Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
File:                     OTioGkQSd0HZSaNVpH88tZk4mng.mft (raw, json)
Hash identifier:          1wMQd6+HKoAEGJNGOi8uOAGJOlynpdhLOg+9pMnfhOw=
Subject key identifier:   17:A1:88:AE:90:E0:88:77:39:5F:BD:0E:8C:4F:A7:5F:D0:B9:F8:60
Authority key identifier: 39:38:A8:1A:44:12:77:41:D9:49:A3:55:A4:7F:3C:B5:99:38:9A:78
Certificate issuer:       /CN=3938a81a44127741d949a355a47f3cb599389a78
Certificate serial:       0199FC58D7129935D1EF24B245FFEAFAC479
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
Manifest number:          1135
Signing time:             Sun 19 Oct 2025 12:01:44 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:44 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:44 +0000
Files and hashes:         1: OTioGkQSd0HZSaNVpH88tZk4mng.crl (hash: amidLwv2Gf32QFhxFo0Xkmu9gZnYmOYsPUzzIIgwlD8=)
                          2: SyALsZDSYtge1NmYRoKzwbP5Vv8.roa (hash: rjh76rxbo7HoAknp3g/P2hhQiBIAvMqHmifN8tVtg/g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:d7:12:99:35:d1:ef:24:b2:45:ff:ea:fa:c4:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3938a81a44127741d949a355a47f3cb599389a78
        Validity
            Not Before: Oct 19 12:01:44 2025 GMT
            Not After : Oct 20 12:01:44 2025 GMT
        Subject: CN=17a188ae90e08877395fbd0e8c4fa75fd0b9f860
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f8:5f:dd:1e:ba:9a:6a:c3:59:e1:b9:c6:b7:
                    4a:8a:6d:f2:1c:a8:8a:e0:7f:f8:df:a6:50:e6:5b:
                    c9:67:23:87:3d:33:79:ab:38:39:d8:ec:cf:02:73:
                    0c:74:d2:ab:91:ac:a8:7b:14:18:32:4b:90:8b:14:
                    a7:cb:7a:cd:5e:b6:25:dc:b4:ac:1a:81:82:f0:4b:
                    05:ae:6c:e5:05:31:87:47:31:bd:43:1d:d3:5e:db:
                    cd:08:c2:3b:69:bd:aa:4b:00:d4:3c:3e:79:24:2d:
                    db:37:f0:97:91:45:30:8c:1b:91:2e:8c:2e:6c:75:
                    9d:f8:5e:d0:00:2f:f2:c8:73:9d:d0:5a:5f:a3:d0:
                    d3:ef:71:d5:28:f1:fa:a0:64:ff:10:70:e6:02:34:
                    9c:f7:3f:01:b0:59:08:43:18:69:90:40:9d:2b:13:
                    6c:1d:13:80:9c:91:02:76:b6:c1:c4:7a:88:99:c1:
                    27:74:36:23:d7:9f:66:21:13:38:f3:8e:8b:b8:da:
                    32:3e:a5:17:0c:7e:d3:6b:45:a4:b7:2a:13:45:52:
                    ee:6f:0d:1e:70:eb:1a:32:de:2e:cf:8a:02:e7:1c:
                    11:7d:c8:80:81:f7:95:39:18:c9:ad:0b:cf:ba:1e:
                    ce:f4:0a:53:90:01:87:9d:4c:b5:f0:54:97:07:c8:
                    16:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:A1:88:AE:90:E0:88:77:39:5F:BD:0E:8C:4F:A7:5F:D0:B9:F8:60
            X509v3 Authority Key Identifier:
                keyid:39:38:A8:1A:44:12:77:41:D9:49:A3:55:A4:7F:3C:B5:99:38:9A:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:76:cd:73:f2:90:23:9f:13:f2:30:83:b8:5b:ce:b3:f4:00:
         d0:da:b2:c5:4d:fd:a7:b3:04:39:0f:ba:f3:14:e2:97:5c:12:
         fc:a3:79:d2:35:99:e3:55:c1:94:45:68:29:e6:13:62:72:c5:
         28:c7:b4:cf:bf:74:b6:b0:0b:39:96:88:ee:45:93:a2:7f:ca:
         eb:28:a8:bc:bc:ce:9a:fe:cb:68:49:67:7d:39:a4:17:65:40:
         61:32:95:f3:07:1e:f8:4c:26:aa:42:c9:ff:1a:c3:1e:7e:cb:
         1d:70:19:5e:52:72:fa:2a:59:2c:02:52:62:99:5e:8a:b4:d0:
         c7:17:58:98:43:9e:0e:cb:40:15:6a:4f:60:fe:68:e9:cd:6b:
         cb:4a:29:8b:05:39:f1:e6:2c:1c:01:2b:26:44:0a:b2:9a:19:
         f7:f1:b1:c6:6d:cf:1c:fc:7b:e3:75:43:97:a3:25:9e:04:8f:
         36:3e:cc:8d:55:21:50:10:79:f3:7b:82:ba:c0:4e:07:51:bd:
         52:7b:b9:ee:c8:6f:fa:c7:3a:cc:71:0a:a8:0d:0e:24:d1:49:
         00:fc:14:18:7a:38:99:06:f3:6d:f9:80:96:cd:ab:e6:d5:f0:
         97:ef:c1:a8:42:82:a5:58:6a:12:81:7a:4f:c4:e0:b9:ab:9b:
         ba:b9:bf:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WNcSmTXR7ySyRf/q+sR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzhhODFhNDQxMjc3NDFkOTQ5YTM1NWE0N2YzY2I1OTkz
ODlhNzgwHhcNMjUxMDE5MTIwMTQ0WhcNMjUxMDIwMTIwMTQ0WjAzMTEwLwYDVQQD
EygxN2ExODhhZTkwZTA4ODc3Mzk1ZmJkMGU4YzRmYTc1ZmQwYjlmODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/hf3R66mmrDWeG5xrdKim3yHKiK
4H/436ZQ5lvJZyOHPTN5qzg52OzPAnMMdNKrkayoexQYMkuQixSny3rNXrYl3LSs
GoGC8EsFrmzlBTGHRzG9Qx3TXtvNCMI7ab2qSwDUPD55JC3bN/CXkUUwjBuRLowu
bHWd+F7QAC/yyHOd0Fpfo9DT73HVKPH6oGT/EHDmAjSc9z8BsFkIQxhpkECdKxNs
HROAnJECdrbBxHqImcEndDYj159mIRM4846LuNoyPqUXDH7Ta0WktyoTRVLubw0e
cOsaMt4uz4oC5xwRfciAgfeVORjJrQvPuh7O9ApTkAGHnUy18FSXB8gWlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBehiK6Q4Ih3OV+9DoxPp1/QufhgMB8GA1UdIwQY
MBaAFDk4qBpEEndB2UmjVaR/PLWZOJp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wMmNhYjUtNTliNC00ZDkwLWE1ZGIt
ZmQyMTRjYWNmYjYyLzEvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wMmNhYjUtNTliNC00ZDkwLWE1ZGItZmQyMTRjYWNmYjYy
LzEvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX3bNc/KQ
I58T8jCDuFvOs/QA0NqyxU39p7MEOQ+68xTil1wS/KN50jWZ41XBlEVoKeYTYnLF
KMe0z790trALOZaI7kWTon/K6yiovLzOmv7LaElnfTmkF2VAYTKV8wce+EwmqkLJ
/xrDHn7LHXAZXlJy+ipZLAJSYpleirTQxxdYmEOeDstAFWpPYP5o6c1ry0opiwU5
8eYsHAErJkQKspoZ9/Gxxm3PHPx743VDl6MlngSPNj7MjVUhUBB583uCusBOB1G9
Unu57shv+sc6zHEKqA0OJNFJAPwUGHo4mQbzbfmAls2r5tXwl+/BqEKCpVhqEoF6
T8Tguauburm/HA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:45:38 2025 by rpki-client