Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
File:                     OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft (raw, json)
Hash identifier:          aa5dppN0Z7lgzf9XoiKabCAfu/mg9VwkrsjD3lQ5Ne4=
Subject key identifier:   49:58:E5:7F:04:DF:E8:0E:80:FB:38:91:C5:2D:6E:81:69:60:83:11
Authority key identifier: 3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82
Certificate issuer:       /CN=3a6b084426d9de0b10e0141d1de43c7629c19682
Certificate serial:       019D27DFD8AECCD710E2139C0FDD1C04FF83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
Manifest number:          0F3A
Signing time:             Thu 26 Mar 2026 02:01:14 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:14 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:14 +0000
Files and hashes:         1: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl (hash: TbcXsAbfLrcNvl07YqjS1pKzoC0RYyHGXE0ZkLGtbWc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:d8:ae:cc:d7:10:e2:13:9c:0f:dd:1c:04:ff:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a6b084426d9de0b10e0141d1de43c7629c19682
        Validity
            Not Before: Mar 26 02:01:14 2026 GMT
            Not After : Mar 27 02:01:14 2026 GMT
        Subject: CN=4958e57f04dfe80e80fb3891c52d6e8169608311
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:bf:91:7b:95:aa:59:7f:b7:14:58:a0:d5:8c:
                    59:f9:2c:e1:ee:0a:18:a7:b5:dc:1d:92:36:af:a2:
                    8b:1b:2b:ae:86:1a:f2:17:89:a3:6c:80:c6:2c:fd:
                    c6:0e:e0:89:53:5b:f4:88:e8:6e:90:e2:07:24:3d:
                    57:aa:79:c4:0d:6a:93:33:44:b1:0b:6a:e4:e3:e1:
                    f9:47:9f:4d:a0:05:ae:19:c0:d7:7b:13:bc:a9:ef:
                    d9:01:3b:32:bb:19:2c:d3:59:c7:bc:f4:8d:5d:14:
                    d1:9b:5c:35:91:e9:2a:7c:cf:dc:1e:f5:be:e5:24:
                    a6:44:fc:15:75:dd:0c:19:0d:3b:7f:27:5d:7a:cb:
                    59:f8:3f:49:8d:0f:22:11:68:92:83:d3:36:2b:66:
                    e5:a1:15:9b:49:47:ae:c8:80:8e:97:98:3d:7f:df:
                    37:38:4e:70:12:f8:8f:6f:86:50:61:c2:61:11:8f:
                    e5:94:4f:3a:8a:7d:e7:09:60:0e:78:cc:5f:34:a3:
                    30:0e:44:87:51:b0:07:8b:d9:a2:17:a5:17:5f:31:
                    4a:94:ab:0e:55:c0:a9:2b:f3:30:3d:41:f8:28:14:
                    be:e0:e4:f3:ed:87:57:a6:52:ec:71:19:c0:c8:09:
                    ba:31:97:d9:f9:cd:a1:34:8e:63:8f:dc:fc:2b:2f:
                    74:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:58:E5:7F:04:DF:E8:0E:80:FB:38:91:C5:2D:6E:81:69:60:83:11
            X509v3 Authority Key Identifier:
                keyid:3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:99:14:27:67:e3:90:b9:9e:a9:fa:d2:2d:55:77:01:d9:be:
         2f:b6:37:39:fd:92:47:7c:8e:a5:ec:f1:7b:3c:74:24:d6:ac:
         db:57:fe:cf:d9:c0:47:c2:4a:7c:5e:23:00:0a:ff:cd:94:49:
         ce:ba:9f:02:36:16:6f:a8:02:19:7d:76:d2:94:8b:02:9a:20:
         72:78:0c:87:64:16:b5:20:3b:0b:e5:bb:23:8a:d9:91:d9:58:
         d5:42:56:8b:5b:83:bc:48:08:7c:07:f8:9e:67:76:07:d1:d2:
         ae:b2:54:3c:c6:7c:7c:2c:1d:4f:d8:67:c7:8c:55:a9:de:6e:
         c4:14:1c:e2:f4:0c:cc:a5:d6:0f:c6:ff:ef:9d:5b:76:63:81:
         e0:ba:98:70:34:d8:3c:5d:fa:0c:9f:d9:43:5f:eb:da:67:95:
         75:4d:90:90:83:a2:91:b7:dc:db:9c:1b:c1:90:e5:70:da:af:
         e4:b2:c4:4b:04:41:4a:25:33:ef:e7:fe:fa:48:a9:f8:a2:ff:
         12:6a:fc:92:d4:ac:83:1a:c7:aa:46:94:2f:5a:35:8a:52:de:
         be:0a:1c:72:af:c5:ad:a0:a3:ef:d7:a1:56:8b:7a:71:dc:4b:
         9a:ac:6b:21:50:6f:9e:f3:e0:d5:79:fc:d3:77:1b:aa:c1:df:
         a4:40:46:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n39iuzNcQ4hOcD90cBP+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmIwODQ0MjZkOWRlMGIxMGUwMTQxZDFkZTQzYzc2Mjlj
MTk2ODIwHhcNMjYwMzI2MDIwMTE0WhcNMjYwMzI3MDIwMTE0WjAzMTEwLwYDVQQD
Eyg0OTU4ZTU3ZjA0ZGZlODBlODBmYjM4OTFjNTJkNmU4MTY5NjA4MzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApb+Re5WqWX+3FFig1YxZ+Szh7goY
p7XcHZI2r6KLGyuuhhryF4mjbIDGLP3GDuCJU1v0iOhukOIHJD1XqnnEDWqTM0Sx
C2rk4+H5R59NoAWuGcDXexO8qe/ZATsyuxks01nHvPSNXRTRm1w1kekqfM/cHvW+
5SSmRPwVdd0MGQ07fyddestZ+D9JjQ8iEWiSg9M2K2bloRWbSUeuyICOl5g9f983
OE5wEviPb4ZQYcJhEY/llE86in3nCWAOeMxfNKMwDkSHUbAHi9miF6UXXzFKlKsO
VcCpK/MwPUH4KBS+4OTz7YdXplLscRnAyAm6MZfZ+c2hNI5jj9z8Ky90fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElY5X8E3+gOgPs4kcUtboFpYIMRMB8GA1UdIwQY
MBaAFDprCEQm2d4LEOAUHR3kPHYpwZaCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2Ut
MzA1YjdjZWViNzk2LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2UtMzA1YjdjZWViNzk2
LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlpkUJ2fj
kLmeqfrSLVV3Adm+L7Y3Of2SR3yOpezxezx0JNas21f+z9nAR8JKfF4jAAr/zZRJ
zrqfAjYWb6gCGX120pSLApogcngMh2QWtSA7C+W7I4rZkdlY1UJWi1uDvEgIfAf4
nmd2B9HSrrJUPMZ8fCwdT9hnx4xVqd5uxBQc4vQMzKXWD8b/751bdmOB4LqYcDTY
PF36DJ/ZQ1/r2meVdU2QkIOikbfc25wbwZDlcNqv5LLESwRBSiUz7+f++kip+KL/
Emr8ktSsgxrHqkaUL1o1ilLevgoccq/FraCj79ehVot6cdxLmqxrIVBvnvPg1Xn8
03cbqsHfpEBGNw==
-----END CERTIFICATE-----