg0P/TcoZmJ011iavqwPc3CWRxh00a5CF
tTPxOP0DLbOcDscSqDG9GNiOg8PBf4nNqR5xNQJ75aso4pwaFcs/8zwUKTem06gn
Mcwll2s1YCTifaWyeKjALk3HJ/J7mp0FVccnkA4fwNMN2l8Ip/8VU8DQD1UJ+FYI
+shw3i4ox7fmZw8+Sqos6eAyc8oC0yS1XREZVR9ld/+ewf/Y7XGJO1hGIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnEKqCOZeCOSbbziNXX3NIYshEnMB8GA1UdIwQY
MBaAFAjijQXJAYX+fmKvHO4lyIO2/iI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ09LTkJja0JoZjUtWXE4YzdpWElnN2ItSWpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS84ZDJiYTctYzZiNy00NzBiLTg1YWEt
MGM0N2E0MWYzYTkwLzEvQ09LTkJja0JoZjUtWXE4YzdpWElnN2ItSWpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS84ZDJiYTctYzZiNy00NzBiLTg1YWEtMGM0N2E0MWYzYTkw
LzEvQ09LTkJja0JoZjUtWXE4YzdpWElnN2ItSWpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApKHuBCI3
8sbbdSVE9D835iumYV096gUPmBgvKuBsOPqpk5soB4BYQS/Zz7mgkWJDq4IDVA0G
V945flVTx6AFIXUMjQVfsI533bwd6Rt5RXg7ncO2zCF1vx+SrQ2gheTqidwFyYVP
ssRPJTBt3C9eEnDa0O7t9rG3m9LGfXUCg1kzLSKyJUbrN04xBSJTAAjE9kDt6XSV
PmJvN/OjQYFsQ6kqy5ACwTHvoec2EDmrxbE2QJgpsoeCFekfGsnMS4sBc+gWgAJV
TQ/Hp/fan5nTMUd0YDRrESo0MLxzJpGie8L442QsnpKTY8vEROm0yzbt2E3iRmxR
tlkogYSMyDjrsg==
-----END CERTIFICATE-----