Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
File:                     OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft (raw, json)
Hash identifier:          BzqJWZ8W+s8yewTf40A2NGHctK+mdh1wxaZyZLoEvU8=
Subject key identifier:   5B:CB:BF:06:8C:D6:C2:56:37:26:D9:E7:AC:3D:4C:CD:00:F3:87:DB
Authority key identifier: 3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82
Certificate issuer:       /CN=3a6b084426d9de0b10e0141d1de43c7629c19682
Certificate serial:       019DA378CC56401CE5C0751BB1040A4A382F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
Manifest number:          0F7A
Signing time:             Sun 19 Apr 2026 02:01:35 +0000
Manifest this update:     Sun 19 Apr 2026 02:01:35 +0000
Manifest next update:     Mon 20 Apr 2026 02:01:35 +0000
Files and hashes:         1: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl (hash: uX/lP5up9u72Nj4SunOaRTlkK0X+0q1uKJqSnUuRytQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:78:cc:56:40:1c:e5:c0:75:1b:b1:04:0a:4a:38:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a6b084426d9de0b10e0141d1de43c7629c19682
        Validity
            Not Before: Apr 19 02:01:35 2026 GMT
            Not After : Apr 20 02:01:35 2026 GMT
        Subject: CN=5bcbbf068cd6c2563726d9e7ac3d4ccd00f387db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:4d:d4:99:62:73:7f:9f:6a:78:37:0d:78:60:
                    ad:be:d2:32:7c:51:e8:81:9f:37:26:e9:20:e8:fc:
                    01:4c:8d:83:c1:1b:40:28:3e:99:db:c1:d4:a3:29:
                    9e:21:c3:9c:66:15:b8:13:4e:61:80:92:a0:d1:6a:
                    f1:55:c9:3c:a9:ad:ae:cd:57:a6:10:be:00:8c:2a:
                    ea:a8:9a:48:04:16:1b:80:c4:b6:78:cb:9d:0d:c6:
                    f7:a4:06:6a:08:ee:a5:ec:0e:1d:3c:42:bf:64:b1:
                    07:f1:e8:27:4c:eb:7d:9c:21:a2:07:08:5a:b2:4d:
                    f7:49:2e:4e:56:d1:80:29:d7:65:33:64:a2:d4:23:
                    7f:a0:10:ed:c6:53:a3:f7:a8:9a:8b:92:46:1d:9c:
                    ce:f6:18:e7:c0:23:5b:9d:f8:51:7f:56:27:be:8f:
                    cf:bc:5d:d7:23:3c:50:a1:63:7e:a5:14:51:e2:36:
                    1a:45:4a:9e:bf:a5:38:15:ea:4d:3c:52:d8:7c:42:
                    30:33:2c:cd:a7:31:52:f5:90:89:f7:9e:97:85:29:
                    02:54:aa:13:e3:fd:fa:4f:ee:7f:0a:a7:e8:e8:b2:
                    38:89:17:1b:6f:9b:99:36:df:47:cb:68:5b:48:0f:
                    b3:36:5f:83:ba:65:79:88:3d:b8:52:aa:a6:51:5e:
                    d0:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:CB:BF:06:8C:D6:C2:56:37:26:D9:E7:AC:3D:4C:CD:00:F3:87:DB
            X509v3 Authority Key Identifier:
                keyid:3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:13:0f:30:16:4e:f1:97:d7:b4:24:ad:6b:61:53:b6:41:cc:
         9c:e8:8d:5e:b2:62:bb:4c:9c:cb:3d:87:cc:0d:bb:87:7a:c9:
         45:fa:01:de:3f:b1:be:e7:95:9d:29:2f:52:22:49:51:aa:e8:
         af:7c:f1:35:da:ae:21:05:da:72:f2:fb:78:9b:b2:bd:6f:92:
         c1:f1:2e:18:8f:d3:44:09:ce:68:61:87:77:3c:15:b5:a7:cd:
         66:f1:be:65:80:2f:23:f4:64:f8:09:ce:e0:3f:ad:5d:e5:2e:
         9d:fb:1d:21:2a:b0:54:72:fd:e8:cd:e9:39:ae:71:95:9e:80:
         46:c7:f1:fc:94:71:d7:bb:2a:39:f2:ce:6c:98:74:8a:42:07:
         76:06:85:cc:07:ef:03:36:50:d6:05:bb:44:ba:17:5d:b3:b5:
         c4:d7:76:cf:89:e9:46:f1:2b:b3:81:e3:87:7a:4b:c6:96:2f:
         1b:c8:bb:e1:6b:6e:4d:17:cd:f3:c6:e2:b2:26:33:d8:69:8a:
         fb:e2:28:d2:56:6f:91:6f:e4:af:1b:44:73:75:00:84:07:38:
         ad:ec:99:de:38:bf:54:e9:04:64:a0:56:bc:44:99:f3:54:51:
         57:1f:7c:79:f4:04:c2:cc:da:d8:2f:74:75:b0:96:46:68:41:
         55:63:c7:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jeMxWQBzlwHUbsQQKSjgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmIwODQ0MjZkOWRlMGIxMGUwMTQxZDFkZTQzYzc2Mjlj
MTk2ODIwHhcNMjYwNDE5MDIwMTM1WhcNMjYwNDIwMDIwMTM1WjAzMTEwLwYDVQQD
Eyg1YmNiYmYwNjhjZDZjMjU2MzcyNmQ5ZTdhYzNkNGNjZDAwZjM4N2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp03UmWJzf59qeDcNeGCtvtIyfFHo
gZ83Jukg6PwBTI2DwRtAKD6Z28HUoymeIcOcZhW4E05hgJKg0WrxVck8qa2uzVem
EL4AjCrqqJpIBBYbgMS2eMudDcb3pAZqCO6l7A4dPEK/ZLEH8egnTOt9nCGiBwha
sk33SS5OVtGAKddlM2Si1CN/oBDtxlOj96iai5JGHZzO9hjnwCNbnfhRf1Ynvo/P
vF3XIzxQoWN+pRRR4jYaRUqev6U4FepNPFLYfEIwMyzNpzFS9ZCJ956XhSkCVKoT
4/36T+5/Cqfo6LI4iRcbb5uZNt9Hy2hbSA+zNl+DumV5iD24UqqmUV7QeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvLvwaM1sJWNybZ56w9TM0A84fbMB8GA1UdIwQY
MBaAFDprCEQm2d4LEOAUHR3kPHYpwZaCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2Ut
MzA1YjdjZWViNzk2LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2UtMzA1YjdjZWViNzk2
LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAohMPMBZO
8ZfXtCSta2FTtkHMnOiNXrJiu0ycyz2HzA27h3rJRfoB3j+xvueVnSkvUiJJUaro
r3zxNdquIQXacvL7eJuyvW+SwfEuGI/TRAnOaGGHdzwVtafNZvG+ZYAvI/Rk+AnO
4D+tXeUunfsdISqwVHL96M3pOa5xlZ6ARsfx/JRx17sqOfLObJh0ikIHdgaFzAfv
AzZQ1gW7RLoXXbO1xNd2z4npRvErs4Hjh3pLxpYvG8i74WtuTRfN88bisiYz2GmK
++Io0lZvkW/krxtEc3UAhAc4reyZ3ji/VOkEZKBWvESZ81RRVx98efQEwsza2C90
dbCWRmhBVWPHEg==
-----END CERTIFICATE-----