Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.mft
File:                     obeZgyScHV-GGfE1xtbn43379WI.mft (raw, json)
Hash identifier:          SmOOT3zeHHNurcZJimaBLu8UThm5EODVd8R4NYtFZh4=
Subject key identifier:   1E:87:DE:F4:90:2A:29:DE:24:5F:EC:C8:83:52:D8:04:8B:A3:D4:B0
Authority key identifier: A1:B7:99:83:24:9C:1D:5F:86:19:F1:35:C6:D6:E7:E3:7D:FB:F5:62
Certificate issuer:       /CN=a1b79983249c1d5f8619f135c6d6e7e37dfbf562
Certificate serial:       019D2704C0F43A7D16C92EA1C0FFAE011E5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obeZgyScHV-GGfE1xtbn43379WI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.mft
Manifest number:          108A
Signing time:             Wed 25 Mar 2026 22:01:56 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:56 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:56 +0000
Files and hashes:         1: obeZgyScHV-GGfE1xtbn43379WI.crl (hash: seETuzXrGnqM6XhctQnphgJxoCIsnKt/pxzCAWGeSCQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/obeZgyScHV-GGfE1xtbn43379WI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:c0:f4:3a:7d:16:c9:2e:a1:c0:ff:ae:01:1e:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1b79983249c1d5f8619f135c6d6e7e37dfbf562
        Validity
            Not Before: Mar 25 22:01:56 2026 GMT
            Not After : Mar 26 22:01:56 2026 GMT
        Subject: CN=1e87def4902a29de245fecc88352d8048ba3d4b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ba:f9:34:be:b2:34:64:7d:6a:18:97:b2:78:
                    47:6a:6c:17:a7:7a:8c:9c:dd:47:a9:e9:1d:20:9a:
                    5d:ed:e0:5b:7a:04:4a:28:81:da:e0:5f:d4:f9:d2:
                    ce:77:e7:2d:51:1f:6f:02:7d:f6:63:03:3d:3c:d5:
                    f7:e6:75:6b:20:35:e1:cc:89:2d:f9:6e:fc:0e:9b:
                    7f:0d:ef:13:bd:6f:8e:3f:c4:a4:73:da:5a:4a:c9:
                    f4:a4:2a:57:ca:6b:3b:dd:64:8c:fd:0c:8d:b7:6a:
                    cd:5f:3f:38:ae:4e:11:78:21:64:be:34:39:3a:04:
                    53:cd:d9:22:c3:9d:b9:3e:06:60:70:52:9d:20:ec:
                    f0:79:85:e6:75:2c:f6:c1:20:8a:57:6f:9d:ff:7b:
                    eb:ae:3c:63:e9:63:4a:29:76:7a:a0:e6:63:c4:60:
                    c9:bf:0b:2e:cf:21:0c:94:ab:89:f1:61:17:56:e9:
                    cc:c8:ae:a8:ca:ab:c2:17:4e:fd:32:a8:32:f8:f8:
                    1a:7b:2d:6e:ce:d6:9c:81:ad:8f:36:fb:bd:67:aa:
                    6e:7d:a7:df:4c:3c:8a:17:ea:bd:f7:4b:e9:76:69:
                    22:75:45:09:d7:cf:14:81:9d:14:86:35:63:3c:84:
                    0f:de:0a:69:2a:25:77:14:ea:a0:5a:e4:ab:d7:39:
                    7a:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:87:DE:F4:90:2A:29:DE:24:5F:EC:C8:83:52:D8:04:8B:A3:D4:B0
            X509v3 Authority Key Identifier:
                keyid:A1:B7:99:83:24:9C:1D:5F:86:19:F1:35:C6:D6:E7:E3:7D:FB:F5:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obeZgyScHV-GGfE1xtbn43379WI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:33:ea:4a:77:8a:a3:69:05:19:be:74:1b:03:a9:01:34:4d:
         5c:c3:15:28:87:fe:7d:85:22:e2:c3:69:63:d9:01:1d:2a:ff:
         aa:fc:09:d0:f4:c2:97:ef:dc:25:1a:67:0a:09:ab:59:85:e2:
         a6:bc:69:db:a6:4b:46:a6:e6:c2:50:40:c3:ca:12:ef:d1:f3:
         50:e7:e4:9e:f0:7b:e6:0a:b0:d9:92:3d:e5:3f:43:10:77:5f:
         a4:5b:2a:f8:8d:3f:cf:01:62:37:04:90:de:9a:27:ea:5b:ec:
         b5:5c:a9:1e:19:c9:b8:e0:a3:c9:e4:e4:d3:e9:41:6d:0d:11:
         f3:83:62:1e:25:d9:fd:9b:e2:2b:89:92:99:54:4e:b1:35:ec:
         07:97:ec:2d:53:56:05:e6:3a:41:f4:d0:b1:a5:ff:b2:6c:cf:
         c0:ed:46:1e:ea:bd:91:17:f9:07:20:4e:cf:42:af:8b:5f:07:
         46:02:ae:74:3a:b8:3b:f1:4e:29:73:d5:86:77:d5:92:6b:c8:
         a6:61:6b:ca:73:1a:4f:53:38:db:20:5c:37:2c:a8:7f:05:d9:
         1e:17:24:0d:b9:a4:85:5d:e6:7f:6c:85:10:68:cf:47:e2:44:
         5b:64:1d:41:90:a8:cf:89:be:07:52:df:7f:9e:80:fa:2b:ea:
         5a:9f:b4:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBMD0On0WyS6hwP+uAR5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjc5OTgzMjQ5YzFkNWY4NjE5ZjEzNWM2ZDZlN2UzN2Rm
YmY1NjIwHhcNMjYwMzI1MjIwMTU2WhcNMjYwMzI2MjIwMTU2WjAzMTEwLwYDVQQD
EygxZTg3ZGVmNDkwMmEyOWRlMjQ1ZmVjYzg4MzUyZDgwNDhiYTNkNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7r5NL6yNGR9ahiXsnhHamwXp3qM
nN1HqekdIJpd7eBbegRKKIHa4F/U+dLOd+ctUR9vAn32YwM9PNX35nVrIDXhzIkt
+W78Dpt/De8TvW+OP8Skc9paSsn0pCpXyms73WSM/QyNt2rNXz84rk4ReCFkvjQ5
OgRTzdkiw525PgZgcFKdIOzweYXmdSz2wSCKV2+d/3vrrjxj6WNKKXZ6oOZjxGDJ
vwsuzyEMlKuJ8WEXVunMyK6oyqvCF079Mqgy+Pgaey1uztacga2PNvu9Z6pufaff
TDyKF+q990vpdmkidUUJ188UgZ0UhjVjPIQP3gppKiV3FOqgWuSr1zl6OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6H3vSQKineJF/syINS2ASLo9SwMB8GA1UdIwQY
MBaAFKG3mYMknB1fhhnxNcbW5+N9+/ViMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JlWmd5U2NIVi1HR2ZFMXh0Ym40MzM3OVdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xMjJkODktOGU0My00MGMzLTljZWYt
YjMzOTE2YjlmODM5LzEvb2JlWmd5U2NIVi1HR2ZFMXh0Ym40MzM3OVdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xMjJkODktOGU0My00MGMzLTljZWYtYjMzOTE2YjlmODM5
LzEvb2JlWmd5U2NIVi1HR2ZFMXh0Ym40MzM3OVdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABjPqSneK
o2kFGb50GwOpATRNXMMVKIf+fYUi4sNpY9kBHSr/qvwJ0PTCl+/cJRpnCgmrWYXi
prxp26ZLRqbmwlBAw8oS79HzUOfknvB75gqw2ZI95T9DEHdfpFsq+I0/zwFiNwSQ
3pon6lvstVypHhnJuOCjyeTk0+lBbQ0R84NiHiXZ/ZviK4mSmVROsTXsB5fsLVNW
BeY6QfTQsaX/smzPwO1GHuq9kRf5ByBOz0Kvi18HRgKudDq4O/FOKXPVhnfVkmvI
pmFrynMaT1M42yBcNyyofwXZHhckDbmkhV3mf2yFEGjPR+JEW2QdQZCoz4m+B1Lf
f56A+ivqWp+0mA==
-----END CERTIFICATE-----