Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
File:                     otGlH74MLlJmesWiVSySo3nOre4.mft (raw, json)
Hash identifier:          t58Z58WrwU6KuqhjCxvcM5HcaIbnHr2Ih1kW62raevM=
Subject key identifier:   17:BA:A5:12:E4:4D:17:1A:CF:A9:31:F6:D1:BE:76:16:CF:8C:AB:69
Authority key identifier: A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE
Certificate issuer:       /CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
Certificate serial:       01976CCFD5C8D6349699023325C6061D47D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
Manifest number:          0168
Signing time:             Sat 14 Jun 2025 05:00:49 +0000
Manifest this update:     Sat 14 Jun 2025 05:00:49 +0000
Manifest next update:     Sun 15 Jun 2025 05:00:49 +0000
Files and hashes:         1: otGlH74MLlJmesWiVSySo3nOre4.crl (hash: NSi+evNIKkEiUynfK4Y/4h3iu9ONcHEwEkG4QJMf8x8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:cf:d5:c8:d6:34:96:99:02:33:25:c6:06:1d:47:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
        Validity
            Not Before: Jun 14 05:00:49 2025 GMT
            Not After : Jun 15 05:00:49 2025 GMT
        Subject: CN=17baa512e44d171acfa931f6d1be7616cf8cab69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:ab:2f:a2:0c:81:a9:15:19:ec:da:d1:43:e2:
                    2d:0f:3a:40:bb:5d:0d:ce:ff:aa:a1:37:27:25:9b:
                    fe:60:bc:5a:42:33:c1:d9:fb:ec:d3:78:b2:a7:55:
                    ab:34:87:9d:a7:77:89:0b:97:0f:58:56:3e:dd:c7:
                    f0:ea:a2:bf:ec:3d:9d:77:0c:b3:7c:e5:42:fa:f6:
                    62:ba:d9:61:25:be:71:08:87:bc:6f:10:56:9c:c1:
                    b9:5b:3c:8a:f5:56:53:60:9f:6b:77:b3:5a:8e:80:
                    8e:56:91:c6:87:f8:cb:7e:5c:30:3e:72:3c:68:6f:
                    9b:d2:ca:f9:2e:1a:8e:00:37:57:d0:4a:a8:fa:f9:
                    a5:8e:f9:25:34:aa:c4:a2:8b:3f:1f:8d:b5:9b:7b:
                    ab:9a:05:b0:18:61:0b:e9:66:00:5e:44:60:ba:8b:
                    50:03:c7:62:b5:06:a3:5e:3b:9a:14:39:2e:41:06:
                    ca:32:cb:5c:51:18:44:f6:f6:c7:46:f0:22:af:97:
                    5a:ec:0a:f5:37:49:21:5c:cf:b5:0d:37:9e:9d:2c:
                    3b:2c:d3:f1:b7:67:13:78:f1:fc:9a:9a:9f:cf:c1:
                    12:3a:b8:7b:e9:df:96:3e:72:df:fc:a5:81:65:e3:
                    ed:3c:e1:3e:d9:c0:94:fa:e0:cd:9e:f0:8d:d4:48:
                    f8:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:BA:A5:12:E4:4D:17:1A:CF:A9:31:F6:D1:BE:76:16:CF:8C:AB:69
            X509v3 Authority Key Identifier:
                keyid:A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:2e:f5:c2:94:0c:89:e9:36:05:f1:cf:15:35:92:a3:87:86:
         32:85:55:96:28:a6:b3:c6:71:41:02:59:52:01:7e:db:4f:75:
         63:28:2a:42:02:b4:b4:06:45:29:f0:8f:11:20:9b:f5:09:84:
         83:ce:4c:8d:bf:8e:70:df:e1:15:54:b1:0b:27:4f:c1:b2:da:
         cc:bd:01:6d:f6:ba:65:2b:47:41:76:d8:b5:af:9a:5f:bb:29:
         6d:06:60:1c:e5:f2:6c:d9:a3:80:77:ce:de:1a:8e:02:86:c2:
         77:fd:6e:62:e8:27:8e:c2:e4:ad:98:4b:87:87:ed:52:20:4e:
         d3:85:83:27:62:63:e9:21:ad:74:65:08:4a:c3:15:34:a2:fd:
         59:ff:45:04:d2:b1:c2:26:76:c5:d2:6d:a6:1b:86:b1:8a:e5:
         5c:60:29:dc:61:c6:a5:a8:66:e6:25:5f:55:3b:88:2c:89:f7:
         0b:30:34:da:a9:83:0d:1c:bd:92:25:d7:fd:ad:28:dd:bf:21:
         b9:89:c6:80:9d:1d:cf:50:f0:46:69:f1:74:a5:4a:f5:11:44:
         6d:28:fd:11:3b:5a:96:e9:ad:ec:c7:69:db:e1:7b:b5:55:ca:
         4c:75:0d:26:6b:17:52:eb:8e:00:a0:36:cf:11:23:f2:c0:96:
         be:8f:6b:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsz9XI1jSWmQIzJcYGHUfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDFhNTFmYmUwYzJlNTI2NjdhYzVhMjU1MmM5MmEzNzlj
ZWFkZWUwHhcNMjUwNjE0MDUwMDQ5WhcNMjUwNjE1MDUwMDQ5WjAzMTEwLwYDVQQD
EygxN2JhYTUxMmU0NGQxNzFhY2ZhOTMxZjZkMWJlNzYxNmNmOGNhYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8asvogyBqRUZ7NrRQ+ItDzpAu10N
zv+qoTcnJZv+YLxaQjPB2fvs03iyp1WrNIedp3eJC5cPWFY+3cfw6qK/7D2ddwyz
fOVC+vZiutlhJb5xCIe8bxBWnMG5WzyK9VZTYJ9rd7NajoCOVpHGh/jLflwwPnI8
aG+b0sr5LhqOADdX0Eqo+vmljvklNKrEoos/H421m3urmgWwGGEL6WYAXkRguotQ
A8ditQajXjuaFDkuQQbKMstcURhE9vbHRvAir5da7Ar1N0khXM+1DTeenSw7LNPx
t2cTePH8mpqfz8ESOrh76d+WPnLf/KWBZePtPOE+2cCU+uDNnvCN1Ej4kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBe6pRLkTRcaz6kx9tG+dhbPjKtpMB8GA1UdIwQY
MBaAFKLRpR++DC5SZnrFolUskqN5zq3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEt
ZGRlODMxNTFiYTc2LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEtZGRlODMxNTFiYTc2
LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUC71wpQM
iek2BfHPFTWSo4eGMoVVliims8ZxQQJZUgF+2091YygqQgK0tAZFKfCPESCb9QmE
g85Mjb+OcN/hFVSxCydPwbLazL0Bbfa6ZStHQXbYta+aX7spbQZgHOXybNmjgHfO
3hqOAobCd/1uYugnjsLkrZhLh4ftUiBO04WDJ2Jj6SGtdGUISsMVNKL9Wf9FBNKx
wiZ2xdJtphuGsYrlXGAp3GHGpahm5iVfVTuILIn3CzA02qmDDRy9kiXX/a0o3b8h
uYnGgJ0dz1DwRmnxdKVK9RFEbSj9ETtalumt7Mdp2+F7tVXKTHUNJmsXUuuOAKA2
zxEj8sCWvo9r4Q==
-----END CERTIFICATE-----