Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
File:                     oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft (raw, json)
Hash identifier:          pNpBSE/t9usIKSHF2mUX7MCVbC6d8PhjVYuJ0CT3w6k=
Subject key identifier:   C3:62:B5:0B:8B:0C:8D:EF:54:45:79:C0:47:A5:F8:4F:BE:21:0A:24
Authority key identifier: A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39
Certificate issuer:       /CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
Certificate serial:       019D28F2BD484CB95B9DA96AF9DFB919A322
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
Manifest number:          1457
Signing time:             Thu 26 Mar 2026 07:01:29 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:29 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:29 +0000
Files and hashes:         1: oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl (hash: arMRJ/2Sa89yEqQAXAbrXBJ48waqbhjb6droMiNsNP8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:bd:48:4c:b9:5b:9d:a9:6a:f9:df:b9:19:a3:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
        Validity
            Not Before: Mar 26 07:01:29 2026 GMT
            Not After : Mar 27 07:01:29 2026 GMT
        Subject: CN=c362b50b8b0c8def544579c047a5f84fbe210a24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:b8:3f:4b:a9:91:00:bb:c1:cb:db:32:0c:90:
                    b2:74:7a:cb:06:ac:42:94:69:00:80:a9:65:a9:b2:
                    72:4b:09:f1:37:7a:03:e3:7c:7b:51:b6:4d:9f:7b:
                    24:bd:00:36:88:3e:06:53:a2:79:61:e6:1b:c6:ae:
                    45:5c:db:26:f5:b5:d0:68:6a:e3:fe:35:1c:c6:a9:
                    99:4d:f8:66:7a:d9:a5:9b:e7:27:1d:4b:18:5f:1d:
                    97:e5:32:be:f5:a4:87:e9:7a:37:7a:92:ef:41:27:
                    47:45:81:c3:5d:09:39:75:46:50:8a:f2:4d:f2:d7:
                    60:09:dc:1f:b4:ee:d2:28:fb:07:2f:83:08:96:d6:
                    64:00:8e:c7:df:03:8d:20:94:4c:d3:92:03:5f:d7:
                    3f:8c:9a:2c:08:6d:51:49:fc:4b:17:2b:3c:fb:18:
                    dd:2a:9e:38:29:c4:f7:8c:29:f5:b8:8b:81:cf:2d:
                    4f:ea:a4:88:5c:53:de:1a:93:fb:4c:36:99:fd:68:
                    34:36:bf:3c:f5:ba:70:0a:cf:7e:cd:f1:86:53:1f:
                    61:1f:ae:0c:69:32:31:3b:b0:53:41:aa:2e:93:e8:
                    3b:7d:44:78:bc:0f:17:89:c7:29:ef:93:a0:f6:04:
                    3f:d3:9d:02:94:15:e6:96:b4:95:6c:5b:09:8f:8b:
                    48:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:62:B5:0B:8B:0C:8D:EF:54:45:79:C0:47:A5:F8:4F:BE:21:0A:24
            X509v3 Authority Key Identifier:
                keyid:A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:76:7b:cd:c6:17:b8:19:3b:c6:f7:84:c4:7e:95:b5:5e:01:
         fd:c7:e2:9d:4e:7d:54:c5:e9:85:34:61:1f:8d:33:b9:cb:b4:
         5c:66:64:f1:53:63:9c:c7:7b:c9:fe:d3:5a:63:d4:58:84:6b:
         48:79:01:97:dd:64:9c:c0:94:93:9f:b8:fa:c1:51:41:26:1e:
         65:24:82:03:90:04:e0:68:b8:81:1f:c2:e8:16:5a:a8:7e:6c:
         ad:60:76:db:ec:c0:50:ed:c3:76:c0:14:dc:56:33:2b:2a:40:
         a8:c5:66:25:4b:1c:53:0e:e0:56:bc:a5:87:a1:81:1e:1b:92:
         84:05:18:1c:96:54:3d:88:a8:b3:59:89:19:68:cc:d5:41:0b:
         d9:15:92:fc:cb:d5:f3:9f:d0:12:93:ea:5d:b6:65:f9:f4:03:
         6b:c4:5f:de:e8:43:67:1e:4a:b0:2b:36:f6:8c:91:c3:58:b4:
         a6:7b:e8:14:72:0f:f1:7b:7c:a4:1d:1e:ae:24:28:d6:f2:2f:
         52:da:9e:ea:9e:7b:3a:eb:ff:ac:35:2f:b9:ce:d0:f0:ca:4d:
         9c:10:83:c9:3f:b6:10:f7:b1:9d:28:b8:43:e7:46:de:ce:aa:
         2d:9d:3a:37:7a:64:c6:26:fc:1c:ee:8f:cb:35:e2:a5:32:eb:
         29:0e:3c:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8r1ITLlbnalq+d+5GaMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwY2EzM2U3ZjY3MjVlYjRlZTg3YmE5MWIxZGQyZTFjNDIx
NjhjMzkwHhcNMjYwMzI2MDcwMTI5WhcNMjYwMzI3MDcwMTI5WjAzMTEwLwYDVQQD
EyhjMzYyYjUwYjhiMGM4ZGVmNTQ0NTc5YzA0N2E1Zjg0ZmJlMjEwYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirg/S6mRALvBy9syDJCydHrLBqxC
lGkAgKllqbJySwnxN3oD43x7UbZNn3skvQA2iD4GU6J5YeYbxq5FXNsm9bXQaGrj
/jUcxqmZTfhmetmlm+cnHUsYXx2X5TK+9aSH6Xo3epLvQSdHRYHDXQk5dUZQivJN
8tdgCdwftO7SKPsHL4MIltZkAI7H3wONIJRM05IDX9c/jJosCG1RSfxLFys8+xjd
Kp44KcT3jCn1uIuBzy1P6qSIXFPeGpP7TDaZ/Wg0Nr889bpwCs9+zfGGUx9hH64M
aTIxO7BTQaouk+g7fUR4vA8Xiccp75Og9gQ/050ClBXmlrSVbFsJj4tIdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNitQuLDI3vVEV5wEel+E++IQokMB8GA1UdIwQY
MBaAFKDKM+f2cl607oe6kbHdLhxCFow5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMt
ZjIxYWI3ZTllMWY1LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMtZjIxYWI3ZTllMWY1
LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc3Z7zcYX
uBk7xveExH6VtV4B/cfinU59VMXphTRhH40zucu0XGZk8VNjnMd7yf7TWmPUWIRr
SHkBl91knMCUk5+4+sFRQSYeZSSCA5AE4Gi4gR/C6BZaqH5srWB22+zAUO3DdsAU
3FYzKypAqMVmJUscUw7gVrylh6GBHhuShAUYHJZUPYios1mJGWjM1UEL2RWS/MvV
85/QEpPqXbZl+fQDa8Rf3uhDZx5KsCs29oyRw1i0pnvoFHIP8Xt8pB0eriQo1vIv
Utqe6p57Ouv/rDUvuc7Q8MpNnBCDyT+2EPexnSi4Q+dG3s6qLZ06N3pkxib8HO6P
yzXipTLrKQ48Kw==
-----END CERTIFICATE-----