Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
File:                     otGlH74MLlJmesWiVSySo3nOre4.mft (raw, json)
Hash identifier:          JnFVAqKNWXWc/T3dv5d6l9TX4cIiJKM+jRX1XZuCqMA=
Subject key identifier:   52:B1:94:F4:BD:D4:91:20:D2:A3:49:36:E2:E9:71:1C:37:12:E2:D2
Authority key identifier: A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE
Certificate issuer:       /CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
Certificate serial:       019A7149F00E4C2AD3BD0B1387805309ECD2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
Manifest number:          02F8
Signing time:             Tue 11 Nov 2025 05:01:02 +0000
Manifest this update:     Tue 11 Nov 2025 05:01:02 +0000
Manifest next update:     Wed 12 Nov 2025 05:01:02 +0000
Files and hashes:         1: otGlH74MLlJmesWiVSySo3nOre4.crl (hash: HwKz7YabDgjzHEZ3WvGm35zUoLTp6HnQnP0nam6jyEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:49:f0:0e:4c:2a:d3:bd:0b:13:87:80:53:09:ec:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
        Validity
            Not Before: Nov 11 05:01:02 2025 GMT
            Not After : Nov 12 05:01:02 2025 GMT
        Subject: CN=52b194f4bdd49120d2a34936e2e9711c3712e2d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:01:d5:73:65:33:76:57:60:69:7c:05:22:20:
                    dd:f5:c7:e2:a0:70:2d:af:c3:29:97:7c:92:96:1e:
                    89:d9:63:30:12:a2:6d:20:4b:f1:b6:e9:29:f6:66:
                    42:af:5c:4a:65:3c:c4:8d:4e:ff:bb:6c:0e:1f:3f:
                    2f:8f:5f:4c:93:9f:6d:21:c2:82:b6:0b:b5:8b:c0:
                    30:38:e6:f2:73:60:91:b2:9f:09:5c:79:d1:e4:4f:
                    ff:37:8e:9d:ad:d3:da:00:1e:c0:8a:78:6b:26:74:
                    58:49:bd:56:72:e6:4a:4b:59:e1:f8:9d:dc:50:93:
                    04:db:55:d4:98:b8:e1:b4:fb:7e:11:34:4e:1a:ff:
                    29:81:5d:5f:36:58:cd:e6:61:fb:07:03:fb:d5:60:
                    1d:58:c4:d9:f3:29:29:42:8e:36:69:69:18:b9:80:
                    ab:f7:66:28:e7:32:ed:07:b1:9f:d1:56:36:12:7c:
                    3c:57:b7:c4:3f:2a:88:04:6f:64:e2:fb:16:a9:0e:
                    28:0b:99:2c:aa:9f:5f:63:9f:4f:02:fa:a2:79:85:
                    71:66:33:46:bb:9d:1d:a2:42:2a:2d:75:bd:22:22:
                    76:32:ba:be:6b:13:b9:a6:5c:b1:40:6f:80:99:b6:
                    e0:2a:ae:1d:95:a7:4b:e9:9e:5f:aa:b0:28:b8:c1:
                    12:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:B1:94:F4:BD:D4:91:20:D2:A3:49:36:E2:E9:71:1C:37:12:E2:D2
            X509v3 Authority Key Identifier:
                keyid:A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:5f:7f:31:2d:2c:b5:cc:43:52:6a:4d:f4:05:fd:d9:b1:ee:
         6a:1c:5d:d3:05:e2:87:d1:55:d0:4f:25:9b:42:6c:c6:b5:21:
         89:c0:ff:e3:08:70:24:c0:58:e4:6d:a9:06:8e:30:7a:70:3c:
         58:b9:00:52:dd:7a:7f:0a:93:30:f8:5a:d0:6b:4a:5d:5d:48:
         ca:16:f9:b0:18:c3:4e:39:59:e5:0c:3d:86:0d:c8:84:0d:44:
         1e:1f:98:ba:7c:a9:16:17:87:a3:69:fc:2b:0a:d4:25:8a:3d:
         63:2a:a0:28:4b:65:21:11:51:79:73:59:02:76:ab:33:7a:65:
         96:76:d8:54:ba:e4:71:5d:07:75:27:46:cf:77:65:45:06:e3:
         78:b0:37:76:21:12:22:ad:a0:b2:bb:78:cb:72:c7:dd:4c:17:
         69:b2:fb:98:d2:84:f3:1c:f3:b6:57:59:08:93:9c:c7:ad:7e:
         40:56:d8:1e:c1:f5:3f:26:81:ae:85:7c:92:a5:b8:a6:64:a5:
         4d:d1:88:d2:a3:66:a8:29:28:34:28:5f:bf:0f:b9:69:6c:8e:
         d1:66:c6:44:2c:f3:f6:4b:8f:43:00:c9:5b:95:91:68:7b:33:
         9c:e2:08:c5:4c:8a:4b:83:4a:e1:e3:df:c2:14:ab:71:bd:41:
         88:2a:5b:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSfAOTCrTvQsTh4BTCezSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDFhNTFmYmUwYzJlNTI2NjdhYzVhMjU1MmM5MmEzNzlj
ZWFkZWUwHhcNMjUxMTExMDUwMTAyWhcNMjUxMTEyMDUwMTAyWjAzMTEwLwYDVQQD
Eyg1MmIxOTRmNGJkZDQ5MTIwZDJhMzQ5MzZlMmU5NzExYzM3MTJlMmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQHVc2UzdldgaXwFIiDd9cfioHAt
r8Mpl3ySlh6J2WMwEqJtIEvxtukp9mZCr1xKZTzEjU7/u2wOHz8vj19Mk59tIcKC
tgu1i8AwOObyc2CRsp8JXHnR5E//N46drdPaAB7AinhrJnRYSb1WcuZKS1nh+J3c
UJME21XUmLjhtPt+ETROGv8pgV1fNljN5mH7BwP71WAdWMTZ8ykpQo42aWkYuYCr
92Yo5zLtB7Gf0VY2Enw8V7fEPyqIBG9k4vsWqQ4oC5ksqp9fY59PAvqieYVxZjNG
u50dokIqLXW9IiJ2Mrq+axO5plyxQG+AmbbgKq4dladL6Z5fqrAouMESeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKxlPS91JEg0qNJNuLpcRw3EuLSMB8GA1UdIwQY
MBaAFKLRpR++DC5SZnrFolUskqN5zq3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEt
ZGRlODMxNTFiYTc2LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEtZGRlODMxNTFiYTc2
LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHl9/MS0s
tcxDUmpN9AX92bHuahxd0wXih9FV0E8lm0JsxrUhicD/4whwJMBY5G2pBo4wenA8
WLkAUt16fwqTMPha0GtKXV1Iyhb5sBjDTjlZ5Qw9hg3IhA1EHh+YunypFheHo2n8
KwrUJYo9YyqgKEtlIRFReXNZAnarM3pllnbYVLrkcV0HdSdGz3dlRQbjeLA3diES
Iq2gsrt4y3LH3UwXabL7mNKE8xzztldZCJOcx61+QFbYHsH1PyaBroV8kqW4pmSl
TdGI0qNmqCkoNChfvw+5aWyO0WbGRCzz9kuPQwDJW5WRaHsznOIIxUyKS4NK4ePf
whSrcb1BiCpbkA==
-----END CERTIFICATE-----