Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
File:                     OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft (raw, json)
Hash identifier:          0J1ID8WFtvM+4e3gy5IX3vA02RHo16hB9jxsEdxi5D4=
Subject key identifier:   72:46:21:92:47:98:A0:99:E4:0E:64:15:A0:C8:F7:ED:0F:B6:52:9E
Authority key identifier: 3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82
Certificate issuer:       /CN=3a6b084426d9de0b10e0141d1de43c7629c19682
Certificate serial:       019D37528C142C1FC0490F71DFFEE714E817
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
Manifest number:          0F42
Signing time:             Sun 29 Mar 2026 02:00:49 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:49 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:49 +0000
Files and hashes:         1: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl (hash: Odb2N5yTc6/+4TGgDKxNXA0edFHFaED0VKGn9wZVEyc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:8c:14:2c:1f:c0:49:0f:71:df:fe:e7:14:e8:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a6b084426d9de0b10e0141d1de43c7629c19682
        Validity
            Not Before: Mar 29 02:00:49 2026 GMT
            Not After : Mar 30 02:00:49 2026 GMT
        Subject: CN=724621924798a099e40e6415a0c8f7ed0fb6529e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:d9:59:d9:d5:2e:7e:b7:fb:2a:c7:dc:11:66:
                    60:e2:13:e6:48:56:77:86:fa:06:6b:ef:c5:94:3b:
                    56:b7:89:1c:90:f2:5a:18:a1:41:e3:27:7d:96:45:
                    e7:76:07:db:99:b9:c6:40:b5:c4:b5:c2:dc:34:0d:
                    09:c5:2c:03:5f:26:48:ed:88:85:aa:e1:b1:d7:ff:
                    4d:27:67:4b:c1:b9:e4:45:34:49:9c:44:89:08:1a:
                    e6:7a:90:94:fe:76:da:e3:a6:26:af:18:01:de:85:
                    a5:dc:0c:84:4d:36:50:93:f1:f5:96:10:c9:ed:7c:
                    c7:6a:85:dd:08:92:2f:7f:21:70:8c:0c:a1:c4:bc:
                    5d:1f:00:d7:bd:40:bd:1e:09:22:80:79:26:9f:f9:
                    58:26:30:72:ff:2b:2a:f1:c3:69:16:dc:37:4d:b1:
                    ff:be:6b:15:f0:43:c8:85:64:49:3d:13:5c:a5:18:
                    2f:7c:06:8b:59:0e:70:da:8b:80:3f:d8:2e:ac:10:
                    e2:b1:25:7d:7f:e9:4d:54:2a:7d:fb:33:60:48:74:
                    ea:fd:65:8a:71:97:a1:62:29:97:50:49:c9:d6:48:
                    65:40:aa:6b:d7:fc:c2:2d:89:96:61:92:c0:cd:ea:
                    b2:d0:55:3f:4d:c0:3d:33:e0:a0:76:a4:f7:3d:e6:
                    da:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:46:21:92:47:98:A0:99:E4:0E:64:15:A0:C8:F7:ED:0F:B6:52:9E
            X509v3 Authority Key Identifier:
                keyid:3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:a7:5e:fa:7e:cb:d7:51:2e:06:78:f9:7d:e9:68:89:aa:a0:
         ed:d7:eb:9d:01:03:94:f0:49:0a:5b:25:f5:fa:43:82:e1:8a:
         a6:79:bf:40:7e:e1:57:f0:b2:2e:c5:15:b7:52:ab:60:8a:d4:
         07:c0:7f:e5:4b:ba:ad:75:19:01:9c:dc:26:fc:11:af:4c:a3:
         5c:6e:1a:f0:b0:8f:bb:e3:bd:48:87:3e:8d:f0:14:3d:de:dd:
         6e:a5:85:38:ce:7a:be:ed:26:11:4a:9b:f5:c7:fc:3b:d9:19:
         a5:ca:44:f2:47:7c:08:65:16:63:33:72:b0:11:d3:10:f4:1c:
         a1:cd:f8:ed:cf:30:58:7f:3c:5f:e6:ad:d8:d0:7c:90:20:7e:
         c1:ec:e6:12:ed:e2:67:aa:0b:15:73:05:eb:c3:0d:fd:01:52:
         5b:60:fc:1f:7b:b0:e5:c8:f1:f9:59:b4:b3:73:0f:7a:4a:5a:
         17:dd:c4:2a:ca:b4:20:02:4f:c0:f2:0e:da:cf:9f:90:b6:bf:
         c0:68:49:e0:a5:dd:79:07:42:42:51:cf:f6:0b:f8:2a:6d:00:
         a6:7a:1b:8e:be:3c:06:c1:87:9d:a6:5b:9e:41:cb:b5:01:66:
         6c:f1:07:16:3d:71:1e:1b:02:45:83:d8:d8:22:95:72:32:4b:
         95:ee:ed:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UowULB/ASQ9x3/7nFOgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmIwODQ0MjZkOWRlMGIxMGUwMTQxZDFkZTQzYzc2Mjlj
MTk2ODIwHhcNMjYwMzI5MDIwMDQ5WhcNMjYwMzMwMDIwMDQ5WjAzMTEwLwYDVQQD
Eyg3MjQ2MjE5MjQ3OThhMDk5ZTQwZTY0MTVhMGM4ZjdlZDBmYjY1MjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntlZ2dUufrf7KsfcEWZg4hPmSFZ3
hvoGa+/FlDtWt4kckPJaGKFB4yd9lkXndgfbmbnGQLXEtcLcNA0JxSwDXyZI7YiF
quGx1/9NJ2dLwbnkRTRJnESJCBrmepCU/nba46YmrxgB3oWl3AyETTZQk/H1lhDJ
7XzHaoXdCJIvfyFwjAyhxLxdHwDXvUC9HgkigHkmn/lYJjBy/ysq8cNpFtw3TbH/
vmsV8EPIhWRJPRNcpRgvfAaLWQ5w2ouAP9gurBDisSV9f+lNVCp9+zNgSHTq/WWK
cZehYimXUEnJ1khlQKpr1/zCLYmWYZLAzeqy0FU/TcA9M+CgdqT3PebaHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJGIZJHmKCZ5A5kFaDI9+0PtlKeMB8GA1UdIwQY
MBaAFDprCEQm2d4LEOAUHR3kPHYpwZaCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2Ut
MzA1YjdjZWViNzk2LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2UtMzA1YjdjZWViNzk2
LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY6de+n7L
11EuBnj5feloiaqg7dfrnQEDlPBJClsl9fpDguGKpnm/QH7hV/CyLsUVt1KrYIrU
B8B/5Uu6rXUZAZzcJvwRr0yjXG4a8LCPu+O9SIc+jfAUPd7dbqWFOM56vu0mEUqb
9cf8O9kZpcpE8kd8CGUWYzNysBHTEPQcoc347c8wWH88X+at2NB8kCB+wezmEu3i
Z6oLFXMF68MN/QFSW2D8H3uw5cjx+Vm0s3MPekpaF93EKsq0IAJPwPIO2s+fkLa/
wGhJ4KXdeQdCQlHP9gv4Km0Apnobjr48BsGHnaZbnkHLtQFmbPEHFj1xHhsCRYPY
2CKVcjJLle7twQ==
-----END CERTIFICATE-----