Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft
File:                     OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft (raw, json)
Hash identifier:          epDvbzsXelOd9Ch7mrfhHSSvYnSJcKlvVGGdE0fLX/Y=
Subject key identifier:   25:75:21:5D:23:8A:38:D0:A6:8A:4A:B0:28:F3:D9:23:C4:FD:96:71
Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
Certificate issuer:       /CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Certificate serial:       019F1C0DD4F796A9E9BDC1B6A381BB1E1E9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft
Manifest number:          198E
Signing time:             Wed 01 Jul 2026 05:01:36 +0000
Manifest this update:     Wed 01 Jul 2026 05:01:36 +0000
Manifest next update:     Thu 02 Jul 2026 05:01:36 +0000
Files and hashes:         1: GS12T19X33XYAhf098NVhyXx3j4.roa (hash: 2sPtA3M8U954wEjtNrs6ONRJ78QRH5zWAILMakv6ILg=)
                          2: OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl (hash: +vGDlmUbh0bGaazGGgGhc8sCbb1RfhgpEJKTFhLBYIs=)
                          3: Ys4PogIAyq6Z-1e6V87HwtKW-Jw.roa (hash: 9OEorLPT8PEnhbBuzCTUI3Vb5lQD/nIA0b2dhSxkYk4=)
                          4: ckGyseiXClHPKvZc0nmqY19ttos.roa (hash: Yi/gbRZzD3hzlnLpg0sfEHwVq1nYLL7ZQtIyu02d0kc=)
                          5: flQssGcGnPHhqNGkKwTNsJejaeQ.roa (hash: 7MK/e6VIAjwZyf2enbWUdzme5SKLDGdFufR5UtJ+Iyo=)
                          6: tI1eWKq17tDG9hQWcAP-FozruWU.roa (hash: yszzGKzH2Y3utLHy31Xungt79IkdPWx2rbVckLVltxM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 23:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:1c:0d:d4:f7:96:a9:e9:bd:c1:b6:a3:81:bb:1e:1e:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b
        Validity
            Not Before: Jul  1 05:01:36 2026 GMT
            Not After : Jul  2 05:01:36 2026 GMT
        Subject: CN=2575215d238a38d0a68a4ab028f3d923c4fd9671
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:f9:35:06:cb:19:01:6c:f7:d3:2e:1c:42:b7:
                    36:4c:b4:da:b9:7a:f8:5f:06:29:39:ab:f8:df:4a:
                    a2:a1:10:fd:99:5e:6d:b6:a6:ed:73:3a:91:43:26:
                    5f:59:f7:a9:41:f3:91:b6:e8:39:c4:95:0f:0c:39:
                    8a:05:64:0e:89:1b:ce:40:d0:c2:d6:de:8d:a9:db:
                    7b:9b:85:5c:7a:9f:7f:7a:42:fb:85:bb:b9:47:4c:
                    b1:69:77:6b:bb:4d:40:8c:a5:0a:ec:e8:d4:64:cf:
                    74:ce:f8:95:db:51:f7:30:80:c1:6e:42:51:89:b5:
                    4e:08:6d:6d:83:21:ec:8a:2a:ee:58:b7:87:fb:e1:
                    fc:6c:f7:b1:38:0c:dd:95:a5:38:2e:f9:cb:9d:c6:
                    6a:b7:09:27:9d:c7:32:51:2b:b0:0d:ac:2e:a9:c8:
                    52:54:70:80:97:3d:1b:d5:4a:c5:01:95:ae:93:23:
                    05:29:ce:67:ee:98:11:a1:e3:33:4f:20:98:87:9c:
                    b3:23:f4:d4:a0:93:78:08:6d:58:ea:87:cd:16:40:
                    5b:7d:80:d7:68:30:2d:37:c5:42:1d:b8:22:37:00:
                    9c:de:64:74:01:3d:73:87:ee:80:d9:50:ee:d4:b7:
                    4f:ca:cc:4a:68:1c:aa:fc:7f:a6:48:0a:6f:b5:93:
                    16:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:75:21:5D:23:8A:38:D0:A6:8A:4A:B0:28:F3:D9:23:C4:FD:96:71
            X509v3 Authority Key Identifier:
                keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:34:5c:2a:22:2b:c3:cb:e1:92:b9:d0:41:92:a9:b2:6a:1f:
         75:64:5b:8f:db:3c:75:b5:60:8a:6b:f4:0b:f0:aa:5d:bc:9c:
         1e:9d:ca:5e:f8:e6:27:0e:15:a2:f1:e9:3d:35:5d:1a:b2:fb:
         88:e7:86:cc:89:11:ef:eb:59:a4:54:d8:43:78:30:35:4a:a5:
         e2:0d:fa:ea:ea:6a:fb:33:38:dd:d1:27:33:ef:c7:77:54:b8:
         3c:e1:d8:08:8b:60:67:76:34:73:14:cb:2a:7a:0d:ee:e2:e8:
         94:9e:18:06:14:3e:e4:6f:0c:46:71:1d:76:ae:dd:0f:48:5b:
         d2:3c:d6:68:b8:84:7e:c9:a1:ca:9e:a3:31:65:4c:94:74:cd:
         68:6d:93:9f:6e:78:66:de:94:a2:7a:6e:ec:ab:02:b0:15:5b:
         3d:31:20:10:2d:d0:15:6b:d8:92:3d:a9:af:96:8e:86:4d:c8:
         1f:df:fb:d6:ed:52:a1:32:3e:7e:93:14:20:ab:b4:12:e0:4e:
         e9:e9:4e:21:25:18:ce:61:95:90:0f:42:cb:93:47:29:ce:ab:
         35:dd:4d:3d:10:aa:e0:6c:a1:b1:2a:3f:be:b8:55:0e:0f:3e:
         c5:86:0a:da:9a:a0:0f:a3:20:5f:88:1c:e3:2d:31:f9:f0:08:
         27:a5:88:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8cDdT3lqnpvcG2o4G7Hh6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTg1NTA2NTliYjY4ZTc3MGQ4YjAxMjZiNzI2MWZiODdk
ODI0MGIwHhcNMjYwNzAxMDUwMTM2WhcNMjYwNzAyMDUwMTM2WjAzMTEwLwYDVQQD
EygyNTc1MjE1ZDIzOGEzOGQwYTY4YTRhYjAyOGYzZDkyM2M0ZmQ5NjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Pk1BssZAWz30y4cQrc2TLTauXr4
XwYpOav430qioRD9mV5ttqbtczqRQyZfWfepQfORtug5xJUPDDmKBWQOiRvOQNDC
1t6Nqdt7m4Vcep9/ekL7hbu5R0yxaXdru01AjKUK7OjUZM90zviV21H3MIDBbkJR
ibVOCG1tgyHsiiruWLeH++H8bPexOAzdlaU4LvnLncZqtwknnccyUSuwDawuqchS
VHCAlz0b1UrFAZWukyMFKc5n7pgRoeMzTyCYh5yzI/TUoJN4CG1Y6ofNFkBbfYDX
aDAtN8VCHbgiNwCc3mR0AT1zh+6A2VDu1LdPysxKaByq/H+mSApvtZMWBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCV1IV0jijjQpopKsCjz2SPE/ZZxMB8GA1UdIwQY
MBaAFDioVQZZu2jncNiwEmtyYfuH2CQLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEt
MWQ3MDNiNDk2NjM0LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEtMWQ3MDNiNDk2NjM0
LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjjRcKiIr
w8vhkrnQQZKpsmofdWRbj9s8dbVgimv0C/CqXbycHp3KXvjmJw4VovHpPTVdGrL7
iOeGzIkR7+tZpFTYQ3gwNUql4g366upq+zM43dEnM+/Hd1S4POHYCItgZ3Y0cxTL
KnoN7uLolJ4YBhQ+5G8MRnEddq7dD0hb0jzWaLiEfsmhyp6jMWVMlHTNaG2Tn254
Zt6Uonpu7KsCsBVbPTEgEC3QFWvYkj2pr5aOhk3IH9/71u1SoTI+fpMUIKu0EuBO
6elOISUYzmGVkA9Cy5NHKc6rNd1NPRCq4GyhsSo/vrhVDg8+xYYK2pqgD6MgX4gc
4y0x+fAIJ6WI0w==
-----END CERTIFICATE-----
Generated at Wed Jul 1 06:26:45 2026 by rpki-client