Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
File:                     OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft (raw, json)
Hash identifier:          /8pCqENS6diAnkeAmSqt8nzxPbHDDr8WBlFMMIRILJg=
Subject key identifier:   15:8C:B0:16:81:CD:C2:93:DE:A4:2C:A6:29:9D:A5:2C:3F:39:A5:92
Authority key identifier: 3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B
Certificate issuer:       /CN=3a40ff154c453943a0b02aa65021c9c264947c2b
Certificate serial:       0198D4E02009E7BCAAEA1461142C1D9F6BBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
Manifest number:          0D2F
Signing time:             Sat 23 Aug 2025 03:01:54 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:54 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:54 +0000
Files and hashes:         1: 0wAgKVyytNbhNR-_RR1IsIpFFy0.roa (hash: hGr01I8nbqs/LJEbN09Cfzd/lbJVo6JwWOtLmEfD1wA=)
                          2: OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl (hash: 4ulFUdOHVw/w+7PIBKNzbLprEuj+5L3/bw4tZLeuo2w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:20:09:e7:bc:aa:ea:14:61:14:2c:1d:9f:6b:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a40ff154c453943a0b02aa65021c9c264947c2b
        Validity
            Not Before: Aug 23 03:01:54 2025 GMT
            Not After : Aug 24 03:01:54 2025 GMT
        Subject: CN=158cb01681cdc293dea42ca6299da52c3f39a592
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:5f:95:89:be:5e:9b:84:5d:63:3e:79:b0:a9:
                    29:40:d4:ab:63:69:15:54:5f:38:19:b9:49:77:a4:
                    58:71:5b:07:d4:39:97:50:f0:4b:86:cf:89:d7:8f:
                    1f:19:3c:ab:01:3a:20:c6:f0:18:4a:a6:47:90:94:
                    f6:80:cc:d4:3b:56:57:d8:6a:6e:49:a6:53:b9:71:
                    76:c9:8e:38:47:aa:a4:d9:fe:6a:c5:79:5b:6f:e1:
                    ba:5c:63:b5:0d:e5:00:d9:22:0b:a4:00:4a:60:ec:
                    1a:03:2f:79:00:11:4a:f1:ec:47:dc:91:9f:d7:fb:
                    67:20:c0:55:fd:d8:7f:19:4c:46:ee:5d:6b:f6:bf:
                    bc:b5:29:93:28:69:bb:85:0f:e9:82:41:7c:7e:9c:
                    57:8c:da:42:c5:a5:2f:33:95:66:13:19:2c:0d:3f:
                    bc:b3:f5:c5:47:bf:6c:83:2a:cd:83:ce:ab:92:b7:
                    bf:5f:5f:66:c8:e7:b7:54:fb:51:01:4b:78:49:78:
                    f9:31:47:75:38:e2:bf:80:f1:d3:77:ba:db:bd:80:
                    4b:45:b9:8e:0b:bb:fc:da:e9:9c:a0:49:11:bb:71:
                    03:96:c1:0d:08:67:30:05:b1:55:82:54:79:35:96:
                    c1:57:e9:73:b0:9b:f1:5b:ea:a5:da:f0:0b:81:c8:
                    cf:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:8C:B0:16:81:CD:C2:93:DE:A4:2C:A6:29:9D:A5:2C:3F:39:A5:92
            X509v3 Authority Key Identifier:
                keyid:3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:8f:31:9c:4e:49:10:c7:74:c0:47:26:02:1a:d5:fc:0c:6f:
         fc:28:97:46:f4:ef:9e:d6:97:df:d2:ed:ec:37:98:ed:e8:23:
         db:0c:1f:58:7a:80:59:18:6c:b2:5d:10:08:08:c0:3e:97:cc:
         5e:33:8d:7c:85:65:8e:7b:70:b3:d5:a7:a1:59:9f:1c:63:d9:
         53:de:f5:76:79:62:ca:fa:b7:b9:6b:96:d3:bb:91:ec:70:3e:
         48:c1:c7:19:34:2b:71:c5:2a:3e:a3:9c:39:10:43:ac:b7:34:
         fb:f7:5f:3d:a9:f0:c9:09:0d:ec:d0:88:45:58:1d:b0:3f:4f:
         3f:47:15:6a:0c:bf:eb:f8:12:51:49:c3:f1:b1:36:26:00:14:
         be:88:bc:5c:9f:5f:85:88:e3:a4:5f:0e:9e:bc:8f:96:16:b6:
         a9:0c:6c:17:a3:c9:d3:58:4a:c9:4a:c1:23:11:22:6e:95:59:
         07:74:b9:69:c3:93:5c:54:23:eb:b6:a3:5c:24:55:03:9f:56:
         a8:21:be:57:8a:cd:6d:b7:34:01:cf:cf:3e:c0:ab:a7:ae:c3:
         3f:24:45:58:a4:f6:58:5b:d2:2e:e7:e7:59:51:8b:57:b2:7f:
         61:c8:73:14:49:50:9b:40:e5:d8:5f:c2:92:cf:63:bf:91:0d:
         83:35:36:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4CAJ57yq6hRhFCwdn2u8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDBmZjE1NGM0NTM5NDNhMGIwMmFhNjUwMjFjOWMyNjQ5
NDdjMmIwHhcNMjUwODIzMDMwMTU0WhcNMjUwODI0MDMwMTU0WjAzMTEwLwYDVQQD
EygxNThjYjAxNjgxY2RjMjkzZGVhNDJjYTYyOTlkYTUyYzNmMzlhNTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31+Vib5em4RdYz55sKkpQNSrY2kV
VF84GblJd6RYcVsH1DmXUPBLhs+J148fGTyrATogxvAYSqZHkJT2gMzUO1ZX2Gpu
SaZTuXF2yY44R6qk2f5qxXlbb+G6XGO1DeUA2SILpABKYOwaAy95ABFK8exH3JGf
1/tnIMBV/dh/GUxG7l1r9r+8tSmTKGm7hQ/pgkF8fpxXjNpCxaUvM5VmExksDT+8
s/XFR79sgyrNg86rkre/X19myOe3VPtRAUt4SXj5MUd1OOK/gPHTd7rbvYBLRbmO
C7v82umcoEkRu3EDlsENCGcwBbFVglR5NZbBV+lzsJvxW+ql2vALgcjPgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBWMsBaBzcKT3qQspimdpSw/OaWSMB8GA1UdIwQY
MBaAFDpA/xVMRTlDoLAqplAhycJklHwrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQt
ODJiYjBiYjExZTNlLzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQtODJiYjBiYjExZTNl
LzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOI8xnE5J
EMd0wEcmAhrV/Axv/CiXRvTvntaX39Lt7DeY7egj2wwfWHqAWRhssl0QCAjAPpfM
XjONfIVljntws9WnoVmfHGPZU971dnliyvq3uWuW07uR7HA+SMHHGTQrccUqPqOc
ORBDrLc0+/dfPanwyQkN7NCIRVgdsD9PP0cVagy/6/gSUUnD8bE2JgAUvoi8XJ9f
hYjjpF8OnryPlha2qQxsF6PJ01hKyUrBIxEibpVZB3S5acOTXFQj67ajXCRVA59W
qCG+V4rNbbc0Ac/PPsCrp67DPyRFWKT2WFvSLufnWVGLV7J/YchzFElQm0Dl2F/C
ks9jv5ENgzU2vA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:00:52 2025 by rpki-client