Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
File:                     ok-vY1IPfv9skINInIuVQ_XEHms.mft (raw, json)
Hash identifier:          6Lqbur74wbw9Zg2irtL19OGoyauG26sbvqxAvnwvH40=
Subject key identifier:   6B:E2:D0:AB:B3:98:11:87:06:63:2D:20:88:98:E5:54:85:F8:AD:5C
Authority key identifier: A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
Certificate issuer:       /CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Certificate serial:       019F59D9ECA8B00CDC19C90FD5A59C4DDC0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
Manifest number:          0194
Signing time:             Mon 13 Jul 2026 05:01:21 +0000
Manifest this update:     Mon 13 Jul 2026 05:01:21 +0000
Manifest next update:     Tue 14 Jul 2026 05:01:21 +0000
Files and hashes:         1: mRAPRARmIWBI0GVMPhWngw_j6ww.roa (hash: avARUPRrUse7y3N+OWqTLKma/Wv73drbWJGHR9JSglE=)
                          2: ok-vY1IPfv9skINInIuVQ_XEHms.crl (hash: Aow4C9h6UbyusBJ/ISImBBmszUkzNAahtnJu7QtWO0I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 14 Jul 2026 05:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:59:d9:ec:a8:b0:0c:dc:19:c9:0f:d5:a5:9c:4d:dc:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
        Validity
            Not Before: Jul 13 05:01:21 2026 GMT
            Not After : Jul 14 05:01:21 2026 GMT
        Subject: CN=6be2d0abb398118706632d208898e55485f8ad5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:c5:90:87:0a:be:6b:6a:dd:cb:e8:8e:8a:f4:
                    c1:ee:5c:94:b3:fc:b0:40:92:f7:36:b7:25:4f:8a:
                    b9:c3:eb:39:62:36:57:05:ec:69:d3:c4:0c:62:25:
                    67:ea:1a:a5:56:7b:0d:5b:96:2f:d2:ba:91:d0:77:
                    0b:1e:87:fb:73:49:d4:37:cd:75:ef:e2:14:81:3d:
                    12:43:f8:ce:e5:fa:a4:d6:55:6c:06:ae:eb:72:8c:
                    e8:8e:aa:35:99:08:97:05:4d:50:da:9d:dc:54:2e:
                    41:5c:a6:98:ce:06:2a:6f:9d:34:4b:c3:f0:2d:02:
                    a4:18:5c:dd:9f:7f:62:57:4a:ad:e6:bd:71:17:59:
                    1b:af:65:23:74:bc:a4:a3:56:c7:37:ec:5a:8a:22:
                    a4:db:88:ff:11:e4:b9:da:2a:8c:92:67:8c:14:29:
                    b4:30:30:a4:f0:1f:ae:95:ed:d0:12:bb:74:45:e3:
                    8e:4e:a8:4b:af:69:f7:d7:86:6d:f9:72:5d:84:ac:
                    80:09:da:fc:35:ca:9a:5a:ce:bb:a0:33:eb:c7:74:
                    e3:ef:af:90:63:0a:6f:83:20:8a:24:74:2d:11:8c:
                    1f:c1:e1:39:ab:82:32:b2:10:01:d0:fc:1e:90:78:
                    99:5a:ea:0b:f5:52:a7:6c:bb:68:11:b9:89:ba:bf:
                    93:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:E2:D0:AB:B3:98:11:87:06:63:2D:20:88:98:E5:54:85:F8:AD:5C
            X509v3 Authority Key Identifier:
                keyid:A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:dd:82:b6:40:b5:a2:5b:5c:e5:3a:05:9f:3d:83:22:8c:e4:
         31:d5:ab:67:8e:e7:b9:aa:34:99:86:ce:13:d9:88:bf:6c:8e:
         b1:b8:57:01:28:c2:00:a6:44:54:b1:a8:e3:42:d3:32:60:07:
         ee:c3:17:84:12:63:a7:40:d5:e3:4e:3c:1c:30:4c:b8:61:0c:
         5e:29:fc:e7:6c:0c:46:da:c5:1e:23:7c:d0:d6:8b:d6:57:a4:
         2a:42:dc:64:8c:12:a0:26:f8:2a:e4:24:b0:74:d1:8b:af:a8:
         39:12:be:5d:80:25:f0:e8:5d:d0:b0:b2:66:2d:4e:82:54:bc:
         0d:98:7b:a8:85:a4:30:9c:2f:48:d9:7e:27:38:4b:c8:60:8c:
         34:88:6d:21:78:fe:6a:c2:9b:f6:9e:a6:0f:ba:d3:13:bd:c6:
         60:3b:49:74:39:91:b9:52:52:58:03:b3:de:f6:8c:56:85:9b:
         c2:67:c4:bb:38:0f:72:5e:39:0c:79:ee:9b:bf:f4:86:68:fd:
         33:eb:fd:01:10:a2:e6:1f:40:15:2d:f5:4f:7f:c6:05:62:f7:
         b9:4f:92:2e:6b:02:3d:96:04:b0:73:83:eb:05:2f:ea:ef:25:
         48:d5:a3:31:76:fd:0d:a4:5b:8c:2d:ad:3d:83:c6:bb:03:f7:
         e1:87:09:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ9Z2eyosAzcGckP1aWcTdwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGZhZjYzNTIwZjdlZmY2YzkwODM0ODljOGI5NTQzZjVj
NDFlNmIwHhcNMjYwNzEzMDUwMTIxWhcNMjYwNzE0MDUwMTIxWjAzMTEwLwYDVQQD
Eyg2YmUyZDBhYmIzOTgxMTg3MDY2MzJkMjA4ODk4ZTU1NDg1ZjhhZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8cWQhwq+a2rdy+iOivTB7lyUs/yw
QJL3NrclT4q5w+s5YjZXBexp08QMYiVn6hqlVnsNW5Yv0rqR0HcLHof7c0nUN811
7+IUgT0SQ/jO5fqk1lVsBq7rcozojqo1mQiXBU1Q2p3cVC5BXKaYzgYqb500S8Pw
LQKkGFzdn39iV0qt5r1xF1kbr2UjdLyko1bHN+xaiiKk24j/EeS52iqMkmeMFCm0
MDCk8B+ule3QErt0ReOOTqhLr2n314Zt+XJdhKyACdr8NcqaWs67oDPrx3Tj76+Q
YwpvgyCKJHQtEYwfweE5q4IyshAB0PwekHiZWuoL9VKnbLtoEbmJur+TGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGvi0KuzmBGHBmMtIIiY5VSF+K1cMB8GA1UdIwQY
MBaAFKJPr2NSD37/bJCDSJyLlUP1xB5rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmIt
NzExNzEyNjBkYjM0LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmItNzExNzEyNjBkYjM0
LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqt2CtkC1
oltc5ToFnz2DIozkMdWrZ47nuao0mYbOE9mIv2yOsbhXASjCAKZEVLGo40LTMmAH
7sMXhBJjp0DV4048HDBMuGEMXin852wMRtrFHiN80NaL1lekKkLcZIwSoCb4KuQk
sHTRi6+oORK+XYAl8Ohd0LCyZi1OglS8DZh7qIWkMJwvSNl+JzhLyGCMNIhtIXj+
asKb9p6mD7rTE73GYDtJdDmRuVJSWAOz3vaMVoWbwmfEuzgPcl45DHnum7/0hmj9
M+v9ARCi5h9AFS31T3/GBWL3uU+SLmsCPZYEsHOD6wUv6u8lSNWjMXb9DaRbjC2t
PYPGuwP34YcJvA==
-----END CERTIFICATE-----
Generated at Mon Jul 13 13:50:06 2026 by rpki-client