Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
File:                     OBssWXKaU7hBEqryyhIo80JHo5s.mft (raw, json)
Hash identifier:          T1fUwHxLhHy96+jPKi7JRxreuijMF0wrsuPRLVLPdw0=
Subject key identifier:   C1:78:7B:A1:95:9A:0C:FF:9A:47:C4:0E:EA:59:64:94:36:16:36:8A
Authority key identifier: 38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B
Certificate issuer:       /CN=381b2c59729a53b84112aaf2ca1228f34247a39b
Certificate serial:       0196C53AD2285A9A2F743B01BB331CDD70E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
Manifest number:          1534
Signing time:             Mon 12 May 2025 16:01:28 +0000
Manifest this update:     Mon 12 May 2025 16:01:28 +0000
Manifest next update:     Tue 13 May 2025 16:01:28 +0000
Files and hashes:         1: OBssWXKaU7hBEqryyhIo80JHo5s.crl (hash: Cy95YRnkY/XDglFRK/XZzkTRBPCV2U7yDyAHwU2ygRA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:3a:d2:28:5a:9a:2f:74:3b:01:bb:33:1c:dd:70:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=381b2c59729a53b84112aaf2ca1228f34247a39b
        Validity
            Not Before: May 12 16:01:28 2025 GMT
            Not After : May 13 16:01:28 2025 GMT
        Subject: CN=c1787ba1959a0cff9a47c40eea5964943616368a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:b2:6b:a9:f0:f5:d7:59:d4:79:b8:a6:74:69:
                    b6:f9:55:c1:c8:4c:e0:4a:18:f8:3d:ac:a7:9b:19:
                    c1:29:52:82:86:67:69:b2:49:db:2b:4d:61:82:79:
                    9a:f7:49:20:86:72:03:18:bf:f9:57:ee:e3:10:b1:
                    48:64:7c:0d:94:6c:91:67:dd:3d:77:65:db:d6:a8:
                    13:b5:88:a5:3d:ca:bb:d8:f4:3c:a1:f5:2b:a3:e7:
                    26:0a:5a:5d:3b:81:9b:89:9f:ca:87:7e:dc:0d:41:
                    37:3e:5e:f0:98:23:b9:18:ec:2e:de:1a:97:3c:e1:
                    c3:c9:0e:af:ec:70:a2:c9:cc:dd:9c:0a:28:92:07:
                    7a:c2:a9:68:3e:08:22:29:f3:7c:6c:0f:e8:40:68:
                    bc:de:ce:e0:d3:cf:a2:eb:d3:a0:4b:9a:f1:14:ea:
                    72:0b:47:9f:52:75:9e:ad:95:f4:16:2f:91:ef:d2:
                    11:bf:8f:a6:ad:62:e2:30:f7:2e:55:15:eb:bb:ce:
                    a6:0e:83:f8:9d:b3:d5:14:40:b7:3e:55:34:e5:a3:
                    5f:39:29:32:ec:14:be:e6:8d:e2:41:f6:86:73:0e:
                    51:8a:26:27:85:f2:0a:2f:eb:5f:84:55:f8:7d:ee:
                    b0:10:e2:7b:f7:ef:c9:bc:c4:10:64:73:d0:0d:85:
                    50:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:78:7B:A1:95:9A:0C:FF:9A:47:C4:0E:EA:59:64:94:36:16:36:8A
            X509v3 Authority Key Identifier:
                keyid:38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:c5:dd:21:94:a3:d4:a7:b0:e2:bf:78:d8:00:58:42:53:e5:
         e4:0b:d8:6b:2f:ae:2d:4e:82:ce:ce:bf:f5:5e:db:c6:cc:95:
         ab:14:8d:b7:7e:02:a1:0c:ad:95:96:d4:63:e0:4a:cf:d6:5f:
         8f:b2:38:93:97:ca:4e:c1:0e:7e:1e:9e:1a:89:b0:af:05:0a:
         1b:8e:fa:c0:50:86:f5:e4:80:9b:e9:b5:96:a7:cd:ec:bc:0b:
         0d:db:f9:d2:87:f7:77:6d:b4:6b:db:12:46:3f:33:b1:5d:22:
         c2:28:eb:3a:a3:cf:5b:1a:b9:01:b7:66:85:a5:8a:7c:a0:4c:
         8b:4c:0e:a6:23:a6:12:e0:54:79:b1:3f:64:4f:f8:1c:6e:3b:
         27:b4:49:47:74:00:c9:85:50:8d:e5:6c:6b:43:17:d7:76:28:
         45:47:87:ee:ec:ba:42:06:66:f3:ca:0c:b2:6f:23:dc:49:76:
         7c:66:18:40:96:4a:50:f5:07:e2:44:41:dd:69:d2:0f:61:08:
         af:33:00:7c:a9:a4:0f:c6:90:7f:71:34:c1:11:62:c0:fb:ff:
         aa:fc:7c:d7:4a:a5:60:65:df:1e:a7:bd:64:05:9f:f9:88:22:
         67:85:cb:aa:75:9f:ac:25:65:a4:46:6b:15:83:e3:20:05:b1:
         0b:e9:cf:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOtIoWpovdDsBuzMc3XDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MWIyYzU5NzI5YTUzYjg0MTEyYWFmMmNhMTIyOGYzNDI0
N2EzOWIwHhcNMjUwNTEyMTYwMTI4WhcNMjUwNTEzMTYwMTI4WjAzMTEwLwYDVQQD
EyhjMTc4N2JhMTk1OWEwY2ZmOWE0N2M0MGVlYTU5NjQ5NDM2MTYzNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbJrqfD111nUebimdGm2+VXByEzg
Shj4PaynmxnBKVKChmdpsknbK01hgnma90kghnIDGL/5V+7jELFIZHwNlGyRZ909
d2Xb1qgTtYilPcq72PQ8ofUro+cmClpdO4GbiZ/Kh37cDUE3Pl7wmCO5GOwu3hqX
POHDyQ6v7HCiyczdnAookgd6wqloPggiKfN8bA/oQGi83s7g08+i69OgS5rxFOpy
C0efUnWerZX0Fi+R79IRv4+mrWLiMPcuVRXru86mDoP4nbPVFEC3PlU05aNfOSky
7BS+5o3iQfaGcw5RiiYnhfIKL+tfhFX4fe6wEOJ79+/JvMQQZHPQDYVQ7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMF4e6GVmgz/mkfEDupZZJQ2FjaKMB8GA1UdIwQY
MBaAFDgbLFlymlO4QRKq8soSKPNCR6ObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTct
MjdkNWFjZTAzMDdmLzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTctMjdkNWFjZTAzMDdm
LzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQMXdIZSj
1Kew4r942ABYQlPl5AvYay+uLU6Czs6/9V7bxsyVqxSNt34CoQytlZbUY+BKz9Zf
j7I4k5fKTsEOfh6eGomwrwUKG476wFCG9eSAm+m1lqfN7LwLDdv50of3d220a9sS
Rj8zsV0iwijrOqPPWxq5AbdmhaWKfKBMi0wOpiOmEuBUebE/ZE/4HG47J7RJR3QA
yYVQjeVsa0MX13YoRUeH7uy6QgZm88oMsm8j3El2fGYYQJZKUPUH4kRB3WnSD2EI
rzMAfKmkD8aQf3E0wRFiwPv/qvx810qlYGXfHqe9ZAWf+YgiZ4XLqnWfrCVlpEZr
FYPjIAWxC+nPaA==
-----END CERTIFICATE-----