Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
File:                     OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft (raw, json)
Hash identifier:          +W6Go7f2yAM9/A2fWB45FzRrjJzaxg6kuO/LEY7TBXM=
Subject key identifier:   0C:07:A9:DA:8A:81:27:9F:A5:05:75:BB:E4:57:ED:49:F3:23:CA:AD
Authority key identifier: 38:B9:12:A1:EA:B1:8E:B7:29:74:5E:89:78:13:8B:25:C4:40:77:61
Certificate issuer:       /CN=38b912a1eab18eb729745e8978138b25c4407761
Certificate serial:       01975A5C5F6A31958E255083D7EC6DDCE75E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
Manifest number:          0C67
Signing time:             Tue 10 Jun 2025 15:01:32 +0000
Manifest this update:     Tue 10 Jun 2025 15:01:32 +0000
Manifest next update:     Wed 11 Jun 2025 15:01:32 +0000
Files and hashes:         1: FVz1Gs3goS-mz1CP7z4LNut0fHE.roa (hash: +EzGyBevLVejen0VLkmFtejit+8sBRd5jz7yFu64Sbw=)
                          2: OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl (hash: TcA5OrYpSuUvn55FXxhD0i8CX7Yi0GLKlik5bM9Do7s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5a:5c:5f:6a:31:95:8e:25:50:83:d7:ec:6d:dc:e7:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38b912a1eab18eb729745e8978138b25c4407761
        Validity
            Not Before: Jun 10 15:01:32 2025 GMT
            Not After : Jun 11 15:01:32 2025 GMT
        Subject: CN=0c07a9da8a81279fa50575bbe457ed49f323caad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c6:af:d3:07:0f:6a:09:fc:6c:2a:8d:b9:0b:
                    70:37:cf:e7:14:e5:03:c4:01:43:3d:f7:ca:c4:dc:
                    84:2d:d8:b5:ba:d3:b2:80:99:b1:47:30:80:a3:ff:
                    11:c7:a2:49:f2:40:ba:f9:12:fd:a1:33:29:35:9e:
                    64:c0:c3:ad:2d:ff:db:08:9e:65:4d:25:ba:1a:2a:
                    6e:cc:c5:5e:ad:77:79:ad:1d:6c:f6:51:e1:86:c4:
                    b0:34:19:42:62:e9:a8:00:86:bf:68:6f:08:52:b2:
                    80:db:68:5a:ec:8d:93:12:26:e6:32:19:19:9e:3b:
                    90:65:df:46:88:1b:2f:da:69:d0:ff:1d:55:01:2b:
                    de:28:3d:c6:49:54:d6:d5:6c:b0:ea:4a:1a:f6:89:
                    3a:a7:fe:b6:6a:fc:a6:50:77:7f:0a:c5:de:5d:95:
                    aa:7c:24:5f:41:b8:be:88:f2:0c:fb:b7:4c:d5:63:
                    93:58:be:fb:9d:df:e9:b0:16:51:15:56:7e:78:70:
                    27:d3:63:ee:54:f5:e3:33:23:ef:4c:13:55:bc:48:
                    2a:13:05:fa:75:e1:04:9d:fe:60:a3:ee:79:bc:f2:
                    b7:fe:ce:c9:f0:fb:de:b0:65:d8:0e:10:77:7a:ff:
                    33:27:30:f0:07:61:70:9b:da:1b:14:d5:c5:b8:52:
                    94:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:07:A9:DA:8A:81:27:9F:A5:05:75:BB:E4:57:ED:49:F3:23:CA:AD
            X509v3 Authority Key Identifier:
                keyid:38:B9:12:A1:EA:B1:8E:B7:29:74:5E:89:78:13:8B:25:C4:40:77:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:ac:07:4e:ba:84:bd:c7:b2:65:8e:e0:fe:a0:52:20:c2:1e:
         d7:6a:97:0d:4b:8e:46:b0:52:12:f9:ff:b6:04:8c:de:8d:5c:
         57:cd:0d:32:f8:da:9c:03:0f:8f:49:1b:e4:57:1f:9c:4a:7f:
         4b:b6:e6:ac:3a:41:39:50:02:20:63:a7:9d:4f:77:89:24:6d:
         cc:56:26:bb:51:77:77:91:5d:c0:c3:c4:47:b4:98:c1:48:7b:
         81:5e:56:90:4b:69:e3:46:59:b7:cd:c6:14:41:3e:b1:af:57:
         93:86:5d:a6:d5:ba:67:bb:bd:cd:00:05:f9:74:95:0a:ed:f4:
         c2:b9:02:e9:b3:9d:13:8e:39:58:24:05:1c:73:81:e4:ba:ce:
         8e:b8:c5:0f:97:b8:2d:f4:f7:a9:c5:9c:8f:73:a5:d7:ab:14:
         09:6b:4d:f5:64:2a:f1:e8:8d:d9:dc:bb:28:8f:25:52:a3:8b:
         fb:09:b3:96:0f:74:c4:e0:f3:47:04:b2:fd:9e:bd:f0:19:1c:
         c8:ba:f9:f5:70:01:29:96:c2:7a:8f:db:9d:90:9a:10:40:b3:
         37:c0:82:06:72:1b:51:9e:d6:69:b4:66:93:eb:62:53:55:1d:
         db:fa:2d:e0:25:90:6b:f1:43:62:d9:95:73:9f:dd:cc:1f:7a:
         39:8c:db:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdaXF9qMZWOJVCD1+xt3OdeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjkxMmExZWFiMThlYjcyOTc0NWU4OTc4MTM4YjI1YzQ0
MDc3NjEwHhcNMjUwNjEwMTUwMTMyWhcNMjUwNjExMTUwMTMyWjAzMTEwLwYDVQQD
EygwYzA3YTlkYThhODEyNzlmYTUwNTc1YmJlNDU3ZWQ0OWYzMjNjYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8av0wcPagn8bCqNuQtwN8/nFOUD
xAFDPffKxNyELdi1utOygJmxRzCAo/8Rx6JJ8kC6+RL9oTMpNZ5kwMOtLf/bCJ5l
TSW6GipuzMVerXd5rR1s9lHhhsSwNBlCYumoAIa/aG8IUrKA22ha7I2TEibmMhkZ
njuQZd9GiBsv2mnQ/x1VASveKD3GSVTW1Wyw6koa9ok6p/62avymUHd/CsXeXZWq
fCRfQbi+iPIM+7dM1WOTWL77nd/psBZRFVZ+eHAn02PuVPXjMyPvTBNVvEgqEwX6
deEEnf5go+55vPK3/s7J8PvesGXYDhB3ev8zJzDwB2Fwm9obFNXFuFKUJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAwHqdqKgSefpQV1u+RX7UnzI8qtMB8GA1UdIwQY
MBaAFDi5EqHqsY63KXReiXgTiyXEQHdhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8zZmFlOTYtNGFhZS00NTQ0LWJlZjIt
YzFkNTIxMTY2YmVjLzEvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8zZmFlOTYtNGFhZS00NTQ0LWJlZjItYzFkNTIxMTY2YmVj
LzEvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp6wHTrqE
vceyZY7g/qBSIMIe12qXDUuORrBSEvn/tgSM3o1cV80NMvjanAMPj0kb5FcfnEp/
S7bmrDpBOVACIGOnnU93iSRtzFYmu1F3d5FdwMPER7SYwUh7gV5WkEtp40ZZt83G
FEE+sa9Xk4ZdptW6Z7u9zQAF+XSVCu30wrkC6bOdE445WCQFHHOB5LrOjrjFD5e4
LfT3qcWcj3Ol16sUCWtN9WQq8eiN2dy7KI8lUqOL+wmzlg90xODzRwSy/Z698Bkc
yLr59XABKZbCeo/bnZCaEECzN8CCBnIbUZ7WabRmk+tiU1Ud2/ot4CWQa/FDYtmV
c5/dzB96OYzb5Q==
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:30:46 2025 by rpki-client