Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
File:                     OBssWXKaU7hBEqryyhIo80JHo5s.mft (raw, json)
Hash identifier:          gva9RxFZ5KQ2Hxdewjw7apVvr8RG4LnRxRIp+RCtg7Q=
Subject key identifier:   63:52:8A:A4:E0:AE:14:B4:2C:9F:76:0A:26:7B:92:BB:A5:1A:43:E9
Authority key identifier: 38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B
Certificate issuer:       /CN=381b2c59729a53b84112aaf2ca1228f34247a39b
Certificate serial:       019921B08A54A1B659FEE6AAF15659BE6CEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 01:00:41 +0000
Manifest this update:     Sun 07 Sep 2025 01:00:41 +0000
Manifest next update:     Mon 08 Sep 2025 01:00:41 +0000
Files and hashes:         1: OBssWXKaU7hBEqryyhIo80JHo5s.crl (hash: 8v2EsbBMppYFMzgcZlprSxr3xeWRqvvv0Z2Ww2J3rd0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:8a:54:a1:b6:59:fe:e6:aa:f1:56:59:be:6c:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=381b2c59729a53b84112aaf2ca1228f34247a39b
        Validity
            Not Before: Sep  7 01:00:41 2025 GMT
            Not After : Sep  8 01:00:41 2025 GMT
        Subject: CN=63528aa4e0ae14b42c9f760a267b92bba51a43e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:7c:9a:20:bb:97:4c:b6:9d:60:df:52:e8:07:
                    b3:9d:95:6c:c5:72:50:f9:06:bf:2f:7d:f0:f4:ac:
                    a6:4d:d3:01:81:63:1a:92:3f:1f:96:ac:ea:a9:f2:
                    d2:a8:4d:31:6f:46:39:57:59:1c:65:ac:39:4d:c7:
                    39:0d:f2:e1:2f:c3:e4:d7:86:65:bd:a0:15:7f:66:
                    ef:4b:6c:c3:34:1a:d3:82:e8:7e:10:a7:1c:a2:4b:
                    a7:4c:63:47:3b:92:90:7b:0c:1e:30:35:14:d2:14:
                    bc:1d:e1:c4:11:14:11:76:16:1f:38:7a:e8:9d:6f:
                    55:58:bd:0a:10:53:8a:7e:cb:df:e1:5e:91:bc:e7:
                    68:e8:ef:50:fe:72:ce:5a:e5:b2:6a:97:6f:ba:ad:
                    41:4c:42:55:a4:7f:d0:a5:af:e7:be:09:fc:32:62:
                    fd:32:80:ed:f6:88:82:74:35:7e:ab:5e:b8:82:1d:
                    f1:cc:5d:54:f7:41:8d:d5:23:e8:60:43:5f:a3:18:
                    7e:57:2d:c6:af:6d:9c:78:3e:fd:bf:6c:c1:b6:9b:
                    2f:5b:7f:1a:a4:cb:0e:db:c6:e0:ee:94:71:61:9b:
                    eb:4e:fb:08:87:b5:05:4d:3d:ae:84:ba:c0:eb:81:
                    ff:9d:71:b3:af:36:6c:bd:fd:55:fb:c8:20:50:62:
                    0d:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:52:8A:A4:E0:AE:14:B4:2C:9F:76:0A:26:7B:92:BB:A5:1A:43:E9
            X509v3 Authority Key Identifier:
                keyid:38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:87:3c:81:45:8f:eb:78:f3:52:69:3a:94:bb:38:08:51:dd:
         41:6d:6a:f9:db:70:c7:7d:50:a3:51:bc:ff:e2:a8:60:38:76:
         cb:cd:54:b3:09:d2:56:8e:3f:b9:ba:87:c1:9f:d6:35:82:30:
         66:06:13:b4:fe:52:e3:9e:fd:e6:9b:3f:ca:b9:76:7d:6b:5f:
         73:43:bc:3d:94:c5:f5:9c:2e:a7:c4:b3:6c:2e:d3:ab:11:68:
         78:4b:08:76:a9:4a:d9:98:b3:22:dc:84:ee:a2:b4:f8:aa:9e:
         dd:e3:29:ff:1e:ed:4c:f0:a6:fa:cd:e1:73:17:eb:ed:f0:d4:
         b2:f0:1e:74:ea:ec:19:29:dc:a8:77:a0:86:19:ee:d2:c6:7b:
         88:d1:c9:7a:dd:45:81:44:3d:37:d6:0f:e2:47:7b:af:2b:ec:
         0d:9c:c7:a0:d0:58:7c:a2:12:12:68:c3:db:3c:7d:ce:4d:09:
         d2:af:3c:d8:43:37:a8:25:c4:2b:fc:0a:af:dc:d0:5b:4f:92:
         f1:15:b0:c4:76:dc:65:4e:85:1d:6b:91:89:43:99:fb:f1:6a:
         5f:5c:c4:51:45:a2:21:c6:22:f0:11:33:fe:0c:f6:af:44:33:
         34:57:46:3c:6b:d9:1b:96:7a:87:33:66:7e:61:9a:e8:a9:fd:
         c4:45:33:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsIpUobZZ/uaq8VZZvmzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MWIyYzU5NzI5YTUzYjg0MTEyYWFmMmNhMTIyOGYzNDI0
N2EzOWIwHhcNMjUwOTA3MDEwMDQxWhcNMjUwOTA4MDEwMDQxWjAzMTEwLwYDVQQD
Eyg2MzUyOGFhNGUwYWUxNGI0MmM5Zjc2MGEyNjdiOTJiYmE1MWE0M2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnyaILuXTLadYN9S6AeznZVsxXJQ
+Qa/L33w9KymTdMBgWMakj8flqzqqfLSqE0xb0Y5V1kcZaw5Tcc5DfLhL8Pk14Zl
vaAVf2bvS2zDNBrTguh+EKccokunTGNHO5KQewweMDUU0hS8HeHEERQRdhYfOHro
nW9VWL0KEFOKfsvf4V6RvOdo6O9Q/nLOWuWyapdvuq1BTEJVpH/Qpa/nvgn8MmL9
MoDt9oiCdDV+q164gh3xzF1U90GN1SPoYENfoxh+Vy3Gr22ceD79v2zBtpsvW38a
pMsO28bg7pRxYZvrTvsIh7UFTT2uhLrA64H/nXGzrzZsvf1V+8ggUGINVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGNSiqTgrhS0LJ92CiZ7krulGkPpMB8GA1UdIwQY
MBaAFDgbLFlymlO4QRKq8soSKPNCR6ObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTct
MjdkNWFjZTAzMDdmLzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTctMjdkNWFjZTAzMDdm
LzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuIc8gUWP
63jzUmk6lLs4CFHdQW1q+dtwx31Qo1G8/+KoYDh2y81UswnSVo4/ubqHwZ/WNYIw
ZgYTtP5S45795ps/yrl2fWtfc0O8PZTF9Zwup8SzbC7TqxFoeEsIdqlK2ZizItyE
7qK0+Kqe3eMp/x7tTPCm+s3hcxfr7fDUsvAedOrsGSncqHeghhnu0sZ7iNHJet1F
gUQ9N9YP4kd7ryvsDZzHoNBYfKISEmjD2zx9zk0J0q882EM3qCXEK/wKr9zQW0+S
8RWwxHbcZU6FHWuRiUOZ+/FqX1zEUUWiIcYi8BEz/gz2r0QzNFdGPGvZG5Z6hzNm
fmGa6Kn9xEUzoQ==
-----END CERTIFICATE-----