Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
File:                     OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft (raw, json)
Hash identifier:          zv30RoL8Pk6ypACL31HVqxMdkeAm/MPalH1qPBD9gUA=
Subject key identifier:   81:0D:15:A9:6C:DE:94:A5:3F:F0:4D:8C:BF:40:0C:DC:EA:72:08:B6
Authority key identifier: 3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82
Certificate issuer:       /CN=3a6b084426d9de0b10e0141d1de43c7629c19682
Certificate serial:       0199FAD7A6D034DB4456432F74B36F91CA7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
Manifest number:          0D95
Signing time:             Sun 19 Oct 2025 05:01:00 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:00 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:00 +0000
Files and hashes:         1: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl (hash: 1kMDkBIxVEBRobO1K/5l85KE6qs8G3dUhUvkEJQNz6U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:a6:d0:34:db:44:56:43:2f:74:b3:6f:91:ca:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a6b084426d9de0b10e0141d1de43c7629c19682
        Validity
            Not Before: Oct 19 05:01:00 2025 GMT
            Not After : Oct 20 05:01:00 2025 GMT
        Subject: CN=810d15a96cde94a53ff04d8cbf400cdcea7208b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:00:de:1b:b6:62:be:81:a0:8b:cf:57:68:45:
                    3c:38:cf:e0:b6:56:60:70:1e:11:75:ab:08:9f:89:
                    55:4e:4f:53:92:c5:82:a6:00:94:54:ef:67:1f:3c:
                    d0:66:de:8c:15:00:de:5e:22:87:c8:b5:c3:4a:ce:
                    4e:2b:97:c2:6b:6a:ae:10:f2:f6:c6:a3:a5:06:78:
                    4a:a2:6b:ce:6b:71:88:15:97:fc:f9:df:c1:ac:42:
                    65:17:2f:01:88:55:dc:21:5f:7e:af:00:75:f0:12:
                    0a:50:94:af:63:8e:4f:33:1f:de:ba:da:fe:cd:12:
                    42:53:03:e7:b0:8f:14:45:5d:93:6b:e0:2a:e6:a4:
                    f8:e1:cc:af:fd:9b:0a:c7:7b:c6:36:6e:33:b6:7d:
                    4e:ef:1b:4d:eb:06:3e:08:e4:54:d3:de:b8:ef:8e:
                    0c:90:22:bb:1e:e0:46:95:2c:1e:1a:f8:40:9a:83:
                    4e:e9:82:96:e8:a1:2a:e7:86:40:cf:9b:d1:ba:6a:
                    84:5c:a4:9e:13:13:05:e6:75:a0:64:a4:40:05:6d:
                    e5:b7:41:57:4a:f1:40:68:09:26:8b:43:1e:d9:46:
                    ce:52:70:f3:9f:fe:13:59:cb:65:d7:5a:b9:9d:12:
                    6a:fc:bf:e4:37:28:51:99:dc:f7:84:ce:05:53:b2:
                    7f:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:0D:15:A9:6C:DE:94:A5:3F:F0:4D:8C:BF:40:0C:DC:EA:72:08:B6
            X509v3 Authority Key Identifier:
                keyid:3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:a0:90:7b:35:e5:43:d6:37:4a:02:d4:6d:3d:4d:10:a4:71:
         6c:0e:49:a0:8b:76:43:e5:20:b8:33:23:80:32:56:9a:28:88:
         e8:15:50:8a:9a:09:2d:0e:20:69:3b:5a:2e:ca:b3:b7:be:4e:
         f9:a0:61:b0:fc:64:54:5d:fa:16:49:6e:07:25:6d:3a:05:56:
         c8:75:01:c0:f8:32:a3:47:00:a3:2b:4b:b2:3a:e4:a5:6e:72:
         f8:50:71:49:7a:37:0b:48:3c:dd:a9:d1:3a:80:ac:8b:25:ab:
         2a:bd:ed:d9:46:d9:f3:f3:aa:de:5e:80:31:f3:42:87:87:67:
         15:61:63:3a:1b:95:b9:f7:3d:47:cf:c5:fc:d2:75:c9:69:d5:
         44:90:b5:22:36:12:fe:98:1e:0f:61:0a:f4:4a:bf:38:58:d7:
         b3:2d:26:e2:98:f4:b9:f3:13:fa:3a:75:98:90:3e:d8:60:56:
         09:57:70:15:e3:13:fa:35:ca:3b:66:6d:ed:b6:82:45:9c:a3:
         3f:a5:b3:25:c4:10:8e:10:89:a2:3a:08:d9:98:ee:7c:e5:74:
         2f:3f:01:75:f0:ee:1a:0e:0e:49:6b:08:d1:df:2d:05:98:25:
         b1:08:f1:c3:94:54:5a:77:ea:c3:c4:ca:ea:cc:f3:4a:66:ea:
         62:ec:d3:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn616bQNNtEVkMvdLNvkcp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmIwODQ0MjZkOWRlMGIxMGUwMTQxZDFkZTQzYzc2Mjlj
MTk2ODIwHhcNMjUxMDE5MDUwMTAwWhcNMjUxMDIwMDUwMTAwWjAzMTEwLwYDVQQD
Eyg4MTBkMTVhOTZjZGU5NGE1M2ZmMDRkOGNiZjQwMGNkY2VhNzIwOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgDeG7ZivoGgi89XaEU8OM/gtlZg
cB4RdasIn4lVTk9TksWCpgCUVO9nHzzQZt6MFQDeXiKHyLXDSs5OK5fCa2quEPL2
xqOlBnhKomvOa3GIFZf8+d/BrEJlFy8BiFXcIV9+rwB18BIKUJSvY45PMx/eutr+
zRJCUwPnsI8URV2Ta+Aq5qT44cyv/ZsKx3vGNm4ztn1O7xtN6wY+CORU0964744M
kCK7HuBGlSweGvhAmoNO6YKW6KEq54ZAz5vRumqEXKSeExMF5nWgZKRABW3lt0FX
SvFAaAkmi0Me2UbOUnDzn/4TWctl11q5nRJq/L/kNyhRmdz3hM4FU7J/SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIENFals3pSlP/BNjL9ADNzqcgi2MB8GA1UdIwQY
MBaAFDprCEQm2d4LEOAUHR3kPHYpwZaCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2Ut
MzA1YjdjZWViNzk2LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2UtMzA1YjdjZWViNzk2
LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA6CQezXl
Q9Y3SgLUbT1NEKRxbA5JoIt2Q+UguDMjgDJWmiiI6BVQipoJLQ4gaTtaLsqzt75O
+aBhsPxkVF36FkluByVtOgVWyHUBwPgyo0cAoytLsjrkpW5y+FBxSXo3C0g83anR
OoCsiyWrKr3t2UbZ8/Oq3l6AMfNCh4dnFWFjOhuVufc9R8/F/NJ1yWnVRJC1IjYS
/pgeD2EK9Eq/OFjXsy0m4pj0ufMT+jp1mJA+2GBWCVdwFeMT+jXKO2Zt7baCRZyj
P6WzJcQQjhCJojoI2ZjufOV0Lz8BdfDuGg4OSWsI0d8tBZglsQjxw5RUWnfqw8TK
6szzSmbqYuzTZw==
-----END CERTIFICATE-----