Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft
File:                     OklF5GdkAp0lgdggwzc_pEWFVTk.mft (raw, json)
Hash identifier:          KBomb/wrk1/0+HnnokiVf/fokzP4WGG1KmZvUqxUYa4=
Subject key identifier:   53:7D:3D:59:19:44:59:13:76:3B:9D:4A:77:83:BE:BC:67:EE:A5:64
Authority key identifier: 3A:49:45:E4:67:64:02:9D:25:81:D8:20:C3:37:3F:A4:45:85:55:39
Certificate issuer:       /CN=3a4945e46764029d2581d820c3373fa445855539
Certificate serial:       019A00DA774090C652A9482626290E6C5627
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft
Manifest number:          16F3
Signing time:             Mon 20 Oct 2025 09:01:48 +0000
Manifest this update:     Mon 20 Oct 2025 09:01:48 +0000
Manifest next update:     Tue 21 Oct 2025 09:01:48 +0000
Files and hashes:         1: 1-yPHrZgsoThpMDnxsp8ik7ZJAmM.roa (hash: PkPdKCMYMFbeGyHu/UiymTakLQYctiNwfIAb9+YJYgQ=)
                          2: 5QRzBx43AV-rVFibUIkxX67tvbI.roa (hash: gayo6a2ZkLUJa9zMEpLRBH3Ls/m1iB/K2c1cMPBX4/Y=)
                          3: 6Xm-75V0sXQGqzDZtgBZ1MB1y7U.roa (hash: y6WKfvCzgcr5qRF8JvQX+THC7a2GBmmRXVuRnQY8PoA=)
                          4: OklF5GdkAp0lgdggwzc_pEWFVTk.crl (hash: NJBsMn6V8lOxTbEx4yytX7Ww+k2OmPl3J7Q2CLM1hJA=)
                          5: U6V2FCr3duwrLHYXfMUAwbMQYWE.roa (hash: n65sXgOD4a9BNyNZnLy9ePNv9aeblojwP3q3G8dIAXE=)
                          6: aEuO7f3JtpWyu2f1MPnzErrljgU.roa (hash: YH8NEIJKb+pPrmGWzPR+jhBeuD5w3MtFJDL2dbR+PwQ=)
                          7: hE4J7-nVjBP1I1amWriRZQbCRjQ.roa (hash: t96fk3QnxrV27k+4LVx0l6UARkEoivZQZo9G+qQHzNc=)
                          8: tVLlOiV7SvnosXMuOA6u9tK4RqI.roa (hash: /FYDglX8ng94EWH9NM8VS2sIZeZUQbmdZE0FSeyFXmg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:da:77:40:90:c6:52:a9:48:26:26:29:0e:6c:56:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a4945e46764029d2581d820c3373fa445855539
        Validity
            Not Before: Oct 20 09:01:48 2025 GMT
            Not After : Oct 21 09:01:48 2025 GMT
        Subject: CN=537d3d5919445913763b9d4a7783bebc67eea564
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:75:39:89:f5:07:85:30:23:9d:58:06:26:11:
                    10:3b:d7:4c:3f:c4:3f:a1:f0:aa:39:ea:a4:2f:30:
                    b7:d4:43:2f:5a:37:e7:e9:b0:32:63:fb:b1:36:e2:
                    bc:c7:c8:68:3e:37:07:33:23:a0:5e:f0:c9:97:8e:
                    6c:6c:91:bf:49:a9:98:ef:38:bb:32:e5:da:f1:37:
                    ee:62:87:ad:f3:36:c9:a1:2a:69:17:c1:b4:2a:bc:
                    f8:33:89:55:d9:55:61:f2:94:57:05:4b:1d:5c:2c:
                    41:28:8c:a5:29:7d:76:3f:f1:38:b4:24:1d:e9:6a:
                    98:b0:4a:1b:a1:47:61:40:ef:d0:59:f8:8e:94:85:
                    f7:d5:94:81:c6:05:c4:75:e7:ac:55:5e:67:09:9e:
                    df:b2:b9:54:2b:9d:ec:02:39:8e:a1:55:b4:87:69:
                    1e:63:e0:6e:65:c2:2f:5f:c6:46:81:fa:42:6e:a7:
                    38:30:e8:d4:47:0e:aa:cb:5f:52:ad:8f:95:cb:e7:
                    aa:cc:bf:14:47:60:22:05:a2:f7:8e:ff:96:0c:5f:
                    c9:17:fd:c8:c4:9b:d6:73:eb:dd:50:50:82:b9:96:
                    75:65:4e:6c:61:d9:c4:b5:dd:83:47:69:29:d6:e8:
                    3a:60:88:84:3a:78:5b:f2:62:3a:59:fa:ba:4f:54:
                    b6:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:7D:3D:59:19:44:59:13:76:3B:9D:4A:77:83:BE:BC:67:EE:A5:64
            X509v3 Authority Key Identifier:
                keyid:3A:49:45:E4:67:64:02:9D:25:81:D8:20:C3:37:3F:A4:45:85:55:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:73:05:96:07:ac:a8:21:24:90:ab:50:36:db:2f:38:64:48:
         7b:92:cd:f5:66:61:ae:bc:ca:e7:3d:f2:40:ed:54:5c:f7:ba:
         7e:a9:66:f8:47:5d:87:0f:8e:3f:a7:25:74:f0:7d:b5:40:66:
         44:52:ef:a1:2f:67:02:50:d1:cf:21:a9:15:61:04:a1:e3:84:
         4e:70:56:87:75:41:2c:80:08:41:8d:1e:09:62:ae:9d:44:d4:
         c2:83:5a:4b:f7:29:04:6c:4b:e4:ff:f0:9b:ad:4e:40:51:e0:
         48:87:b7:71:e3:c4:6c:42:e0:39:22:04:2a:ae:b9:3e:55:05:
         fc:8a:6c:9e:25:9b:1a:c5:95:84:0b:09:76:bb:ef:b2:c8:c4:
         43:44:ef:a6:91:f0:76:42:91:70:94:b2:79:e6:42:30:5c:af:
         48:c0:d9:69:8f:26:38:8e:fe:04:cf:2a:b8:a1:2c:08:52:b9:
         2d:02:c4:23:8e:cb:10:0b:23:89:65:e2:2f:3e:4d:e3:20:ff:
         1e:82:73:a6:8d:73:f5:27:a6:43:ee:30:c5:4b:f3:22:20:6c:
         c4:10:e4:5c:13:30:5b:91:f3:f4:83:55:35:a9:ab:04:fa:1a:
         05:5c:33:06:8a:c1:4f:d7:fb:2a:80:8f:4c:2c:36:96:1a:41:
         17:75:a7:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoA2ndAkMZSqUgmJikObFYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDk0NWU0Njc2NDAyOWQyNTgxZDgyMGMzMzczZmE0NDU4
NTU1MzkwHhcNMjUxMDIwMDkwMTQ4WhcNMjUxMDIxMDkwMTQ4WjAzMTEwLwYDVQQD
Eyg1MzdkM2Q1OTE5NDQ1OTEzNzYzYjlkNGE3NzgzYmViYzY3ZWVhNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHU5ifUHhTAjnVgGJhEQO9dMP8Q/
ofCqOeqkLzC31EMvWjfn6bAyY/uxNuK8x8hoPjcHMyOgXvDJl45sbJG/SamY7zi7
MuXa8TfuYoet8zbJoSppF8G0Krz4M4lV2VVh8pRXBUsdXCxBKIylKX12P/E4tCQd
6WqYsEoboUdhQO/QWfiOlIX31ZSBxgXEdeesVV5nCZ7fsrlUK53sAjmOoVW0h2ke
Y+BuZcIvX8ZGgfpCbqc4MOjURw6qy19SrY+Vy+eqzL8UR2AiBaL3jv+WDF/JF/3I
xJvWc+vdUFCCuZZ1ZU5sYdnEtd2DR2kp1ug6YIiEOnhb8mI6Wfq6T1S2RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFN9PVkZRFkTdjudSneDvrxn7qVkMB8GA1UdIwQY
MBaAFDpJReRnZAKdJYHYIMM3P6RFhVU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80ZWY2ODAtN2M1NS00YTViLTg1Njgt
MzM2YWM5NDU2NDY0LzEvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80ZWY2ODAtN2M1NS00YTViLTg1NjgtMzM2YWM5NDU2NDY0
LzEvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbnMFlges
qCEkkKtQNtsvOGRIe5LN9WZhrrzK5z3yQO1UXPe6fqlm+Eddhw+OP6cldPB9tUBm
RFLvoS9nAlDRzyGpFWEEoeOETnBWh3VBLIAIQY0eCWKunUTUwoNaS/cpBGxL5P/w
m61OQFHgSIe3cePEbELgOSIEKq65PlUF/IpsniWbGsWVhAsJdrvvssjEQ0TvppHw
dkKRcJSyeeZCMFyvSMDZaY8mOI7+BM8quKEsCFK5LQLEI47LEAsjiWXiLz5N4yD/
HoJzpo1z9SemQ+4wxUvzIiBsxBDkXBMwW5Hz9INVNamrBPoaBVwzBorBT9f7KoCP
TCw2lhpBF3Wnng==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:15:55 2025 by rpki-client