Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
File:                     OBssWXKaU7hBEqryyhIo80JHo5s.mft (raw, json)
Hash identifier:          LAVHEWuOW1CTfjtPblu1K+TFMohBMNhMHjKI2k6XH7A=
Subject key identifier:   C0:01:EC:2C:9E:E5:21:8E:89:21:02:E7:B5:0C:DF:4C:F9:FC:37:EE
Authority key identifier: 38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B
Certificate issuer:       /CN=381b2c59729a53b84112aaf2ca1228f34247a39b
Certificate serial:       0197B88FC7B10E7B76C976A1669AC3B1B62D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 22:01:59 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:59 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:59 +0000
Files and hashes:         1: OBssWXKaU7hBEqryyhIo80JHo5s.crl (hash: L8FHTODLBvNmt42LNmzm74rBDbctliTv115gVxUzpg4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:c7:b1:0e:7b:76:c9:76:a1:66:9a:c3:b1:b6:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=381b2c59729a53b84112aaf2ca1228f34247a39b
        Validity
            Not Before: Jun 28 22:01:59 2025 GMT
            Not After : Jun 29 22:01:59 2025 GMT
        Subject: CN=c001ec2c9ee5218e892102e7b50cdf4cf9fc37ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:19:54:9b:83:23:5e:e9:41:60:bd:87:78:4c:
                    56:96:d8:f8:1b:44:5c:36:a2:23:63:39:92:c3:13:
                    45:c7:ff:9b:6b:f8:69:c9:ca:2a:69:e5:b4:7a:bd:
                    aa:99:05:f5:c9:df:a1:33:f7:ee:77:11:e8:5f:60:
                    99:f4:5c:2c:f0:86:85:09:f9:bb:68:ca:ba:02:2a:
                    ea:35:28:34:44:7a:4d:44:e7:be:2a:5f:6c:a4:4a:
                    ce:8d:62:4f:21:c2:18:9c:66:d3:68:13:d6:e9:88:
                    cf:30:1b:02:38:7c:c6:c2:8c:5d:72:6d:65:b0:73:
                    5d:07:bd:64:aa:49:8f:47:9a:dd:e1:d2:79:49:00:
                    a8:75:de:3c:c4:7d:6f:8a:11:2b:42:9e:83:ee:39:
                    e0:ec:17:e6:2e:17:dc:e7:fe:4f:36:a6:96:fb:40:
                    31:1a:05:50:c9:c1:80:a1:01:bc:a9:da:4f:72:7e:
                    64:91:50:b9:37:55:ea:8b:52:53:ba:3c:6f:89:26:
                    1d:33:a6:66:7c:b5:e6:b2:c2:94:91:6c:51:17:86:
                    c3:ca:55:fd:61:97:05:c6:0a:48:9d:3e:d8:ca:43:
                    c7:c7:bc:88:34:f6:11:de:03:f6:fb:f6:05:bb:94:
                    36:a4:db:cf:b9:56:5f:a2:7e:97:27:9b:3b:d6:2b:
                    1a:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:01:EC:2C:9E:E5:21:8E:89:21:02:E7:B5:0C:DF:4C:F9:FC:37:EE
            X509v3 Authority Key Identifier:
                keyid:38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:e3:88:72:d8:01:e6:b9:fb:5a:fb:e6:dc:60:92:17:7d:55:
         4e:e5:96:e9:95:30:88:1a:42:e9:23:c2:98:18:2f:89:72:c7:
         95:15:a1:51:e2:ae:e2:a8:e2:98:a0:01:47:2d:d6:06:5a:3b:
         d1:b1:e0:54:57:b5:41:75:da:19:58:d0:30:48:de:7f:22:b0:
         71:1f:8c:50:6c:84:62:e1:11:0d:d8:a0:ab:b2:ab:7a:94:7a:
         93:4d:a2:78:10:0a:16:29:c0:07:dc:9a:46:3d:46:00:1a:33:
         7b:19:f4:21:27:be:28:02:3b:db:6b:60:75:36:ee:db:91:7b:
         bf:13:ec:be:b8:7b:11:cd:90:ce:84:18:62:92:28:c2:66:a9:
         3c:26:b9:a2:3c:88:41:fa:8a:44:c2:cc:87:af:32:02:b6:f8:
         b0:6f:87:8d:a9:e0:78:4a:68:74:ff:dd:87:67:9e:ff:3b:81:
         64:81:23:9e:1e:b8:fc:be:8d:73:7f:cd:26:50:34:2d:1b:2f:
         f3:51:73:2e:c3:6f:66:1a:06:89:ff:3c:58:09:0e:16:42:05:
         90:a2:d1:ca:2d:90:73:d0:67:bc:08:24:a1:9c:3e:31:dd:d3:
         5f:03:a0:a5:5f:11:44:e1:95:02:f6:1a:d7:73:78:c3:03:82:
         79:ba:11:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j8exDnt2yXahZprDsbYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MWIyYzU5NzI5YTUzYjg0MTEyYWFmMmNhMTIyOGYzNDI0
N2EzOWIwHhcNMjUwNjI4MjIwMTU5WhcNMjUwNjI5MjIwMTU5WjAzMTEwLwYDVQQD
EyhjMDAxZWMyYzllZTUyMThlODkyMTAyZTdiNTBjZGY0Y2Y5ZmMzN2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshlUm4MjXulBYL2HeExWltj4G0Rc
NqIjYzmSwxNFx/+ba/hpycoqaeW0er2qmQX1yd+hM/fudxHoX2CZ9Fws8IaFCfm7
aMq6AirqNSg0RHpNROe+Kl9spErOjWJPIcIYnGbTaBPW6YjPMBsCOHzGwoxdcm1l
sHNdB71kqkmPR5rd4dJ5SQCodd48xH1vihErQp6D7jng7BfmLhfc5/5PNqaW+0Ax
GgVQycGAoQG8qdpPcn5kkVC5N1Xqi1JTujxviSYdM6ZmfLXmssKUkWxRF4bDylX9
YZcFxgpInT7YykPHx7yINPYR3gP2+/YFu5Q2pNvPuVZfon6XJ5s71isaNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMAB7Cye5SGOiSEC57UM30z5/DfuMB8GA1UdIwQY
MBaAFDgbLFlymlO4QRKq8soSKPNCR6ObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTct
MjdkNWFjZTAzMDdmLzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTctMjdkNWFjZTAzMDdm
LzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaOOIctgB
5rn7Wvvm3GCSF31VTuWW6ZUwiBpC6SPCmBgviXLHlRWhUeKu4qjimKABRy3WBlo7
0bHgVFe1QXXaGVjQMEjefyKwcR+MUGyEYuERDdigq7KrepR6k02ieBAKFinAB9ya
Rj1GABozexn0ISe+KAI722tgdTbu25F7vxPsvrh7Ec2QzoQYYpIowmapPCa5ojyI
QfqKRMLMh68yArb4sG+HjangeEpodP/dh2ee/zuBZIEjnh64/L6Nc3/NJlA0LRsv
81FzLsNvZhoGif88WAkOFkIFkKLRyi2Qc9BnvAgkoZw+Md3TXwOgpV8RROGVAvYa
13N4wwOCeboRBg==
-----END CERTIFICATE-----