Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/663453-cf92-4915-af26-d2f1cebb63aa/1/olrSzhcYk-YHpyuunQVE_AHTCao.mft
File:                     olrSzhcYk-YHpyuunQVE_AHTCao.mft (raw, json)
Hash identifier:          h+3O+iKbPmbci5J1aAHuaeyVYkrj9IlKKfsQKAyCNkc=
Subject key identifier:   ED:F4:8C:F3:68:1D:F0:67:85:21:AE:DB:89:8B:10:D1:26:21:DD:42
Authority key identifier: A2:5A:D2:CE:17:18:93:E6:07:A7:2B:AE:9D:05:44:FC:01:D3:09:AA
Certificate issuer:       /CN=a25ad2ce171893e607a72bae9d0544fc01d309aa
Certificate serial:       019F3BCF08F9A11E003A6969F1D430D23DA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/olrSzhcYk-YHpyuunQVE_AHTCao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/663453-cf92-4915-af26-d2f1cebb63aa/1/olrSzhcYk-YHpyuunQVE_AHTCao.mft
Manifest number:          B5
Signing time:             Tue 07 Jul 2026 09:00:51 +0000
Manifest this update:     Tue 07 Jul 2026 09:00:51 +0000
Manifest next update:     Wed 08 Jul 2026 09:00:51 +0000
Files and hashes:         1: hB7k-pSsmCCA65cdeBOLaQ0pu5c.roa (hash: VeZsd2ieUrYDf4TqpzlV6sh6N/ypni7g2R6QNYjKO6A=)
                          2: olrSzhcYk-YHpyuunQVE_AHTCao.crl (hash: Qz+r3jd542gwM9Ra3OSRHZFFN20aNihuXFcRSRyBfUY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/663453-cf92-4915-af26-d2f1cebb63aa/1/olrSzhcYk-YHpyuunQVE_AHTCao.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/663453-cf92-4915-af26-d2f1cebb63aa/1/olrSzhcYk-YHpyuunQVE_AHTCao.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/olrSzhcYk-YHpyuunQVE_AHTCao.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 08 Jul 2026 08:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:3b:cf:08:f9:a1:1e:00:3a:69:69:f1:d4:30:d2:3d:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a25ad2ce171893e607a72bae9d0544fc01d309aa
        Validity
            Not Before: Jul  7 09:00:51 2026 GMT
            Not After : Jul  8 09:00:51 2026 GMT
        Subject: CN=edf48cf3681df0678521aedb898b10d12621dd42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:df:19:b1:0b:67:8b:24:54:f4:3c:45:b6:a2:
                    89:7b:bb:a7:96:d7:bc:6b:b3:df:a9:87:b2:72:ee:
                    2b:a0:f8:6c:2c:d4:6c:dd:25:fb:a5:b6:0f:60:a3:
                    cc:2a:99:b5:aa:b8:c4:34:d3:6f:cd:a0:d0:6f:4e:
                    4d:ec:5f:a8:cc:5d:3d:a9:21:8f:86:c3:9f:12:18:
                    2b:81:df:12:0d:8b:7f:9d:9c:42:cb:b8:3d:9f:f1:
                    73:c3:57:f7:36:16:d1:fb:9c:eb:58:f5:fa:5e:8a:
                    ba:87:33:6e:63:91:c5:61:68:c9:46:ae:e3:7b:54:
                    04:3f:82:c6:d8:3b:2c:cb:f8:93:d1:1c:d6:8f:ca:
                    dc:cd:73:c3:c6:6f:83:7d:40:fc:d3:35:92:fb:d7:
                    77:66:a7:61:b9:f4:0d:5f:77:42:1c:d2:b1:34:bd:
                    67:a6:53:73:bd:ba:4b:6a:4d:7d:98:6a:6b:47:ee:
                    c4:71:fa:cc:3d:81:df:e6:03:cd:64:4e:aa:61:cd:
                    f1:98:3f:93:b5:1d:d5:17:45:35:45:12:66:ea:ae:
                    5b:47:b7:09:9d:63:7e:2b:fc:ff:21:9e:2a:25:e4:
                    a2:d0:d0:7c:ce:69:9f:7c:2b:46:22:93:65:bc:82:
                    fc:f2:46:9e:0c:bf:4f:d8:1d:9c:30:31:b1:61:45:
                    ab:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:F4:8C:F3:68:1D:F0:67:85:21:AE:DB:89:8B:10:D1:26:21:DD:42
            X509v3 Authority Key Identifier:
                keyid:A2:5A:D2:CE:17:18:93:E6:07:A7:2B:AE:9D:05:44:FC:01:D3:09:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olrSzhcYk-YHpyuunQVE_AHTCao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/663453-cf92-4915-af26-d2f1cebb63aa/1/olrSzhcYk-YHpyuunQVE_AHTCao.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/663453-cf92-4915-af26-d2f1cebb63aa/1/olrSzhcYk-YHpyuunQVE_AHTCao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:9e:87:08:fd:d4:0e:c1:cb:57:f7:e1:11:85:aa:5c:24:98:
         01:f1:f3:06:0f:30:74:93:49:30:5d:62:a6:3f:4e:e6:8d:82:
         de:9c:5f:e3:c5:69:90:1e:7b:24:75:18:c7:ce:ea:ab:ce:c0:
         41:da:94:71:c1:a2:77:93:c2:49:96:45:f5:03:7b:60:b0:90:
         4f:d7:29:47:37:2e:c8:8f:29:40:a9:ba:6f:0b:df:30:da:c8:
         77:09:39:a9:62:80:36:8b:95:44:7c:b6:5d:a7:9d:ea:1c:95:
         50:08:f6:b3:85:0f:72:cb:f3:e6:d6:34:9d:05:ce:82:c5:4a:
         93:2c:e1:6e:4e:75:7a:2e:f4:4d:af:2b:58:97:a8:34:33:08:
         27:c6:85:9c:80:bf:73:f2:6c:2d:42:9e:07:a6:63:93:ef:2d:
         de:6a:d5:00:ac:87:c6:9b:54:33:49:fc:52:29:d0:50:c1:a6:
         db:62:c7:ad:52:18:c9:11:d6:1c:53:01:80:b3:4a:a2:2b:14:
         35:69:e1:97:6e:12:9c:4c:42:b8:40:f9:db:05:fd:13:49:d2:
         fa:ad:3f:5d:2a:07:55:c4:f8:67:42:76:60:2b:07:f1:b3:6a:
         8c:3a:a4:b6:8b:54:25:ca:fc:fb:fb:f7:bd:b0:06:4b:cf:26:
         87:c2:48:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ87zwj5oR4AOmlp8dQw0j2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNWFkMmNlMTcxODkzZTYwN2E3MmJhZTlkMDU0NGZjMDFk
MzA5YWEwHhcNMjYwNzA3MDkwMDUxWhcNMjYwNzA4MDkwMDUxWjAzMTEwLwYDVQQD
EyhlZGY0OGNmMzY4MWRmMDY3ODUyMWFlZGI4OThiMTBkMTI2MjFkZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod8ZsQtniyRU9DxFtqKJe7unlte8
a7PfqYeycu4roPhsLNRs3SX7pbYPYKPMKpm1qrjENNNvzaDQb05N7F+ozF09qSGP
hsOfEhgrgd8SDYt/nZxCy7g9n/Fzw1f3NhbR+5zrWPX6Xoq6hzNuY5HFYWjJRq7j
e1QEP4LG2Dssy/iT0RzWj8rczXPDxm+DfUD80zWS+9d3ZqdhufQNX3dCHNKxNL1n
plNzvbpLak19mGprR+7EcfrMPYHf5gPNZE6qYc3xmD+TtR3VF0U1RRJm6q5bR7cJ
nWN+K/z/IZ4qJeSi0NB8zmmffCtGIpNlvIL88kaeDL9P2B2cMDGxYUWr+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO30jPNoHfBnhSGu24mLENEmId1CMB8GA1UdIwQY
MBaAFKJa0s4XGJPmB6crrp0FRPwB0wmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xyU3poY1lrLVlIcHl1dW5RVkVfQUhUQ2FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC82NjM0NTMtY2Y5Mi00OTE1LWFmMjYt
ZDJmMWNlYmI2M2FhLzEvb2xyU3poY1lrLVlIcHl1dW5RVkVfQUhUQ2FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC82NjM0NTMtY2Y5Mi00OTE1LWFmMjYtZDJmMWNlYmI2M2Fh
LzEvb2xyU3poY1lrLVlIcHl1dW5RVkVfQUhUQ2FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuZ6HCP3U
DsHLV/fhEYWqXCSYAfHzBg8wdJNJMF1ipj9O5o2C3pxf48VpkB57JHUYx87qq87A
QdqUccGid5PCSZZF9QN7YLCQT9cpRzcuyI8pQKm6bwvfMNrIdwk5qWKANouVRHy2
Xaed6hyVUAj2s4UPcsvz5tY0nQXOgsVKkyzhbk51ei70Ta8rWJeoNDMIJ8aFnIC/
c/JsLUKeB6Zjk+8t3mrVAKyHxptUM0n8UinQUMGm22LHrVIYyRHWHFMBgLNKoisU
NWnhl24SnExCuED52wX9E0nS+q0/XSoHVcT4Z0J2YCsH8bNqjDqktotUJcr8+/v3
vbAGS88mh8JI5w==
-----END CERTIFICATE-----
Generated at Tue Jul 7 10:45:04 2026 by rpki-client