Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
File:                     oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft (raw, json)
Hash identifier:          fAi5HAlcsZdazhDoQ30DdsXPCv6R1XDBOHTDGULOTsE=
Subject key identifier:   76:38:4B:E6:F7:5C:3C:BA:EA:58:5F:2E:79:B2:D4:F3:83:78:A8:93
Authority key identifier: A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39
Certificate issuer:       /CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
Certificate serial:       0199FBEB26B5C9AF0E8C601CBDA9F6E8EC57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
Manifest number:          12B2
Signing time:             Sun 19 Oct 2025 10:01:56 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:56 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:56 +0000
Files and hashes:         1: oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl (hash: lWvgg1n0An2Ubd8qRcGlyRMOjk+DdbpDHp2ItHEcM8A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:26:b5:c9:af:0e:8c:60:1c:bd:a9:f6:e8:ec:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
        Validity
            Not Before: Oct 19 10:01:56 2025 GMT
            Not After : Oct 20 10:01:56 2025 GMT
        Subject: CN=76384be6f75c3cbaea585f2e79b2d4f38378a893
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:af:77:1a:c1:73:80:af:62:e9:b8:7c:e7:8d:
                    4d:ba:ef:8f:b0:bf:20:2f:a3:0e:f0:40:50:3b:44:
                    bc:17:1f:3c:e5:1c:8f:2d:55:50:22:36:0d:90:8f:
                    99:0e:93:79:b3:0c:ea:dd:7e:bd:20:46:16:ca:ff:
                    b2:25:a9:46:62:22:6d:38:91:76:41:2f:b6:e6:72:
                    9e:3c:af:66:4a:26:1a:7d:3b:aa:ae:ca:bb:f3:10:
                    4e:9a:73:c8:ed:0a:c8:d5:44:08:3b:bf:36:e1:53:
                    3c:4e:5c:27:a2:d5:83:70:18:48:c8:e0:cb:cb:87:
                    87:1f:70:7c:e5:97:3b:bc:b7:33:ca:0a:c6:8d:c5:
                    8c:32:d5:22:ed:cf:1a:1b:f3:1e:5c:b2:17:69:8b:
                    ed:ee:75:09:19:f4:f2:75:7e:e7:7b:07:17:b2:03:
                    42:07:f1:20:5d:3a:44:b7:2c:9b:3a:99:0c:a1:da:
                    2b:1b:51:f9:13:ad:ff:4c:39:af:e1:ae:72:60:9b:
                    aa:68:cc:af:11:46:26:0e:3c:e7:2a:13:2f:b1:b1:
                    07:5e:e2:e3:e6:28:56:8c:29:92:6f:eb:95:3c:a0:
                    9d:4c:1a:e0:0b:0c:d3:ad:f2:f2:d2:16:f8:19:f8:
                    f3:b8:6f:c1:db:d0:92:1e:3a:d3:ce:10:2a:5c:91:
                    31:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:38:4B:E6:F7:5C:3C:BA:EA:58:5F:2E:79:B2:D4:F3:83:78:A8:93
            X509v3 Authority Key Identifier:
                keyid:A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:87:03:28:d0:b9:b3:a2:de:1b:3e:e6:b4:58:94:e2:a1:c6:
         26:7d:11:6e:98:c0:5d:03:5f:da:98:bd:36:1e:81:01:d5:b9:
         64:0d:dd:28:2b:8f:f5:3a:5a:f3:d3:52:b9:0b:4a:2f:9b:56:
         32:5f:bb:85:e3:50:6b:3d:fb:6b:5f:a3:dc:58:cc:6d:3d:64:
         23:83:2d:92:e4:03:05:cf:2c:d4:90:6f:c4:e6:0b:f2:1a:31:
         49:6a:63:4a:45:a5:e3:2e:b2:4a:b1:1b:e2:99:8c:5a:05:86:
         6f:8e:0f:e4:71:8a:cf:78:55:1c:ef:d4:72:3b:e9:b3:24:2d:
         d6:2f:dd:8d:ab:a5:f5:ba:66:40:32:61:59:2b:67:73:f4:4d:
         dd:41:ab:c2:f1:04:b9:78:17:25:fb:13:5a:e6:97:9e:e5:58:
         c2:59:ae:c0:c9:b8:9c:d9:66:b4:36:9f:85:57:52:e8:1c:d0:
         60:dc:12:66:da:1e:5a:8f:2b:63:2c:1d:1a:d1:1a:fc:8b:61:
         94:02:60:59:78:41:69:13:bd:f2:7a:40:82:8a:59:1e:53:23:
         57:d6:f3:54:42:d4:60:2a:2e:8b:fe:a5:f0:c1:5d:00:88:a3:
         c3:93:ec:b4:90:69:72:2e:b7:74:74:a9:c8:c0:7a:c7:03:0b:
         30:b0:89:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76ya1ya8OjGAcvan26OxXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwY2EzM2U3ZjY3MjVlYjRlZTg3YmE5MWIxZGQyZTFjNDIx
NjhjMzkwHhcNMjUxMDE5MTAwMTU2WhcNMjUxMDIwMTAwMTU2WjAzMTEwLwYDVQQD
Eyg3NjM4NGJlNmY3NWMzY2JhZWE1ODVmMmU3OWIyZDRmMzgzNzhhODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta93GsFzgK9i6bh8541Nuu+PsL8g
L6MO8EBQO0S8Fx885RyPLVVQIjYNkI+ZDpN5swzq3X69IEYWyv+yJalGYiJtOJF2
QS+25nKePK9mSiYafTuqrsq78xBOmnPI7QrI1UQIO7824VM8TlwnotWDcBhIyODL
y4eHH3B85Zc7vLczygrGjcWMMtUi7c8aG/MeXLIXaYvt7nUJGfTydX7newcXsgNC
B/EgXTpEtyybOpkModorG1H5E63/TDmv4a5yYJuqaMyvEUYmDjznKhMvsbEHXuLj
5ihWjCmSb+uVPKCdTBrgCwzTrfLy0hb4GfjzuG/B29CSHjrTzhAqXJExrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHY4S+b3XDy66lhfLnmy1PODeKiTMB8GA1UdIwQY
MBaAFKDKM+f2cl607oe6kbHdLhxCFow5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMt
ZjIxYWI3ZTllMWY1LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMtZjIxYWI3ZTllMWY1
LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHIcDKNC5
s6LeGz7mtFiU4qHGJn0RbpjAXQNf2pi9Nh6BAdW5ZA3dKCuP9Tpa89NSuQtKL5tW
Ml+7heNQaz37a1+j3FjMbT1kI4MtkuQDBc8s1JBvxOYL8hoxSWpjSkWl4y6ySrEb
4pmMWgWGb44P5HGKz3hVHO/UcjvpsyQt1i/djaul9bpmQDJhWStnc/RN3UGrwvEE
uXgXJfsTWuaXnuVYwlmuwMm4nNlmtDafhVdS6BzQYNwSZtoeWo8rYywdGtEa/Ith
lAJgWXhBaRO98npAgopZHlMjV9bzVELUYCoui/6l8MFdAIijw5PstJBpci63dHSp
yMB6xwMLMLCJWw==
-----END CERTIFICATE-----