Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft
File:                     OklF5GdkAp0lgdggwzc_pEWFVTk.mft (raw, json)
Hash identifier:          L395J9hiLMmFE7tNfGWAKAs8vfkaNOlNbCep5UZ7KgM=
Subject key identifier:   88:41:29:79:61:F3:9E:4F:DF:DB:75:E5:E5:84:EF:79:0A:11:6B:F3
Authority key identifier: 3A:49:45:E4:67:64:02:9D:25:81:D8:20:C3:37:3F:A4:45:85:55:39
Certificate issuer:       /CN=3a4945e46764029d2581d820c3373fa445855539
Certificate serial:       019D27DFDF505BA1C2DA4B6EA8E3B24A7FF8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft
Manifest number:          1899
Signing time:             Thu 26 Mar 2026 02:01:16 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:16 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:16 +0000
Files and hashes:         1: 0273NJ6iQvZTgyuMash3xOhPLj8.roa (hash: 4bykyvzdYlZRg3u7BKzjHELAB3KL3rC2juBQve+S7UU=)
                          2: 78Cs8FmR3BIH_U5LsGqewvTlDV8.roa (hash: Z1dE+G16ehwR1QYJ/Luwdk+orufuAf1qVWJAWByx1UU=)
                          3: 9ieasZqKBlr3lokENCedNiqsCIM.roa (hash: TDVoR875fUbuSNWGAFsbE/WCEgXPy5Nn5pq79JskxQQ=)
                          4: 9xohe0WrdtI7HVhoFYevFGaGlbc.roa (hash: JlRzOAenO4QPVaHIwuTlBW/1CKfl7RhsHIL/eBfeU2g=)
                          5: MD4cosIRi9elPGst52tPGWVVXgQ.roa (hash: uQ5E7La04dxcXCsqGXXrY+8iqi3ww+c05QuoQOajMIE=)
                          6: OklF5GdkAp0lgdggwzc_pEWFVTk.crl (hash: TChptZfqyeSeXqulS3Ztf9HPCoeA/ntKILk3IceOxSQ=)
                          7: PrbXCFhVtFkWUcwdTHxrF95uYDo.roa (hash: qYxwfpMga93RAf62Cr8sXnqP6qDnonu8QcpFUw5HhJ8=)
                          8: aa9c3i_QmzIlTyi0XFZwJXrmq48.roa (hash: HcRPfUnw0rt8gf5+bGCJq0Ra7n/YA9e5E/2HwqC6qHA=)
                          9: pdrRYgteZLUMBCQJIc10YC36u-o.roa (hash: fx4ol1jSVjOBVf92RkrVydBgXb8sh/pU0bwRASzDz2U=)
                          10: pj8mJKqUF_T2Ou11ZZQsgbjDNYQ.roa (hash: fs3ur5x7vbxGo0xyTuilMeKyac+Lx5FJiRM1jXFcziw=)
                          11: vI4OFivT89O9243mI_1fzU94Pao.roa (hash: vkj2cXgQH1KS/H+As5+qw6+hxQEc0denm5Wi71uvRzE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 02:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:df:50:5b:a1:c2:da:4b:6e:a8:e3:b2:4a:7f:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a4945e46764029d2581d820c3373fa445855539
        Validity
            Not Before: Mar 26 02:01:16 2026 GMT
            Not After : Mar 27 02:01:16 2026 GMT
        Subject: CN=8841297961f39e4fdfdb75e5e584ef790a116bf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a5:b5:86:78:cf:c4:4d:46:fa:2f:56:fd:70:
                    59:c7:89:2a:46:7f:a6:e5:fb:b7:fa:24:71:e5:ff:
                    4e:13:99:e4:c7:51:99:b0:94:a3:01:95:fd:99:a0:
                    9f:77:66:38:79:a9:01:03:dd:ab:2f:a6:a0:d1:4a:
                    a9:a3:f3:cf:9d:00:30:40:d6:f2:66:b2:8f:9f:a2:
                    42:26:04:ee:b6:df:9e:71:82:89:37:bd:c1:ac:bc:
                    83:ae:72:48:1a:a9:d6:05:ba:df:69:d6:6a:24:97:
                    d7:61:eb:cf:3c:cf:1b:f8:ba:db:9b:5c:96:a3:e8:
                    e9:0a:7d:19:4e:69:f0:b5:ca:1d:71:d6:d0:70:d7:
                    1b:1d:01:b5:2d:46:82:89:51:96:81:41:23:8d:97:
                    c4:8f:b2:c4:87:10:8b:ca:8e:8b:77:94:82:62:d1:
                    8f:4f:9d:b0:d9:9b:51:67:85:85:50:c3:f6:96:8a:
                    9f:92:a8:3b:3c:fb:c1:da:c0:e1:ae:c1:bc:51:2c:
                    b2:f4:4b:c5:23:8d:d6:23:b0:58:dc:7f:a6:c6:8e:
                    47:39:d7:1a:51:e6:f6:5a:3f:ab:32:f4:ee:1b:03:
                    e0:77:e2:ce:20:cd:84:dc:ec:e6:c2:bb:a9:02:7a:
                    05:2a:38:e4:91:d2:c8:0f:f7:af:ec:76:5a:e0:88:
                    5d:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:41:29:79:61:F3:9E:4F:DF:DB:75:E5:E5:84:EF:79:0A:11:6B:F3
            X509v3 Authority Key Identifier:
                keyid:3A:49:45:E4:67:64:02:9D:25:81:D8:20:C3:37:3F:A4:45:85:55:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:36:b5:2d:af:a4:1d:21:9f:8f:bb:f6:d0:4c:cf:05:d5:13:
         a2:bd:90:26:90:64:c3:bb:aa:6e:f3:bc:a5:d3:b8:b1:bc:b6:
         d4:16:4e:12:7f:27:a2:30:9a:de:83:33:52:2a:b5:e0:95:70:
         ef:46:22:2c:e0:90:58:12:b5:1f:ed:4e:57:3b:6d:fc:28:4d:
         27:ed:de:9f:c4:21:e4:16:1d:73:73:8f:5c:a7:96:80:8c:82:
         71:fd:72:e0:17:8d:a6:c2:dd:66:ec:5b:fb:5e:5c:a0:aa:62:
         9f:8c:26:70:0a:31:a9:bc:e2:89:04:87:c2:38:1b:9b:4d:4d:
         87:79:1b:b4:b1:da:5b:34:f2:da:4f:d2:43:24:70:65:5c:3f:
         f7:d6:aa:fe:e5:a6:17:8a:27:92:e3:27:c9:64:4b:26:84:b1:
         1b:14:d4:dd:de:60:10:94:ec:ab:6e:67:b3:36:ff:ae:32:6b:
         97:7e:6f:7b:df:ff:b5:08:e9:74:a8:09:0b:b9:18:77:16:61:
         80:89:0e:08:57:08:66:43:c0:59:ae:24:31:1a:b2:3b:fb:fc:
         78:a0:d4:51:af:1a:aa:f1:c1:79:f9:04:24:ba:f1:e8:2a:26:
         63:b8:2e:3a:48:f7:70:0e:ba:ef:91:fd:ed:09:37:1a:c0:81:
         4c:3f:5a:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n399QW6HC2ktuqOOySn/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDk0NWU0Njc2NDAyOWQyNTgxZDgyMGMzMzczZmE0NDU4
NTU1MzkwHhcNMjYwMzI2MDIwMTE2WhcNMjYwMzI3MDIwMTE2WjAzMTEwLwYDVQQD
Eyg4ODQxMjk3OTYxZjM5ZTRmZGZkYjc1ZTVlNTg0ZWY3OTBhMTE2YmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6W1hnjPxE1G+i9W/XBZx4kqRn+m
5fu3+iRx5f9OE5nkx1GZsJSjAZX9maCfd2Y4eakBA92rL6ag0Uqpo/PPnQAwQNby
ZrKPn6JCJgTutt+ecYKJN73BrLyDrnJIGqnWBbrfadZqJJfXYevPPM8b+Lrbm1yW
o+jpCn0ZTmnwtcodcdbQcNcbHQG1LUaCiVGWgUEjjZfEj7LEhxCLyo6Ld5SCYtGP
T52w2ZtRZ4WFUMP2loqfkqg7PPvB2sDhrsG8USyy9EvFI43WI7BY3H+mxo5HOdca
Ueb2Wj+rMvTuGwPgd+LOIM2E3OzmwrupAnoFKjjkkdLID/ev7HZa4Ihd1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhBKXlh855P39t15eWE73kKEWvzMB8GA1UdIwQY
MBaAFDpJReRnZAKdJYHYIMM3P6RFhVU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80ZWY2ODAtN2M1NS00YTViLTg1Njgt
MzM2YWM5NDU2NDY0LzEvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80ZWY2ODAtN2M1NS00YTViLTg1NjgtMzM2YWM5NDU2NDY0
LzEvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqTa1La+k
HSGfj7v20EzPBdUTor2QJpBkw7uqbvO8pdO4sby21BZOEn8nojCa3oMzUiq14JVw
70YiLOCQWBK1H+1OVztt/ChNJ+3en8Qh5BYdc3OPXKeWgIyCcf1y4BeNpsLdZuxb
+15coKpin4wmcAoxqbziiQSHwjgbm01Nh3kbtLHaWzTy2k/SQyRwZVw/99aq/uWm
F4onkuMnyWRLJoSxGxTU3d5gEJTsq25nszb/rjJrl35ve9//tQjpdKgJC7kYdxZh
gIkOCFcIZkPAWa4kMRqyO/v8eKDUUa8aqvHBefkEJLrx6ComY7guOkj3cA6675H9
7Qk3GsCBTD9aHw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:53:24 2026 by rpki-client