Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft
File:                     0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft (raw, json)
Hash identifier:          oR+F5NCOsJ6qq1to01sBK6E/M6Cehtg6lFYT2HJKA40=
Subject key identifier:   4C:1A:6D:13:BF:5E:37:C8:0C:D3:49:33:7F:99:83:10:77:67:AD:82
Authority key identifier: D3:09:8E:5E:20:D7:8F:94:E6:96:C1:37:2B:56:23:FF:A7:1D:94:D0
Certificate issuer:       /CN=d3098e5e20d78f94e696c1372b5623ffa71d94d0
Certificate serial:       019A4FD092D19D4153A8BB42564F9E8DDA52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft
Manifest number:          0C90
Signing time:             Tue 04 Nov 2025 17:01:00 +0000
Manifest this update:     Tue 04 Nov 2025 17:01:00 +0000
Manifest next update:     Wed 05 Nov 2025 17:01:00 +0000
Files and hashes:         1: 0wmOXiDXj5TmlsE3K1Yj_6cdlNA.crl (hash: YJjHrADrky++Zk+X6TDGOqK7fuCU4zRW6Vjj8luPnzs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 17:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:d0:92:d1:9d:41:53:a8:bb:42:56:4f:9e:8d:da:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3098e5e20d78f94e696c1372b5623ffa71d94d0
        Validity
            Not Before: Nov  4 17:01:00 2025 GMT
            Not After : Nov  5 17:01:00 2025 GMT
        Subject: CN=4c1a6d13bf5e37c80cd349337f9983107767ad82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e2:74:b0:78:20:7c:56:d5:56:bf:0d:22:85:
                    80:8a:c6:f7:08:1a:73:b4:e6:10:1b:c6:16:97:e1:
                    53:4d:1d:cd:f7:87:67:5b:2d:39:36:fe:56:1d:29:
                    6e:79:92:af:d3:69:2f:47:05:76:d8:36:37:2b:9c:
                    6a:6c:3a:70:bf:10:23:26:06:2d:e6:57:60:c3:a3:
                    e0:f1:85:2d:71:e2:72:f2:e4:f2:ed:3f:15:7b:e5:
                    56:83:74:1d:07:d4:03:3a:07:48:59:ae:d7:2f:81:
                    26:70:8b:47:21:14:20:23:b3:90:9b:1b:71:40:d6:
                    85:f1:44:35:01:1f:4a:84:4c:c2:15:f3:d8:7d:a0:
                    3b:d1:2e:78:d1:71:80:c1:16:02:66:ff:96:71:89:
                    93:3b:26:fb:8a:7d:f9:32:98:3b:9c:38:25:8c:e9:
                    b7:a2:81:d2:b4:af:b0:15:9d:16:c1:54:10:71:5a:
                    63:86:bf:1a:9f:ec:e1:47:f6:61:ad:42:b2:2b:f0:
                    e4:67:18:a1:d8:2f:68:71:5b:35:00:99:98:39:af:
                    1d:59:b8:bf:8e:45:da:3c:70:f5:8d:19:b9:90:c9:
                    5a:ad:45:3f:02:30:83:a3:3a:82:3a:0c:2c:bf:df:
                    09:3a:ce:2d:54:6a:07:bc:c8:aa:06:41:05:b4:e1:
                    1e:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:1A:6D:13:BF:5E:37:C8:0C:D3:49:33:7F:99:83:10:77:67:AD:82
            X509v3 Authority Key Identifier:
                keyid:D3:09:8E:5E:20:D7:8F:94:E6:96:C1:37:2B:56:23:FF:A7:1D:94:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:69:b4:9e:6e:fe:df:3e:ba:3b:65:de:96:30:9f:52:8b:69:
         27:71:f9:a5:4f:ab:69:92:c1:e2:c9:9a:f7:83:c4:e2:78:0c:
         9f:6a:bd:85:66:48:d1:dc:8d:97:ed:ff:fe:eb:5f:81:c4:f3:
         58:c0:bc:22:87:46:fd:d4:af:0d:28:6e:fc:64:a0:7e:df:29:
         1c:b2:e4:44:a1:3a:34:91:22:58:d9:26:bb:7c:ae:57:34:e7:
         88:97:6f:e7:68:8f:a8:81:47:f1:8e:0a:6c:c5:4a:14:64:12:
         ba:9a:47:1f:89:6f:48:f6:58:49:fb:ce:b8:1e:a9:62:ae:2a:
         38:fb:36:50:5e:db:39:5b:91:87:16:5e:bf:29:e2:34:36:f1:
         c4:25:d8:da:2e:07:ce:ba:5c:cf:2b:93:ad:ef:b5:6f:fe:98:
         4d:c0:89:8b:da:e2:f4:94:4c:8d:4f:37:fa:52:91:16:1d:24:
         05:44:8b:77:b0:d9:e2:db:16:5b:6f:02:a3:14:db:06:a2:95:
         f7:f0:2b:27:76:73:03:db:91:f8:74:0e:87:d6:78:39:ed:3b:
         5f:94:73:78:4e:b1:6f:74:16:6a:4f:09:35:7c:9d:d2:a1:da:
         e4:c6:a2:3f:b4:90:53:10:1d:b1:e2:7c:b9:4c:64:71:df:ce:
         19:d5:dd:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpP0JLRnUFTqLtCVk+ejdpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMDk4ZTVlMjBkNzhmOTRlNjk2YzEzNzJiNTYyM2ZmYTcx
ZDk0ZDAwHhcNMjUxMTA0MTcwMTAwWhcNMjUxMTA1MTcwMTAwWjAzMTEwLwYDVQQD
Eyg0YzFhNmQxM2JmNWUzN2M4MGNkMzQ5MzM3Zjk5ODMxMDc3NjdhZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeJ0sHggfFbVVr8NIoWAisb3CBpz
tOYQG8YWl+FTTR3N94dnWy05Nv5WHSlueZKv02kvRwV22DY3K5xqbDpwvxAjJgYt
5ldgw6Pg8YUtceJy8uTy7T8Ve+VWg3QdB9QDOgdIWa7XL4EmcItHIRQgI7OQmxtx
QNaF8UQ1AR9KhEzCFfPYfaA70S540XGAwRYCZv+WcYmTOyb7in35Mpg7nDgljOm3
ooHStK+wFZ0WwVQQcVpjhr8an+zhR/ZhrUKyK/DkZxih2C9ocVs1AJmYOa8dWbi/
jkXaPHD1jRm5kMlarUU/AjCDozqCOgwsv98JOs4tVGoHvMiqBkEFtOEebwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwabRO/XjfIDNNJM3+ZgxB3Z62CMB8GA1UdIwQY
MBaAFNMJjl4g14+U5pbBNytWI/+nHZTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHdtT1hpRFhqNVRtbHNFM0sxWWpfNmNkbE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MzYxY2MtYjA0ZC00NDY1LTkzOGQt
NjE3YTI2MzI3ZTk4LzEvMHdtT1hpRFhqNVRtbHNFM0sxWWpfNmNkbE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81MzYxY2MtYjA0ZC00NDY1LTkzOGQtNjE3YTI2MzI3ZTk4
LzEvMHdtT1hpRFhqNVRtbHNFM0sxWWpfNmNkbE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbmm0nm7+
3z66O2XeljCfUotpJ3H5pU+raZLB4sma94PE4ngMn2q9hWZI0dyNl+3//utfgcTz
WMC8IodG/dSvDShu/GSgft8pHLLkRKE6NJEiWNkmu3yuVzTniJdv52iPqIFH8Y4K
bMVKFGQSuppHH4lvSPZYSfvOuB6pYq4qOPs2UF7bOVuRhxZevyniNDbxxCXY2i4H
zrpczyuTre+1b/6YTcCJi9ri9JRMjU83+lKRFh0kBUSLd7DZ4tsWW28CoxTbBqKV
9/ArJ3ZzA9uR+HQOh9Z4Oe07X5RzeE6xb3QWak8JNXyd0qHa5MaiP7SQUxAdseJ8
uUxkcd/OGdXdwg==
-----END CERTIFICATE-----