Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
File:                     OBssWXKaU7hBEqryyhIo80JHo5s.mft (raw, json)
Hash identifier:          mbxKmwE6A24BSic2FhiHbvLx5ZYe6tmJiyggYXkVdM4=
Subject key identifier:   D6:B1:C3:AA:D9:F4:08:95:9C:36:AC:04:47:00:38:E4:70:95:01:69
Authority key identifier: 38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B
Certificate issuer:       /CN=381b2c59729a53b84112aaf2ca1228f34247a39b
Certificate serial:       019D9AE2DDDE0D42CF7A8814B2343F9701D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 10:00:52 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:52 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:52 +0000
Files and hashes:         1: OBssWXKaU7hBEqryyhIo80JHo5s.crl (hash: 89WQZmiFhjPkWQWw2d8h5rOA+h723nLYR+kRIWGTWlw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:dd:de:0d:42:cf:7a:88:14:b2:34:3f:97:01:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=381b2c59729a53b84112aaf2ca1228f34247a39b
        Validity
            Not Before: Apr 17 10:00:52 2026 GMT
            Not After : Apr 18 10:00:52 2026 GMT
        Subject: CN=d6b1c3aad9f408959c36ac04470038e470950169
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:5e:65:8f:0c:25:62:9f:58:fd:4d:f1:5e:5c:
                    c4:3d:50:b2:c2:a5:54:5d:de:c6:f9:97:55:d2:b4:
                    cc:31:d7:4f:4a:37:4e:20:e1:3f:7f:b3:6c:c0:80:
                    7b:b8:f3:7f:36:29:3b:c9:bc:1d:b7:45:48:4a:3b:
                    ee:97:c6:18:a7:c2:d9:fb:4f:02:fc:cf:3f:61:9e:
                    9e:b4:47:79:71:67:93:f4:da:63:ce:8f:9a:cc:fc:
                    3d:31:45:a2:3a:81:81:1e:85:ee:51:2d:76:8b:71:
                    16:f4:d6:c7:01:42:c5:11:39:56:f3:2a:e9:38:63:
                    f1:ea:f1:39:c4:51:0e:fb:83:89:de:f6:b8:e9:54:
                    54:80:d9:99:3c:63:1e:37:70:51:44:04:7f:dc:39:
                    11:43:c8:ce:1d:32:ab:a9:29:76:b3:e9:ad:18:a2:
                    18:bc:68:06:1d:c8:c5:f1:1b:77:e1:16:44:2a:7e:
                    45:cb:f8:a8:18:ea:25:b1:88:f9:a3:13:67:e4:af:
                    02:4b:73:ec:1c:76:ec:43:fd:f7:ec:b9:bb:f4:87:
                    4b:1b:0f:12:1f:0f:d2:a2:f4:cb:a8:ec:64:83:e6:
                    32:9a:25:e6:a9:de:3b:a2:9e:a5:7d:f6:b4:c8:a3:
                    61:a5:60:73:7f:d8:c1:f0:94:8c:0a:dd:f8:80:c3:
                    6b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:B1:C3:AA:D9:F4:08:95:9C:36:AC:04:47:00:38:E4:70:95:01:69
            X509v3 Authority Key Identifier:
                keyid:38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         dc:88:47:b7:34:5e:ed:da:64:ba:55:e8:2a:62:b2:63:ef:ad:
         fd:74:ab:6f:f9:62:db:28:26:f5:25:21:1f:14:cb:e0:ed:5c:
         7e:97:e5:7b:61:42:c3:0a:c5:7c:6a:42:74:e7:d2:ca:0d:8d:
         38:39:3b:80:89:b0:1b:a6:1f:f0:10:41:c9:44:0c:81:e5:2e:
         3b:ea:2e:9f:66:d6:d9:f9:e6:96:99:67:58:07:24:b2:ba:16:
         a9:1b:44:64:fe:12:b7:9e:0c:8c:56:37:81:44:bb:01:bd:99:
         7d:37:6a:21:db:c5:49:fb:f9:16:72:2e:4a:39:5d:95:6b:8e:
         30:6e:1e:4f:d8:cd:23:61:d2:e7:61:6f:a9:07:a7:80:cf:a5:
         db:02:56:fb:e3:f5:30:3f:2d:d4:f3:0f:8d:72:7e:6f:e0:dd:
         76:37:b3:54:a5:4b:bb:ce:07:81:1c:95:35:81:4f:e0:31:64:
         3d:de:a2:fb:70:d2:45:24:2e:38:a3:5d:b5:31:c0:b0:c3:e6:
         b4:88:08:06:ba:1c:e2:1f:bb:7d:b2:ea:e1:69:01:84:07:0f:
         71:3c:77:02:8e:5d:48:c4:bb:5c:17:0e:fc:df:af:b0:56:ab:
         7d:01:3d:a8:4a:ef:a3:46:3e:ea:f4:ee:a1:02:0d:fa:d8:c6:
         48:45:42:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4t3eDULPeogUsjQ/lwHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MWIyYzU5NzI5YTUzYjg0MTEyYWFmMmNhMTIyOGYzNDI0
N2EzOWIwHhcNMjYwNDE3MTAwMDUyWhcNMjYwNDE4MTAwMDUyWjAzMTEwLwYDVQQD
EyhkNmIxYzNhYWQ5ZjQwODk1OWMzNmFjMDQ0NzAwMzhlNDcwOTUwMTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq15ljwwlYp9Y/U3xXlzEPVCywqVU
Xd7G+ZdV0rTMMddPSjdOIOE/f7NswIB7uPN/Nik7ybwdt0VISjvul8YYp8LZ+08C
/M8/YZ6etEd5cWeT9Npjzo+azPw9MUWiOoGBHoXuUS12i3EW9NbHAULFETlW8yrp
OGPx6vE5xFEO+4OJ3va46VRUgNmZPGMeN3BRRAR/3DkRQ8jOHTKrqSl2s+mtGKIY
vGgGHcjF8Rt34RZEKn5Fy/ioGOolsYj5oxNn5K8CS3PsHHbsQ/337Lm79IdLGw8S
Hw/SovTLqOxkg+YymiXmqd47op6lffa0yKNhpWBzf9jB8JSMCt34gMNrqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNaxw6rZ9AiVnDasBEcAOORwlQFpMB8GA1UdIwQY
MBaAFDgbLFlymlO4QRKq8soSKPNCR6ObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTct
MjdkNWFjZTAzMDdmLzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTctMjdkNWFjZTAzMDdm
LzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3IhHtzRe
7dpkulXoKmKyY++t/XSrb/li2ygm9SUhHxTL4O1cfpfle2FCwwrFfGpCdOfSyg2N
ODk7gImwG6Yf8BBByUQMgeUuO+oun2bW2fnmlplnWAcksroWqRtEZP4St54MjFY3
gUS7Ab2ZfTdqIdvFSfv5FnIuSjldlWuOMG4eT9jNI2HS52FvqQengM+l2wJW++P1
MD8t1PMPjXJ+b+DddjezVKVLu84HgRyVNYFP4DFkPd6i+3DSRSQuOKNdtTHAsMPm
tIgIBroc4h+7fbLq4WkBhAcPcTx3Ao5dSMS7XBcO/N+vsFarfQE9qErvo0Y+6vTu
oQIN+tjGSEVC2Q==
-----END CERTIFICATE-----