Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
File:                     obfHtAmGdKBPsXeELOxO65v4nh4.mft (raw, json)
Hash identifier:          gKmyjwjd9hR6MZNKHmhxdUbEg+9pEjaVvArAixZNda4=
Subject key identifier:   E6:48:C8:5C:86:AF:C6:D4:D9:9D:D8:8B:89:9A:C0:B6:B9:29:19:ED
Authority key identifier: A1:B7:C7:B4:09:86:74:A0:4F:B1:77:84:2C:EC:4E:EB:9B:F8:9E:1E
Certificate issuer:       /CN=a1b7c7b4098674a04fb177842cec4eeb9bf89e1e
Certificate serial:       019D3865F39DAC0A4D3150AB9BAD6343E393
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:01:38 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:38 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:38 +0000
Files and hashes:         1: obfHtAmGdKBPsXeELOxO65v4nh4.crl (hash: /PQN8rfSq0CEuRYX7go7JEWqkS3KCQspYXcA/JIb07Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:f3:9d:ac:0a:4d:31:50:ab:9b:ad:63:43:e3:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1b7c7b4098674a04fb177842cec4eeb9bf89e1e
        Validity
            Not Before: Mar 29 07:01:38 2026 GMT
            Not After : Mar 30 07:01:38 2026 GMT
        Subject: CN=e648c85c86afc6d4d99dd88b899ac0b6b92919ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:e3:86:9d:80:13:02:80:ac:8f:8e:cb:5f:d5:
                    8f:34:cf:29:9a:a2:62:1d:af:48:f4:ed:5c:a4:d4:
                    93:48:31:0b:13:98:a7:b3:57:91:70:c1:41:15:1d:
                    28:78:9e:b2:12:44:fd:f5:8b:b3:57:42:c1:23:5c:
                    4c:ce:1e:02:09:d2:7b:4a:ae:4b:a5:7f:8e:16:19:
                    43:02:aa:21:14:7a:71:ff:0b:b6:dd:ae:cf:e1:5b:
                    47:e7:c1:c1:24:f3:a3:4c:6a:4e:eb:01:99:95:24:
                    e8:38:8f:f1:dc:84:d1:20:d9:fa:f2:fb:8b:bb:6b:
                    3f:40:d1:07:47:a4:e3:d2:a8:7f:de:cb:b4:a8:a6:
                    31:c8:9a:66:51:35:f3:a2:49:05:b7:cd:d6:1b:7a:
                    2e:e4:26:1c:7d:17:43:93:b6:e1:7a:49:35:e3:3e:
                    25:92:ad:43:54:ec:c9:4d:14:eb:69:b3:8c:e1:94:
                    4b:55:94:b6:79:73:32:1f:72:8c:d3:ae:d5:51:89:
                    39:b8:9d:f8:8c:d4:83:c9:fc:5a:37:a9:f4:61:6f:
                    a8:f8:6b:ba:75:b5:c3:e2:84:fd:7a:7e:0b:e8:37:
                    04:e3:87:d6:65:23:e8:7b:be:3d:15:16:ea:10:c3:
                    b0:69:7b:61:52:cd:6b:13:75:b8:f2:3f:29:92:15:
                    fc:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:48:C8:5C:86:AF:C6:D4:D9:9D:D8:8B:89:9A:C0:B6:B9:29:19:ED
            X509v3 Authority Key Identifier:
                keyid:A1:B7:C7:B4:09:86:74:A0:4F:B1:77:84:2C:EC:4E:EB:9B:F8:9E:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:a4:bc:01:49:a4:15:25:17:79:85:ca:27:eb:1e:16:38:88:
         10:a7:ff:01:19:e7:e1:0d:6e:dd:f5:15:db:05:9e:a7:a3:ec:
         21:a3:39:7d:0b:8c:e0:88:fb:1c:07:76:bb:fc:f4:5e:b9:af:
         3b:6b:73:bb:91:9e:f8:49:b3:93:5c:23:78:4f:23:57:bc:00:
         f7:31:e2:55:c7:59:79:1a:87:ad:c6:ab:62:94:0b:da:14:de:
         9a:69:f5:81:a3:aa:b4:f4:2b:a8:b3:92:f3:99:7b:9b:0d:ce:
         34:2a:0e:fa:e6:1b:94:8f:b7:15:7d:96:8f:da:79:f4:9b:9b:
         fc:5a:a9:b1:44:ff:d1:c3:8e:e6:53:ab:49:87:bd:75:2e:cb:
         06:88:c1:65:e8:52:fe:2b:55:79:19:51:31:f4:c0:00:d8:3a:
         10:fa:ea:77:da:9f:c9:6c:42:f5:02:7d:23:69:ce:ea:14:20:
         d5:01:a4:25:f7:b1:e7:06:62:c8:b9:70:cf:fd:6a:f9:fa:60:
         4b:8d:e5:15:c7:09:10:40:e2:f8:7a:1a:ed:56:bb:f9:38:4d:
         c7:2a:27:f4:34:2c:8e:dd:e5:a5:45:11:2d:dc:f6:3b:cd:db:
         2c:ad:89:68:5f:26:d3:71:9b:c5:6e:48:17:ae:d0:84:8d:01:
         0e:63:cb:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZfOdrApNMVCrm61jQ+OTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjdjN2I0MDk4Njc0YTA0ZmIxNzc4NDJjZWM0ZWViOWJm
ODllMWUwHhcNMjYwMzI5MDcwMTM4WhcNMjYwMzMwMDcwMTM4WjAzMTEwLwYDVQQD
EyhlNjQ4Yzg1Yzg2YWZjNmQ0ZDk5ZGQ4OGI4OTlhYzBiNmI5MjkxOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeOGnYATAoCsj47LX9WPNM8pmqJi
Ha9I9O1cpNSTSDELE5ins1eRcMFBFR0oeJ6yEkT99YuzV0LBI1xMzh4CCdJ7Sq5L
pX+OFhlDAqohFHpx/wu23a7P4VtH58HBJPOjTGpO6wGZlSToOI/x3ITRINn68vuL
u2s/QNEHR6Tj0qh/3su0qKYxyJpmUTXzokkFt83WG3ou5CYcfRdDk7bhekk14z4l
kq1DVOzJTRTrabOM4ZRLVZS2eXMyH3KM067VUYk5uJ34jNSDyfxaN6n0YW+o+Gu6
dbXD4oT9en4L6DcE44fWZSPoe749FRbqEMOwaXthUs1rE3W48j8pkhX8fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOZIyFyGr8bU2Z3Yi4mawLa5KRntMB8GA1UdIwQY
MBaAFKG3x7QJhnSgT7F3hCzsTuub+J4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NWFlMWItYjA3Ny00NDhlLWEzMjgt
N2MwNWExZmY1NDliLzEvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NWFlMWItYjA3Ny00NDhlLWEzMjgtN2MwNWExZmY1NDli
LzEvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIqS8AUmk
FSUXeYXKJ+seFjiIEKf/ARnn4Q1u3fUV2wWep6PsIaM5fQuM4Ij7HAd2u/z0Xrmv
O2tzu5Ge+Emzk1wjeE8jV7wA9zHiVcdZeRqHrcarYpQL2hTemmn1gaOqtPQrqLOS
85l7mw3ONCoO+uYblI+3FX2Wj9p59Jub/FqpsUT/0cOO5lOrSYe9dS7LBojBZehS
/itVeRlRMfTAANg6EPrqd9qfyWxC9QJ9I2nO6hQg1QGkJfex5wZiyLlwz/1q+fpg
S43lFccJEEDi+Hoa7Va7+ThNxyon9DQsjt3lpUURLdz2O83bLK2JaF8m03GbxW5I
F67QhI0BDmPLjA==
-----END CERTIFICATE-----