Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
File:                     OBssWXKaU7hBEqryyhIo80JHo5s.mft (raw, json)
Hash identifier:          h6pDYUeWtZLK4Ujr4yTrxQps1+A6LmzIG3nbXpf3BMA=
Subject key identifier:   BF:23:A9:72:33:BA:09:FD:DC:A0:2F:70:D1:10:C2:FB:9A:68:EC:24
Authority key identifier: 38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B
Certificate issuer:       /CN=381b2c59729a53b84112aaf2ca1228f34247a39b
Certificate serial:       019D2AE0FF0518255AAC939F081F7616BEE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
Manifest number:          1884
Signing time:             Thu 26 Mar 2026 16:01:21 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:21 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:21 +0000
Files and hashes:         1: OBssWXKaU7hBEqryyhIo80JHo5s.crl (hash: JdpyhsqS+3xv+yunTMiPXdLIlg2PkJPHM3oh2f1+A04=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:ff:05:18:25:5a:ac:93:9f:08:1f:76:16:be:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=381b2c59729a53b84112aaf2ca1228f34247a39b
        Validity
            Not Before: Mar 26 16:01:21 2026 GMT
            Not After : Mar 27 16:01:21 2026 GMT
        Subject: CN=bf23a97233ba09fddca02f70d110c2fb9a68ec24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:32:9d:e0:2b:82:b9:b0:6f:df:2b:85:32:48:
                    95:fb:84:46:6e:93:a5:3e:82:1d:5a:db:96:8d:3a:
                    71:56:7f:84:26:58:d1:e3:0b:4d:ac:a0:3b:3b:a4:
                    a4:99:11:38:01:2f:fb:28:a0:03:db:1d:52:20:62:
                    25:f2:a1:81:f4:62:cc:64:6b:34:3e:86:e7:d5:81:
                    79:89:02:0e:c4:93:37:4f:04:09:b9:c4:41:39:b0:
                    88:13:0e:fb:d7:63:58:9c:33:3d:e5:eb:b4:e7:1f:
                    87:b4:02:ed:39:76:93:a2:92:7e:b5:83:c9:4e:00:
                    51:9a:90:f3:a5:f6:42:bd:71:52:94:6e:a3:5b:6e:
                    ac:11:66:02:de:54:f5:03:f1:22:b7:19:c6:07:ba:
                    6f:25:13:f0:24:82:65:14:53:4d:d8:14:19:db:bd:
                    5b:19:ac:ba:5c:7d:ba:95:53:f4:d7:b4:29:c0:ee:
                    7b:cf:aa:6f:a8:1b:95:03:a7:d7:94:a7:11:96:8e:
                    3e:6b:b8:74:89:c6:7a:54:c0:d4:b6:c8:51:63:6a:
                    90:e1:87:dc:a5:54:dc:74:20:96:3a:d8:df:12:8f:
                    d5:47:c1:f5:2a:35:53:19:fe:ce:1d:69:7b:4d:b3:
                    9d:df:f5:8d:29:e9:8e:92:2a:f8:04:e7:3c:69:fe:
                    aa:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:23:A9:72:33:BA:09:FD:DC:A0:2F:70:D1:10:C2:FB:9A:68:EC:24
            X509v3 Authority Key Identifier:
                keyid:38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:cc:5b:f6:e5:b9:21:7c:17:58:35:f4:be:67:db:e8:fe:21:
         09:12:d7:60:73:c1:b5:c2:e9:e6:2d:65:7a:5d:5a:e0:65:2e:
         c1:4c:05:97:08:58:a8:85:e0:98:77:2a:c4:4a:a7:d5:80:3a:
         9f:32:93:a2:0a:a0:12:30:56:2b:1c:a5:fc:72:29:94:c1:da:
         1a:fe:57:1c:a3:df:2c:07:a1:eb:b7:7c:61:8b:ff:62:c0:8e:
         30:df:ac:89:0e:09:fb:4c:ee:4e:01:37:87:6a:84:a0:60:7d:
         c1:79:7c:65:43:2c:ad:be:13:08:e8:d5:d0:ba:21:13:22:c6:
         7c:bc:01:c9:d0:18:90:46:79:23:0e:1a:ad:43:62:83:e9:5e:
         aa:2f:2b:42:03:f8:dd:ec:49:d0:0c:d5:8f:82:1f:dd:2e:57:
         48:26:2e:bd:8a:12:84:ce:bb:90:84:10:70:a9:b7:20:75:1d:
         40:8d:ee:61:9e:27:85:12:18:92:01:af:c9:a0:93:1a:ae:d5:
         a2:d4:c9:79:58:6c:88:55:97:9a:bc:a5:5a:13:28:20:15:50:
         df:72:95:90:6c:12:5d:81:37:ec:51:15:cf:8f:4d:d4:01:f5:
         7b:7c:6f:47:c1:ee:dd:e3:9b:c3:3f:93:2f:9a:e7:de:98:88:
         01:e1:80:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4P8FGCVarJOfCB92Fr7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MWIyYzU5NzI5YTUzYjg0MTEyYWFmMmNhMTIyOGYzNDI0
N2EzOWIwHhcNMjYwMzI2MTYwMTIxWhcNMjYwMzI3MTYwMTIxWjAzMTEwLwYDVQQD
EyhiZjIzYTk3MjMzYmEwOWZkZGNhMDJmNzBkMTEwYzJmYjlhNjhlYzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTKd4CuCubBv3yuFMkiV+4RGbpOl
PoIdWtuWjTpxVn+EJljR4wtNrKA7O6SkmRE4AS/7KKAD2x1SIGIl8qGB9GLMZGs0
Pobn1YF5iQIOxJM3TwQJucRBObCIEw7712NYnDM95eu05x+HtALtOXaTopJ+tYPJ
TgBRmpDzpfZCvXFSlG6jW26sEWYC3lT1A/EitxnGB7pvJRPwJIJlFFNN2BQZ271b
Gay6XH26lVP017QpwO57z6pvqBuVA6fXlKcRlo4+a7h0icZ6VMDUtshRY2qQ4Yfc
pVTcdCCWOtjfEo/VR8H1KjVTGf7OHWl7TbOd3/WNKemOkir4BOc8af6qawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL8jqXIzugn93KAvcNEQwvuaaOwkMB8GA1UdIwQY
MBaAFDgbLFlymlO4QRKq8soSKPNCR6ObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTct
MjdkNWFjZTAzMDdmLzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTctMjdkNWFjZTAzMDdm
LzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH8xb9uW5
IXwXWDX0vmfb6P4hCRLXYHPBtcLp5i1lel1a4GUuwUwFlwhYqIXgmHcqxEqn1YA6
nzKTogqgEjBWKxyl/HIplMHaGv5XHKPfLAeh67d8YYv/YsCOMN+siQ4J+0zuTgE3
h2qEoGB9wXl8ZUMsrb4TCOjV0LohEyLGfLwBydAYkEZ5Iw4arUNig+leqi8rQgP4
3exJ0AzVj4If3S5XSCYuvYoShM67kIQQcKm3IHUdQI3uYZ4nhRIYkgGvyaCTGq7V
otTJeVhsiFWXmrylWhMoIBVQ33KVkGwSXYE37FEVz49N1AH1e3xvR8Hu3eObwz+T
L5rn3piIAeGAbw==
-----END CERTIFICATE-----