Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
File:                     oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft (raw, json)
Hash identifier:          GmSKghd5v5nc/e1ARK9VrDsaHFVn2iADSLLTKWIXcWg=
Subject key identifier:   3D:D9:1A:BD:79:4D:06:A1:49:CB:6F:A3:A7:EA:9E:BC:B8:19:DB:10
Authority key identifier: A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39
Certificate issuer:       /CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
Certificate serial:       019CAD59F6A3685034284CDF904C8ED319BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
Manifest number:          1417
Signing time:             Mon 02 Mar 2026 07:01:19 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:19 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:19 +0000
Files and hashes:         1: oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl (hash: DULdx1cgdItVa1UggOkw+RWFdmn8wUunA4qBv3AnWaA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:f6:a3:68:50:34:28:4c:df:90:4c:8e:d3:19:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
        Validity
            Not Before: Mar  2 07:01:19 2026 GMT
            Not After : Mar  3 07:01:19 2026 GMT
        Subject: CN=3dd91abd794d06a149cb6fa3a7ea9ebcb819db10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:47:6b:9c:6d:a8:82:7a:6d:ae:d6:d4:72:cc:
                    c4:22:43:7a:76:d0:a8:89:cf:4b:43:94:40:d2:ad:
                    b7:8c:02:46:93:89:93:a5:43:18:b9:05:52:3a:42:
                    a6:4d:61:7f:ca:9d:c8:3d:79:b2:dd:0a:97:da:ee:
                    eb:a1:d1:23:e5:66:84:cc:fd:75:51:42:06:a4:ad:
                    9a:87:4a:51:e2:82:3c:2e:51:c8:00:80:ae:a0:4b:
                    e2:95:c6:7f:fd:b1:f6:7d:31:bf:9d:2c:a2:97:1f:
                    1d:da:0e:2c:63:ce:b6:d6:48:6e:de:23:da:a8:73:
                    2c:b8:a3:44:c0:63:2c:90:e6:81:0b:ad:8b:6b:fd:
                    79:11:72:d1:84:de:3c:01:84:8c:8d:d4:48:ea:1d:
                    9f:52:05:a9:97:b3:76:55:04:96:57:11:39:e3:d1:
                    89:6b:7f:01:fb:b5:f7:29:e1:37:42:ae:cc:fb:40:
                    b3:08:4b:ee:21:b2:f3:c4:42:31:db:ee:03:4b:6e:
                    72:ac:1c:5a:24:a2:06:16:51:be:17:19:96:df:53:
                    76:3f:28:ba:a8:83:45:b7:09:eb:0d:b5:c7:2c:9a:
                    80:19:5e:54:c0:b8:7f:c5:74:54:75:27:63:2e:37:
                    a7:58:c3:c6:70:fd:55:af:87:25:e2:f9:31:6a:7f:
                    8d:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:D9:1A:BD:79:4D:06:A1:49:CB:6F:A3:A7:EA:9E:BC:B8:19:DB:10
            X509v3 Authority Key Identifier:
                keyid:A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:cb:d3:40:0c:47:db:81:58:2e:4a:6f:38:8d:54:c3:b2:fb:
         2a:12:30:03:4a:f3:92:2a:27:fa:7b:a7:00:83:3b:29:21:60:
         e7:03:0d:c3:31:ad:98:92:0f:5d:b8:f7:c7:e7:0f:f4:b5:e5:
         df:29:13:7a:16:87:b2:0f:7e:e4:d6:40:95:a2:0c:6a:1a:21:
         a8:84:9b:a3:c4:44:37:37:f1:c0:c4:c8:2b:88:15:77:55:e1:
         8e:34:1e:92:ce:22:81:cb:3d:f6:8e:ea:e5:cd:ec:d4:03:56:
         ef:2c:3b:f1:f9:48:b3:3a:f4:9e:81:d0:b4:9a:bf:70:be:aa:
         e7:67:df:0d:2e:0c:89:1b:11:da:e1:41:de:7b:2a:3d:2b:96:
         45:26:91:cf:08:f9:bd:82:e9:01:54:03:d6:7e:48:af:1e:c1:
         b7:66:cc:64:c9:8a:ad:1d:4d:37:af:14:cf:ec:df:86:6e:b9:
         6c:27:4f:df:3a:68:3a:96:28:bd:a3:24:ef:8f:d5:d6:c7:96:
         53:32:e4:10:03:3d:5a:65:03:ac:13:3d:7f:d6:fc:2f:3c:de:
         f7:b0:61:f0:de:1a:67:1a:2c:5c:a7:76:48:ff:40:d1:99:0e:
         8d:85:7b:9b:ec:47:90:dd:80:71:47:82:87:4d:b8:26:8c:77:
         57:8d:f6:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWfajaFA0KEzfkEyO0xm+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwY2EzM2U3ZjY3MjVlYjRlZTg3YmE5MWIxZGQyZTFjNDIx
NjhjMzkwHhcNMjYwMzAyMDcwMTE5WhcNMjYwMzAzMDcwMTE5WjAzMTEwLwYDVQQD
EygzZGQ5MWFiZDc5NGQwNmExNDljYjZmYTNhN2VhOWViY2I4MTlkYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EdrnG2ognptrtbUcszEIkN6dtCo
ic9LQ5RA0q23jAJGk4mTpUMYuQVSOkKmTWF/yp3IPXmy3QqX2u7rodEj5WaEzP11
UUIGpK2ah0pR4oI8LlHIAICuoEvilcZ//bH2fTG/nSyilx8d2g4sY8621khu3iPa
qHMsuKNEwGMskOaBC62La/15EXLRhN48AYSMjdRI6h2fUgWpl7N2VQSWVxE549GJ
a38B+7X3KeE3Qq7M+0CzCEvuIbLzxEIx2+4DS25yrBxaJKIGFlG+FxmW31N2Pyi6
qINFtwnrDbXHLJqAGV5UwLh/xXRUdSdjLjenWMPGcP1Vr4cl4vkxan+NFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3ZGr15TQahSctvo6fqnry4GdsQMB8GA1UdIwQY
MBaAFKDKM+f2cl607oe6kbHdLhxCFow5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMt
ZjIxYWI3ZTllMWY1LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMtZjIxYWI3ZTllMWY1
LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUMvTQAxH
24FYLkpvOI1Uw7L7KhIwA0rzkion+nunAIM7KSFg5wMNwzGtmJIPXbj3x+cP9LXl
3ykTehaHsg9+5NZAlaIMahohqISbo8RENzfxwMTIK4gVd1XhjjQeks4igcs99o7q
5c3s1ANW7yw78flIszr0noHQtJq/cL6q52ffDS4MiRsR2uFB3nsqPSuWRSaRzwj5
vYLpAVQD1n5Irx7Bt2bMZMmKrR1NN68Uz+zfhm65bCdP3zpoOpYovaMk74/V1seW
UzLkEAM9WmUDrBM9f9b8Lzze97Bh8N4aZxosXKd2SP9A0ZkOjYV7m+xHkN2AcUeC
h024Jox3V432NQ==
-----END CERTIFICATE-----