Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
File:                     otGlH74MLlJmesWiVSySo3nOre4.mft (raw, json)
Hash identifier:          PsyCuHyiVyjDlmM6JDk0k1XPpVqXV2jD5glohJiGiGo=
Subject key identifier:   5D:EF:32:85:6D:5D:BB:F9:C1:D8:AA:EB:C5:5B:42:B5:42:7B:76:03
Authority key identifier: A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE
Certificate issuer:       /CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
Certificate serial:       019D37F75EBE3F151A34680E7CA14C3C82D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
Manifest number:          0468
Signing time:             Sun 29 Mar 2026 05:00:51 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:51 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:51 +0000
Files and hashes:         1: otGlH74MLlJmesWiVSySo3nOre4.crl (hash: Ovhp1zlvFq63Ve9uEbWYh0gJJeCldNHcqD/Pbue7Yvo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:5e:be:3f:15:1a:34:68:0e:7c:a1:4c:3c:82:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
        Validity
            Not Before: Mar 29 05:00:51 2026 GMT
            Not After : Mar 30 05:00:51 2026 GMT
        Subject: CN=5def32856d5dbbf9c1d8aaebc55b42b5427b7603
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:59:93:82:92:fc:4a:d7:8c:44:15:df:2c:c6:
                    68:1b:23:54:0e:41:9d:46:55:d5:75:2e:cf:9d:1e:
                    64:fe:c1:24:3e:9e:06:54:0f:d9:ed:a3:0c:ff:5e:
                    fb:79:4c:ae:e9:e6:c8:d2:c3:9a:8a:1a:6b:e4:1c:
                    ba:9b:36:3f:0a:62:60:8e:d4:73:25:49:2a:b8:7e:
                    70:0e:2c:72:04:4e:0a:0a:7b:fa:ed:86:24:32:bc:
                    b2:75:4a:82:b2:ac:3c:7a:1f:42:b0:2d:d1:e4:83:
                    d9:5d:5f:e8:46:49:aa:ab:49:39:d9:fb:04:c1:d8:
                    c5:4e:ec:12:e0:10:fb:f6:1b:fa:fa:11:54:dc:b4:
                    ee:1e:12:be:90:ed:38:5f:f2:8f:4b:c6:a8:9a:c0:
                    90:aa:78:35:a2:15:f9:00:de:95:77:fd:cf:c8:8c:
                    37:95:79:6f:6c:d1:7c:22:49:7f:79:05:30:eb:8c:
                    30:b3:e0:03:5f:96:ff:6e:80:d4:a4:ce:bd:92:f7:
                    9c:eb:19:ee:2b:c3:5e:0c:c1:ff:59:d6:95:dd:c4:
                    3c:f3:1e:45:f8:b4:64:87:b4:e5:96:12:3c:78:6e:
                    e1:3c:3f:49:14:2c:a6:fe:05:f4:b5:f6:b3:1d:bb:
                    fe:c9:e1:a9:24:ef:d7:d2:f8:f2:54:cf:03:17:70:
                    fa:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:EF:32:85:6D:5D:BB:F9:C1:D8:AA:EB:C5:5B:42:B5:42:7B:76:03
            X509v3 Authority Key Identifier:
                keyid:A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:b5:0b:98:16:12:62:a8:c8:3e:31:03:fb:de:41:82:8c:89:
         79:d1:a0:37:c0:38:0c:22:a2:95:d4:54:12:3e:52:f4:5f:ff:
         3f:c0:dd:c4:71:13:e9:1b:fd:4b:7e:43:3f:aa:59:74:06:a2:
         00:9e:1c:11:6c:ee:b0:da:c0:78:98:57:b4:3a:4f:43:8b:de:
         c8:ba:75:0a:bf:b2:64:ae:ed:bd:08:80:1c:1e:91:dd:11:ac:
         79:03:33:16:41:0a:d9:7f:02:4d:28:fc:1c:64:d2:b8:15:a1:
         82:61:dd:ea:1e:43:1e:d2:74:3f:9b:a1:e1:73:21:48:a7:01:
         8f:11:c3:f0:d0:75:ad:9f:14:36:09:9f:a2:27:55:ca:b8:10:
         5a:33:1b:4a:cb:f8:39:a6:ed:4f:95:d6:b9:f6:32:d0:f5:b1:
         07:98:ea:b0:f8:90:91:45:4e:3b:6e:09:5f:3d:b9:40:41:c0:
         63:9f:5c:0d:ef:32:c3:42:d7:45:e0:9c:18:c6:fc:1e:79:21:
         82:fa:41:08:b8:98:b6:08:79:7f:97:ac:46:c8:67:12:7b:bc:
         44:ee:db:b7:4f:f3:ea:93:5d:8a:a4:e7:fc:bf:db:8a:44:d9:
         bc:8d:52:55:ff:61:84:08:b3:b9:4c:0b:b5:29:11:e3:43:35:
         a5:78:e6:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03916+PxUaNGgOfKFMPILUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDFhNTFmYmUwYzJlNTI2NjdhYzVhMjU1MmM5MmEzNzlj
ZWFkZWUwHhcNMjYwMzI5MDUwMDUxWhcNMjYwMzMwMDUwMDUxWjAzMTEwLwYDVQQD
Eyg1ZGVmMzI4NTZkNWRiYmY5YzFkOGFhZWJjNTViNDJiNTQyN2I3NjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lmTgpL8SteMRBXfLMZoGyNUDkGd
RlXVdS7PnR5k/sEkPp4GVA/Z7aMM/177eUyu6ebI0sOaihpr5By6mzY/CmJgjtRz
JUkquH5wDixyBE4KCnv67YYkMryydUqCsqw8eh9CsC3R5IPZXV/oRkmqq0k52fsE
wdjFTuwS4BD79hv6+hFU3LTuHhK+kO04X/KPS8aomsCQqng1ohX5AN6Vd/3PyIw3
lXlvbNF8Ikl/eQUw64wws+ADX5b/boDUpM69kvec6xnuK8NeDMH/WdaV3cQ88x5F
+LRkh7TllhI8eG7hPD9JFCym/gX0tfazHbv+yeGpJO/X0vjyVM8DF3D6PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF3vMoVtXbv5wdiq68VbQrVCe3YDMB8GA1UdIwQY
MBaAFKLRpR++DC5SZnrFolUskqN5zq3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEt
ZGRlODMxNTFiYTc2LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEtZGRlODMxNTFiYTc2
LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgLULmBYS
YqjIPjED+95BgoyJedGgN8A4DCKildRUEj5S9F//P8DdxHET6Rv9S35DP6pZdAai
AJ4cEWzusNrAeJhXtDpPQ4veyLp1Cr+yZK7tvQiAHB6R3RGseQMzFkEK2X8CTSj8
HGTSuBWhgmHd6h5DHtJ0P5uh4XMhSKcBjxHD8NB1rZ8UNgmfoidVyrgQWjMbSsv4
OabtT5XWufYy0PWxB5jqsPiQkUVOO24JXz25QEHAY59cDe8yw0LXReCcGMb8Hnkh
gvpBCLiYtgh5f5esRshnEnu8RO7bt0/z6pNdiqTn/L/bikTZvI1SVf9hhAizuUwL
tSkR40M1pXjmkA==
-----END CERTIFICATE-----