Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
File:                     OBssWXKaU7hBEqryyhIo80JHo5s.mft (raw, json)
Hash identifier:          QVb3tYTX7Ptpl/2kszHzPeudfOKC43JTBG2fhrmUybU=
Subject key identifier:   4D:51:8E:31:0D:8A:58:E8:C6:B8:F5:7E:F9:A5:B4:9F:DD:7C:A8:E6
Authority key identifier: 38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B
Certificate issuer:       /CN=381b2c59729a53b84112aaf2ca1228f34247a39b
Certificate serial:       019D3866B76B88C3B6B830A99FDCE86DC303
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:02:28 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:28 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:28 +0000
Files and hashes:         1: OBssWXKaU7hBEqryyhIo80JHo5s.crl (hash: bF1h++zhMWX7XKG6+gGVDXl4wWluHvvYY8je+0rSCZM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:b7:6b:88:c3:b6:b8:30:a9:9f:dc:e8:6d:c3:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=381b2c59729a53b84112aaf2ca1228f34247a39b
        Validity
            Not Before: Mar 29 07:02:28 2026 GMT
            Not After : Mar 30 07:02:28 2026 GMT
        Subject: CN=4d518e310d8a58e8c6b8f57ef9a5b49fdd7ca8e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:5e:12:e1:6b:cb:bc:57:40:8f:c9:98:56:55:
                    c1:a0:0f:55:91:51:e3:7a:1d:a8:65:2e:5f:a2:f3:
                    37:77:60:ce:fc:c1:39:46:f3:a4:a6:3a:75:3c:9e:
                    7e:ca:c7:e6:32:27:3d:a3:57:b4:29:c2:7e:25:cf:
                    75:fa:4e:b8:81:08:ed:74:fa:ef:c0:ee:c4:a9:bc:
                    1b:75:4f:5d:40:af:a6:58:26:62:ee:84:ab:ca:6d:
                    a3:c9:21:97:d6:a5:21:43:c0:09:cd:84:6d:0e:4c:
                    44:65:c2:af:00:db:e9:37:36:b3:0d:f5:0f:a7:d0:
                    61:47:c0:dd:96:cc:58:6e:40:e0:5f:86:45:2b:98:
                    e9:12:7b:e4:7a:26:ac:b4:c4:ac:8a:b7:15:54:a4:
                    86:de:34:85:52:72:72:b2:f7:c9:0d:b8:12:40:6e:
                    1b:af:16:8e:3b:ee:65:b9:f1:e0:c8:54:7e:8a:96:
                    a5:19:90:95:b7:47:1e:1c:4c:0e:5d:89:24:a1:02:
                    c8:ad:41:0d:05:48:c7:6b:a8:3e:00:c7:66:de:2b:
                    ae:da:44:c9:3d:2e:02:0f:05:8c:db:28:2d:3a:08:
                    20:d0:4f:54:9c:61:ea:6e:06:15:63:fb:4d:3f:0f:
                    2d:e3:1c:91:e8:75:f2:a9:d6:81:fd:55:a2:92:cc:
                    6e:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:51:8E:31:0D:8A:58:E8:C6:B8:F5:7E:F9:A5:B4:9F:DD:7C:A8:E6
            X509v3 Authority Key Identifier:
                keyid:38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:51:80:71:57:64:ae:09:f0:9b:cf:a3:e7:2e:ce:23:99:1e:
         36:19:47:38:18:15:49:30:23:49:a7:77:2f:3b:02:7d:72:78:
         c8:65:fd:1b:53:65:89:78:52:63:e2:70:1a:b3:31:7d:5c:2b:
         15:a9:f9:34:c3:08:ce:12:f3:b6:df:04:41:f0:83:0e:b9:ff:
         b3:14:92:c5:ce:5f:c9:33:16:b4:3c:e7:85:13:7e:72:bc:1b:
         58:2f:d8:dc:1b:48:df:1c:c0:36:2f:27:05:3b:46:49:8f:23:
         c1:65:2a:42:8b:de:87:7c:5c:dc:97:16:69:bb:81:d2:6c:74:
         14:80:27:49:d2:fd:c3:44:c6:a0:20:2f:f7:a9:20:a3:0e:66:
         a1:6d:3f:6e:91:88:a7:fc:53:d0:8b:7a:ca:e1:29:5c:01:71:
         bd:f4:90:a8:95:dc:89:de:e1:24:51:06:68:04:77:7a:bb:86:
         e1:cc:63:b9:16:06:b3:42:2d:0d:41:1c:c9:8c:09:de:d9:fb:
         b2:f9:11:35:6a:80:8f:ce:e3:fb:4c:b9:e6:05:fd:56:7f:4c:
         d3:b1:b9:32:50:93:01:97:cf:ee:6d:78:cb:e3:3d:33:fd:b2:
         bc:21:49:ac:66:46:10:bd:e5:8a:f2:31:85:48:bc:cb:1a:1e:
         70:01:af:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZrdriMO2uDCpn9zobcMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MWIyYzU5NzI5YTUzYjg0MTEyYWFmMmNhMTIyOGYzNDI0
N2EzOWIwHhcNMjYwMzI5MDcwMjI4WhcNMjYwMzMwMDcwMjI4WjAzMTEwLwYDVQQD
Eyg0ZDUxOGUzMTBkOGE1OGU4YzZiOGY1N2VmOWE1YjQ5ZmRkN2NhOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV4S4WvLvFdAj8mYVlXBoA9VkVHj
eh2oZS5fovM3d2DO/ME5RvOkpjp1PJ5+ysfmMic9o1e0KcJ+Jc91+k64gQjtdPrv
wO7EqbwbdU9dQK+mWCZi7oSrym2jySGX1qUhQ8AJzYRtDkxEZcKvANvpNzazDfUP
p9BhR8DdlsxYbkDgX4ZFK5jpEnvkeiastMSsircVVKSG3jSFUnJysvfJDbgSQG4b
rxaOO+5lufHgyFR+ipalGZCVt0ceHEwOXYkkoQLIrUENBUjHa6g+AMdm3iuu2kTJ
PS4CDwWM2ygtOggg0E9UnGHqbgYVY/tNPw8t4xyR6HXyqdaB/VWiksxu9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1RjjENiljoxrj1fvmltJ/dfKjmMB8GA1UdIwQY
MBaAFDgbLFlymlO4QRKq8soSKPNCR6ObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTct
MjdkNWFjZTAzMDdmLzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTctMjdkNWFjZTAzMDdm
LzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARFGAcVdk
rgnwm8+j5y7OI5keNhlHOBgVSTAjSad3LzsCfXJ4yGX9G1NliXhSY+JwGrMxfVwr
Fan5NMMIzhLztt8EQfCDDrn/sxSSxc5fyTMWtDznhRN+crwbWC/Y3BtI3xzANi8n
BTtGSY8jwWUqQoveh3xc3JcWabuB0mx0FIAnSdL9w0TGoCAv96kgow5moW0/bpGI
p/xT0It6yuEpXAFxvfSQqJXcid7hJFEGaAR3eruG4cxjuRYGs0ItDUEcyYwJ3tn7
svkRNWqAj87j+0y55gX9Vn9M07G5MlCTAZfP7m14y+M9M/2yvCFJrGZGEL3livIx
hUi8yxoecAGvwg==
-----END CERTIFICATE-----