Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
File:                     OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft (raw, json)
Hash identifier:          rLu8OXRVQfL7NfvjfXrPjP6KnimoDefz3uyp77t+OsI=
Subject key identifier:   F2:DE:77:FD:66:FE:C7:1A:4E:E8:E6:EF:51:4B:08:FD:B7:04:46:A1
Authority key identifier: 3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82
Certificate issuer:       /CN=3a6b084426d9de0b10e0141d1de43c7629c19682
Certificate serial:       0194C4635508BBC7FD7E83D578DAB5377C94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
Manifest number:          0AE2
Signing time:             Sun 02 Feb 2025 02:00:31 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:31 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:31 +0000
Files and hashes:         1: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl (hash: ys2sM/vz9W7RVqYh8GTuV+AhVl31KZ84E4u+Qe4FkbE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:55:08:bb:c7:fd:7e:83:d5:78:da:b5:37:7c:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a6b084426d9de0b10e0141d1de43c7629c19682
        Validity
            Not Before: Feb  2 02:00:31 2025 GMT
            Not After : Feb  3 02:00:31 2025 GMT
        Subject: CN=f2de77fd66fec71a4ee8e6ef514b08fdb70446a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:04:69:84:b4:9b:e2:af:19:b4:ee:86:59:cf:
                    c9:c2:7a:c0:b9:96:a0:30:b0:23:e2:dd:97:fd:96:
                    44:a3:bb:d4:f7:3b:e0:48:a3:3d:3a:7c:10:19:fd:
                    ba:7a:a8:d5:e6:76:fb:09:c0:8c:cb:1a:1d:d7:15:
                    d5:80:20:c1:e2:71:e9:cf:e2:a7:51:50:af:3c:aa:
                    0c:41:30:a7:b0:3c:62:11:eb:ca:db:08:2a:c9:3a:
                    63:6a:f1:c1:e5:3b:40:08:22:9d:db:cf:a5:0a:9d:
                    2b:9e:d4:ca:37:cf:49:13:b8:10:92:80:39:bc:79:
                    30:85:27:b5:8c:5c:db:24:60:d7:c3:2f:18:c0:7c:
                    f5:e4:5d:d0:29:fe:98:15:c3:c6:13:6e:e2:f4:78:
                    00:e4:56:ae:02:bc:3c:26:98:10:1b:64:be:ac:2a:
                    3c:a3:5e:19:c8:ed:21:51:be:60:22:da:68:cb:ab:
                    61:a3:f7:4b:24:03:30:ea:25:33:4a:61:8b:78:52:
                    86:f3:58:50:f1:05:77:22:1c:d9:a2:ca:6a:35:72:
                    cf:0c:20:09:a7:7d:53:b1:a6:bc:d0:ab:a0:a0:04:
                    1a:97:29:53:82:d9:bb:e1:f0:67:f5:80:ab:2b:b4:
                    ee:36:aa:ba:d9:9c:c4:b1:df:e1:ad:9a:f7:24:92:
                    92:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:DE:77:FD:66:FE:C7:1A:4E:E8:E6:EF:51:4B:08:FD:B7:04:46:A1
            X509v3 Authority Key Identifier:
                keyid:3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:44:02:7b:bb:d0:32:07:69:66:52:73:3c:5f:86:d5:18:4e:
         c0:f4:9d:41:c9:be:b4:2b:5c:e1:26:11:55:b9:dd:f3:4f:1a:
         20:07:3c:27:b9:67:ae:65:21:b9:4b:c6:ea:37:a0:14:d9:34:
         22:a4:ad:69:ad:76:87:c0:af:4a:6e:97:1f:d1:c2:86:ee:f8:
         cd:cc:07:b8:4b:d7:29:e6:ba:dc:e0:22:a2:61:bf:22:43:cb:
         2e:c0:e9:49:c1:d7:25:2f:8d:b6:8b:29:f8:f4:c0:54:a2:ce:
         aa:30:96:11:0b:08:23:2f:a3:ec:c6:6e:64:e3:86:67:61:83:
         0d:d1:4f:b0:5b:12:49:a6:32:cb:78:77:4a:87:d4:71:4c:69:
         4f:2e:56:45:90:ad:28:df:ec:6c:f6:20:4a:bc:93:f9:ad:b4:
         8a:30:a0:f0:f8:91:8d:8c:09:9e:8b:38:0b:ef:cd:1b:28:68:
         8e:7c:06:a4:c1:6e:55:85:11:2f:66:d2:9d:1c:86:14:34:5e:
         f9:2c:85:f4:6a:4b:6f:f8:16:a3:6b:99:5d:d2:d3:89:d8:8b:
         65:8e:2d:e4:6b:af:d7:a6:23:60:d2:ef:68:27:ef:b9:c2:7f:
         bf:8f:fe:86:17:fd:41:5d:6d:dd:88:42:a0:1c:7a:d9:a2:dd:
         4f:91:b5:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY1UIu8f9foPVeNq1N3yUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmIwODQ0MjZkOWRlMGIxMGUwMTQxZDFkZTQzYzc2Mjlj
MTk2ODIwHhcNMjUwMjAyMDIwMDMxWhcNMjUwMjAzMDIwMDMxWjAzMTEwLwYDVQQD
EyhmMmRlNzdmZDY2ZmVjNzFhNGVlOGU2ZWY1MTRiMDhmZGI3MDQ0NmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzARphLSb4q8ZtO6GWc/JwnrAuZag
MLAj4t2X/ZZEo7vU9zvgSKM9OnwQGf26eqjV5nb7CcCMyxod1xXVgCDB4nHpz+Kn
UVCvPKoMQTCnsDxiEevK2wgqyTpjavHB5TtACCKd28+lCp0rntTKN89JE7gQkoA5
vHkwhSe1jFzbJGDXwy8YwHz15F3QKf6YFcPGE27i9HgA5FauArw8JpgQG2S+rCo8
o14ZyO0hUb5gItpoy6tho/dLJAMw6iUzSmGLeFKG81hQ8QV3IhzZospqNXLPDCAJ
p31Tsaa80KugoAQalylTgtm74fBn9YCrK7TuNqq62ZzEsd/hrZr3JJKSrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPLed/1m/scaTujm71FLCP23BEahMB8GA1UdIwQY
MBaAFDprCEQm2d4LEOAUHR3kPHYpwZaCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2Ut
MzA1YjdjZWViNzk2LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2UtMzA1YjdjZWViNzk2
LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe0QCe7vQ
MgdpZlJzPF+G1RhOwPSdQcm+tCtc4SYRVbnd808aIAc8J7lnrmUhuUvG6jegFNk0
IqStaa12h8CvSm6XH9HChu74zcwHuEvXKea63OAiomG/IkPLLsDpScHXJS+Ntosp
+PTAVKLOqjCWEQsIIy+j7MZuZOOGZ2GDDdFPsFsSSaYyy3h3SofUcUxpTy5WRZCt
KN/sbPYgSryT+a20ijCg8PiRjYwJnos4C+/NGyhojnwGpMFuVYURL2bSnRyGFDRe
+SyF9GpLb/gWo2uZXdLTidiLZY4t5Guv16YjYNLvaCfvucJ/v4/+hhf9QV1t3YhC
oBx62aLdT5G1Lw==
-----END CERTIFICATE-----