Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
File:                     OBssWXKaU7hBEqryyhIo80JHo5s.mft (raw, json)
Hash identifier:          5Tb1y80YZ/H0UEAQtf8Z5FAmCRU5zKGvd3X6EXseom0=
Subject key identifier:   3A:14:EC:EC:66:07:57:1F:A6:4D:C7:BB:0E:F9:40:2B:02:C6:D8:A2
Authority key identifier: 38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B
Certificate issuer:       /CN=381b2c59729a53b84112aaf2ca1228f34247a39b
Certificate serial:       01989E5F8A38D9A81C12127D79E955CE9F37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
Manifest number:          1629
Signing time:             Tue 12 Aug 2025 13:01:58 +0000
Manifest this update:     Tue 12 Aug 2025 13:01:58 +0000
Manifest next update:     Wed 13 Aug 2025 13:01:58 +0000
Files and hashes:         1: OBssWXKaU7hBEqryyhIo80JHo5s.crl (hash: gRh1E6jxjEYPqj3reNCuLQtnAD9wH+3UEPrEEDEtBY4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 13:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9e:5f:8a:38:d9:a8:1c:12:12:7d:79:e9:55:ce:9f:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=381b2c59729a53b84112aaf2ca1228f34247a39b
        Validity
            Not Before: Aug 12 13:01:58 2025 GMT
            Not After : Aug 13 13:01:58 2025 GMT
        Subject: CN=3a14ecec6607571fa64dc7bb0ef9402b02c6d8a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:d8:a2:e7:1b:e9:39:9e:38:26:f8:18:70:4f:
                    9d:89:58:92:25:d3:0d:e9:4e:95:3a:f7:a8:49:5c:
                    25:31:a7:b3:1c:fd:dc:5c:e5:e2:29:c7:a4:e5:ff:
                    11:20:fb:65:a2:ff:a4:79:d1:14:f7:b4:60:89:b4:
                    2b:d7:35:57:d4:a5:e1:78:b6:cb:b3:99:ab:a4:a2:
                    e9:2c:25:f2:cc:52:c2:62:60:9d:e9:c7:b0:f1:56:
                    c8:1b:92:fe:97:f4:9d:ca:bf:d3:0c:9e:ad:4f:d0:
                    fa:5b:d8:0e:a3:cf:db:8f:c7:64:26:81:ec:59:05:
                    80:4e:cf:3b:ce:15:23:66:9f:23:fb:06:c5:4b:2a:
                    03:fe:03:90:1d:a5:0d:60:61:80:26:1a:3a:f9:bd:
                    7b:36:3f:46:c1:90:1a:3a:30:79:75:29:1f:b5:62:
                    e5:91:db:e7:13:66:43:15:00:e3:c0:16:1d:aa:29:
                    53:ef:e6:ea:6b:f0:6c:9e:62:a4:e4:a3:c4:64:54:
                    46:23:4c:dd:7d:06:99:a3:91:5c:80:3f:06:63:c8:
                    5f:07:60:a3:4e:3a:f7:16:2d:5a:f0:ce:2b:4c:e5:
                    32:69:c9:42:72:88:fb:65:34:18:a7:ae:68:71:25:
                    98:0f:ad:d9:4a:43:e0:59:11:9c:da:b5:9c:97:68:
                    85:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:14:EC:EC:66:07:57:1F:A6:4D:C7:BB:0E:F9:40:2B:02:C6:D8:A2
            X509v3 Authority Key Identifier:
                keyid:38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:bc:a7:58:20:1f:eb:40:25:f3:d8:cb:b1:75:be:a2:1f:0f:
         6b:b1:32:b5:41:1f:77:55:df:ef:0f:13:84:c1:81:12:f5:3f:
         e1:76:31:22:c0:e9:11:04:94:8c:a9:cb:2d:69:e7:35:ec:32:
         09:ab:8e:e5:5a:7c:15:26:c1:5b:ff:a8:e1:8e:2d:65:98:51:
         90:ae:ad:29:67:56:89:f0:b3:80:7b:d4:7c:77:4b:e3:c8:fc:
         d1:ba:e3:51:1b:49:6f:e2:75:39:7a:5c:e8:f2:1d:09:f7:b3:
         5d:a6:29:1c:d6:ac:06:55:61:86:ca:29:b7:c1:ae:83:e3:b9:
         74:1f:0e:eb:9e:ea:d1:22:4f:32:2a:2e:37:69:da:15:2d:27:
         90:e8:6f:c3:4e:31:58:07:ff:38:80:a8:ad:ad:f3:d8:89:39:
         dc:ff:ea:cd:fc:c8:39:07:b8:85:14:35:1a:ec:2a:a0:1b:09:
         eb:c8:3b:15:4f:d8:15:4c:5e:17:ba:67:ad:2f:12:f7:08:c3:
         94:9b:6a:55:d5:8f:32:b5:fa:d6:e0:33:46:8d:f8:ea:ce:cc:
         6c:f6:ca:38:53:07:04:be:5e:88:91:fd:69:33:23:45:1b:a7:
         5e:aa:f3:17:c6:16:33:9d:9c:a8:19:04:37:fc:1a:54:f8:17:
         54:2d:53:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZieX4o42agcEhJ9eelVzp83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MWIyYzU5NzI5YTUzYjg0MTEyYWFmMmNhMTIyOGYzNDI0
N2EzOWIwHhcNMjUwODEyMTMwMTU4WhcNMjUwODEzMTMwMTU4WjAzMTEwLwYDVQQD
EygzYTE0ZWNlYzY2MDc1NzFmYTY0ZGM3YmIwZWY5NDAyYjAyYzZkOGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09ii5xvpOZ44JvgYcE+diViSJdMN
6U6VOveoSVwlMaezHP3cXOXiKcek5f8RIPtlov+kedEU97RgibQr1zVX1KXheLbL
s5mrpKLpLCXyzFLCYmCd6cew8VbIG5L+l/Sdyr/TDJ6tT9D6W9gOo8/bj8dkJoHs
WQWATs87zhUjZp8j+wbFSyoD/gOQHaUNYGGAJho6+b17Nj9GwZAaOjB5dSkftWLl
kdvnE2ZDFQDjwBYdqilT7+bqa/BsnmKk5KPEZFRGI0zdfQaZo5FcgD8GY8hfB2Cj
Tjr3Fi1a8M4rTOUyaclCcoj7ZTQYp65ocSWYD63ZSkPgWRGc2rWcl2iFGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDoU7OxmB1cfpk3Huw75QCsCxtiiMB8GA1UdIwQY
MBaAFDgbLFlymlO4QRKq8soSKPNCR6ObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTct
MjdkNWFjZTAzMDdmLzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTctMjdkNWFjZTAzMDdm
LzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN7ynWCAf
60Al89jLsXW+oh8Pa7EytUEfd1Xf7w8ThMGBEvU/4XYxIsDpEQSUjKnLLWnnNewy
CauO5Vp8FSbBW/+o4Y4tZZhRkK6tKWdWifCzgHvUfHdL48j80brjURtJb+J1OXpc
6PIdCfezXaYpHNasBlVhhsopt8Gug+O5dB8O657q0SJPMiouN2naFS0nkOhvw04x
WAf/OICora3z2Ik53P/qzfzIOQe4hRQ1GuwqoBsJ68g7FU/YFUxeF7pnrS8S9wjD
lJtqVdWPMrX61uAzRo346s7MbPbKOFMHBL5eiJH9aTMjRRunXqrzF8YWM52cqBkE
N/waVPgXVC1TNg==
-----END CERTIFICATE-----