Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/OjSIklHnyxM-kGxwiRuhoEle2GA.mft
File:                     OjSIklHnyxM-kGxwiRuhoEle2GA.mft (raw, json)
Hash identifier:          25DKOy2iNM6HiAPVusJcVlh1q9ysu4NMYPUEfQAOOnc=
Subject key identifier:   20:F7:2F:12:0D:C2:89:71:CA:9E:24:E6:50:2C:E1:DB:A5:50:FC:65
Authority key identifier: 3A:34:88:92:51:E7:CB:13:3E:90:6C:70:89:1B:A1:A0:49:5E:D8:60
Certificate issuer:       /CN=3a34889251e7cb133e906c70891ba1a0495ed860
Certificate serial:       019CAEA34FE167303C7EF10177D6AF780A13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OjSIklHnyxM-kGxwiRuhoEle2GA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/OjSIklHnyxM-kGxwiRuhoEle2GA.mft
Manifest number:          0FE4
Signing time:             Mon 02 Mar 2026 13:01:04 +0000
Manifest this update:     Mon 02 Mar 2026 13:01:04 +0000
Manifest next update:     Tue 03 Mar 2026 13:01:04 +0000
Files and hashes:         1: OjSIklHnyxM-kGxwiRuhoEle2GA.crl (hash: 5rQTfBEh2O46UZNmhsujBvf41IERztlVqrpZHx1CSPs=)
                          2: TEmzgEgKyQo96Gqk3OCXyu8JaO8.roa (hash: w2y72ko+lJjiVlRbZd4qD2G3W4qa+BLqf6Sn4G+/dow=)
                          3: XWcYfudW_fCjYcND3H407xe959o.roa (hash: hWyo7JRjc5zRnP54qNBVfiEpztNdLDDxrtX9abLg7Ps=)
                          4: ge5kxbikwrvAEUuIO3lNRkFxLmw.roa (hash: eEJ79T/++oL5XPtUGIItjARG2jFvNlWqvTqYFtL6EkY=)
                          5: rTgC7PLBMFHhdpl3fBHWaPGZP_Y.roa (hash: ng9lqabxlxHQ1G6hpIjPJfi43vHsrt3ed7Cyb0T70ss=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/OjSIklHnyxM-kGxwiRuhoEle2GA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/OjSIklHnyxM-kGxwiRuhoEle2GA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OjSIklHnyxM-kGxwiRuhoEle2GA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 13:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:a3:4f:e1:67:30:3c:7e:f1:01:77:d6:af:78:0a:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a34889251e7cb133e906c70891ba1a0495ed860
        Validity
            Not Before: Mar  2 13:01:04 2026 GMT
            Not After : Mar  3 13:01:04 2026 GMT
        Subject: CN=20f72f120dc28971ca9e24e6502ce1dba550fc65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:7b:c9:fb:63:04:ed:50:9a:67:e4:5f:5c:57:
                    c7:ee:2c:ce:f9:2a:c3:4b:e9:fe:31:a3:7f:73:dc:
                    1a:d1:9f:b8:d2:e1:49:a9:86:df:12:ff:32:76:38:
                    8a:00:5a:93:af:d9:12:10:c4:36:e0:47:b0:c4:22:
                    e8:6c:33:d4:c1:a8:68:57:8a:2a:34:a9:05:b5:e1:
                    75:98:5f:6a:4a:cb:b8:25:ee:c7:b1:5a:e9:dc:e6:
                    73:80:2d:48:4a:01:ad:6e:4c:cd:77:1a:5f:58:0b:
                    96:9a:ee:9a:a3:b2:50:1f:37:ff:51:33:dc:06:a0:
                    aa:bc:e2:c1:82:e5:70:9b:ae:2c:f4:23:8a:8f:37:
                    07:b6:67:47:c7:e8:8e:15:ff:7c:79:c5:50:43:61:
                    d2:06:b1:8f:f4:fc:f7:4e:d4:d8:78:22:b5:d0:1c:
                    88:43:5c:fd:c2:ef:88:8c:c4:0e:2a:19:52:c2:33:
                    d2:95:93:92:a7:99:ff:bc:a4:ca:99:29:4a:27:50:
                    c4:26:da:db:e8:bc:2f:01:60:59:37:88:03:92:aa:
                    b3:d0:69:c2:7c:50:ef:ff:1d:ee:e1:09:ca:fc:92:
                    7c:6f:2c:9c:5a:fa:ac:e9:f7:82:db:27:10:40:ce:
                    c9:80:9b:8e:60:94:eb:5f:52:de:34:ff:eb:71:01:
                    3c:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:F7:2F:12:0D:C2:89:71:CA:9E:24:E6:50:2C:E1:DB:A5:50:FC:65
            X509v3 Authority Key Identifier:
                keyid:3A:34:88:92:51:E7:CB:13:3E:90:6C:70:89:1B:A1:A0:49:5E:D8:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OjSIklHnyxM-kGxwiRuhoEle2GA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/OjSIklHnyxM-kGxwiRuhoEle2GA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/OjSIklHnyxM-kGxwiRuhoEle2GA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:d3:22:f3:bf:d9:87:7a:f7:8f:62:4b:2b:64:8e:c6:8b:57:
         c2:f8:62:ff:cb:19:7f:c2:49:33:1b:17:f0:fd:b2:52:19:67:
         3e:98:1d:46:9e:8b:1c:86:0c:d1:00:fa:94:f9:66:86:3f:5f:
         ce:4c:99:e4:ed:50:31:d3:c9:30:96:69:63:bc:ab:89:61:9a:
         a4:60:60:4d:ba:c7:10:82:57:76:19:7d:62:21:f1:27:1c:05:
         05:50:f6:f9:d5:fb:82:28:87:77:e7:cb:dc:de:f1:77:39:6d:
         ec:5a:6e:f6:04:08:74:df:27:cd:31:e9:2c:bb:a2:53:78:57:
         a8:6a:4d:25:24:5c:9c:1c:21:a8:4c:34:c1:34:c4:07:c2:73:
         4f:13:03:83:9a:7f:f2:e0:8e:cf:64:0b:a4:9c:3d:97:f1:a3:
         70:1d:26:60:fa:90:e6:d3:6f:c9:f6:32:32:58:24:54:1e:d0:
         a0:1d:fd:b8:2f:90:d2:47:71:51:c0:bd:b7:c2:93:e7:13:1b:
         5b:bd:65:66:5c:4e:ee:b4:bd:c5:43:37:f8:01:42:bc:ec:2d:
         85:4b:d0:29:57:b1:e2:42:d6:70:2d:1b:79:6b:42:cc:31:7f:
         66:4c:fd:59:a3:43:98:cc:e0:5d:a4:78:9d:d9:e9:34:7c:31:
         50:ce:d4:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuo0/hZzA8fvEBd9aveAoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMzQ4ODkyNTFlN2NiMTMzZTkwNmM3MDg5MWJhMWEwNDk1
ZWQ4NjAwHhcNMjYwMzAyMTMwMTA0WhcNMjYwMzAzMTMwMTA0WjAzMTEwLwYDVQQD
EygyMGY3MmYxMjBkYzI4OTcxY2E5ZTI0ZTY1MDJjZTFkYmE1NTBmYzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXvJ+2ME7VCaZ+RfXFfH7izO+SrD
S+n+MaN/c9wa0Z+40uFJqYbfEv8ydjiKAFqTr9kSEMQ24EewxCLobDPUwahoV4oq
NKkFteF1mF9qSsu4Je7HsVrp3OZzgC1ISgGtbkzNdxpfWAuWmu6ao7JQHzf/UTPc
BqCqvOLBguVwm64s9COKjzcHtmdHx+iOFf98ecVQQ2HSBrGP9Pz3TtTYeCK10ByI
Q1z9wu+IjMQOKhlSwjPSlZOSp5n/vKTKmSlKJ1DEJtrb6LwvAWBZN4gDkqqz0GnC
fFDv/x3u4QnK/JJ8byycWvqs6feC2ycQQM7JgJuOYJTrX1LeNP/rcQE8KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCD3LxINwolxyp4k5lAs4dulUPxlMB8GA1UdIwQY
MBaAFDo0iJJR58sTPpBscIkboaBJXthgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2pTSWtsSG55eE0ta0d4d2lSdWhvRWxlMkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85MTE4MmEtZjM0Yi00YTE1LWIzNjMt
ODRmOWVkODdhYzMxLzEvT2pTSWtsSG55eE0ta0d4d2lSdWhvRWxlMkdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85MTE4MmEtZjM0Yi00YTE1LWIzNjMtODRmOWVkODdhYzMx
LzEvT2pTSWtsSG55eE0ta0d4d2lSdWhvRWxlMkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbtMi87/Z
h3r3j2JLK2SOxotXwvhi/8sZf8JJMxsX8P2yUhlnPpgdRp6LHIYM0QD6lPlmhj9f
zkyZ5O1QMdPJMJZpY7yriWGapGBgTbrHEIJXdhl9YiHxJxwFBVD2+dX7giiHd+fL
3N7xdzlt7Fpu9gQIdN8nzTHpLLuiU3hXqGpNJSRcnBwhqEw0wTTEB8JzTxMDg5p/
8uCOz2QLpJw9l/GjcB0mYPqQ5tNvyfYyMlgkVB7QoB39uC+Q0kdxUcC9t8KT5xMb
W71lZlxO7rS9xUM3+AFCvOwthUvQKVex4kLWcC0beWtCzDF/Zkz9WaNDmMzgXaR4
ndnpNHwxUM7UEg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:58:04 2026 by rpki-client