Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
File:                     otGlH74MLlJmesWiVSySo3nOre4.mft (raw, json)
Hash identifier:          0CWpWxawJ/kqJjCzf4GhQHH8JkNFTSzIWp3MYFaRxgk=
Subject key identifier:   9E:D5:31:FB:F7:D3:BA:ED:F1:89:A9:1E:7A:27:E2:7F:7C:7F:69:3F
Authority key identifier: A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE
Certificate issuer:       /CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
Certificate serial:       019D9A7491D069EF5E6E065957B4979EA11B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
Manifest number:          049B
Signing time:             Fri 17 Apr 2026 08:00:23 +0000
Manifest this update:     Fri 17 Apr 2026 08:00:23 +0000
Manifest next update:     Sat 18 Apr 2026 08:00:23 +0000
Files and hashes:         1: otGlH74MLlJmesWiVSySo3nOre4.crl (hash: CRk5rv/6dmdiAGsJlZ478//UCSmZJ+AfmvUtHreet4I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:74:91:d0:69:ef:5e:6e:06:59:57:b4:97:9e:a1:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
        Validity
            Not Before: Apr 17 08:00:23 2026 GMT
            Not After : Apr 18 08:00:23 2026 GMT
        Subject: CN=9ed531fbf7d3baedf189a91e7a27e27f7c7f693f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:fb:bc:5a:9d:89:1d:49:87:5a:fc:13:1d:be:
                    7e:69:d0:03:12:14:b6:db:7c:8f:95:4d:5f:3f:2f:
                    ec:63:9d:fc:18:ac:88:52:57:19:fd:ed:94:74:54:
                    c5:ee:31:e5:aa:1f:54:b8:47:72:26:8f:fc:fb:d3:
                    51:eb:e5:4d:bb:f7:2f:00:57:fa:e5:78:7c:dd:58:
                    43:5d:f6:70:aa:e3:0f:49:a4:9b:0f:77:2f:31:05:
                    b3:50:93:80:3a:03:6b:3e:fe:95:53:aa:ab:1a:b9:
                    9f:c0:4f:39:c8:ab:42:85:2d:09:ee:a2:3a:86:a4:
                    f2:4a:09:a0:7a:fb:98:58:61:bc:54:8c:e4:de:8a:
                    c4:4d:09:f2:8b:17:8f:77:cd:7b:a7:3e:27:ba:e5:
                    14:64:12:dc:9c:f9:f6:4d:e7:aa:b4:b6:d0:99:a2:
                    dd:85:a5:a6:0e:ae:fb:98:dd:d4:16:85:fc:e3:be:
                    4b:45:fc:b0:bd:24:a1:0a:ea:18:60:52:cb:8a:ae:
                    dc:02:5f:91:c7:31:0a:cc:3b:bf:82:85:7c:be:69:
                    be:af:90:c2:5f:72:79:49:f3:87:09:fd:bd:3d:b8:
                    1f:f0:75:74:ae:68:85:44:10:44:c8:72:d6:a6:29:
                    09:1f:9b:60:46:4a:78:16:a5:dd:68:af:32:4e:37:
                    b5:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:D5:31:FB:F7:D3:BA:ED:F1:89:A9:1E:7A:27:E2:7F:7C:7F:69:3F
            X509v3 Authority Key Identifier:
                keyid:A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:61:95:40:63:65:dd:93:ec:81:3e:45:04:11:4d:3c:96:f3:
         2f:ba:fb:69:ad:96:0a:e8:8d:d2:37:2a:88:44:1d:b8:ba:64:
         e4:4c:5f:7e:e8:a7:05:9a:15:d3:f2:a8:dd:a9:9b:37:3d:0e:
         c5:6b:d0:02:dc:7c:99:71:c8:19:7b:7f:c0:5d:1f:dd:bb:57:
         57:a6:ac:73:f9:5c:cd:98:5a:6d:32:65:40:d6:94:a1:4c:03:
         f3:58:f4:d1:cb:8c:1c:44:1b:f5:8f:5e:39:de:3b:fc:24:9f:
         75:2d:55:31:4f:b4:89:43:d2:f0:4f:6d:90:79:61:6b:2c:29:
         c8:ed:55:8f:4f:91:62:fc:69:d5:46:be:0e:ff:53:9f:4d:c1:
         68:02:57:52:55:cf:a9:93:a3:20:e4:4d:9f:e0:9b:cd:e9:82:
         c0:ec:2d:0e:2a:cf:34:fb:44:7c:4b:7d:0c:21:04:aa:dc:da:
         40:b3:17:ae:02:2a:a5:9c:9a:d0:31:e1:a2:e4:33:67:84:3b:
         2e:b4:40:3b:38:c3:a5:18:b0:41:f1:00:a3:e0:b4:79:19:d8:
         0a:02:31:07:b6:53:c2:ca:25:27:56:11:24:42:b4:42:32:2f:
         f0:d8:60:d7:29:0a:de:73:f0:41:5d:27:43:51:27:3c:3a:52:
         59:2d:d4:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2adJHQae9ebgZZV7SXnqEbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDFhNTFmYmUwYzJlNTI2NjdhYzVhMjU1MmM5MmEzNzlj
ZWFkZWUwHhcNMjYwNDE3MDgwMDIzWhcNMjYwNDE4MDgwMDIzWjAzMTEwLwYDVQQD
Eyg5ZWQ1MzFmYmY3ZDNiYWVkZjE4OWE5MWU3YTI3ZTI3ZjdjN2Y2OTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfu8Wp2JHUmHWvwTHb5+adADEhS2
23yPlU1fPy/sY538GKyIUlcZ/e2UdFTF7jHlqh9UuEdyJo/8+9NR6+VNu/cvAFf6
5Xh83VhDXfZwquMPSaSbD3cvMQWzUJOAOgNrPv6VU6qrGrmfwE85yKtChS0J7qI6
hqTySgmgevuYWGG8VIzk3orETQnyixePd817pz4nuuUUZBLcnPn2TeeqtLbQmaLd
haWmDq77mN3UFoX8475LRfywvSShCuoYYFLLiq7cAl+RxzEKzDu/goV8vmm+r5DC
X3J5SfOHCf29Pbgf8HV0rmiFRBBEyHLWpikJH5tgRkp4FqXdaK8yTje1RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ7VMfv307rt8YmpHnon4n98f2k/MB8GA1UdIwQY
MBaAFKLRpR++DC5SZnrFolUskqN5zq3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEt
ZGRlODMxNTFiYTc2LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEtZGRlODMxNTFiYTc2
LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY2GVQGNl
3ZPsgT5FBBFNPJbzL7r7aa2WCuiN0jcqiEQduLpk5ExffuinBZoV0/Ko3ambNz0O
xWvQAtx8mXHIGXt/wF0f3btXV6asc/lczZhabTJlQNaUoUwD81j00cuMHEQb9Y9e
Od47/CSfdS1VMU+0iUPS8E9tkHlhaywpyO1Vj0+RYvxp1Ua+Dv9Tn03BaAJXUlXP
qZOjIORNn+CbzemCwOwtDirPNPtEfEt9DCEEqtzaQLMXrgIqpZya0DHhouQzZ4Q7
LrRAOzjDpRiwQfEAo+C0eRnYCgIxB7ZTwsolJ1YRJEK0QjIv8Nhg1ykK3nPwQV0n
Q1EnPDpSWS3Uug==
-----END CERTIFICATE-----