Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
File:                     oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft (raw, json)
Hash identifier:          7VXdY7ao/IP7i7U6mRHUwXbQPeEvhnnjMtKFQ5X7n0M=
Subject key identifier:   9E:D6:D6:0D:29:F8:6A:0E:C2:63:3D:FC:23:3E:77:C5:D8:89:8D:5F
Authority key identifier: A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39
Certificate issuer:       /CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
Certificate serial:       0198D66034FA37DE7904B9E0A54E799C1401
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
Manifest number:          121A
Signing time:             Sat 23 Aug 2025 10:01:25 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:25 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:25 +0000
Files and hashes:         1: oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl (hash: NmtR+Buhj4eENOzebrBhr7gLjdoEDNWOEctCSFtj9es=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:34:fa:37:de:79:04:b9:e0:a5:4e:79:9c:14:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
        Validity
            Not Before: Aug 23 10:01:25 2025 GMT
            Not After : Aug 24 10:01:25 2025 GMT
        Subject: CN=9ed6d60d29f86a0ec2633dfc233e77c5d8898d5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:8f:b6:ee:c7:49:cc:ae:1e:04:8e:65:9c:15:
                    ea:21:bf:52:24:f1:4a:f7:09:cd:5c:0f:f0:fc:8f:
                    5d:8e:2f:9f:26:b0:2f:e6:2f:23:50:34:48:c8:c4:
                    44:7d:0e:5d:98:8b:36:96:b8:82:5a:88:17:a3:6f:
                    8f:4e:96:47:27:80:be:2d:2b:e8:19:1d:14:af:2b:
                    0e:2d:dd:c7:f0:f8:df:13:e4:12:02:59:73:23:cd:
                    91:2e:1e:75:7d:14:a0:ba:66:34:0b:5b:5a:f4:06:
                    38:68:ce:ae:46:e0:3d:f7:89:5d:70:e5:16:ab:17:
                    c5:33:bf:52:5a:7e:88:30:51:69:7b:e4:65:1a:1d:
                    76:60:7b:bb:ed:b9:a6:c6:0a:b8:42:42:cd:f7:25:
                    69:9c:68:ae:a3:d2:4e:31:76:d9:5a:f5:80:07:eb:
                    2c:f9:38:40:4a:04:f1:a2:91:d6:c9:32:6b:2e:27:
                    08:85:70:2e:42:86:17:53:1b:36:c3:b7:5a:9a:66:
                    db:e3:86:0c:31:28:6b:f8:b1:98:a0:af:89:03:d2:
                    ab:ae:7d:4c:83:08:06:65:8a:3d:f2:08:e7:43:68:
                    fd:b2:cc:ff:dd:b0:94:b2:a2:40:29:47:c7:b2:c4:
                    2e:0f:68:cc:4d:eb:12:45:31:9a:a7:02:44:85:2c:
                    ea:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:D6:D6:0D:29:F8:6A:0E:C2:63:3D:FC:23:3E:77:C5:D8:89:8D:5F
            X509v3 Authority Key Identifier:
                keyid:A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:92:da:5f:e6:8c:bd:8c:38:5f:2b:8d:fb:1b:a1:20:f4:0f:
         b7:c0:12:0c:0d:93:ca:6d:c5:04:ef:ba:f0:4e:04:79:b3:b8:
         37:b2:89:d5:2b:b0:5d:ac:f9:93:3b:c2:a6:0c:75:16:4d:82:
         d5:df:d2:03:c2:84:4a:70:15:a2:c2:1f:dc:e6:b2:a9:cc:69:
         4c:93:c7:72:bf:05:49:13:97:b8:e9:3c:8b:fd:38:be:cb:4e:
         fd:3b:88:a0:d8:9d:0b:3b:e1:16:80:f2:eb:3c:77:b6:99:6d:
         36:40:7a:1d:d2:ec:db:23:bb:e4:01:c5:4d:02:d8:62:68:16:
         1c:d5:ef:e7:70:01:c8:17:9e:a4:60:ae:8d:b1:05:2c:6e:92:
         25:f5:5f:0e:7c:49:3a:b1:41:d5:79:4e:56:d4:74:57:2b:ed:
         2f:2d:13:ba:3f:ff:ef:d3:30:2a:1e:89:6d:82:76:c3:00:3e:
         86:4f:b1:9f:5e:31:a9:b8:28:3f:ba:38:35:28:24:35:32:a9:
         41:88:f9:81:be:63:56:e0:c3:f9:af:27:c0:9d:e4:43:b1:48:
         6b:a6:bd:f0:1b:f4:e4:7d:53:e5:55:ee:3b:85:5f:fa:b5:7e:
         d6:e1:84:e5:60:be:9a:65:d9:bc:75:f3:24:38:61:d0:2e:d5:
         81:85:09:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYDT6N955BLngpU55nBQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwY2EzM2U3ZjY3MjVlYjRlZTg3YmE5MWIxZGQyZTFjNDIx
NjhjMzkwHhcNMjUwODIzMTAwMTI1WhcNMjUwODI0MTAwMTI1WjAzMTEwLwYDVQQD
Eyg5ZWQ2ZDYwZDI5Zjg2YTBlYzI2MzNkZmMyMzNlNzdjNWQ4ODk4ZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzY+27sdJzK4eBI5lnBXqIb9SJPFK
9wnNXA/w/I9dji+fJrAv5i8jUDRIyMREfQ5dmIs2lriCWogXo2+PTpZHJ4C+LSvo
GR0UrysOLd3H8PjfE+QSAllzI82RLh51fRSgumY0C1ta9AY4aM6uRuA994ldcOUW
qxfFM79SWn6IMFFpe+RlGh12YHu77bmmxgq4QkLN9yVpnGiuo9JOMXbZWvWAB+ss
+ThASgTxopHWyTJrLicIhXAuQoYXUxs2w7dammbb44YMMShr+LGYoK+JA9Krrn1M
gwgGZYo98gjnQ2j9ssz/3bCUsqJAKUfHssQuD2jMTesSRTGapwJEhSzq3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ7W1g0p+GoOwmM9/CM+d8XYiY1fMB8GA1UdIwQY
MBaAFKDKM+f2cl607oe6kbHdLhxCFow5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMt
ZjIxYWI3ZTllMWY1LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMtZjIxYWI3ZTllMWY1
LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe5LaX+aM
vYw4XyuN+xuhIPQPt8ASDA2Tym3FBO+68E4EebO4N7KJ1SuwXaz5kzvCpgx1Fk2C
1d/SA8KESnAVosIf3OayqcxpTJPHcr8FSROXuOk8i/04vstO/TuIoNidCzvhFoDy
6zx3tpltNkB6HdLs2yO75AHFTQLYYmgWHNXv53AByBeepGCujbEFLG6SJfVfDnxJ
OrFB1XlOVtR0VyvtLy0Tuj//79MwKh6JbYJ2wwA+hk+xn14xqbgoP7o4NSgkNTKp
QYj5gb5jVuDD+a8nwJ3kQ7FIa6a98Bv05H1T5VXuO4Vf+rV+1uGE5WC+mmXZvHXz
JDhh0C7VgYUJ/A==
-----END CERTIFICATE-----