Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
File:                     otGlH74MLlJmesWiVSySo3nOre4.mft (raw, json)
Hash identifier:          fSkT2+Ek7pDnLYSUMemwHruVHEztrupqjMWI6z9kJrA=
Subject key identifier:   EE:71:41:B3:56:DF:8B:A4:87:C9:5F:21:81:5B:92:8B:5A:F9:1D:8F
Authority key identifier: A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE
Certificate issuer:       /CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
Certificate serial:       019A5074E275D0B1B3D48DAB526D5AD9292F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
Manifest number:          02E7
Signing time:             Tue 04 Nov 2025 20:00:28 +0000
Manifest this update:     Tue 04 Nov 2025 20:00:28 +0000
Manifest next update:     Wed 05 Nov 2025 20:00:28 +0000
Files and hashes:         1: otGlH74MLlJmesWiVSySo3nOre4.crl (hash: 5YmlutzdAaZIvtp3Eo/jAqAlG32rQpPX0I/hqZwoz3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:74:e2:75:d0:b1:b3:d4:8d:ab:52:6d:5a:d9:29:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
        Validity
            Not Before: Nov  4 20:00:28 2025 GMT
            Not After : Nov  5 20:00:28 2025 GMT
        Subject: CN=ee7141b356df8ba487c95f21815b928b5af91d8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:8b:fd:42:6d:bb:f5:e9:0e:17:e2:13:0a:66:
                    d0:60:d5:f4:b9:4f:31:89:83:78:61:29:d2:2c:fc:
                    f3:02:34:c2:4b:ec:c3:34:ca:1b:8c:14:b0:08:23:
                    53:96:95:72:a2:a2:59:e4:23:50:1f:aa:6d:31:25:
                    24:3e:f5:e8:a4:b3:5e:5c:78:1e:93:1d:1d:a3:b9:
                    4d:e3:18:a4:e6:22:75:eb:98:8a:37:5d:38:e7:62:
                    34:7e:37:98:8d:2b:24:8d:71:e6:1c:26:d8:8f:d7:
                    e6:77:11:27:95:a0:02:6a:c7:21:4b:4a:4b:58:a8:
                    3b:94:14:58:3e:9d:65:5f:e5:0b:6f:6b:4d:86:84:
                    e0:50:13:35:14:b4:f3:d9:57:8e:81:6a:cb:75:f0:
                    fa:71:69:8e:4b:37:31:ad:9b:45:98:f8:1e:40:00:
                    7e:fd:83:de:48:e7:f0:46:69:69:f4:08:42:c6:15:
                    b0:57:e6:51:52:31:6f:bd:af:7d:4c:85:d7:15:22:
                    ae:98:30:a8:a8:5b:62:45:0b:47:9d:fe:f8:62:0a:
                    31:71:be:eb:f6:40:47:37:a8:c1:60:f8:ef:21:9b:
                    3f:b0:0e:6a:73:e1:e8:ab:65:5b:d0:39:90:32:e2:
                    e7:42:79:34:92:78:2b:91:1c:dc:e3:0d:ea:84:f8:
                    11:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:71:41:B3:56:DF:8B:A4:87:C9:5F:21:81:5B:92:8B:5A:F9:1D:8F
            X509v3 Authority Key Identifier:
                keyid:A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:34:64:e9:ed:38:ee:19:35:fc:74:50:8e:72:db:54:e3:34:
         33:05:bd:a9:05:16:4a:02:72:6a:c1:f2:96:af:73:8e:df:75:
         6a:2a:be:1c:52:b2:bd:29:36:ce:77:b8:e6:7a:e3:0b:84:05:
         8a:72:e4:6d:b2:3e:60:bf:05:c2:ce:a5:69:8b:1d:58:76:ad:
         ec:23:6d:3a:0c:ec:59:0b:46:0e:98:79:d1:95:9c:cb:bc:ce:
         63:a8:8f:08:27:0f:39:a3:13:06:de:ae:1d:01:3a:a0:a8:d3:
         3b:a6:ec:1c:63:4d:e8:9c:d4:72:af:fa:8c:28:6a:0f:98:7d:
         fa:67:29:16:6d:2f:98:ec:8e:8c:c7:aa:40:c9:b2:c1:99:1d:
         10:87:4d:12:d3:0a:78:90:86:f5:a6:3a:2e:27:35:4f:e8:ae:
         ac:4a:90:a3:39:d4:78:83:d7:07:fe:57:fa:4d:59:9a:6a:16:
         c6:12:37:e9:dc:c8:82:5a:fb:27:9c:3b:f1:fb:9a:1f:f0:3c:
         7e:a0:64:21:29:4b:df:0a:ab:e1:c1:98:48:53:0e:5e:1f:23:
         8e:2f:63:e6:24:57:55:91:35:37:38:3d:d3:4d:b6:3d:d1:52:
         33:46:26:75:c9:f1:92:15:78:56:f5:47:de:46:85:1d:18:ea:
         ac:4b:cd:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQdOJ10LGz1I2rUm1a2SkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDFhNTFmYmUwYzJlNTI2NjdhYzVhMjU1MmM5MmEzNzlj
ZWFkZWUwHhcNMjUxMTA0MjAwMDI4WhcNMjUxMTA1MjAwMDI4WjAzMTEwLwYDVQQD
EyhlZTcxNDFiMzU2ZGY4YmE0ODdjOTVmMjE4MTViOTI4YjVhZjkxZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Iv9Qm279ekOF+ITCmbQYNX0uU8x
iYN4YSnSLPzzAjTCS+zDNMobjBSwCCNTlpVyoqJZ5CNQH6ptMSUkPvXopLNeXHge
kx0do7lN4xik5iJ165iKN10452I0fjeYjSskjXHmHCbYj9fmdxEnlaACaschS0pL
WKg7lBRYPp1lX+ULb2tNhoTgUBM1FLTz2VeOgWrLdfD6cWmOSzcxrZtFmPgeQAB+
/YPeSOfwRmlp9AhCxhWwV+ZRUjFvva99TIXXFSKumDCoqFtiRQtHnf74Ygoxcb7r
9kBHN6jBYPjvIZs/sA5qc+Hoq2Vb0DmQMuLnQnk0kngrkRzc4w3qhPgR+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5xQbNW34ukh8lfIYFbkota+R2PMB8GA1UdIwQY
MBaAFKLRpR++DC5SZnrFolUskqN5zq3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEt
ZGRlODMxNTFiYTc2LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEtZGRlODMxNTFiYTc2
LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqzRk6e04
7hk1/HRQjnLbVOM0MwW9qQUWSgJyasHylq9zjt91aiq+HFKyvSk2zne45nrjC4QF
inLkbbI+YL8Fws6laYsdWHat7CNtOgzsWQtGDph50ZWcy7zOY6iPCCcPOaMTBt6u
HQE6oKjTO6bsHGNN6JzUcq/6jChqD5h9+mcpFm0vmOyOjMeqQMmywZkdEIdNEtMK
eJCG9aY6Lic1T+iurEqQoznUeIPXB/5X+k1ZmmoWxhI36dzIglr7J5w78fuaH/A8
fqBkISlL3wqr4cGYSFMOXh8jji9j5iRXVZE1Nzg90022PdFSM0YmdcnxkhV4VvVH
3kaFHRjqrEvNPQ==
-----END CERTIFICATE-----