Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
File:                     OBssWXKaU7hBEqryyhIo80JHo5s.mft (raw, json)
Hash identifier:          d1R492S8txyBZk1CfewpS2+y26INikJ31poFVhb59Gk=
Subject key identifier:   69:BF:A8:0B:B0:A0:22:AC:C8:29:70:51:D9:AD:47:77:24:91:B3:A5
Authority key identifier: 38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B
Certificate issuer:       /CN=381b2c59729a53b84112aaf2ca1228f34247a39b
Certificate serial:       0199FBEB90E7F606BB1F97DD2FD937FFD948
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:02:23 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:23 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:23 +0000
Files and hashes:         1: OBssWXKaU7hBEqryyhIo80JHo5s.crl (hash: z4pBfxxTAUdxI8o0B1B5UtYW0rguFjOg9ZcsU9eRiTI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:90:e7:f6:06:bb:1f:97:dd:2f:d9:37:ff:d9:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=381b2c59729a53b84112aaf2ca1228f34247a39b
        Validity
            Not Before: Oct 19 10:02:23 2025 GMT
            Not After : Oct 20 10:02:23 2025 GMT
        Subject: CN=69bfa80bb0a022acc8297051d9ad47772491b3a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:97:bf:5e:e3:cf:83:70:df:c5:17:87:cc:82:
                    aa:45:a0:1d:66:50:bc:4d:0d:03:cd:02:df:94:c9:
                    b5:58:fe:f7:bd:06:3d:1d:fa:82:21:b4:8c:28:3b:
                    9e:1c:34:e0:a1:c4:e8:cc:34:c8:e2:26:c4:44:7f:
                    50:d7:a4:e0:92:df:c0:01:02:17:9f:b0:03:d2:a4:
                    95:8c:a7:2e:4c:0f:d3:ac:a3:7d:a3:e0:7e:1b:c1:
                    db:f8:d4:17:28:ac:2a:d1:d5:35:68:d6:4e:2c:06:
                    e5:d0:c7:e1:90:c5:a0:da:bf:4f:95:5a:18:32:25:
                    8e:64:20:09:09:a3:cd:45:df:4c:dc:9d:8a:bc:76:
                    80:28:59:72:c7:b0:1b:e9:de:87:6d:93:c6:85:fa:
                    ba:e4:a4:5f:01:bc:20:73:e4:89:6f:e9:b2:6c:90:
                    80:38:bf:0d:51:77:05:f4:73:31:7a:37:9b:c6:eb:
                    7f:54:02:d7:dc:7b:62:72:90:c3:66:82:cb:2b:53:
                    a5:93:49:61:d4:76:69:a1:65:b6:fe:a0:a2:6d:4b:
                    ba:8f:a8:b3:10:62:dc:20:de:da:fe:69:f8:34:ee:
                    ea:b1:d6:96:c3:70:8f:56:90:d3:27:1a:05:e3:c4:
                    da:24:e0:9e:73:3c:0a:03:b7:16:59:9d:5e:e5:78:
                    20:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:BF:A8:0B:B0:A0:22:AC:C8:29:70:51:D9:AD:47:77:24:91:B3:A5
            X509v3 Authority Key Identifier:
                keyid:38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:2b:87:ea:8b:83:26:15:43:f3:0e:d5:61:aa:2f:4e:05:f0:
         d0:c7:a7:61:d6:0d:a4:00:94:26:22:0c:d9:67:ec:cf:e9:cd:
         26:fc:d5:bc:bd:b2:ee:63:a0:59:44:78:c9:66:45:e9:d5:7c:
         97:7a:1a:db:0b:ef:6c:af:cb:87:c8:0c:ae:1c:6c:0b:a0:19:
         75:fa:7f:d8:62:35:12:8a:67:4b:e3:55:6d:6c:27:e7:cb:fa:
         bd:2f:a5:93:62:cb:79:d6:08:fb:17:19:08:93:58:cf:b6:7e:
         6f:68:4b:1b:fc:9f:75:c6:ba:80:6a:72:01:e8:a0:98:5c:7b:
         b7:f1:4c:ad:2a:92:9b:69:4f:88:f1:fd:72:a9:b6:42:ae:01:
         dd:f0:3e:3f:2e:7c:fe:e4:c1:31:46:f2:b9:c3:3e:38:b3:af:
         1e:47:55:9e:97:26:08:4f:02:07:8c:d0:c7:9e:c8:25:4d:0e:
         2e:10:80:50:8b:1c:56:53:10:2d:60:2c:f6:f5:4f:71:5d:97:
         7e:b4:25:07:9b:c8:b7:fd:7c:b8:8a:24:95:5b:3d:1d:87:a3:
         d2:06:a0:bc:a2:ba:96:70:5c:91:7f:97:f8:84:46:5c:01:20:
         5b:ae:ab:7d:f0:5d:b2:cf:a7:dd:f6:63:61:b2:29:45:fc:b6:
         f3:0e:b2:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn765Dn9ga7H5fdL9k3/9lIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MWIyYzU5NzI5YTUzYjg0MTEyYWFmMmNhMTIyOGYzNDI0
N2EzOWIwHhcNMjUxMDE5MTAwMjIzWhcNMjUxMDIwMTAwMjIzWjAzMTEwLwYDVQQD
Eyg2OWJmYTgwYmIwYTAyMmFjYzgyOTcwNTFkOWFkNDc3NzI0OTFiM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZe/XuPPg3DfxReHzIKqRaAdZlC8
TQ0DzQLflMm1WP73vQY9HfqCIbSMKDueHDTgocTozDTI4ibERH9Q16Tgkt/AAQIX
n7AD0qSVjKcuTA/TrKN9o+B+G8Hb+NQXKKwq0dU1aNZOLAbl0MfhkMWg2r9PlVoY
MiWOZCAJCaPNRd9M3J2KvHaAKFlyx7Ab6d6HbZPGhfq65KRfAbwgc+SJb+mybJCA
OL8NUXcF9HMxejebxut/VALX3HticpDDZoLLK1Olk0lh1HZpoWW2/qCibUu6j6iz
EGLcIN7a/mn4NO7qsdaWw3CPVpDTJxoF48TaJOCeczwKA7cWWZ1e5XggoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGm/qAuwoCKsyClwUdmtR3ckkbOlMB8GA1UdIwQY
MBaAFDgbLFlymlO4QRKq8soSKPNCR6ObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTct
MjdkNWFjZTAzMDdmLzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTctMjdkNWFjZTAzMDdm
LzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAISuH6ouD
JhVD8w7VYaovTgXw0MenYdYNpACUJiIM2Wfsz+nNJvzVvL2y7mOgWUR4yWZF6dV8
l3oa2wvvbK/Lh8gMrhxsC6AZdfp/2GI1EopnS+NVbWwn58v6vS+lk2LLedYI+xcZ
CJNYz7Z+b2hLG/yfdca6gGpyAeigmFx7t/FMrSqSm2lPiPH9cqm2Qq4B3fA+Py58
/uTBMUbyucM+OLOvHkdVnpcmCE8CB4zQx57IJU0OLhCAUIscVlMQLWAs9vVPcV2X
frQlB5vIt/18uIoklVs9HYej0gagvKK6lnBckX+X+IRGXAEgW66rffBdss+n3fZj
YbIpRfy28w6y8Q==
-----END CERTIFICATE-----