Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
File:                     OBssWXKaU7hBEqryyhIo80JHo5s.mft (raw, json)
Hash identifier:          Jvn1SgXQJkAwMmNuy3uHwHfZEvQInqXJgjqbcV2KQMo=
Subject key identifier:   62:C8:3D:53:C7:36:0D:F4:C3:3B:A3:01:7F:C2:8A:81:E5:8B:FB:BD
Authority key identifier: 38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B
Certificate issuer:       /CN=381b2c59729a53b84112aaf2ca1228f34247a39b
Certificate serial:       019A73A60B84872432B999CAAF42069665B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 16:00:52 +0000
Manifest this update:     Tue 11 Nov 2025 16:00:52 +0000
Manifest next update:     Wed 12 Nov 2025 16:00:52 +0000
Files and hashes:         1: OBssWXKaU7hBEqryyhIo80JHo5s.crl (hash: 9H8izLtJKgyH1q2swwV5rkGNgu/8thS+ImvdB6xiC8o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a6:0b:84:87:24:32:b9:99:ca:af:42:06:96:65:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=381b2c59729a53b84112aaf2ca1228f34247a39b
        Validity
            Not Before: Nov 11 16:00:52 2025 GMT
            Not After : Nov 12 16:00:52 2025 GMT
        Subject: CN=62c83d53c7360df4c33ba3017fc28a81e58bfbbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:f1:7b:1a:e8:f6:aa:e8:80:39:be:ca:14:fc:
                    42:7d:d3:38:8e:d9:de:01:70:90:6f:cc:64:39:3b:
                    ff:c7:6a:8b:12:8d:50:2a:ac:6d:9b:94:b0:2e:00:
                    53:7f:4c:e5:b4:9e:46:04:f2:e7:52:df:04:a7:63:
                    38:3b:24:df:98:4b:ff:81:78:b0:39:9b:0a:ad:06:
                    f4:b6:52:77:af:05:ae:39:1b:ee:95:6a:c3:f9:9c:
                    47:bb:e0:2d:10:e9:3e:fe:f3:2d:2c:83:63:3d:d9:
                    a9:ad:a6:cb:1f:ba:5e:1b:ff:e3:1d:58:4e:e0:18:
                    8e:c1:b7:46:27:8c:32:6b:fc:8e:ea:ea:45:0f:e7:
                    34:50:89:d1:22:af:a8:7b:bf:63:49:41:a0:dd:1c:
                    9f:a1:75:3a:21:6f:0f:4e:96:e0:7d:14:78:6b:ae:
                    92:17:40:75:69:87:3b:17:5a:a8:86:d3:8f:dc:a8:
                    da:81:56:be:b4:65:c9:55:3e:d8:70:17:06:0e:60:
                    77:32:55:b1:7f:11:dc:4a:1a:2c:e1:76:26:69:e4:
                    08:60:88:78:ff:f1:a8:3b:00:7f:49:71:44:31:26:
                    3e:11:05:31:ac:1e:ab:46:0c:16:4a:e8:1f:7f:53:
                    9a:1d:72:01:8c:6d:20:a8:f1:1e:1a:79:fb:77:b6:
                    b4:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:C8:3D:53:C7:36:0D:F4:C3:3B:A3:01:7F:C2:8A:81:E5:8B:FB:BD
            X509v3 Authority Key Identifier:
                keyid:38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:2d:10:5c:f2:b3:e6:09:76:59:df:60:82:e1:a2:2c:0d:72:
         02:b6:b8:e6:04:49:91:12:26:58:34:ce:10:7d:74:36:cd:4b:
         87:a5:36:1a:5a:e7:8d:14:9b:a5:fe:f5:36:b4:82:39:0d:5e:
         ea:b9:37:8c:da:a5:00:9b:af:fb:a0:19:bd:ae:ef:a6:7b:78:
         c2:5c:2c:ee:70:8e:73:97:c6:ca:a9:fd:7d:2b:36:f6:8a:06:
         f6:f2:93:49:ee:5f:8a:22:5d:71:0c:d9:0e:97:7f:91:cd:fb:
         2b:24:2e:1a:b1:e5:7b:16:f0:66:1d:72:82:e5:f5:f3:6e:5d:
         fe:c3:56:4e:e7:ef:e1:27:82:5c:46:88:1b:19:77:9e:8f:e8:
         e6:dd:f3:ae:99:67:ed:bc:e1:39:11:cd:6f:ab:a8:7a:bf:d8:
         9a:f4:4e:02:74:ac:11:c5:8c:de:72:03:e1:bc:ed:22:da:b8:
         1f:f5:d3:b6:dd:ca:ce:90:17:f0:df:da:a7:bd:17:a8:27:20:
         c5:fb:04:6e:e8:7c:3d:3b:00:3f:d0:bf:bf:5b:12:4a:04:19:
         d0:ce:ca:6a:d8:9a:4a:11:e0:63:b4:18:c8:14:43:7a:3f:0f:
         11:e2:c8:71:03:a3:1c:22:04:85:68:f5:1c:44:dc:1a:ae:8e:
         bf:cd:10:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzpguEhyQyuZnKr0IGlmWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MWIyYzU5NzI5YTUzYjg0MTEyYWFmMmNhMTIyOGYzNDI0
N2EzOWIwHhcNMjUxMTExMTYwMDUyWhcNMjUxMTEyMTYwMDUyWjAzMTEwLwYDVQQD
Eyg2MmM4M2Q1M2M3MzYwZGY0YzMzYmEzMDE3ZmMyOGE4MWU1OGJmYmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/F7Guj2quiAOb7KFPxCfdM4jtne
AXCQb8xkOTv/x2qLEo1QKqxtm5SwLgBTf0zltJ5GBPLnUt8Ep2M4OyTfmEv/gXiw
OZsKrQb0tlJ3rwWuORvulWrD+ZxHu+AtEOk+/vMtLINjPdmprabLH7peG//jHVhO
4BiOwbdGJ4wya/yO6upFD+c0UInRIq+oe79jSUGg3RyfoXU6IW8PTpbgfRR4a66S
F0B1aYc7F1qohtOP3KjagVa+tGXJVT7YcBcGDmB3MlWxfxHcShos4XYmaeQIYIh4
//GoOwB/SXFEMSY+EQUxrB6rRgwWSugff1OaHXIBjG0gqPEeGnn7d7a0xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGLIPVPHNg30wzujAX/CioHli/u9MB8GA1UdIwQY
MBaAFDgbLFlymlO4QRKq8soSKPNCR6ObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTct
MjdkNWFjZTAzMDdmLzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTctMjdkNWFjZTAzMDdm
LzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQy0QXPKz
5gl2Wd9gguGiLA1yAra45gRJkRImWDTOEH10Ns1Lh6U2GlrnjRSbpf71NrSCOQ1e
6rk3jNqlAJuv+6AZva7vpnt4wlws7nCOc5fGyqn9fSs29ooG9vKTSe5fiiJdcQzZ
Dpd/kc37KyQuGrHlexbwZh1yguX1825d/sNWTufv4SeCXEaIGxl3no/o5t3zrpln
7bzhORHNb6uoer/YmvROAnSsEcWM3nID4bztItq4H/XTtt3KzpAX8N/ap70XqCcg
xfsEbuh8PTsAP9C/v1sSSgQZ0M7KatiaShHgY7QYyBRDej8PEeLIcQOjHCIEhWj1
HETcGq6Ov80Qug==
-----END CERTIFICATE-----