Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
File:                     oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft (raw, json)
Hash identifier:          Bu8Ics0jY031/fwkoqAQGTBqDTrHTCrlvYVra5s6fwc=
Subject key identifier:   1E:2C:36:6E:B4:B4:C4:DB:56:3C:B1:61:15:FD:A2:28:97:60:D4:6C
Authority key identifier: A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39
Certificate issuer:       /CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
Certificate serial:       0197B6A1D42DD6A017BD467AE5C8A8FF72BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
Manifest number:          1185
Signing time:             Sat 28 Jun 2025 13:02:28 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:28 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:28 +0000
Files and hashes:         1: oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl (hash: hzx/IuWkqoeApydPMBQ1n616vLtbIusOz35ZRkupXw4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:d4:2d:d6:a0:17:bd:46:7a:e5:c8:a8:ff:72:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
        Validity
            Not Before: Jun 28 13:02:28 2025 GMT
            Not After : Jun 29 13:02:28 2025 GMT
        Subject: CN=1e2c366eb4b4c4db563cb16115fda2289760d46c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ec:5d:6f:f7:6c:44:0b:6c:5f:14:e1:bc:44:
                    9d:31:2c:92:ce:10:8a:8c:b3:15:3d:be:33:8c:00:
                    6d:cf:65:a9:72:26:c0:7a:d0:62:a6:18:cc:68:0b:
                    19:39:56:55:81:e9:7e:6b:5c:89:ae:4f:06:4b:15:
                    18:d2:2f:98:80:fb:ed:6b:0e:73:34:cc:e3:3d:6f:
                    8a:d2:3f:36:fd:70:35:fe:8e:5a:bd:00:a3:75:2a:
                    c8:ad:03:84:85:40:b9:25:ad:8d:78:bb:04:66:fc:
                    22:9b:32:6d:ab:f8:a0:47:13:c6:07:46:25:e9:09:
                    92:46:8b:8c:b3:2e:94:f9:29:6a:d2:e9:05:66:c0:
                    60:8b:da:00:1b:87:64:3f:43:33:ef:d0:a3:18:fd:
                    37:b5:2d:29:fd:8c:c3:d0:1a:a3:fa:a0:d5:2b:3c:
                    b9:79:22:c4:f9:e4:8f:5e:26:3e:38:a5:34:8c:e7:
                    11:0c:c1:1a:d0:2f:f4:c0:5d:48:70:42:1d:e1:f1:
                    e2:95:3d:be:24:83:96:79:1b:59:b8:a1:10:1c:e4:
                    ab:69:2c:58:20:a3:0b:00:56:07:c8:b7:d5:96:63:
                    46:05:62:c4:6c:c4:40:41:ad:3c:e5:79:88:09:1f:
                    d4:e8:39:64:69:ed:30:c9:d5:6a:1e:55:91:04:2f:
                    d4:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:2C:36:6E:B4:B4:C4:DB:56:3C:B1:61:15:FD:A2:28:97:60:D4:6C
            X509v3 Authority Key Identifier:
                keyid:A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:2a:c7:b1:67:04:ca:c8:2f:cc:24:04:53:06:c5:f3:fe:91:
         e3:45:f0:52:39:06:ac:0d:dd:e1:cf:6b:91:bc:aa:19:6a:c5:
         17:6d:64:ef:1c:c8:51:8c:bf:9a:21:bf:1a:83:8a:c3:d5:1f:
         89:15:82:a9:e2:ca:7a:9a:ea:5f:7b:17:b1:4b:30:54:79:85:
         dd:67:60:bf:43:3e:10:01:ed:8e:e0:f1:7f:0f:1b:72:d5:b4:
         38:9b:7d:0f:04:34:08:ea:f8:a9:66:fa:0e:34:25:4e:11:4a:
         04:77:d0:9b:1e:7b:dc:22:6c:67:f3:dc:76:3c:4e:21:8d:00:
         a9:63:37:23:17:81:34:f0:76:db:d6:68:c4:a0:ce:a3:ad:9f:
         6d:59:fb:98:21:db:72:7f:e0:84:77:d1:04:d8:7c:ff:98:3d:
         36:7a:14:cf:3b:21:9b:d7:ea:cc:4b:fd:02:09:ae:55:2d:31:
         fa:85:cb:26:95:73:96:0b:a1:39:20:24:95:93:af:89:0a:a4:
         e1:58:fd:4c:f4:72:c2:04:f0:c8:a4:12:6d:8e:24:6a:85:d8:
         da:03:f8:2b:5e:85:1f:24:7b:50:86:75:27:11:b8:29:c7:c2:
         d5:fc:d6:35:a1:b7:86:cd:e1:7c:41:47:17:85:90:9c:3c:e2:
         7c:d3:47:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2odQt1qAXvUZ65cio/3K6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwY2EzM2U3ZjY3MjVlYjRlZTg3YmE5MWIxZGQyZTFjNDIx
NjhjMzkwHhcNMjUwNjI4MTMwMjI4WhcNMjUwNjI5MTMwMjI4WjAzMTEwLwYDVQQD
EygxZTJjMzY2ZWI0YjRjNGRiNTYzY2IxNjExNWZkYTIyODk3NjBkNDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+xdb/dsRAtsXxThvESdMSySzhCK
jLMVPb4zjABtz2WpcibAetBiphjMaAsZOVZVgel+a1yJrk8GSxUY0i+YgPvtaw5z
NMzjPW+K0j82/XA1/o5avQCjdSrIrQOEhUC5Ja2NeLsEZvwimzJtq/igRxPGB0Yl
6QmSRouMsy6U+Slq0ukFZsBgi9oAG4dkP0Mz79CjGP03tS0p/YzD0Bqj+qDVKzy5
eSLE+eSPXiY+OKU0jOcRDMEa0C/0wF1IcEId4fHilT2+JIOWeRtZuKEQHOSraSxY
IKMLAFYHyLfVlmNGBWLEbMRAQa085XmICR/U6Dlkae0wydVqHlWRBC/U6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4sNm60tMTbVjyxYRX9oiiXYNRsMB8GA1UdIwQY
MBaAFKDKM+f2cl607oe6kbHdLhxCFow5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMt
ZjIxYWI3ZTllMWY1LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMtZjIxYWI3ZTllMWY1
LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHirHsWcE
ysgvzCQEUwbF8/6R40XwUjkGrA3d4c9rkbyqGWrFF21k7xzIUYy/miG/GoOKw9Uf
iRWCqeLKeprqX3sXsUswVHmF3Wdgv0M+EAHtjuDxfw8bctW0OJt9DwQ0COr4qWb6
DjQlThFKBHfQmx573CJsZ/PcdjxOIY0AqWM3IxeBNPB229ZoxKDOo62fbVn7mCHb
cn/ghHfRBNh8/5g9NnoUzzshm9fqzEv9AgmuVS0x+oXLJpVzlguhOSAklZOviQqk
4Vj9TPRywgTwyKQSbY4kaoXY2gP4K16FHyR7UIZ1JxG4KcfC1fzWNaG3hs3hfEFH
F4WQnDzifNNHdg==
-----END CERTIFICATE-----