Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
File:                     OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft (raw, json)
Hash identifier:          jHUWcmDXAzCKWs6rBdCkkkRMR136PdDUnKo4jCC4eeE=
Subject key identifier:   14:CE:20:C9:06:F9:32:48:00:D1:CB:AC:A5:4C:10:B2:D0:20:58:D2
Authority key identifier: 38:B9:12:A1:EA:B1:8E:B7:29:74:5E:89:78:13:8B:25:C4:40:77:61
Certificate issuer:       /CN=38b912a1eab18eb729745e8978138b25c4407761
Certificate serial:       01975C4A92574B7F84A4145197B814063A84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
Manifest number:          0C68
Signing time:             Wed 11 Jun 2025 00:01:20 +0000
Manifest this update:     Wed 11 Jun 2025 00:01:20 +0000
Manifest next update:     Thu 12 Jun 2025 00:01:20 +0000
Files and hashes:         1: FVz1Gs3goS-mz1CP7z4LNut0fHE.roa (hash: +EzGyBevLVejen0VLkmFtejit+8sBRd5jz7yFu64Sbw=)
                          2: OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl (hash: CjDeYE0bp9dwK1e4rFTBDC7LY1m/5Lq0gAoGhbkqWhQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:4a:92:57:4b:7f:84:a4:14:51:97:b8:14:06:3a:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38b912a1eab18eb729745e8978138b25c4407761
        Validity
            Not Before: Jun 11 00:01:20 2025 GMT
            Not After : Jun 12 00:01:20 2025 GMT
        Subject: CN=14ce20c906f9324800d1cbaca54c10b2d02058d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ec:49:3d:69:c0:74:e4:4d:9c:f5:41:ad:b5:
                    1f:90:7a:e1:66:3e:65:1e:f0:1d:85:1d:51:83:4e:
                    be:54:0b:8d:de:b6:1a:fb:2f:15:45:53:8a:5c:2a:
                    bd:7c:d5:d6:fa:31:55:a8:d4:68:5c:24:ef:5b:ea:
                    65:ce:9a:d0:55:8e:2a:51:97:46:39:d2:dd:a1:ca:
                    24:96:bd:d8:97:43:e3:be:89:da:13:ec:f6:12:59:
                    e6:f6:14:3d:16:f5:6f:60:ba:d8:48:94:12:bb:32:
                    b0:ff:f1:f5:0d:eb:97:f2:6e:a0:fb:df:06:70:e9:
                    0f:a1:0c:77:55:0d:21:ef:17:9c:2f:0d:cc:49:18:
                    47:de:6a:a9:e3:0d:b5:82:d7:19:44:89:22:12:94:
                    e6:16:e4:75:40:95:27:78:86:dd:dc:0d:dc:35:42:
                    d7:5d:e1:13:82:e1:46:b4:bf:01:ee:aa:b6:b0:69:
                    05:05:46:2a:1c:d6:c9:4d:57:67:f0:c6:f5:68:cc:
                    67:36:51:0d:4a:7a:c3:5a:7b:55:3e:c8:dd:85:33:
                    e4:37:2c:5f:cc:cd:52:95:f7:33:1a:56:87:80:18:
                    62:08:c4:54:04:02:49:80:6c:76:96:bc:dc:d5:d8:
                    bd:d9:73:bd:1b:91:d2:4a:91:9d:79:b6:f1:3e:58:
                    18:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:CE:20:C9:06:F9:32:48:00:D1:CB:AC:A5:4C:10:B2:D0:20:58:D2
            X509v3 Authority Key Identifier:
                keyid:38:B9:12:A1:EA:B1:8E:B7:29:74:5E:89:78:13:8B:25:C4:40:77:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:65:aa:66:9f:df:2b:03:7d:e6:09:e0:1b:31:cd:8d:45:17:
         c9:e3:87:de:ba:21:4b:99:8e:3f:f2:76:66:b9:a1:a7:41:f2:
         23:09:9d:c7:a9:12:2a:80:e5:3b:6b:2a:22:64:fd:63:6d:df:
         9e:e7:d5:2a:18:d6:74:ff:ab:7c:49:b7:21:0d:23:98:a8:22:
         b9:12:f2:fb:7a:8f:fb:77:e1:80:cf:91:d8:c9:42:43:2f:c7:
         4e:12:cf:77:1d:f8:96:6d:5c:16:22:2d:f8:39:06:ef:41:a9:
         e8:03:7e:93:cb:2c:de:5a:29:8f:62:81:2e:94:70:e1:f9:66:
         48:b6:f3:de:5d:3d:7e:f6:2e:fe:41:7a:05:23:be:2a:07:44:
         1d:e7:33:e3:e2:5b:5b:f1:46:fd:4b:b3:89:77:3f:e1:24:3c:
         0c:12:d8:67:5d:33:05:5b:55:f9:32:20:17:cd:1d:13:1e:b7:
         66:a2:86:79:01:12:ec:80:08:85:26:9f:ac:e8:c9:a4:a2:b5:
         4e:d9:4f:00:3c:5f:c7:f2:2b:35:c2:cd:68:d6:7c:8d:51:ef:
         0e:ae:14:cf:f7:1e:ea:6f:ad:31:b4:5c:e4:7f:b3:e1:1c:99:
         ef:0e:8c:dd:3a:01:5a:fd:7a:f0:9e:c9:da:b6:b4:79:2b:8e:
         69:36:6f:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcSpJXS3+EpBRRl7gUBjqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjkxMmExZWFiMThlYjcyOTc0NWU4OTc4MTM4YjI1YzQ0
MDc3NjEwHhcNMjUwNjExMDAwMTIwWhcNMjUwNjEyMDAwMTIwWjAzMTEwLwYDVQQD
EygxNGNlMjBjOTA2ZjkzMjQ4MDBkMWNiYWNhNTRjMTBiMmQwMjA1OGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruxJPWnAdORNnPVBrbUfkHrhZj5l
HvAdhR1Rg06+VAuN3rYa+y8VRVOKXCq9fNXW+jFVqNRoXCTvW+plzprQVY4qUZdG
OdLdocoklr3Yl0PjvonaE+z2Elnm9hQ9FvVvYLrYSJQSuzKw//H1DeuX8m6g+98G
cOkPoQx3VQ0h7xecLw3MSRhH3mqp4w21gtcZRIkiEpTmFuR1QJUneIbd3A3cNULX
XeETguFGtL8B7qq2sGkFBUYqHNbJTVdn8Mb1aMxnNlENSnrDWntVPsjdhTPkNyxf
zM1SlfczGlaHgBhiCMRUBAJJgGx2lrzc1di92XO9G5HSSpGdebbxPlgYDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTOIMkG+TJIANHLrKVMELLQIFjSMB8GA1UdIwQY
MBaAFDi5EqHqsY63KXReiXgTiyXEQHdhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8zZmFlOTYtNGFhZS00NTQ0LWJlZjIt
YzFkNTIxMTY2YmVjLzEvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8zZmFlOTYtNGFhZS00NTQ0LWJlZjItYzFkNTIxMTY2YmVj
LzEvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXGWqZp/f
KwN95gngGzHNjUUXyeOH3rohS5mOP/J2Zrmhp0HyIwmdx6kSKoDlO2sqImT9Y23f
nufVKhjWdP+rfEm3IQ0jmKgiuRLy+3qP+3fhgM+R2MlCQy/HThLPdx34lm1cFiIt
+DkG70Gp6AN+k8ss3lopj2KBLpRw4flmSLbz3l09fvYu/kF6BSO+KgdEHecz4+Jb
W/FG/UuziXc/4SQ8DBLYZ10zBVtV+TIgF80dEx63ZqKGeQES7IAIhSafrOjJpKK1
TtlPADxfx/IrNcLNaNZ8jVHvDq4Uz/ce6m+tMbRc5H+z4RyZ7w6M3ToBWv168J7J
2ra0eSuOaTZvgA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:43:34 2025 by rpki-client