Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
File:                     obfHtAmGdKBPsXeELOxO65v4nh4.mft (raw, json)
Hash identifier:          wEcCjCx9+wK4hqrVmwSasaB3kCsx5dAWyFhRQBUXhWc=
Subject key identifier:   4B:DA:BD:C4:7A:D4:E3:2C:CE:46:98:E3:95:73:95:55:9E:7C:F9:6E
Authority key identifier: A1:B7:C7:B4:09:86:74:A0:4F:B1:77:84:2C:EC:4E:EB:9B:F8:9E:1E
Certificate issuer:       /CN=a1b7c7b4098674a04fb177842cec4eeb9bf89e1e
Certificate serial:       019873E33A4A5790F5859BEBB2A102FD1937
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
Manifest number:          1613
Signing time:             Mon 04 Aug 2025 07:02:08 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:08 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:08 +0000
Files and hashes:         1: obfHtAmGdKBPsXeELOxO65v4nh4.crl (hash: hIgYa6nVAeuJ0pYYxub/btvhU9wUKWW+yi5XJzJYnqU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:3a:4a:57:90:f5:85:9b:eb:b2:a1:02:fd:19:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1b7c7b4098674a04fb177842cec4eeb9bf89e1e
        Validity
            Not Before: Aug  4 07:02:08 2025 GMT
            Not After : Aug  5 07:02:08 2025 GMT
        Subject: CN=4bdabdc47ad4e32cce4698e3957395559e7cf96e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:3d:1e:8e:17:22:4b:a6:75:c5:a9:a3:95:ae:
                    e8:43:37:69:59:7e:c0:fd:ce:d6:83:2f:0d:a0:fb:
                    7b:34:6c:ae:34:0d:0d:80:b8:7b:87:4e:31:48:6b:
                    c0:b0:6e:97:af:d7:69:fe:88:bd:b5:90:a7:88:de:
                    4c:be:ff:a1:05:4a:6f:4d:8e:aa:9d:fa:b5:55:81:
                    c6:f2:f3:32:42:8d:b0:56:b8:0d:1d:6e:84:d6:08:
                    12:1c:36:bd:86:e8:78:66:24:f8:9c:c5:9f:34:c4:
                    8b:39:cb:99:9d:f3:2c:59:ef:97:d0:cd:06:30:42:
                    1b:aa:5b:16:29:30:89:55:61:a8:bc:ac:20:4c:dc:
                    14:d7:60:9a:3e:c4:00:78:63:8a:01:94:17:f8:62:
                    fd:b4:a8:a0:cc:3b:08:e9:60:74:6a:0d:62:fd:1e:
                    a1:14:e6:82:a0:ff:8f:15:62:7e:8f:6e:bc:5e:60:
                    93:19:5d:e0:68:bc:5b:57:82:d8:40:94:7d:9f:43:
                    c1:43:03:c6:0c:88:c7:61:63:a4:84:78:b8:d1:60:
                    8e:af:ec:a1:6a:07:ca:35:c2:0c:3e:39:88:5e:a0:
                    f7:8a:b5:30:ba:fe:b8:d2:03:f0:fb:ef:2c:a6:c1:
                    b3:e5:a4:66:e1:89:7e:f3:48:6c:a0:9e:f2:b6:a8:
                    b2:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:DA:BD:C4:7A:D4:E3:2C:CE:46:98:E3:95:73:95:55:9E:7C:F9:6E
            X509v3 Authority Key Identifier:
                keyid:A1:B7:C7:B4:09:86:74:A0:4F:B1:77:84:2C:EC:4E:EB:9B:F8:9E:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:da:b4:3f:6f:74:3a:ec:7e:b1:a3:7a:c6:86:a0:ac:20:15:
         76:b0:a0:5f:54:a3:a7:cd:f6:61:4e:08:3c:db:84:3a:51:81:
         ea:43:c9:7a:97:8e:4b:ba:48:cb:54:ce:0a:b8:f4:78:e5:39:
         7c:da:4f:fd:70:d4:25:f8:5c:d4:5c:88:a1:ad:cc:a3:21:b8:
         94:89:9c:00:58:ad:c4:28:d7:30:9a:df:15:64:e8:f5:76:db:
         f6:bc:14:a7:ca:6f:d9:30:8b:5f:8b:a5:19:25:d6:a5:8c:87:
         b6:31:5e:04:2c:ae:dc:b7:40:cc:30:a1:ad:5c:cf:60:5f:7b:
         3c:da:f1:7f:59:b1:d4:b3:22:34:a6:38:78:af:73:12:04:5c:
         c0:46:9b:07:b5:10:1e:ac:73:9a:af:8f:51:92:fb:96:3e:75:
         48:4a:bf:a3:24:90:b0:ad:b8:2b:87:47:74:01:59:1f:69:7f:
         82:92:25:55:96:1a:f1:3d:2a:68:c9:07:93:3a:e0:aa:1c:02:
         7d:74:25:0b:1d:6f:00:09:48:1c:f6:a6:73:22:98:e9:cd:90:
         60:3c:a1:6f:3a:ae:92:25:71:e7:2b:90:8e:bb:86:6c:fe:a4:
         5a:8b:e0:8d:68:7f:a2:43:0b:80:cb:af:e3:38:66:f7:d1:36:
         74:09:bb:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4zpKV5D1hZvrsqEC/Rk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjdjN2I0MDk4Njc0YTA0ZmIxNzc4NDJjZWM0ZWViOWJm
ODllMWUwHhcNMjUwODA0MDcwMjA4WhcNMjUwODA1MDcwMjA4WjAzMTEwLwYDVQQD
Eyg0YmRhYmRjNDdhZDRlMzJjY2U0Njk4ZTM5NTczOTU1NTllN2NmOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz0ejhciS6Z1xamjla7oQzdpWX7A
/c7Wgy8NoPt7NGyuNA0NgLh7h04xSGvAsG6Xr9dp/oi9tZCniN5Mvv+hBUpvTY6q
nfq1VYHG8vMyQo2wVrgNHW6E1ggSHDa9huh4ZiT4nMWfNMSLOcuZnfMsWe+X0M0G
MEIbqlsWKTCJVWGovKwgTNwU12CaPsQAeGOKAZQX+GL9tKigzDsI6WB0ag1i/R6h
FOaCoP+PFWJ+j268XmCTGV3gaLxbV4LYQJR9n0PBQwPGDIjHYWOkhHi40WCOr+yh
agfKNcIMPjmIXqD3irUwuv640gPw++8spsGz5aRm4Yl+80hsoJ7ytqiyfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEvavcR61OMszkaY45VzlVWefPluMB8GA1UdIwQY
MBaAFKG3x7QJhnSgT7F3hCzsTuub+J4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NWFlMWItYjA3Ny00NDhlLWEzMjgt
N2MwNWExZmY1NDliLzEvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NWFlMWItYjA3Ny00NDhlLWEzMjgtN2MwNWExZmY1NDli
LzEvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJNq0P290
Oux+saN6xoagrCAVdrCgX1Sjp832YU4IPNuEOlGB6kPJepeOS7pIy1TOCrj0eOU5
fNpP/XDUJfhc1FyIoa3MoyG4lImcAFitxCjXMJrfFWTo9Xbb9rwUp8pv2TCLX4ul
GSXWpYyHtjFeBCyu3LdAzDChrVzPYF97PNrxf1mx1LMiNKY4eK9zEgRcwEabB7UQ
Hqxzmq+PUZL7lj51SEq/oySQsK24K4dHdAFZH2l/gpIlVZYa8T0qaMkHkzrgqhwC
fXQlCx1vAAlIHPamcyKY6c2QYDyhbzqukiVx5yuQjruGbP6kWovgjWh/okMLgMuv
4zhm99E2dAm73w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:06:06 2025 by rpki-client