Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
File:                     otGlH74MLlJmesWiVSySo3nOre4.mft (raw, json)
Hash identifier:          LBz6bGlaWsijwai+vUL4OpflIJuBDBjf4PLeIAuKZgQ=
Subject key identifier:   49:28:42:4E:A4:DD:70:FD:C5:6F:47:DD:77:64:62:51:E6:95:5A:86
Authority key identifier: A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE
Certificate issuer:       /CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
Certificate serial:       019CAAFCEF82E1958D2AA376623F7191ED4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
Manifest number:          041F
Signing time:             Sun 01 Mar 2026 20:00:28 +0000
Manifest this update:     Sun 01 Mar 2026 20:00:28 +0000
Manifest next update:     Mon 02 Mar 2026 20:00:28 +0000
Files and hashes:         1: otGlH74MLlJmesWiVSySo3nOre4.crl (hash: u30QOeMVOQyjCw09tHeuYyOPC7gMONRd657o8inWAmQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:fc:ef:82:e1:95:8d:2a:a3:76:62:3f:71:91:ed:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
        Validity
            Not Before: Mar  1 20:00:28 2026 GMT
            Not After : Mar  2 20:00:28 2026 GMT
        Subject: CN=4928424ea4dd70fdc56f47dd77646251e6955a86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:de:b9:b7:d6:23:02:01:13:82:dc:2c:69:1e:
                    e2:ba:13:48:b5:79:eb:eb:22:3b:3c:be:1f:f6:91:
                    b6:cc:63:5d:c1:6e:8b:2a:b0:c0:29:89:c1:68:47:
                    76:57:9f:69:36:11:a9:aa:4f:6e:03:2b:40:48:e3:
                    07:17:53:bc:46:3d:7f:4f:40:b4:75:bb:02:b1:50:
                    90:0d:9d:a1:f4:7f:81:8f:e5:41:14:7e:99:48:67:
                    4d:f6:46:bb:b1:a0:04:52:9d:7a:94:2a:d6:2a:ee:
                    5c:7c:aa:ef:a2:36:84:e8:68:e7:50:e9:f6:12:77:
                    39:6b:4f:37:a5:2e:e3:26:31:dd:3d:ef:1f:fd:a8:
                    01:da:16:d8:e8:c9:c6:a3:da:61:11:ed:a5:0a:46:
                    d0:db:8d:45:ca:d8:07:d8:26:7b:5b:4b:91:86:e7:
                    3c:23:4b:37:11:a9:0a:ee:25:9f:79:c1:81:e4:0b:
                    be:88:1b:03:ec:3e:f4:e2:5a:be:21:fb:f1:66:21:
                    3a:50:81:90:8e:52:00:1d:cb:16:f9:88:16:bb:95:
                    60:ef:dd:01:6b:2d:01:e5:40:01:35:6f:06:05:02:
                    f0:b5:3e:3c:7a:b4:37:a9:5e:a5:57:30:c8:11:10:
                    a8:ad:bb:25:c9:f9:18:76:a1:88:43:91:7e:ed:1b:
                    fd:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:28:42:4E:A4:DD:70:FD:C5:6F:47:DD:77:64:62:51:E6:95:5A:86
            X509v3 Authority Key Identifier:
                keyid:A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:b3:81:9c:a8:0a:8c:fc:15:13:8e:d3:28:e6:a8:ca:f5:b4:
         c2:be:42:42:6f:80:68:79:4c:a7:05:9b:99:8b:25:fe:9f:dc:
         e6:91:72:ca:0a:80:ed:cd:26:6e:3d:ca:df:45:6f:38:4e:b2:
         3f:5c:e0:7e:0f:8c:46:c3:dc:eb:10:97:52:3d:08:79:ce:d6:
         25:9d:71:ee:d7:f6:84:63:fb:46:60:4b:69:10:8d:86:8a:a6:
         cc:88:07:8a:ec:74:13:9a:18:1e:af:30:4f:6c:d5:22:f6:db:
         66:b8:b7:60:80:76:6a:79:d3:55:09:b7:ce:5e:e1:15:f9:e9:
         0e:5c:c1:fc:ba:4c:b0:2d:65:25:ec:77:b7:ec:24:c5:fa:25:
         31:e7:76:b3:62:ea:69:63:b3:c8:f3:7d:dc:51:67:ca:d0:f1:
         f7:db:a6:32:99:4a:32:4d:66:83:94:8a:76:e0:53:87:92:50:
         03:e6:fa:27:b1:17:d0:45:03:00:03:6a:ab:24:ed:3d:91:a9:
         5d:53:1a:ef:4a:c8:64:49:4a:0c:86:60:7e:d2:82:a6:b1:a3:
         bc:c6:88:49:2c:7a:e9:bf:1f:88:26:4e:e7:5c:7d:74:c6:83:
         5c:c9:53:4f:04:e3:b5:e7:de:35:e0:a7:5f:d7:97:3e:85:52:
         60:b9:58:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/O+C4ZWNKqN2Yj9xke1NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDFhNTFmYmUwYzJlNTI2NjdhYzVhMjU1MmM5MmEzNzlj
ZWFkZWUwHhcNMjYwMzAxMjAwMDI4WhcNMjYwMzAyMjAwMDI4WjAzMTEwLwYDVQQD
Eyg0OTI4NDI0ZWE0ZGQ3MGZkYzU2ZjQ3ZGQ3NzY0NjI1MWU2OTU1YTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq965t9YjAgETgtwsaR7iuhNItXnr
6yI7PL4f9pG2zGNdwW6LKrDAKYnBaEd2V59pNhGpqk9uAytASOMHF1O8Rj1/T0C0
dbsCsVCQDZ2h9H+Bj+VBFH6ZSGdN9ka7saAEUp16lCrWKu5cfKrvojaE6GjnUOn2
Enc5a083pS7jJjHdPe8f/agB2hbY6MnGo9phEe2lCkbQ241FytgH2CZ7W0uRhuc8
I0s3EakK7iWfecGB5Au+iBsD7D704lq+IfvxZiE6UIGQjlIAHcsW+YgWu5Vg790B
ay0B5UABNW8GBQLwtT48erQ3qV6lVzDIERCorbslyfkYdqGIQ5F+7Rv9AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEkoQk6k3XD9xW9H3XdkYlHmlVqGMB8GA1UdIwQY
MBaAFKLRpR++DC5SZnrFolUskqN5zq3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEt
ZGRlODMxNTFiYTc2LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEtZGRlODMxNTFiYTc2
LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsrOBnKgK
jPwVE47TKOaoyvW0wr5CQm+AaHlMpwWbmYsl/p/c5pFyygqA7c0mbj3K30VvOE6y
P1zgfg+MRsPc6xCXUj0Iec7WJZ1x7tf2hGP7RmBLaRCNhoqmzIgHiux0E5oYHq8w
T2zVIvbbZri3YIB2annTVQm3zl7hFfnpDlzB/LpMsC1lJex3t+wkxfolMed2s2Lq
aWOzyPN93FFnytDx99umMplKMk1mg5SKduBTh5JQA+b6J7EX0EUDAANqqyTtPZGp
XVMa70rIZElKDIZgftKCprGjvMaISSx66b8fiCZO51x9dMaDXMlTTwTjtefeNeCn
X9eXPoVSYLlY4A==
-----END CERTIFICATE-----