Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
File:                     OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft (raw, json)
Hash identifier:          pZryVQ14sDjldnUVZYxidd0vYnU6OLOyodVTWNviSrU=
Subject key identifier:   91:70:29:19:2D:B0:18:92:60:56:17:44:00:51:60:4F:C4:49:A0:FB
Authority key identifier: 38:B9:12:A1:EA:B1:8E:B7:29:74:5E:89:78:13:8B:25:C4:40:77:61
Certificate issuer:       /CN=38b912a1eab18eb729745e8978138b25c4407761
Certificate serial:       019769CE5E8087D9F1D3A1DEE22125635342
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
Manifest number:          0C6F
Signing time:             Fri 13 Jun 2025 15:00:21 +0000
Manifest this update:     Fri 13 Jun 2025 15:00:21 +0000
Manifest next update:     Sat 14 Jun 2025 15:00:21 +0000
Files and hashes:         1: FVz1Gs3goS-mz1CP7z4LNut0fHE.roa (hash: +EzGyBevLVejen0VLkmFtejit+8sBRd5jz7yFu64Sbw=)
                          2: OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl (hash: QbJLGFw5xcjbYvkuUfc9MESecpAz0J4FZA22mfWoWPk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 15:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:ce:5e:80:87:d9:f1:d3:a1:de:e2:21:25:63:53:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38b912a1eab18eb729745e8978138b25c4407761
        Validity
            Not Before: Jun 13 15:00:21 2025 GMT
            Not After : Jun 14 15:00:21 2025 GMT
        Subject: CN=917029192db01892605617440051604fc449a0fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:54:52:a0:c8:d3:b9:6c:15:05:4e:af:15:80:
                    d5:55:dd:ed:4c:2c:2a:8f:c5:af:a9:43:8e:df:e3:
                    31:0e:f3:12:e6:57:82:5d:24:02:c2:c2:b7:ee:27:
                    89:07:f2:8f:e7:f1:51:4a:c5:d0:ce:a4:af:5e:8b:
                    7f:49:3c:cf:38:49:22:3c:8a:55:b6:62:47:2b:9b:
                    5b:3b:71:25:d9:4a:ec:f6:c3:34:b6:b3:29:30:47:
                    cf:8b:f6:33:d5:c9:75:68:8c:c4:ad:af:1e:16:00:
                    c2:fa:97:d2:b1:f8:24:06:4c:79:16:0a:2e:80:24:
                    ae:24:58:e5:2d:49:34:9d:e2:a5:d9:59:46:68:b9:
                    49:83:f1:b8:c9:21:27:38:99:5b:35:ec:ad:cc:5e:
                    8b:28:ee:91:2a:23:94:a3:e2:57:fa:7d:8c:fe:45:
                    6a:5e:6f:39:a2:98:cc:c0:7b:dd:e1:eb:36:f4:64:
                    ca:75:fc:da:c1:25:02:40:a2:cd:6c:84:6d:e2:3b:
                    f9:bd:7d:e8:7f:4f:18:8f:42:57:94:24:b4:bf:6f:
                    d2:d9:9f:aa:36:59:b3:c1:00:8a:00:1d:9a:07:56:
                    c4:43:de:51:0e:a5:e8:8c:01:99:50:6b:05:cf:75:
                    65:22:2b:95:4a:37:fd:d8:ad:6d:0b:10:75:7b:85:
                    b9:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:70:29:19:2D:B0:18:92:60:56:17:44:00:51:60:4F:C4:49:A0:FB
            X509v3 Authority Key Identifier:
                keyid:38:B9:12:A1:EA:B1:8E:B7:29:74:5E:89:78:13:8B:25:C4:40:77:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLkSoeqxjrcpdF6JeBOLJcRAd2E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3fae96-4aae-4544-bef2-c1d521166bec/1/OLkSoeqxjrcpdF6JeBOLJcRAd2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d1:4b:56:b1:3b:e9:e8:5b:06:c4:e0:ce:2f:99:07:1d:5b:52:
         c9:fc:9a:ed:21:f2:77:ed:99:08:d0:0c:35:66:40:39:26:dc:
         8a:84:64:e0:e8:1c:65:e4:ef:3f:77:f7:54:6e:c6:17:13:d1:
         f2:50:f2:d2:2e:d4:89:d4:47:6e:07:52:b7:3e:8b:2b:95:59:
         34:d8:6e:b7:e9:4a:01:f5:a6:e4:67:9d:da:13:b9:49:f2:54:
         27:b2:72:99:4a:ab:ef:20:52:d9:7b:99:39:8f:bc:a0:5d:87:
         3c:3b:a6:c6:6d:a8:b9:1e:09:31:e6:ea:2a:a5:ff:d3:e0:39:
         d0:95:95:fe:35:92:e4:c8:a9:51:47:9b:5f:03:79:1a:ab:02:
         b5:02:c5:2b:fc:b5:b6:17:ed:d8:9d:1a:d3:cc:27:45:59:64:
         b3:1e:2b:40:5b:49:f5:0b:22:e0:cc:2e:b5:da:a6:2d:10:e1:
         be:bf:44:bf:26:30:4d:e4:2d:00:72:2b:96:b1:53:00:82:88:
         99:26:3c:5f:bb:3c:f9:06:f3:78:c7:99:50:eb:e7:b5:05:1a:
         ea:13:fb:39:f9:84:91:c3:32:f3:6b:f8:f9:3f:86:67:96:7d:
         72:9f:60:ae:77:e1:87:66:e2:ac:e8:1f:fc:57:f6:e9:52:47:
         e6:ad:dd:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzl6Ah9nx06He4iElY1NCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjkxMmExZWFiMThlYjcyOTc0NWU4OTc4MTM4YjI1YzQ0
MDc3NjEwHhcNMjUwNjEzMTUwMDIxWhcNMjUwNjE0MTUwMDIxWjAzMTEwLwYDVQQD
Eyg5MTcwMjkxOTJkYjAxODkyNjA1NjE3NDQwMDUxNjA0ZmM0NDlhMGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylRSoMjTuWwVBU6vFYDVVd3tTCwq
j8WvqUOO3+MxDvMS5leCXSQCwsK37ieJB/KP5/FRSsXQzqSvXot/STzPOEkiPIpV
tmJHK5tbO3El2Urs9sM0trMpMEfPi/Yz1cl1aIzEra8eFgDC+pfSsfgkBkx5Fgou
gCSuJFjlLUk0neKl2VlGaLlJg/G4ySEnOJlbNeytzF6LKO6RKiOUo+JX+n2M/kVq
Xm85opjMwHvd4es29GTKdfzawSUCQKLNbIRt4jv5vX3of08Yj0JXlCS0v2/S2Z+q
NlmzwQCKAB2aB1bEQ95RDqXojAGZUGsFz3VlIiuVSjf92K1tCxB1e4W5BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJFwKRktsBiSYFYXRABRYE/ESaD7MB8GA1UdIwQY
MBaAFDi5EqHqsY63KXReiXgTiyXEQHdhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8zZmFlOTYtNGFhZS00NTQ0LWJlZjIt
YzFkNTIxMTY2YmVjLzEvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8zZmFlOTYtNGFhZS00NTQ0LWJlZjItYzFkNTIxMTY2YmVj
LzEvT0xrU29lcXhqcmNwZEY2SmVCT0xKY1JBZDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0UtWsTvp
6FsGxODOL5kHHVtSyfya7SHyd+2ZCNAMNWZAOSbcioRk4OgcZeTvP3f3VG7GFxPR
8lDy0i7UidRHbgdStz6LK5VZNNhut+lKAfWm5Ged2hO5SfJUJ7JymUqr7yBS2XuZ
OY+8oF2HPDumxm2ouR4JMebqKqX/0+A50JWV/jWS5MipUUebXwN5GqsCtQLFK/y1
thft2J0a08wnRVlksx4rQFtJ9Qsi4MwutdqmLRDhvr9EvyYwTeQtAHIrlrFTAIKI
mSY8X7s8+QbzeMeZUOvntQUa6hP7OfmEkcMy82v4+T+GZ5Z9cp9grnfhh2birOgf
/Ff26VJH5q3dlQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 21:41:47 2025 by rpki-client