Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
File:                     OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft (raw, json)
Hash identifier:          NBHJmmH+fSkw7rYkD4JK8UK8l1kKgfdVBtTm88BxGGI=
Subject key identifier:   E5:FE:79:DA:66:75:44:2E:E6:C8:0F:99:0A:48:4B:1E:A8:A5:03:FA
Authority key identifier: 3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82
Certificate issuer:       /CN=3a6b084426d9de0b10e0141d1de43c7629c19682
Certificate serial:       0199228CAE33DAE7C2CCBD1A207E4757158F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
Manifest number:          0D25
Signing time:             Sun 07 Sep 2025 05:01:08 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:08 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:08 +0000
Files and hashes:         1: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl (hash: lY9QEpB6Lmm7szFSydazNqzqk1XpavKfDj2x5qlOmSM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:ae:33:da:e7:c2:cc:bd:1a:20:7e:47:57:15:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a6b084426d9de0b10e0141d1de43c7629c19682
        Validity
            Not Before: Sep  7 05:01:08 2025 GMT
            Not After : Sep  8 05:01:08 2025 GMT
        Subject: CN=e5fe79da6675442ee6c80f990a484b1ea8a503fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e6:e3:2d:09:9a:25:1a:1e:f5:bf:c8:8e:6a:
                    29:a3:76:01:bb:68:8a:b4:37:af:d9:7e:96:57:34:
                    d6:91:b1:4a:72:7c:44:31:98:7c:01:38:78:d7:49:
                    6c:99:cd:92:e6:dd:ad:f7:db:6e:eb:3e:b2:6f:01:
                    67:45:35:82:a1:2e:a6:22:ea:de:a5:98:60:54:fb:
                    75:f8:5b:39:7a:1a:20:2d:7e:e9:8e:cc:80:ae:b6:
                    23:1b:ff:24:cd:da:6d:49:2e:16:82:44:95:7c:5d:
                    bc:22:34:4c:19:19:b2:c4:ac:3b:58:73:ae:3c:2f:
                    4e:be:ce:0b:05:e5:7d:4f:f5:03:b8:d4:93:3b:e6:
                    20:fa:b5:fa:48:8f:88:28:7a:04:65:e7:7e:16:73:
                    d0:f5:1f:9f:e7:bb:c2:ed:f7:b7:26:8a:f0:ac:5a:
                    d1:6e:0c:ca:8d:ae:34:fe:ef:60:d7:a1:a9:d5:55:
                    d8:7e:81:bd:25:00:9e:f9:27:82:0b:8a:b3:d2:51:
                    4e:ac:07:d3:c1:d0:3a:a2:ef:51:80:70:5c:c0:05:
                    56:99:75:e6:fe:f2:ba:c9:c4:6d:61:b2:aa:ce:29:
                    b5:9f:15:77:3b:2f:d3:24:82:a1:08:55:4c:ee:77:
                    7f:7a:5d:01:07:bf:07:1f:eb:ee:10:17:2c:e3:10:
                    9e:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:FE:79:DA:66:75:44:2E:E6:C8:0F:99:0A:48:4B:1E:A8:A5:03:FA
            X509v3 Authority Key Identifier:
                keyid:3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:81:16:36:fa:ed:2e:61:3d:6c:34:0b:8e:9f:ac:80:d6:87:
         81:68:16:86:6e:9f:51:b2:a5:cf:86:44:06:21:32:8c:1a:69:
         6d:ca:6a:33:34:8b:35:96:a9:64:e5:99:45:e2:38:46:33:70:
         77:6b:97:d4:3e:5e:87:0e:1a:2c:59:7b:02:96:5c:f3:3b:ef:
         66:dd:68:be:72:2b:3d:0e:31:22:26:ff:62:f0:91:ac:7d:ee:
         0c:91:1e:b2:4e:4d:56:d9:eb:8b:23:fa:c0:82:59:e2:ed:14:
         d8:07:82:8f:b6:44:8d:7e:c0:32:c8:4e:af:17:36:8c:7d:1f:
         3a:67:08:3d:43:24:1a:4a:1f:fb:68:ea:c4:a9:01:5f:b0:fa:
         ed:6b:b5:ed:8e:6b:ef:be:89:a5:34:fd:cb:80:42:02:5e:0c:
         93:22:cb:ed:66:19:cd:2f:fb:a1:21:ff:0c:f2:9e:17:5e:2c:
         94:7c:32:b0:c0:93:6d:ac:b2:53:1e:ed:0c:4f:ce:a8:e6:e1:
         5d:5c:54:6c:2e:9c:4e:3d:40:28:d8:59:72:d3:c5:f6:be:fc:
         12:00:e0:2f:34:95:ce:c0:c5:5e:15:b7:44:38:a8:e7:84:4a:
         84:84:dd:3c:63:40:d7:92:fb:e3:26:b7:a3:4f:1f:9c:9f:83:
         74:60:91:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijK4z2ufCzL0aIH5HVxWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmIwODQ0MjZkOWRlMGIxMGUwMTQxZDFkZTQzYzc2Mjlj
MTk2ODIwHhcNMjUwOTA3MDUwMTA4WhcNMjUwOTA4MDUwMTA4WjAzMTEwLwYDVQQD
EyhlNWZlNzlkYTY2NzU0NDJlZTZjODBmOTkwYTQ4NGIxZWE4YTUwM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxebjLQmaJRoe9b/Ijmopo3YBu2iK
tDev2X6WVzTWkbFKcnxEMZh8ATh410lsmc2S5t2t99tu6z6ybwFnRTWCoS6mIure
pZhgVPt1+Fs5ehogLX7pjsyArrYjG/8kzdptSS4WgkSVfF28IjRMGRmyxKw7WHOu
PC9Ovs4LBeV9T/UDuNSTO+Yg+rX6SI+IKHoEZed+FnPQ9R+f57vC7fe3JorwrFrR
bgzKja40/u9g16Gp1VXYfoG9JQCe+SeCC4qz0lFOrAfTwdA6ou9RgHBcwAVWmXXm
/vK6ycRtYbKqzim1nxV3Oy/TJIKhCFVM7nd/el0BB78HH+vuEBcs4xCe4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOX+edpmdUQu5sgPmQpISx6opQP6MB8GA1UdIwQY
MBaAFDprCEQm2d4LEOAUHR3kPHYpwZaCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2Ut
MzA1YjdjZWViNzk2LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2UtMzA1YjdjZWViNzk2
LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfIEWNvrt
LmE9bDQLjp+sgNaHgWgWhm6fUbKlz4ZEBiEyjBppbcpqMzSLNZapZOWZReI4RjNw
d2uX1D5ehw4aLFl7ApZc8zvvZt1ovnIrPQ4xIib/YvCRrH3uDJEesk5NVtnriyP6
wIJZ4u0U2AeCj7ZEjX7AMshOrxc2jH0fOmcIPUMkGkof+2jqxKkBX7D67Wu17Y5r
776JpTT9y4BCAl4MkyLL7WYZzS/7oSH/DPKeF14slHwysMCTbayyUx7tDE/OqObh
XVxUbC6cTj1AKNhZctPF9r78EgDgLzSVzsDFXhW3RDio54RKhITdPGNA15L74ya3
o08fnJ+DdGCRgA==
-----END CERTIFICATE-----