Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
File:                     obfHtAmGdKBPsXeELOxO65v4nh4.mft (raw, json)
Hash identifier:          1drVIslgnd4RAV1K2Gk3nt+bmuoPCTQliGV/Goir4Hs=
Subject key identifier:   ED:2D:E8:D7:DD:FA:AC:0D:78:54:1A:A1:19:99:80:C5:2B:2E:FD:4F
Authority key identifier: A1:B7:C7:B4:09:86:74:A0:4F:B1:77:84:2C:EC:4E:EB:9B:F8:9E:1E
Certificate issuer:       /CN=a1b7c7b4098674a04fb177842cec4eeb9bf89e1e
Certificate serial:       019A4D0791E118D1F52F5E2AE069BCDFF6B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
Manifest number:          1708
Signing time:             Tue 04 Nov 2025 04:02:13 +0000
Manifest this update:     Tue 04 Nov 2025 04:02:13 +0000
Manifest next update:     Wed 05 Nov 2025 04:02:13 +0000
Files and hashes:         1: obfHtAmGdKBPsXeELOxO65v4nh4.crl (hash: BG7f9Jrsld9b5rFGP7UcTmYnIUn1dgzLwy4D6D3JeMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:02:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:07:91:e1:18:d1:f5:2f:5e:2a:e0:69:bc:df:f6:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1b7c7b4098674a04fb177842cec4eeb9bf89e1e
        Validity
            Not Before: Nov  4 04:02:13 2025 GMT
            Not After : Nov  5 04:02:13 2025 GMT
        Subject: CN=ed2de8d7ddfaac0d78541aa1199980c52b2efd4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:57:b6:8c:36:0e:4f:24:e5:3f:9b:98:fc:b3:
                    cf:6c:c7:1a:96:59:dd:a7:59:7b:58:9c:00:ca:1d:
                    1e:42:d9:05:0f:97:55:a3:a5:cd:5b:d1:1a:0d:c2:
                    0d:49:66:a0:24:f5:30:79:24:b0:83:f8:92:1c:bf:
                    31:f6:3f:5e:a2:f6:18:a3:fd:a9:76:0e:98:d5:53:
                    be:3e:0c:7c:31:3c:38:42:fb:b1:ca:9c:4e:dd:e3:
                    44:02:ad:d1:7f:3b:b9:13:54:e3:21:c6:b5:fd:50:
                    c9:b7:7a:f7:a8:ee:3d:68:78:f1:cf:b6:e0:64:d1:
                    08:c4:d2:34:5b:63:1b:79:f5:13:7d:08:bb:13:05:
                    a9:dc:f6:84:a8:80:d5:31:31:92:40:df:41:e1:d1:
                    a7:44:97:05:bc:ef:3f:7a:91:20:a8:da:1c:de:c2:
                    7f:65:8b:2a:16:a1:b6:18:1e:c6:b6:65:ad:5e:6e:
                    e3:b3:25:1e:4e:09:2e:34:bb:98:b6:47:46:eb:75:
                    1d:89:4f:db:c1:60:f6:8f:8a:62:a0:64:ec:26:35:
                    93:19:3f:c0:fb:7f:44:d0:51:97:a2:39:ca:18:f9:
                    a5:04:10:5c:6e:81:74:ff:fa:ba:55:ec:b7:5d:e9:
                    35:cf:1d:fa:22:f8:e8:ad:1b:41:65:1a:26:8a:24:
                    f8:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:2D:E8:D7:DD:FA:AC:0D:78:54:1A:A1:19:99:80:C5:2B:2E:FD:4F
            X509v3 Authority Key Identifier:
                keyid:A1:B7:C7:B4:09:86:74:A0:4F:B1:77:84:2C:EC:4E:EB:9B:F8:9E:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:13:bc:50:9b:65:56:cb:ee:92:86:47:bd:1f:40:ec:b1:f2:
         d0:61:12:d9:5b:da:05:e6:ab:b9:c4:e5:a3:dd:35:3d:04:e6:
         68:d0:30:6d:08:9f:e0:b1:38:dc:6f:eb:da:97:91:c3:0a:ad:
         51:44:ab:31:0b:5a:a9:75:ba:94:69:94:26:29:4e:2a:a9:9a:
         aa:7b:14:bf:d3:5a:22:58:c9:c4:26:a0:cb:11:48:de:09:f9:
         3b:72:bb:3e:22:f8:02:7d:29:ee:82:08:ea:f8:ee:8b:8a:96:
         68:86:78:b6:f5:42:4f:d0:76:d2:d6:f9:54:b5:0c:72:a7:1c:
         6d:7c:56:86:e1:26:6a:23:9a:b5:1a:7c:0a:a1:62:8f:ce:c5:
         94:6f:37:1e:0e:cb:0f:cc:72:80:e3:cf:eb:2d:f0:e9:85:cb:
         6e:a0:34:d2:fc:43:8b:4b:3a:60:01:e8:54:e7:0a:d0:86:79:
         e5:ea:9a:18:9c:99:ce:62:c0:cb:13:43:84:dd:68:97:c3:d1:
         de:3c:13:cf:90:3a:ca:d6:fa:e8:35:36:1a:dc:f9:83:00:6e:
         0d:19:40:f5:08:15:13:88:f5:57:f8:72:31:c9:e3:f0:a4:f0:
         bf:f1:2d:39:ca:77:5f:b1:08:f7:85:6c:b1:08:90:d9:85:68:
         83:0b:73:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNB5HhGNH1L14q4Gm83/azMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjdjN2I0MDk4Njc0YTA0ZmIxNzc4NDJjZWM0ZWViOWJm
ODllMWUwHhcNMjUxMTA0MDQwMjEzWhcNMjUxMTA1MDQwMjEzWjAzMTEwLwYDVQQD
EyhlZDJkZThkN2RkZmFhYzBkNzg1NDFhYTExOTk5ODBjNTJiMmVmZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Fe2jDYOTyTlP5uY/LPPbMcallnd
p1l7WJwAyh0eQtkFD5dVo6XNW9EaDcINSWagJPUweSSwg/iSHL8x9j9eovYYo/2p
dg6Y1VO+Pgx8MTw4QvuxypxO3eNEAq3Rfzu5E1TjIca1/VDJt3r3qO49aHjxz7bg
ZNEIxNI0W2MbefUTfQi7EwWp3PaEqIDVMTGSQN9B4dGnRJcFvO8/epEgqNoc3sJ/
ZYsqFqG2GB7GtmWtXm7jsyUeTgkuNLuYtkdG63UdiU/bwWD2j4pioGTsJjWTGT/A
+39E0FGXojnKGPmlBBBcboF0//q6Vey3Xek1zx36IvjorRtBZRomiiT47QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO0t6Nfd+qwNeFQaoRmZgMUrLv1PMB8GA1UdIwQY
MBaAFKG3x7QJhnSgT7F3hCzsTuub+J4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NWFlMWItYjA3Ny00NDhlLWEzMjgt
N2MwNWExZmY1NDliLzEvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NWFlMWItYjA3Ny00NDhlLWEzMjgtN2MwNWExZmY1NDli
LzEvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnxO8UJtl
VsvukoZHvR9A7LHy0GES2VvaBearucTlo901PQTmaNAwbQif4LE43G/r2peRwwqt
UUSrMQtaqXW6lGmUJilOKqmaqnsUv9NaIljJxCagyxFI3gn5O3K7PiL4An0p7oII
6vjui4qWaIZ4tvVCT9B20tb5VLUMcqccbXxWhuEmaiOatRp8CqFij87FlG83Hg7L
D8xygOPP6y3w6YXLbqA00vxDi0s6YAHoVOcK0IZ55eqaGJyZzmLAyxNDhN1ol8PR
3jwTz5A6ytb66DU2Gtz5gwBuDRlA9QgVE4j1V/hyMcnj8KTwv/EtOcp3X7EI94Vs
sQiQ2YVogwtzog==
-----END CERTIFICATE-----