Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
File:                     OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft (raw, json)
Hash identifier:          mirH9yn8y+Cls6UAp5KS4SruQClRwI4Okd5utrPiKGI=
Subject key identifier:   67:43:17:82:B1:AD:80:6F:77:A1:21:DD:A5:85:9C:69:0C:C0:52:FA
Authority key identifier: 3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82
Certificate issuer:       /CN=3a6b084426d9de0b10e0141d1de43c7629c19682
Certificate serial:       0198D73B6133A41FE037394C7EF99B01FC09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
Manifest number:          0CFE
Signing time:             Sat 23 Aug 2025 14:00:49 +0000
Manifest this update:     Sat 23 Aug 2025 14:00:49 +0000
Manifest next update:     Sun 24 Aug 2025 14:00:49 +0000
Files and hashes:         1: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl (hash: TCPQ6BlyV6LTfKnOsnRDwqoiJo2hWfP718cIgpPIXEE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:3b:61:33:a4:1f:e0:37:39:4c:7e:f9:9b:01:fc:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a6b084426d9de0b10e0141d1de43c7629c19682
        Validity
            Not Before: Aug 23 14:00:49 2025 GMT
            Not After : Aug 24 14:00:49 2025 GMT
        Subject: CN=67431782b1ad806f77a121dda5859c690cc052fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b8:bc:af:03:40:5a:a2:cc:e3:ee:d1:92:97:
                    bb:6f:78:a8:7c:17:17:30:bf:de:f9:d8:7c:e6:5a:
                    72:f4:8a:a8:51:ac:95:7b:84:44:fd:df:79:6f:1e:
                    78:6e:3e:10:c7:52:ad:c2:d7:d8:f2:c4:93:bc:27:
                    04:33:2b:37:0a:7f:b9:fc:ad:5e:c9:4a:95:90:55:
                    fc:e1:40:b4:b1:72:9c:ab:94:bf:3c:93:94:aa:fa:
                    1b:26:4f:61:3f:97:25:f9:7a:9a:52:3e:6a:25:56:
                    3a:c4:2a:70:28:9b:70:58:ba:51:b9:8d:83:42:f3:
                    42:5d:ff:40:5b:99:3c:94:e5:3f:8c:ca:2f:55:bd:
                    41:d0:50:89:85:1a:06:0f:73:ac:13:44:ad:04:70:
                    6e:b4:8d:57:20:07:46:46:ca:a5:4b:fd:a9:0d:d9:
                    8b:70:98:19:03:ef:dc:ca:a5:91:c6:99:e1:56:79:
                    c3:fd:df:52:26:aa:e2:9a:04:87:ba:fc:00:6e:2a:
                    88:ce:28:c7:0c:74:39:95:80:7c:09:b2:50:41:57:
                    8d:e4:0a:68:fa:29:d6:cc:4c:aa:c7:66:9e:7a:fc:
                    9a:a7:83:04:18:9a:fd:57:68:c8:8a:f0:ac:97:8a:
                    b3:38:b9:99:29:8b:c3:1e:d3:ca:48:04:04:2c:d3:
                    cd:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:43:17:82:B1:AD:80:6F:77:A1:21:DD:A5:85:9C:69:0C:C0:52:FA
            X509v3 Authority Key Identifier:
                keyid:3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:d8:d7:ee:80:28:7e:e0:59:4d:23:85:e9:70:e8:54:83:fe:
         e4:28:33:ef:fa:77:5a:28:11:22:06:90:b2:7a:34:3b:d9:aa:
         2b:9d:14:de:9a:6f:11:fb:3e:44:9d:5a:90:cd:04:91:33:9f:
         4f:b7:c3:8e:47:4d:d1:0e:77:ff:11:60:f9:cc:67:3a:d3:32:
         ff:4b:d6:fa:15:10:a6:de:e2:00:8a:2e:24:42:91:37:d7:fc:
         61:2d:50:76:38:85:cc:d7:fb:04:ab:aa:ba:12:1f:81:c6:8e:
         38:54:40:32:42:da:21:30:6a:34:16:90:6d:f9:f6:6f:06:0d:
         a4:b1:9c:f6:82:df:3d:37:b2:4e:3d:25:d4:2e:ff:c2:35:71:
         7e:67:b8:b3:9e:10:00:96:c2:91:ea:50:08:bb:68:92:a6:df:
         3a:71:be:5a:2c:52:3d:a6:83:a8:a3:56:15:64:8e:0d:b1:68:
         b6:6b:58:69:fa:40:db:ec:de:5e:36:b8:66:5a:18:35:01:d4:
         08:0a:74:7b:5c:c3:82:2f:c8:35:9d:e5:60:61:af:96:58:82:
         3c:c6:c1:df:61:04:8f:22:7f:ec:03:ae:b9:6b:af:49:82:14:
         ba:89:af:cd:40:40:68:a3:72:d0:8d:fc:7e:7c:d4:bd:e0:45:
         0f:46:be:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXO2EzpB/gNzlMfvmbAfwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmIwODQ0MjZkOWRlMGIxMGUwMTQxZDFkZTQzYzc2Mjlj
MTk2ODIwHhcNMjUwODIzMTQwMDQ5WhcNMjUwODI0MTQwMDQ5WjAzMTEwLwYDVQQD
Eyg2NzQzMTc4MmIxYWQ4MDZmNzdhMTIxZGRhNTg1OWM2OTBjYzA1MmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7i8rwNAWqLM4+7Rkpe7b3iofBcX
ML/e+dh85lpy9IqoUayVe4RE/d95bx54bj4Qx1KtwtfY8sSTvCcEMys3Cn+5/K1e
yUqVkFX84UC0sXKcq5S/PJOUqvobJk9hP5cl+XqaUj5qJVY6xCpwKJtwWLpRuY2D
QvNCXf9AW5k8lOU/jMovVb1B0FCJhRoGD3OsE0StBHButI1XIAdGRsqlS/2pDdmL
cJgZA+/cyqWRxpnhVnnD/d9SJqrimgSHuvwAbiqIzijHDHQ5lYB8CbJQQVeN5Apo
+inWzEyqx2aeevyap4MEGJr9V2jIivCsl4qzOLmZKYvDHtPKSAQELNPNowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdDF4KxrYBvd6Eh3aWFnGkMwFL6MB8GA1UdIwQY
MBaAFDprCEQm2d4LEOAUHR3kPHYpwZaCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2Ut
MzA1YjdjZWViNzk2LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2UtMzA1YjdjZWViNzk2
LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAddjX7oAo
fuBZTSOF6XDoVIP+5Cgz7/p3WigRIgaQsno0O9mqK50U3ppvEfs+RJ1akM0EkTOf
T7fDjkdN0Q53/xFg+cxnOtMy/0vW+hUQpt7iAIouJEKRN9f8YS1QdjiFzNf7BKuq
uhIfgcaOOFRAMkLaITBqNBaQbfn2bwYNpLGc9oLfPTeyTj0l1C7/wjVxfme4s54Q
AJbCkepQCLtokqbfOnG+WixSPaaDqKNWFWSODbFotmtYafpA2+zeXja4ZloYNQHU
CAp0e1zDgi/INZ3lYGGvlliCPMbB32EEjyJ/7AOuuWuvSYIUuomvzUBAaKNy0I38
fnzUveBFD0a+gQ==
-----END CERTIFICATE-----