Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
File:                     OkjgM962SsQkPHLOiZ1Tgi32mW0.mft (raw, json)
Hash identifier:          B6Qphy9ho9Kl57Scjgjqzs95jTPbKJsl0V2gD+IP2Cc=
Subject key identifier:   C2:F0:05:47:9F:12:4B:75:13:22:6B:5F:2D:59:7D:D7:9E:9A:9D:B5
Authority key identifier: 3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
Certificate issuer:       /CN=3a48e033deb64ac4243c72ce899d53822df6996d
Certificate serial:       01988C58120B4F34C01FA4BADFEEE113145A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
Manifest number:          15B5
Signing time:             Sat 09 Aug 2025 01:00:38 +0000
Manifest this update:     Sat 09 Aug 2025 01:00:38 +0000
Manifest next update:     Sun 10 Aug 2025 01:00:38 +0000
Files and hashes:         1: OkjgM962SsQkPHLOiZ1Tgi32mW0.crl (hash: aXYyIkLs3foSaWt1QfKqh9ctkpo4xuh7uk1tRG4vNhc=)
                          2: oU-Dh2GrIk6DJo0B3ckZobCZQLg.roa (hash: 3M/n9wvPmKU+uLTP2MTaGav/2cb5GDciUi4YXKv/+G0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8c:58:12:0b:4f:34:c0:1f:a4:ba:df:ee:e1:13:14:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a48e033deb64ac4243c72ce899d53822df6996d
        Validity
            Not Before: Aug  9 01:00:38 2025 GMT
            Not After : Aug 10 01:00:38 2025 GMT
        Subject: CN=c2f005479f124b7513226b5f2d597dd79e9a9db5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:56:c9:94:90:f6:18:7f:ee:5f:86:95:dd:aa:
                    37:ff:58:fb:b3:fe:c7:14:3b:26:a3:01:35:4d:e4:
                    49:14:7f:32:81:5d:56:0b:34:db:c5:46:5b:3a:96:
                    7f:f3:26:74:45:b5:06:89:fe:50:46:37:6b:94:d6:
                    3d:69:c6:85:74:e1:bf:6e:9d:51:ad:d2:6a:c0:d0:
                    d7:48:f2:c3:75:fb:5a:6c:05:78:c4:c5:26:66:17:
                    45:96:16:77:75:c2:81:3f:88:7f:5c:67:f9:40:ec:
                    f5:08:8a:c8:a3:0e:1c:be:99:c5:2e:78:1c:03:7e:
                    92:24:63:a3:21:c0:93:fd:5b:f4:fc:eb:bd:58:af:
                    f2:35:85:e4:5a:4d:b0:b4:a7:cd:04:a0:f9:db:4b:
                    27:a3:2a:98:00:ed:5d:c4:c7:31:aa:45:70:02:82:
                    08:89:39:dc:eb:4c:09:4c:f0:a1:82:88:40:07:8e:
                    fe:0c:91:d7:09:72:e6:3a:c5:df:b9:b6:28:d2:b1:
                    f4:50:49:f1:5a:a9:71:2a:f4:ac:f4:93:9b:8b:4b:
                    15:5a:98:6f:a8:8d:ca:95:0a:2b:b7:b1:ca:c9:53:
                    8e:e5:a8:69:49:ea:67:2d:83:39:8a:85:c7:3f:c9:
                    50:48:28:0d:45:de:0e:79:9a:a4:84:01:f5:0f:92:
                    81:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:F0:05:47:9F:12:4B:75:13:22:6B:5F:2D:59:7D:D7:9E:9A:9D:B5
            X509v3 Authority Key Identifier:
                keyid:3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:3a:6f:76:ae:f7:71:58:e0:44:bf:64:85:5e:4b:8e:38:4d:
         37:43:b4:a7:35:ed:61:57:ce:18:17:dd:1c:cb:c1:58:3b:b2:
         b3:10:14:d7:13:25:39:e6:bb:35:ad:d6:9d:99:3d:f7:2d:0d:
         a5:e8:32:1d:be:e4:7f:03:fc:32:87:11:a9:0a:2b:95:1f:bb:
         c0:48:72:34:c1:91:2c:ca:34:0a:e5:87:c9:70:da:21:5f:5d:
         1f:89:b8:fd:bc:1e:f8:c0:e2:52:8f:35:05:7b:98:01:48:ab:
         01:24:3f:5e:9a:e9:53:d7:13:28:53:83:a2:52:b1:28:7f:f7:
         b9:0d:f6:c6:65:0b:d1:41:92:ed:37:27:1f:10:d0:ed:55:65:
         30:a7:c4:f9:ce:01:bb:a8:fb:5e:86:40:0e:21:42:76:71:fd:
         17:5b:3f:20:f9:59:2a:69:27:ca:93:3a:71:cf:23:a2:bf:20:
         4b:92:f6:f8:e4:7c:33:d5:6c:f3:f9:f7:6f:ab:04:f8:3e:76:
         89:75:46:2d:7d:0c:90:98:bd:e6:0a:8e:7d:e5:d2:7f:fc:e6:
         53:1c:4b:63:8c:ed:a3:14:d2:7a:74:90:60:b2:15:15:b7:9a:
         e0:19:e8:89:3c:8b:4a:64:fb:4e:4b:f4:04:24:36:ed:3a:2a:
         22:d1:a8:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiMWBILTzTAH6S63+7hExRaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhlMDMzZGViNjRhYzQyNDNjNzJjZTg5OWQ1MzgyMmRm
Njk5NmQwHhcNMjUwODA5MDEwMDM4WhcNMjUwODEwMDEwMDM4WjAzMTEwLwYDVQQD
EyhjMmYwMDU0NzlmMTI0Yjc1MTMyMjZiNWYyZDU5N2RkNzllOWE5ZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslbJlJD2GH/uX4aV3ao3/1j7s/7H
FDsmowE1TeRJFH8ygV1WCzTbxUZbOpZ/8yZ0RbUGif5QRjdrlNY9acaFdOG/bp1R
rdJqwNDXSPLDdftabAV4xMUmZhdFlhZ3dcKBP4h/XGf5QOz1CIrIow4cvpnFLngc
A36SJGOjIcCT/Vv0/Ou9WK/yNYXkWk2wtKfNBKD520snoyqYAO1dxMcxqkVwAoII
iTnc60wJTPChgohAB47+DJHXCXLmOsXfubYo0rH0UEnxWqlxKvSs9JObi0sVWphv
qI3KlQort7HKyVOO5ahpSepnLYM5ioXHP8lQSCgNRd4OeZqkhAH1D5KBEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMLwBUefEkt1EyJrXy1Zfdeemp21MB8GA1UdIwQY
MBaAFDpI4DPetkrEJDxyzomdU4It9pltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEt
YzUzMjFkYzllNjRiLzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEtYzUzMjFkYzllNjRi
LzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAszpvdq73
cVjgRL9khV5LjjhNN0O0pzXtYVfOGBfdHMvBWDuysxAU1xMlOea7Na3WnZk99y0N
pegyHb7kfwP8MocRqQorlR+7wEhyNMGRLMo0CuWHyXDaIV9dH4m4/bwe+MDiUo81
BXuYAUirASQ/XprpU9cTKFODolKxKH/3uQ32xmUL0UGS7TcnHxDQ7VVlMKfE+c4B
u6j7XoZADiFCdnH9F1s/IPlZKmknypM6cc8jor8gS5L2+OR8M9Vs8/n3b6sE+D52
iXVGLX0MkJi95gqOfeXSf/zmUxxLY4ztoxTSenSQYLIVFbea4BnoiTyLSmT7Tkv0
BCQ27ToqItGoVQ==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:38:52 2025 by rpki-client