Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
File:                     1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json)
Hash identifier:          4coKVYPHBvdBhJgFZEw+fQup6alSlPd0TuBNfybltdM=
Subject key identifier:   44:28:55:1B:68:2B:CC:FF:88:11:0F:B2:0E:A5:34:34:0A:18:55:4A
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Certificate issuer:       /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial:       019F1943FB6EA864C964C382EBFA84CD2865
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
Manifest number:          198D
Signing time:             Tue 30 Jun 2026 16:01:53 +0000
Manifest this update:     Tue 30 Jun 2026 16:01:53 +0000
Manifest next update:     Wed 01 Jul 2026 16:01:53 +0000
Files and hashes:         1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: AsS+cCTiUbnaWpoYGh2PhfL82xkto4LnC3n7zMNlNTQ=)
                          2: WeJgs7A95jwqtwLgB758IcXv4EU.roa (hash: 84hLdtwmT7VOnkUt9Z3ak3sP5MNYReF+bmVuaSuUp4c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 16:01:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:43:fb:6e:a8:64:c9:64:c3:82:eb:fa:84:cd:28:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
        Validity
            Not Before: Jun 30 16:01:53 2026 GMT
            Not After : Jul  1 16:01:53 2026 GMT
        Subject: CN=4428551b682bccff88110fb20ea534340a18554a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:8d:66:75:ca:16:e4:41:c2:37:42:41:b1:e9:
                    41:b9:66:7a:cb:2d:53:fe:4e:1d:f1:ef:32:a9:ab:
                    c1:e3:ba:ee:70:8e:a5:0c:50:7d:c9:ac:88:d1:7e:
                    56:21:c7:fd:ba:3e:fb:09:87:84:22:f1:65:a0:92:
                    c1:b1:0e:fe:ba:c5:df:02:83:3f:5e:f9:59:f5:af:
                    bc:36:6b:3d:f6:f0:c3:31:96:26:b9:a5:89:5a:38:
                    ca:2e:f0:b3:da:21:39:d2:40:27:fa:90:a7:cf:04:
                    d9:85:c6:21:39:a4:b4:e8:83:a5:e7:a6:ac:14:5d:
                    64:57:10:ff:33:52:2a:9f:3d:12:4c:50:03:2b:9d:
                    3f:40:d1:f9:f0:eb:2e:33:1d:64:07:c9:5c:05:98:
                    5d:a8:91:cb:18:2c:f9:f1:f1:d5:fd:f3:21:f8:3b:
                    06:ec:fd:56:38:69:d8:66:68:81:8f:91:00:6a:c2:
                    78:7a:91:fd:6a:3e:60:db:94:4e:9c:d1:07:4e:c4:
                    47:a8:66:23:be:5d:05:80:e1:a7:9e:a8:e5:41:1e:
                    8a:00:96:92:e4:ac:91:cb:b6:da:ff:3d:ae:14:83:
                    c8:b2:d3:6f:a5:4e:2c:2a:f9:b8:4b:4f:2d:cb:57:
                    ff:1f:ad:f9:dc:ae:fd:d0:ba:25:a5:a5:68:a8:05:
                    57:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:28:55:1B:68:2B:CC:FF:88:11:0F:B2:0E:A5:34:34:0A:18:55:4A
            X509v3 Authority Key Identifier:
                keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:a9:7a:12:cd:d4:cd:bc:d8:34:f3:7f:09:9b:3c:f1:6b:79:
         58:f8:04:e5:bb:b1:f3:9a:cf:da:f4:56:53:8b:11:ed:94:4f:
         31:8e:db:99:a3:fb:ef:70:bd:dd:bd:b4:65:28:62:eb:ef:fc:
         3a:41:42:84:55:1a:9e:93:ac:76:f9:51:f5:f9:4f:87:a1:d7:
         bc:21:2a:9b:67:84:39:b1:19:da:3f:a2:07:14:20:9c:e5:a4:
         dc:92:05:a1:60:f4:92:3f:a5:46:50:fc:ed:76:b2:f9:0c:f6:
         cd:61:f8:e3:f4:75:12:e4:d5:a2:70:e8:d2:7e:56:8c:f7:a0:
         d3:d5:8c:18:75:ef:31:04:4c:79:9c:8f:5c:37:6c:00:ab:1d:
         f8:af:68:de:b3:3e:6e:ec:54:05:e2:e5:8e:d2:c1:ec:47:c5:
         62:43:3b:d0:9b:1a:d3:d2:e6:89:f9:d0:48:cb:4b:c8:7d:fe:
         15:2f:0b:c9:b9:4e:37:b5:ae:c8:d9:09:6d:0c:20:2d:b3:4c:
         7b:81:53:be:8c:54:46:d7:7b:8a:ef:fd:3a:d3:e7:ef:ff:0b:
         61:45:ee:eb:d4:2a:64:88:ca:91:f0:ff:9d:da:59:d4:5d:6c:
         c1:86:20:9d:de:b4:07:53:de:a0:af:65:da:14:1d:32:ce:2b:
         85:3c:42:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZQ/tuqGTJZMOC6/qEzShlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjYwNjMwMTYwMTUzWhcNMjYwNzAxMTYwMTUzWjAzMTEwLwYDVQQD
Eyg0NDI4NTUxYjY4MmJjY2ZmODgxMTBmYjIwZWE1MzQzNDBhMTg1NTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq41mdcoW5EHCN0JBselBuWZ6yy1T
/k4d8e8yqavB47rucI6lDFB9yayI0X5WIcf9uj77CYeEIvFloJLBsQ7+usXfAoM/
XvlZ9a+8Nms99vDDMZYmuaWJWjjKLvCz2iE50kAn+pCnzwTZhcYhOaS06IOl56as
FF1kVxD/M1Iqnz0STFADK50/QNH58OsuMx1kB8lcBZhdqJHLGCz58fHV/fMh+DsG
7P1WOGnYZmiBj5EAasJ4epH9aj5g25ROnNEHTsRHqGYjvl0FgOGnnqjlQR6KAJaS
5KyRy7ba/z2uFIPIstNvpU4sKvm4S08ty1f/H6353K790LolpaVoqAVX5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEQoVRtoK8z/iBEPsg6lNDQKGFVKMB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoql6Es3U
zbzYNPN/CZs88Wt5WPgE5bux85rP2vRWU4sR7ZRPMY7bmaP773C93b20ZShi6+/8
OkFChFUanpOsdvlR9flPh6HXvCEqm2eEObEZ2j+iBxQgnOWk3JIFoWD0kj+lRlD8
7Xay+Qz2zWH44/R1EuTVonDo0n5WjPeg09WMGHXvMQRMeZyPXDdsAKsd+K9o3rM+
buxUBeLljtLB7EfFYkM70Jsa09LmifnQSMtLyH3+FS8LyblON7WuyNkJbQwgLbNM
e4FTvoxURtd7iu/9OtPn7/8LYUXu69QqZIjKkfD/ndpZ1F1swYYgnd60B1PeoK9l
2hQdMs4rhTxCxw==
-----END CERTIFICATE-----
Generated at Wed Jul 1 02:50:40 2026 by rpki-client