Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
File:                     OBssWXKaU7hBEqryyhIo80JHo5s.mft (raw, json)
Hash identifier:          xxHddrmD413B6KPWDjVJsN3jRnZQwOUI0b2GFFtYV5s=
Subject key identifier:   21:EF:D8:A9:01:3E:46:F3:6F:96:E9:A1:5C:E9:49:CD:63:7B:E7:1B
Authority key identifier: 38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B
Certificate issuer:       /CN=381b2c59729a53b84112aaf2ca1228f34247a39b
Certificate serial:       0198D6606372376AD7E1F5ABCE6B0DE5F21B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 10:01:37 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:37 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:37 +0000
Files and hashes:         1: OBssWXKaU7hBEqryyhIo80JHo5s.crl (hash: 8BwcIJU9a1haXt7VeOnaCzCEULiD+nN+DHAOjtHiWuc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:63:72:37:6a:d7:e1:f5:ab:ce:6b:0d:e5:f2:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=381b2c59729a53b84112aaf2ca1228f34247a39b
        Validity
            Not Before: Aug 23 10:01:37 2025 GMT
            Not After : Aug 24 10:01:37 2025 GMT
        Subject: CN=21efd8a9013e46f36f96e9a15ce949cd637be71b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:a2:a7:b9:ac:0b:69:83:ac:7f:f6:b9:65:21:
                    8a:d8:b6:54:f4:1f:35:85:fe:34:96:be:01:3a:ec:
                    cb:64:6a:7e:6a:2a:82:5e:33:2e:03:50:23:f3:0c:
                    cd:69:f9:c3:5f:6d:f8:1a:b0:04:6e:f9:2b:5d:98:
                    38:e9:46:9b:8a:e1:26:95:91:28:63:72:a1:38:ba:
                    99:2b:f2:be:4e:fb:7a:e6:81:3c:fc:74:95:6a:d7:
                    92:f4:c8:0b:a8:17:c2:ab:82:47:09:67:f7:a8:a6:
                    85:b2:31:ed:31:4c:d3:3a:97:57:94:7e:0a:e1:2f:
                    6c:da:44:9a:56:27:e6:f7:a0:f2:7a:91:65:bf:42:
                    e4:30:4f:52:e5:e6:3f:4a:e8:98:fa:d8:f6:3a:50:
                    2c:c4:91:b6:f9:af:8b:d6:d1:2e:3f:f7:50:c5:ff:
                    ea:6b:4f:7b:05:18:58:71:6b:fc:c8:e1:21:92:79:
                    4d:95:ff:09:d2:96:3c:3b:62:64:0b:1b:bf:64:13:
                    fc:56:24:ed:6b:12:24:9e:46:14:62:c5:73:07:5d:
                    c2:f0:7c:f7:83:6e:5b:c9:63:fb:04:5b:c2:b3:6e:
                    f8:6d:11:2f:6e:ef:78:83:f3:84:50:bf:4a:1b:d6:
                    32:64:fe:1b:c1:8c:75:69:29:f5:4f:eb:7a:b8:0c:
                    bc:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:EF:D8:A9:01:3E:46:F3:6F:96:E9:A1:5C:E9:49:CD:63:7B:E7:1B
            X509v3 Authority Key Identifier:
                keyid:38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:62:d3:db:4a:47:bc:84:c3:96:6b:c5:e8:3f:90:8a:12:41:
         d8:14:eb:2a:58:05:45:84:8f:cd:00:b5:63:66:b3:74:1a:15:
         18:7e:de:0c:c8:12:b6:7b:a9:88:89:be:bd:41:ef:01:89:48:
         cc:6d:c3:c4:dc:8a:9a:31:0b:73:34:1d:76:0d:8a:f6:71:7b:
         19:2c:ba:32:be:fa:14:85:1e:66:63:31:98:e0:35:a7:b0:13:
         8d:6f:db:fd:33:7d:78:47:b9:a1:05:a8:46:e6:e2:4a:84:d3:
         57:8e:3b:64:e2:cf:56:57:67:8c:df:cb:8f:be:3a:e4:e4:74:
         43:b2:a9:c2:48:6f:9f:b7:0a:9f:4b:c9:01:e0:d7:36:fd:9f:
         42:dd:41:d8:5d:d3:af:8a:bc:ac:f4:70:a4:33:4f:56:ed:56:
         0c:22:c2:bc:b5:10:62:f5:c4:18:93:3e:16:db:65:66:b9:23:
         cb:26:d5:7b:6d:4c:2e:9a:4d:ae:bc:8f:0a:68:ca:6a:3a:c2:
         33:5c:85:5b:09:54:86:2a:5d:c9:05:3b:d7:6a:4c:9e:0d:68:
         4b:81:77:59:41:58:ad:54:2b:2d:93:48:3c:87:f5:09:c1:fe:
         57:fa:f9:01:30:47:2b:1f:15:c9:6f:89:d0:c2:5d:36:ea:13:
         3d:c7:4f:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYGNyN2rX4fWrzmsN5fIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MWIyYzU5NzI5YTUzYjg0MTEyYWFmMmNhMTIyOGYzNDI0
N2EzOWIwHhcNMjUwODIzMTAwMTM3WhcNMjUwODI0MTAwMTM3WjAzMTEwLwYDVQQD
EygyMWVmZDhhOTAxM2U0NmYzNmY5NmU5YTE1Y2U5NDljZDYzN2JlNzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46KnuawLaYOsf/a5ZSGK2LZU9B81
hf40lr4BOuzLZGp+aiqCXjMuA1Aj8wzNafnDX234GrAEbvkrXZg46UabiuEmlZEo
Y3KhOLqZK/K+Tvt65oE8/HSVateS9MgLqBfCq4JHCWf3qKaFsjHtMUzTOpdXlH4K
4S9s2kSaVifm96DyepFlv0LkME9S5eY/SuiY+tj2OlAsxJG2+a+L1tEuP/dQxf/q
a097BRhYcWv8yOEhknlNlf8J0pY8O2JkCxu/ZBP8ViTtaxIknkYUYsVzB13C8Hz3
g25byWP7BFvCs274bREvbu94g/OEUL9KG9YyZP4bwYx1aSn1T+t6uAy8SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHv2KkBPkbzb5bpoVzpSc1je+cbMB8GA1UdIwQY
MBaAFDgbLFlymlO4QRKq8soSKPNCR6ObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTct
MjdkNWFjZTAzMDdmLzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTctMjdkNWFjZTAzMDdm
LzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPWLT20pH
vITDlmvF6D+QihJB2BTrKlgFRYSPzQC1Y2azdBoVGH7eDMgStnupiIm+vUHvAYlI
zG3DxNyKmjELczQddg2K9nF7GSy6Mr76FIUeZmMxmOA1p7ATjW/b/TN9eEe5oQWo
RubiSoTTV447ZOLPVldnjN/Lj7465OR0Q7Kpwkhvn7cKn0vJAeDXNv2fQt1B2F3T
r4q8rPRwpDNPVu1WDCLCvLUQYvXEGJM+FttlZrkjyybVe21MLppNrryPCmjKajrC
M1yFWwlUhipdyQU712pMng1oS4F3WUFYrVQrLZNIPIf1CcH+V/r5ATBHKx8VyW+J
0MJdNuoTPcdPtA==
-----END CERTIFICATE-----