Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
File:                     obfHtAmGdKBPsXeELOxO65v4nh4.mft (raw, json)
Hash identifier:          UDXY+XANpLN+wKHdwild8r7/JfbiZGSYoagDDiT/QQk=
Subject key identifier:   DA:3A:8F:07:B8:47:9B:E2:A0:CC:F7:A4:1F:B0:32:B1:B8:BD:EA:45
Authority key identifier: A1:B7:C7:B4:09:86:74:A0:4F:B1:77:84:2C:EC:4E:EB:9B:F8:9E:1E
Certificate issuer:       /CN=a1b7c7b4098674a04fb177842cec4eeb9bf89e1e
Certificate serial:       0197488BF7A575CFEAB031FA881FBE018280
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
Manifest number:          1578
Signing time:             Sat 07 Jun 2025 04:00:21 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:21 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:21 +0000
Files and hashes:         1: obfHtAmGdKBPsXeELOxO65v4nh4.crl (hash: U2zo/y+qxciuF8gcTAaL0MqSr6axPYx/7t7Nd/WlBK4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8b:f7:a5:75:cf:ea:b0:31:fa:88:1f:be:01:82:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1b7c7b4098674a04fb177842cec4eeb9bf89e1e
        Validity
            Not Before: Jun  7 04:00:21 2025 GMT
            Not After : Jun  8 04:00:21 2025 GMT
        Subject: CN=da3a8f07b8479be2a0ccf7a41fb032b1b8bdea45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:79:48:b6:d9:31:5a:41:31:40:be:35:4f:3a:
                    69:41:77:28:a7:02:75:d5:10:34:e6:da:e6:14:b4:
                    9a:b0:50:0c:88:e5:3a:4f:e6:8c:f7:34:72:4b:47:
                    0c:1c:ad:73:97:75:3e:1a:c7:f0:48:11:15:ef:e3:
                    76:8c:52:b9:8c:ea:6b:67:5e:84:9b:c7:79:c4:a4:
                    0e:0e:66:1a:6e:d8:1d:28:39:57:74:31:31:f0:60:
                    65:98:df:d0:f9:6b:9c:0a:79:e5:94:68:08:e5:64:
                    93:ba:ab:cf:a4:a8:47:b5:f8:cb:a3:c8:94:1f:7b:
                    c1:0f:8b:9f:be:56:35:b1:bc:f1:97:99:9b:e7:b4:
                    d6:78:4b:9c:55:2b:8e:70:f0:bd:f3:28:10:d5:92:
                    15:0b:32:02:ef:8e:f9:63:f4:3b:a9:30:0c:40:d1:
                    83:48:b1:b8:ed:84:89:e3:8d:bb:fc:0e:a1:79:75:
                    ed:59:c4:39:f6:7c:64:35:3e:8a:5e:3f:ae:2e:a1:
                    da:ae:a4:01:61:e2:cc:18:8f:d0:7a:37:b0:38:5f:
                    aa:3f:6b:06:eb:2d:f5:da:28:22:d6:58:a5:cb:bc:
                    5a:f2:b9:da:24:b9:70:49:f6:1b:5a:d9:10:d2:6f:
                    76:7f:34:0b:9c:f3:b5:16:8b:a9:67:71:23:b3:46:
                    3e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:3A:8F:07:B8:47:9B:E2:A0:CC:F7:A4:1F:B0:32:B1:B8:BD:EA:45
            X509v3 Authority Key Identifier:
                keyid:A1:B7:C7:B4:09:86:74:A0:4F:B1:77:84:2C:EC:4E:EB:9B:F8:9E:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:0d:0e:20:3e:5c:6d:7f:84:42:ca:36:14:e7:30:eb:09:dc:
         d9:f2:39:51:0b:a5:d0:f1:14:1b:7d:84:01:cf:64:86:31:2a:
         e4:9a:1c:f9:49:d5:75:14:04:c7:68:5f:27:f3:45:3a:78:e4:
         77:63:0a:ee:ca:ec:94:b7:82:0a:d0:07:14:d0:58:9a:93:79:
         6e:ec:e5:24:5b:da:24:75:c2:9a:0a:59:1e:a6:78:4b:1a:9e:
         67:b1:2a:6f:fa:c3:a4:19:c2:42:f5:e3:41:74:1c:7d:98:88:
         7d:25:5e:06:14:c9:2a:08:52:03:d1:44:6f:a3:98:df:29:b8:
         fe:ce:e4:47:b1:d6:1b:f4:a4:0f:11:ef:26:3b:43:42:47:d9:
         8e:be:fc:cf:e7:71:0e:e4:c0:ce:11:6e:8d:1d:bc:32:d1:9b:
         c5:7d:4f:7e:22:1c:b6:ac:dc:68:0f:8f:5b:60:ee:6a:82:d9:
         49:f4:ac:2c:e3:d5:bf:85:f9:26:78:b7:31:c0:57:95:e4:17:
         20:01:58:31:e6:cb:ef:cb:c4:21:04:15:ac:92:f0:79:d0:fe:
         54:55:36:e1:76:db:9e:90:46:b1:b7:39:83:f5:43:40:cf:85:
         92:ea:3f:fe:e8:b8:18:3f:e1:f5:fd:2b:7d:87:1d:ec:1f:a4:
         ad:f6:35:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIi/eldc/qsDH6iB++AYKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjdjN2I0MDk4Njc0YTA0ZmIxNzc4NDJjZWM0ZWViOWJm
ODllMWUwHhcNMjUwNjA3MDQwMDIxWhcNMjUwNjA4MDQwMDIxWjAzMTEwLwYDVQQD
EyhkYTNhOGYwN2I4NDc5YmUyYTBjY2Y3YTQxZmIwMzJiMWI4YmRlYTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXlIttkxWkExQL41TzppQXcopwJ1
1RA05trmFLSasFAMiOU6T+aM9zRyS0cMHK1zl3U+GsfwSBEV7+N2jFK5jOprZ16E
m8d5xKQODmYabtgdKDlXdDEx8GBlmN/Q+WucCnnllGgI5WSTuqvPpKhHtfjLo8iU
H3vBD4ufvlY1sbzxl5mb57TWeEucVSuOcPC98ygQ1ZIVCzIC7475Y/Q7qTAMQNGD
SLG47YSJ4427/A6heXXtWcQ59nxkNT6KXj+uLqHarqQBYeLMGI/QejewOF+qP2sG
6y312igi1lily7xa8rnaJLlwSfYbWtkQ0m92fzQLnPO1FoupZ3Ejs0Y+JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNo6jwe4R5vioMz3pB+wMrG4vepFMB8GA1UdIwQY
MBaAFKG3x7QJhnSgT7F3hCzsTuub+J4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NWFlMWItYjA3Ny00NDhlLWEzMjgt
N2MwNWExZmY1NDliLzEvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NWFlMWItYjA3Ny00NDhlLWEzMjgtN2MwNWExZmY1NDli
LzEvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAag0OID5c
bX+EQso2FOcw6wnc2fI5UQul0PEUG32EAc9khjEq5Joc+UnVdRQEx2hfJ/NFOnjk
d2MK7srslLeCCtAHFNBYmpN5buzlJFvaJHXCmgpZHqZ4SxqeZ7Eqb/rDpBnCQvXj
QXQcfZiIfSVeBhTJKghSA9FEb6OY3ym4/s7kR7HWG/SkDxHvJjtDQkfZjr78z+dx
DuTAzhFujR28MtGbxX1PfiIctqzcaA+PW2DuaoLZSfSsLOPVv4X5Jni3McBXleQX
IAFYMebL78vEIQQVrJLwedD+VFU24XbbnpBGsbc5g/VDQM+Fkuo//ui4GD/h9f0r
fYcd7B+krfY13g==
-----END CERTIFICATE-----