Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
File:                     obfHtAmGdKBPsXeELOxO65v4nh4.mft (raw, json)
Hash identifier:          gDSFSQJghxqwfa4kobbcN2PZ7smrgI31TyyHKc6Vl68=
Subject key identifier:   B6:48:5D:89:C8:A2:7D:07:F5:74:96:B8:0D:D4:6A:18:C6:7C:66:0C
Authority key identifier: A1:B7:C7:B4:09:86:74:A0:4F:B1:77:84:2C:EC:4E:EB:9B:F8:9E:1E
Certificate issuer:       /CN=a1b7c7b4098674a04fb177842cec4eeb9bf89e1e
Certificate serial:       0196534A1A062747CD7104A28FA643B830DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
Manifest number:          14F9
Signing time:             Sun 20 Apr 2025 13:01:27 +0000
Manifest this update:     Sun 20 Apr 2025 13:01:27 +0000
Manifest next update:     Mon 21 Apr 2025 13:01:27 +0000
Files and hashes:         1: obfHtAmGdKBPsXeELOxO65v4nh4.crl (hash: Vc72HglXuUvVWvs7IFYzAVgDQdM1WLyh4iaP7J5NpT8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:4a:1a:06:27:47:cd:71:04:a2:8f:a6:43:b8:30:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1b7c7b4098674a04fb177842cec4eeb9bf89e1e
        Validity
            Not Before: Apr 20 13:01:27 2025 GMT
            Not After : Apr 21 13:01:27 2025 GMT
        Subject: CN=b6485d89c8a27d07f57496b80dd46a18c67c660c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:76:e9:2c:5a:80:25:5a:70:ae:9c:fe:fb:e2:
                    e6:96:a2:c9:f4:83:de:d3:75:08:1a:f7:50:ec:7f:
                    5e:c7:c9:87:8c:3f:0c:2f:5f:b1:4d:c7:72:14:fe:
                    6a:12:1c:ba:b6:66:08:5e:2d:0d:14:db:e1:7f:44:
                    c0:dd:07:f2:f1:ac:87:a1:66:d8:e7:2b:cb:89:53:
                    2f:aa:a9:93:fb:56:9f:89:f5:53:53:74:45:9d:d2:
                    0f:40:b1:79:d1:31:f0:ea:a8:c0:a3:76:af:77:b9:
                    bf:c1:00:c5:78:cd:24:d9:9d:cb:38:df:82:ce:c7:
                    af:f2:b6:04:93:40:cd:d1:8f:02:db:2f:9e:c0:58:
                    4f:6c:0e:a2:b2:f5:e3:4d:91:49:88:82:88:9d:12:
                    e0:3e:8e:6d:dc:bc:2d:df:af:19:52:82:e1:74:ec:
                    2e:9a:12:64:5c:f2:7a:48:9e:12:26:a9:cc:4e:b4:
                    a0:ee:9c:45:db:d9:b8:6d:44:68:49:8c:b5:47:64:
                    37:a8:3c:9c:4f:56:1e:52:f3:ec:e7:6a:d1:fe:7d:
                    f8:fc:a2:b3:90:e8:c1:13:e9:97:7e:fb:33:c6:5e:
                    ea:ca:75:98:3e:bf:93:5e:50:11:04:c4:77:ee:99:
                    83:39:43:78:e1:02:46:a0:bc:4f:10:3f:bb:67:ea:
                    d9:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:48:5D:89:C8:A2:7D:07:F5:74:96:B8:0D:D4:6A:18:C6:7C:66:0C
            X509v3 Authority Key Identifier:
                keyid:A1:B7:C7:B4:09:86:74:A0:4F:B1:77:84:2C:EC:4E:EB:9B:F8:9E:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:49:6d:05:5f:eb:eb:d4:51:ab:90:aa:c6:e0:d1:1b:b4:91:
         e3:8e:7e:ad:4b:66:78:0b:e7:3d:49:73:01:33:23:d6:c2:39:
         40:34:7a:7b:90:b5:a3:e5:88:fc:3d:92:a4:4e:34:19:1d:9d:
         18:b7:b1:9d:71:0f:26:9e:7e:26:d9:59:90:f3:af:a3:20:98:
         f8:89:04:44:6d:17:f2:26:fc:5f:a8:ec:fa:59:bd:44:90:60:
         d4:a1:be:f2:9d:67:a2:84:7f:bb:2c:8b:5e:03:3e:8f:ce:df:
         0c:7f:25:d2:38:07:cf:93:8c:ae:4d:80:92:10:b1:93:0e:45:
         65:c4:82:12:11:3f:a6:89:98:b8:9f:e4:d2:f9:e7:44:a8:78:
         7d:ba:6f:36:02:79:43:ce:93:d6:9c:81:6c:7b:14:be:d8:22:
         38:fd:4a:2b:a6:1b:52:4a:3b:84:e0:c9:1e:77:18:30:61:66:
         e4:c5:52:78:20:1e:8b:05:13:e1:ec:68:8d:ea:f8:63:1e:ea:
         9d:ba:72:58:34:ac:85:c0:21:6b:36:85:44:87:6f:7a:d6:8e:
         1f:15:26:c7:e9:4b:56:17:5f:17:e5:87:6a:f6:e2:28:27:f9:
         36:a0:91:e0:5d:e6:d5:96:e5:24:68:cf:1d:ce:71:e5:9a:00:
         d6:a0:c3:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTShoGJ0fNcQSij6ZDuDDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjdjN2I0MDk4Njc0YTA0ZmIxNzc4NDJjZWM0ZWViOWJm
ODllMWUwHhcNMjUwNDIwMTMwMTI3WhcNMjUwNDIxMTMwMTI3WjAzMTEwLwYDVQQD
EyhiNjQ4NWQ4OWM4YTI3ZDA3ZjU3NDk2YjgwZGQ0NmExOGM2N2M2NjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnbpLFqAJVpwrpz+++LmlqLJ9IPe
03UIGvdQ7H9ex8mHjD8ML1+xTcdyFP5qEhy6tmYIXi0NFNvhf0TA3Qfy8ayHoWbY
5yvLiVMvqqmT+1afifVTU3RFndIPQLF50THw6qjAo3avd7m/wQDFeM0k2Z3LON+C
zsev8rYEk0DN0Y8C2y+ewFhPbA6isvXjTZFJiIKInRLgPo5t3Lwt368ZUoLhdOwu
mhJkXPJ6SJ4SJqnMTrSg7pxF29m4bURoSYy1R2Q3qDycT1YeUvPs52rR/n34/KKz
kOjBE+mXfvszxl7qynWYPr+TXlARBMR37pmDOUN44QJGoLxPED+7Z+rZewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZIXYnIon0H9XSWuA3UahjGfGYMMB8GA1UdIwQY
MBaAFKG3x7QJhnSgT7F3hCzsTuub+J4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NWFlMWItYjA3Ny00NDhlLWEzMjgt
N2MwNWExZmY1NDliLzEvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NWFlMWItYjA3Ny00NDhlLWEzMjgtN2MwNWExZmY1NDli
LzEvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANUltBV/r
69RRq5CqxuDRG7SR445+rUtmeAvnPUlzATMj1sI5QDR6e5C1o+WI/D2SpE40GR2d
GLexnXEPJp5+JtlZkPOvoyCY+IkERG0X8ib8X6js+lm9RJBg1KG+8p1nooR/uyyL
XgM+j87fDH8l0jgHz5OMrk2AkhCxkw5FZcSCEhE/pomYuJ/k0vnnRKh4fbpvNgJ5
Q86T1pyBbHsUvtgiOP1KK6YbUko7hODJHncYMGFm5MVSeCAeiwUT4exojer4Yx7q
nbpyWDSshcAhazaFRIdvetaOHxUmx+lLVhdfF+WHavbiKCf5NqCR4F3m1ZblJGjP
Hc5x5ZoA1qDDqA==
-----END CERTIFICATE-----