Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
File:                     otGlH74MLlJmesWiVSySo3nOre4.mft (raw, json)
Hash identifier:          olMisUmBDOFGgmtCO3loIaJASlYD/8dibMuxTLpLT/E=
Subject key identifier:   4D:BD:2C:4C:DD:57:82:72:46:41:28:1B:24:E8:02:9E:9B:A7:EB:73
Authority key identifier: A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE
Certificate issuer:       /CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
Certificate serial:       01974A0CF09FB472A57E88704407AFF3DFB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
Manifest number:          0156
Signing time:             Sat 07 Jun 2025 11:00:51 +0000
Manifest this update:     Sat 07 Jun 2025 11:00:51 +0000
Manifest next update:     Sun 08 Jun 2025 11:00:51 +0000
Files and hashes:         1: otGlH74MLlJmesWiVSySo3nOre4.crl (hash: L9OIVRG6cYk+vwrmyQMm35WQbmcpvCGhzPTx3irzMJM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:0c:f0:9f:b4:72:a5:7e:88:70:44:07:af:f3:df:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
        Validity
            Not Before: Jun  7 11:00:51 2025 GMT
            Not After : Jun  8 11:00:51 2025 GMT
        Subject: CN=4dbd2c4cdd5782724641281b24e8029e9ba7eb73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:e5:51:d5:9e:45:1e:33:2f:b4:b0:ff:fb:8d:
                    ef:aa:f4:36:74:c2:f5:89:09:28:ec:14:51:2b:fc:
                    ac:0a:d2:5e:99:2a:02:8f:3c:ad:ed:b8:ee:64:e0:
                    3e:9f:b1:f9:13:96:b2:c3:f0:c2:aa:9d:6a:3f:49:
                    7b:fb:5e:72:53:6b:4f:0f:9b:dd:67:ae:62:fa:20:
                    4a:de:b2:2b:ad:93:10:a7:f7:39:e6:ca:49:e3:9b:
                    00:8e:ec:3b:8a:ff:47:05:f2:9b:de:41:ff:f6:ce:
                    57:6f:a8:4f:8e:27:0b:78:41:45:40:4e:8b:c1:45:
                    fa:e3:b0:7e:96:d7:2d:0f:2f:d5:74:58:92:70:14:
                    76:91:5b:ac:60:bb:51:8d:61:7a:97:b4:00:af:f6:
                    34:06:5a:ae:3e:32:b5:b1:01:c1:44:f7:d7:5f:5f:
                    cd:6f:cb:60:75:07:83:7e:0b:73:1a:fc:23:5e:43:
                    1f:b0:01:ff:b6:6a:f4:6f:98:b6:a9:b1:d7:ea:a0:
                    0e:c7:bf:88:e4:15:af:48:5e:24:ee:f8:c5:d0:7c:
                    12:8b:82:67:f1:ca:a2:5d:d0:81:29:1d:80:6b:d0:
                    34:2a:d9:da:7a:1f:b4:30:9a:25:4b:27:ad:87:73:
                    10:f5:04:24:16:2c:3b:9b:71:58:f8:65:1a:f6:60:
                    fe:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:BD:2C:4C:DD:57:82:72:46:41:28:1B:24:E8:02:9E:9B:A7:EB:73
            X509v3 Authority Key Identifier:
                keyid:A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:a8:73:57:23:e8:9c:b2:d9:e6:8c:ef:22:bb:a8:bf:36:d6:
         d0:a4:eb:9b:e1:8d:d9:4d:f4:e7:9c:51:38:55:ac:3c:8f:0d:
         57:bb:24:28:fe:b2:15:3b:c1:86:7e:e1:dc:6e:d4:43:93:97:
         5f:80:b3:2e:17:ff:3a:1b:41:db:3c:2b:d3:05:37:83:64:17:
         b7:4a:6b:c8:fd:7a:05:77:31:07:a1:6e:ea:fd:f2:cb:80:9e:
         f2:4b:98:df:84:05:f5:7a:9a:3a:6c:0d:cd:20:ea:5f:63:2f:
         2a:48:d0:6d:17:ef:62:27:ad:1f:6e:27:b8:bd:16:5e:32:f4:
         13:dc:47:54:22:8a:85:2b:df:70:7f:d5:62:8f:6d:fa:89:a8:
         d4:fc:59:ee:d7:fc:8a:1f:27:a3:b1:84:3b:e4:f5:28:0f:35:
         bb:9c:9d:0a:36:4a:a3:27:61:43:ad:61:9a:de:be:81:b6:41:
         57:d4:02:ed:e9:b2:e0:75:4b:7e:0e:eb:8f:8b:0d:00:a5:c3:
         2f:d3:1b:80:0d:21:02:ce:fb:d1:62:b6:4d:74:67:53:55:93:
         9a:d4:49:ee:62:0a:12:b4:dc:f7:2d:5b:50:91:2d:79:ea:23:
         a8:80:ce:d7:c8:5c:6c:d0:c0:69:51:d6:b7:b5:48:12:f2:1f:
         67:a3:c7:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKDPCftHKlfohwRAev89+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDFhNTFmYmUwYzJlNTI2NjdhYzVhMjU1MmM5MmEzNzlj
ZWFkZWUwHhcNMjUwNjA3MTEwMDUxWhcNMjUwNjA4MTEwMDUxWjAzMTEwLwYDVQQD
Eyg0ZGJkMmM0Y2RkNTc4MjcyNDY0MTI4MWIyNGU4MDI5ZTliYTdlYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleVR1Z5FHjMvtLD/+43vqvQ2dML1
iQko7BRRK/ysCtJemSoCjzyt7bjuZOA+n7H5E5ayw/DCqp1qP0l7+15yU2tPD5vd
Z65i+iBK3rIrrZMQp/c55spJ45sAjuw7iv9HBfKb3kH/9s5Xb6hPjicLeEFFQE6L
wUX647B+ltctDy/VdFiScBR2kVusYLtRjWF6l7QAr/Y0BlquPjK1sQHBRPfXX1/N
b8tgdQeDfgtzGvwjXkMfsAH/tmr0b5i2qbHX6qAOx7+I5BWvSF4k7vjF0HwSi4Jn
8cqiXdCBKR2Aa9A0Ktnaeh+0MJolSyeth3MQ9QQkFiw7m3FY+GUa9mD+EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE29LEzdV4JyRkEoGyToAp6bp+tzMB8GA1UdIwQY
MBaAFKLRpR++DC5SZnrFolUskqN5zq3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEt
ZGRlODMxNTFiYTc2LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEtZGRlODMxNTFiYTc2
LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkqhzVyPo
nLLZ5ozvIruovzbW0KTrm+GN2U3055xROFWsPI8NV7skKP6yFTvBhn7h3G7UQ5OX
X4CzLhf/OhtB2zwr0wU3g2QXt0pryP16BXcxB6Fu6v3yy4Ce8kuY34QF9XqaOmwN
zSDqX2MvKkjQbRfvYietH24nuL0WXjL0E9xHVCKKhSvfcH/VYo9t+omo1PxZ7tf8
ih8no7GEO+T1KA81u5ydCjZKoydhQ61hmt6+gbZBV9QC7emy4HVLfg7rj4sNAKXD
L9MbgA0hAs770WK2TXRnU1WTmtRJ7mIKErTc9y1bUJEteeojqIDO18hcbNDAaVHW
t7VIEvIfZ6PH5w==
-----END CERTIFICATE-----