Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
File:                     OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft (raw, json)
Hash identifier:          0npI7NbaC1uAHxxSOpn4q/MkG3zd13/2FXd5+Zlvdyo=
Subject key identifier:   57:C2:78:57:EB:D2:4F:22:51:36:97:5A:02:3D:07:34:0A:CB:A1:F6
Authority key identifier: 3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82
Certificate issuer:       /CN=3a6b084426d9de0b10e0141d1de43c7629c19682
Certificate serial:       019A4FD01965BBB37008858120253A987597
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
Manifest number:          0DC1
Signing time:             Tue 04 Nov 2025 17:00:29 +0000
Manifest this update:     Tue 04 Nov 2025 17:00:29 +0000
Manifest next update:     Wed 05 Nov 2025 17:00:29 +0000
Files and hashes:         1: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl (hash: lPeW8VOWaxfu0/lqAxA8sp3dO+AKQNF2K+lYrcr/aa4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 17:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:d0:19:65:bb:b3:70:08:85:81:20:25:3a:98:75:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a6b084426d9de0b10e0141d1de43c7629c19682
        Validity
            Not Before: Nov  4 17:00:29 2025 GMT
            Not After : Nov  5 17:00:29 2025 GMT
        Subject: CN=57c27857ebd24f225136975a023d07340acba1f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:7c:b7:e1:a3:e6:82:13:b4:58:d7:f2:75:65:
                    31:1f:19:b3:a6:b5:41:3b:f9:a7:2b:55:0e:4e:ed:
                    de:fd:c3:d5:e9:fc:e0:05:71:da:30:a5:60:99:18:
                    ce:fc:26:82:08:40:64:e8:c0:0c:d6:e8:ac:f7:17:
                    f6:0a:0f:eb:54:b7:c3:8a:e5:f0:a2:b8:5b:c9:24:
                    31:32:dc:ff:a2:2b:3b:7c:ca:48:2d:42:c6:a5:90:
                    e6:d8:c8:80:cb:aa:68:52:14:52:8e:1a:82:2d:96:
                    fc:d0:66:99:77:9f:08:96:5f:d3:74:58:e5:7e:67:
                    e9:81:b5:05:b4:7d:7d:1c:b2:e4:dd:b1:d2:10:6a:
                    a9:e2:11:67:dd:4d:94:0c:93:8a:11:b7:f0:08:57:
                    a8:d5:a0:6a:1b:cc:28:db:cc:c3:90:34:9d:d1:7c:
                    ed:b0:91:04:ee:b6:4e:00:29:26:8c:5c:10:70:16:
                    0b:fd:d9:bf:25:74:63:10:db:99:25:9f:74:a1:2e:
                    ec:23:1f:8a:3c:ea:ba:9a:30:4d:f1:a3:5a:3d:80:
                    08:40:68:c8:ce:12:a1:9c:9c:d0:7a:9e:bf:3f:e2:
                    60:89:2c:d3:52:f7:c8:f4:7b:07:32:f4:97:ac:38:
                    85:1e:36:71:7b:41:6d:4d:8f:25:34:57:7c:ee:9a:
                    0b:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:C2:78:57:EB:D2:4F:22:51:36:97:5A:02:3D:07:34:0A:CB:A1:F6
            X509v3 Authority Key Identifier:
                keyid:3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:0b:12:5e:ec:18:4c:7f:39:46:55:4b:42:8b:66:ef:40:d9:
         52:b4:0c:69:d6:5a:21:3e:eb:a4:b6:31:a2:25:30:16:32:20:
         95:f7:38:78:54:3d:0e:13:01:fd:ed:f1:45:43:1a:60:81:1c:
         90:b9:2e:ec:2c:ae:90:43:49:2b:70:29:5d:90:67:66:67:d6:
         50:e3:cd:3f:c9:de:aa:a9:43:6e:ce:b7:2b:ce:48:9a:0f:09:
         24:40:ac:97:9a:7d:94:89:d5:4c:59:7d:b1:cf:4d:60:bc:a0:
         43:f8:f9:82:5d:c5:f3:00:81:db:06:c8:93:e1:14:77:ab:ae:
         0d:93:2e:a7:b3:aa:9d:f7:04:8f:c6:b0:13:3c:2b:6f:49:75:
         2a:4f:df:5d:4c:b3:3a:73:cc:2a:5c:fb:77:14:b3:d3:93:70:
         66:ce:9e:bd:f5:84:89:27:cc:cc:a6:b1:74:e1:e4:d8:bd:21:
         b0:a6:7c:9a:a4:54:36:40:1e:54:57:0a:98:67:0d:05:c8:35:
         f2:4e:1e:db:ba:aa:00:e9:af:8a:83:3d:9d:26:8d:d2:c1:6e:
         7b:b1:90:34:c7:36:ae:20:05:0d:ea:d4:4a:ff:9c:02:7f:0e:
         fa:79:0c:e9:e3:e8:fc:af:e5:8f:29:2a:cf:60:ea:35:90:85:
         9b:ab:f7:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpP0Bllu7NwCIWBICU6mHWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmIwODQ0MjZkOWRlMGIxMGUwMTQxZDFkZTQzYzc2Mjlj
MTk2ODIwHhcNMjUxMTA0MTcwMDI5WhcNMjUxMTA1MTcwMDI5WjAzMTEwLwYDVQQD
Eyg1N2MyNzg1N2ViZDI0ZjIyNTEzNjk3NWEwMjNkMDczNDBhY2JhMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ny34aPmghO0WNfydWUxHxmzprVB
O/mnK1UOTu3e/cPV6fzgBXHaMKVgmRjO/CaCCEBk6MAM1uis9xf2Cg/rVLfDiuXw
orhbySQxMtz/ois7fMpILULGpZDm2MiAy6poUhRSjhqCLZb80GaZd58Ill/TdFjl
fmfpgbUFtH19HLLk3bHSEGqp4hFn3U2UDJOKEbfwCFeo1aBqG8wo28zDkDSd0Xzt
sJEE7rZOACkmjFwQcBYL/dm/JXRjENuZJZ90oS7sIx+KPOq6mjBN8aNaPYAIQGjI
zhKhnJzQep6/P+JgiSzTUvfI9HsHMvSXrDiFHjZxe0FtTY8lNFd87poL8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFfCeFfr0k8iUTaXWgI9BzQKy6H2MB8GA1UdIwQY
MBaAFDprCEQm2d4LEOAUHR3kPHYpwZaCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2Ut
MzA1YjdjZWViNzk2LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2UtMzA1YjdjZWViNzk2
LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqgsSXuwY
TH85RlVLQotm70DZUrQMadZaIT7rpLYxoiUwFjIglfc4eFQ9DhMB/e3xRUMaYIEc
kLku7CyukENJK3ApXZBnZmfWUOPNP8neqqlDbs63K85Img8JJECsl5p9lInVTFl9
sc9NYLygQ/j5gl3F8wCB2wbIk+EUd6uuDZMup7OqnfcEj8awEzwrb0l1Kk/fXUyz
OnPMKlz7dxSz05NwZs6evfWEiSfMzKaxdOHk2L0hsKZ8mqRUNkAeVFcKmGcNBcg1
8k4e27qqAOmvioM9nSaN0sFue7GQNMc2riAFDerUSv+cAn8O+nkM6ePo/K/ljykq
z2DqNZCFm6v3Ow==
-----END CERTIFICATE-----