Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
File:                     OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft (raw, json)
Hash identifier:          S6EIv0vOqHEbaAyOHfo4AosWYFVKlLVKU1Ug++IAtQs=
Subject key identifier:   6C:51:A7:52:4F:91:EA:D4:6C:F2:DA:F7:9A:3A:18:B6:9C:58:BE:85
Authority key identifier: 3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82
Certificate issuer:       /CN=3a6b084426d9de0b10e0141d1de43c7629c19682
Certificate serial:       01974967C4CD82646D2D860293A30C7CBC49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
Manifest number:          0C30
Signing time:             Sat 07 Jun 2025 08:00:26 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:26 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:26 +0000
Files and hashes:         1: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl (hash: DdLWs43qGtWpsmfvoQD/fTmCgyhnNY8EFZDs3d16siI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 08:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:67:c4:cd:82:64:6d:2d:86:02:93:a3:0c:7c:bc:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a6b084426d9de0b10e0141d1de43c7629c19682
        Validity
            Not Before: Jun  7 08:00:26 2025 GMT
            Not After : Jun  8 08:00:26 2025 GMT
        Subject: CN=6c51a7524f91ead46cf2daf79a3a18b69c58be85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:78:43:e4:a2:0e:7c:89:90:e4:8e:ed:b6:f0:
                    47:23:d8:0e:b9:63:97:80:79:34:eb:48:6c:8a:49:
                    61:f1:7b:ab:ce:89:46:f0:f1:4d:ea:55:58:c0:bf:
                    be:e5:37:4e:80:ce:a3:9e:d5:67:0b:91:ec:83:a3:
                    b5:16:0d:53:cf:c8:cf:0c:b1:6b:f6:fe:f6:70:65:
                    56:1a:ce:7c:4c:3f:98:c1:12:e3:c8:43:85:22:1a:
                    4e:6d:ac:bc:ed:01:54:74:05:3a:5a:8c:f3:16:bd:
                    4b:39:a9:5d:a6:87:44:f0:45:bc:a2:36:90:01:78:
                    b1:a6:0f:cf:38:88:ff:c3:1d:17:5c:38:3a:78:b7:
                    fe:9c:52:2d:2e:e3:73:72:fc:17:eb:eb:e6:50:90:
                    ef:a9:4a:bc:b2:72:c9:79:6c:c7:dc:28:96:13:11:
                    e6:e0:2d:db:b5:17:2b:ee:05:3f:ef:f6:69:f6:49:
                    f6:71:1f:f0:d8:82:99:13:ca:f5:98:c3:bb:24:01:
                    b4:65:a8:b8:48:db:7e:32:5b:ab:7d:4d:f4:dd:80:
                    a0:06:1b:27:5f:b7:c1:dd:bf:33:35:75:00:03:ca:
                    72:bb:70:19:33:51:f1:fe:70:26:c5:9e:3a:19:68:
                    82:da:4b:4d:de:c5:57:d6:ec:98:4a:cb:c0:20:34:
                    5e:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:51:A7:52:4F:91:EA:D4:6C:F2:DA:F7:9A:3A:18:B6:9C:58:BE:85
            X509v3 Authority Key Identifier:
                keyid:3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:04:a4:ea:9d:31:ec:4d:da:dc:d8:41:47:58:71:03:a0:d7:
         12:a7:0f:6c:74:35:79:cf:3c:20:26:55:7e:64:5b:ed:d5:b2:
         12:d9:d8:54:62:e7:d7:35:77:f8:d7:91:1b:4a:42:b7:65:63:
         ea:23:ea:28:e9:a6:b7:3c:b3:71:a8:8a:03:72:a5:8f:0e:68:
         c6:e0:21:98:95:88:d5:28:1c:ea:17:12:21:0f:60:fb:ba:d4:
         6b:bb:55:8f:49:3b:80:a0:87:54:ff:dc:e8:fd:f1:ac:3d:58:
         b9:5f:25:a9:d0:ed:7d:ce:9a:b7:44:c1:57:95:a7:c2:62:b3:
         71:3d:81:56:d6:64:c6:1b:3a:40:dd:26:1c:93:b0:b4:92:c7:
         df:8c:70:78:ce:de:1e:db:c0:75:b4:7a:f9:3a:5c:93:10:4b:
         d3:9f:cf:94:9f:6c:f1:1c:23:ea:f1:fd:0d:fb:0d:96:3b:41:
         9f:f7:6b:7a:6c:8d:2d:d7:12:69:3c:e3:ed:36:3b:d9:88:ce:
         76:6f:d8:d4:2b:32:01:52:7f:a0:57:61:7a:e6:27:f8:01:f3:
         0b:46:0d:fd:ce:1f:05:8a:03:be:4f:76:4f:3a:de:cb:f3:13:
         c9:c4:00:ad:94:16:f5:56:17:0c:38:1c:55:7c:7f:64:aa:44:
         89:ae:1e:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJZ8TNgmRtLYYCk6MMfLxJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmIwODQ0MjZkOWRlMGIxMGUwMTQxZDFkZTQzYzc2Mjlj
MTk2ODIwHhcNMjUwNjA3MDgwMDI2WhcNMjUwNjA4MDgwMDI2WjAzMTEwLwYDVQQD
Eyg2YzUxYTc1MjRmOTFlYWQ0NmNmMmRhZjc5YTNhMThiNjljNThiZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXhD5KIOfImQ5I7ttvBHI9gOuWOX
gHk060hsiklh8XurzolG8PFN6lVYwL++5TdOgM6jntVnC5Hsg6O1Fg1Tz8jPDLFr
9v72cGVWGs58TD+YwRLjyEOFIhpObay87QFUdAU6WozzFr1LOaldpodE8EW8ojaQ
AXixpg/POIj/wx0XXDg6eLf+nFItLuNzcvwX6+vmUJDvqUq8snLJeWzH3CiWExHm
4C3btRcr7gU/7/Zp9kn2cR/w2IKZE8r1mMO7JAG0Zai4SNt+MlurfU303YCgBhsn
X7fB3b8zNXUAA8pyu3AZM1Hx/nAmxZ46GWiC2ktN3sVX1uyYSsvAIDRewwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGxRp1JPkerUbPLa95o6GLacWL6FMB8GA1UdIwQY
MBaAFDprCEQm2d4LEOAUHR3kPHYpwZaCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2Ut
MzA1YjdjZWViNzk2LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2UtMzA1YjdjZWViNzk2
LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApgSk6p0x
7E3a3NhBR1hxA6DXEqcPbHQ1ec88ICZVfmRb7dWyEtnYVGLn1zV3+NeRG0pCt2Vj
6iPqKOmmtzyzcaiKA3Kljw5oxuAhmJWI1Sgc6hcSIQ9g+7rUa7tVj0k7gKCHVP/c
6P3xrD1YuV8lqdDtfc6at0TBV5WnwmKzcT2BVtZkxhs6QN0mHJOwtJLH34xweM7e
HtvAdbR6+TpckxBL05/PlJ9s8Rwj6vH9DfsNljtBn/dremyNLdcSaTzj7TY72YjO
dm/Y1CsyAVJ/oFdheuYn+AHzC0YN/c4fBYoDvk92Tzrey/MTycQArZQW9VYXDDgc
VXx/ZKpEia4eRg==
-----END CERTIFICATE-----