Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
File:                     obfHtAmGdKBPsXeELOxO65v4nh4.mft (raw, json)
Hash identifier:          1mWURUhzPrdrFZTPnjpS21am+Z1GnrvulCMUuZ/wPOE=
Subject key identifier:   5B:ED:12:14:5B:48:B4:01:10:BC:1E:16:A5:D1:C0:F4:6C:97:2B:0E
Authority key identifier: A1:B7:C7:B4:09:86:74:A0:4F:B1:77:84:2C:EC:4E:EB:9B:F8:9E:1E
Certificate issuer:       /CN=a1b7c7b4098674a04fb177842cec4eeb9bf89e1e
Certificate serial:       019CAB6B87776CC653F1526A15685D6C5437
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
Manifest number:          1842
Signing time:             Sun 01 Mar 2026 22:01:16 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:16 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:16 +0000
Files and hashes:         1: obfHtAmGdKBPsXeELOxO65v4nh4.crl (hash: 0JsCPb7D3Mc5R/4y+8gwzhg13NV2ew0wKtUGC9IP5KQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:87:77:6c:c6:53:f1:52:6a:15:68:5d:6c:54:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1b7c7b4098674a04fb177842cec4eeb9bf89e1e
        Validity
            Not Before: Mar  1 22:01:16 2026 GMT
            Not After : Mar  2 22:01:16 2026 GMT
        Subject: CN=5bed12145b48b40110bc1e16a5d1c0f46c972b0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:03:ce:39:a4:10:9a:00:34:01:3e:06:ac:f7:
                    a3:35:8b:6c:ef:f8:16:b8:7b:5f:46:31:53:19:f4:
                    ab:d6:f8:32:07:8f:55:c9:6e:38:09:6c:24:3f:7e:
                    2f:83:ec:eb:e7:36:cb:73:6c:06:fd:f4:c9:42:7c:
                    4a:48:c4:9c:e6:5a:15:24:b7:a7:8e:0b:27:cb:92:
                    8f:9b:67:57:cd:8c:83:ce:7a:04:97:98:1b:eb:0e:
                    65:b4:3f:c2:29:10:2c:95:5e:44:63:58:5a:20:e2:
                    aa:d7:93:53:16:67:a1:b9:15:7e:d9:0d:84:36:e4:
                    f8:18:f1:b6:22:6a:d4:42:b6:29:aa:03:2c:c0:97:
                    ec:41:24:09:de:92:30:23:99:72:15:66:3e:dc:de:
                    f6:26:45:cf:90:0d:b8:c1:59:ed:e3:c8:67:45:43:
                    9e:28:e5:df:f5:d8:6a:7f:23:0f:66:49:4d:7e:87:
                    04:d5:8e:f3:ac:32:72:a3:c0:bb:cf:4d:e2:c8:3b:
                    71:27:4d:22:bb:b6:a5:33:42:c0:e1:93:b7:c2:f3:
                    0d:2c:87:d6:39:e0:45:b5:8f:45:9f:87:15:99:47:
                    af:8b:94:11:a2:45:b5:0e:69:13:13:42:ea:4d:de:
                    df:22:01:6e:af:f7:cf:3b:b0:8a:c4:84:aa:82:a6:
                    60:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:ED:12:14:5B:48:B4:01:10:BC:1E:16:A5:D1:C0:F4:6C:97:2B:0E
            X509v3 Authority Key Identifier:
                keyid:A1:B7:C7:B4:09:86:74:A0:4F:B1:77:84:2C:EC:4E:EB:9B:F8:9E:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:2e:78:03:cf:fb:a8:aa:27:e0:8e:35:3a:d0:c4:5f:54:b4:
         7d:82:89:7e:c0:9d:d0:fc:42:38:ac:5e:ba:e3:7a:59:c2:f6:
         11:0e:24:ad:4d:a9:10:d7:e0:e4:fa:62:34:23:bf:d6:9a:63:
         60:35:25:ea:24:3c:7d:54:07:73:33:a8:cf:0a:be:3b:df:6f:
         bb:90:99:73:0d:29:74:33:ff:e4:6f:d0:54:ae:cd:67:ad:48:
         21:0b:dd:4d:2b:7d:9b:79:c8:a1:0b:4a:80:18:4e:9a:1b:91:
         b1:74:e0:5a:50:0f:52:6e:45:ca:0b:16:54:50:b3:60:f6:29:
         60:79:de:b1:f8:18:55:18:73:7b:8a:2c:84:55:02:a1:90:8a:
         82:86:f2:3b:23:e7:7a:b4:e8:99:b3:de:62:e0:29:32:e9:c0:
         59:56:a8:aa:f9:d2:1d:1f:83:b1:cd:95:e4:8e:9a:23:e5:67:
         17:a7:20:77:a2:37:91:cf:26:82:a7:eb:d3:a6:ed:91:7b:33:
         13:85:8e:01:d1:50:c1:d5:2a:76:71:c1:af:17:20:0f:7e:51:
         60:9c:6f:49:06:a4:1e:5d:d0:db:d0:7f:27:8b:80:f2:3d:0c:
         22:7c:82:28:e1:d3:79:e3:58:62:3d:83:60:7e:88:11:d0:2c:
         85:0f:a2:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra4d3bMZT8VJqFWhdbFQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjdjN2I0MDk4Njc0YTA0ZmIxNzc4NDJjZWM0ZWViOWJm
ODllMWUwHhcNMjYwMzAxMjIwMTE2WhcNMjYwMzAyMjIwMTE2WjAzMTEwLwYDVQQD
Eyg1YmVkMTIxNDViNDhiNDAxMTBiYzFlMTZhNWQxYzBmNDZjOTcyYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQPOOaQQmgA0AT4GrPejNYts7/gW
uHtfRjFTGfSr1vgyB49VyW44CWwkP34vg+zr5zbLc2wG/fTJQnxKSMSc5loVJLen
jgsny5KPm2dXzYyDznoEl5gb6w5ltD/CKRAslV5EY1haIOKq15NTFmehuRV+2Q2E
NuT4GPG2ImrUQrYpqgMswJfsQSQJ3pIwI5lyFWY+3N72JkXPkA24wVnt48hnRUOe
KOXf9dhqfyMPZklNfocE1Y7zrDJyo8C7z03iyDtxJ00iu7alM0LA4ZO3wvMNLIfW
OeBFtY9Fn4cVmUevi5QRokW1DmkTE0LqTd7fIgFur/fPO7CKxISqgqZgKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvtEhRbSLQBELweFqXRwPRslysOMB8GA1UdIwQY
MBaAFKG3x7QJhnSgT7F3hCzsTuub+J4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NWFlMWItYjA3Ny00NDhlLWEzMjgt
N2MwNWExZmY1NDliLzEvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NWFlMWItYjA3Ny00NDhlLWEzMjgtN2MwNWExZmY1NDli
LzEvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATS54A8/7
qKon4I41OtDEX1S0fYKJfsCd0PxCOKxeuuN6WcL2EQ4krU2pENfg5PpiNCO/1ppj
YDUl6iQ8fVQHczOozwq+O99vu5CZcw0pdDP/5G/QVK7NZ61IIQvdTSt9m3nIoQtK
gBhOmhuRsXTgWlAPUm5FygsWVFCzYPYpYHnesfgYVRhze4oshFUCoZCKgobyOyPn
erTombPeYuApMunAWVaoqvnSHR+Dsc2V5I6aI+VnF6cgd6I3kc8mgqfr06btkXsz
E4WOAdFQwdUqdnHBrxcgD35RYJxvSQakHl3Q29B/J4uA8j0MInyCKOHTeeNYYj2D
YH6IEdAshQ+igg==
-----END CERTIFICATE-----