Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
File:                     oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft (raw, json)
Hash identifier:          LXvBwewJa4teldqe82mJK+ejWYTfdb91HYewYChjjw8=
Subject key identifier:   0F:52:E3:D6:C1:0E:D9:41:83:A8:24:40:4D:2E:75:DF:43:2E:AC:E1
Authority key identifier: A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39
Certificate issuer:       /CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
Certificate serial:       019D9AE2ED602C9223680D0B663BE498BEC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
Manifest number:          1492
Signing time:             Fri 17 Apr 2026 10:00:56 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:56 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:56 +0000
Files and hashes:         1: oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl (hash: MLm7nSH1knF4+fVhpGBcaf6V6muRtsEma/ktImgZTuw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:ed:60:2c:92:23:68:0d:0b:66:3b:e4:98:be:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
        Validity
            Not Before: Apr 17 10:00:56 2026 GMT
            Not After : Apr 18 10:00:56 2026 GMT
        Subject: CN=0f52e3d6c10ed94183a824404d2e75df432eace1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:fd:c7:3b:86:05:4c:a6:57:9f:43:96:8d:97:
                    5e:72:6d:eb:f8:96:bd:84:36:c5:0e:df:44:d1:66:
                    d3:06:41:b2:53:22:ca:7d:5d:ef:0c:84:16:ba:52:
                    6e:49:ba:fd:7f:1b:ad:ea:0a:b9:8b:cb:5c:82:90:
                    33:d9:ee:88:ff:ff:45:f9:0d:38:40:0a:2e:13:f3:
                    3b:40:72:43:b5:6c:fc:78:a1:69:76:04:47:68:61:
                    2c:3a:7d:8d:70:1e:e5:f2:30:51:60:82:a2:a4:3a:
                    59:a8:fd:ca:80:99:8d:89:2c:5f:ce:b3:64:78:64:
                    96:b7:0a:a2:d0:e3:07:0a:7d:2e:9e:0d:2b:6f:6b:
                    5c:f1:a2:8b:7e:2f:70:ab:29:a0:88:30:c3:a2:bb:
                    9a:7e:24:de:6f:a2:c7:62:79:25:51:83:cb:0c:9a:
                    78:03:ab:9c:d5:a7:be:fb:35:66:80:11:ad:fc:88:
                    a7:ed:45:35:93:09:1d:a1:f2:e2:71:74:bf:ee:39:
                    c0:a0:66:28:bc:ec:9a:da:70:95:6a:9e:c3:86:1d:
                    46:06:35:45:08:42:02:39:db:22:61:5e:d9:68:98:
                    aa:f0:4c:9f:73:92:06:a5:cb:ba:05:69:ed:36:ee:
                    3a:d6:bf:bc:fe:11:f3:9e:b4:8e:c6:43:99:84:6b:
                    47:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:52:E3:D6:C1:0E:D9:41:83:A8:24:40:4D:2E:75:DF:43:2E:AC:E1
            X509v3 Authority Key Identifier:
                keyid:A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:04:a3:89:0c:98:b9:bb:33:89:ec:8a:c1:8a:a3:6d:66:9f:
         9c:41:28:27:db:50:88:82:ae:8b:67:e7:b3:ed:70:38:8a:dc:
         00:78:a6:80:b5:ee:93:72:0b:cf:d8:b8:7b:d6:6e:1f:07:48:
         cb:4e:08:a4:3e:7d:82:2b:7c:3c:c6:1b:68:be:cd:2b:32:7f:
         3b:9c:a0:84:f0:0d:37:23:96:f8:59:ab:37:48:49:ba:2d:f3:
         c8:4e:9a:3a:70:a1:10:76:33:81:60:ff:2d:fd:c6:cc:a9:c1:
         8b:1b:9c:8c:a3:fe:1c:80:5b:5e:a0:3d:bb:15:d8:1e:c5:4d:
         fe:42:fb:4f:3d:2f:a1:57:17:21:e6:f9:47:2b:af:e6:bd:33:
         bf:44:63:54:2a:ed:4b:34:a7:d9:39:82:3d:68:f6:ee:df:77:
         68:f1:d6:ec:e6:62:e1:dc:1c:d9:6e:34:cb:18:42:02:ef:dc:
         94:16:b1:9e:65:5b:5c:08:15:96:a1:d8:2c:81:7d:a7:a4:a4:
         56:12:b6:1f:36:70:3c:f8:d9:3e:dc:89:a9:4b:75:cb:ff:d1:
         09:0d:ae:4e:40:13:e0:ef:81:ff:df:5f:f9:c9:3f:09:6c:c6:
         64:67:51:92:cc:29:67:45:f0:2a:ad:de:84:63:01:c2:66:d9:
         cb:c7:1e:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4u1gLJIjaA0LZjvkmL7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwY2EzM2U3ZjY3MjVlYjRlZTg3YmE5MWIxZGQyZTFjNDIx
NjhjMzkwHhcNMjYwNDE3MTAwMDU2WhcNMjYwNDE4MTAwMDU2WjAzMTEwLwYDVQQD
EygwZjUyZTNkNmMxMGVkOTQxODNhODI0NDA0ZDJlNzVkZjQzMmVhY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv3HO4YFTKZXn0OWjZdecm3r+Ja9
hDbFDt9E0WbTBkGyUyLKfV3vDIQWulJuSbr9fxut6gq5i8tcgpAz2e6I//9F+Q04
QAouE/M7QHJDtWz8eKFpdgRHaGEsOn2NcB7l8jBRYIKipDpZqP3KgJmNiSxfzrNk
eGSWtwqi0OMHCn0ung0rb2tc8aKLfi9wqymgiDDDoruafiTeb6LHYnklUYPLDJp4
A6uc1ae++zVmgBGt/Iin7UU1kwkdofLicXS/7jnAoGYovOya2nCVap7Dhh1GBjVF
CEICOdsiYV7ZaJiq8Eyfc5IGpcu6BWntNu461r+8/hHznrSOxkOZhGtHtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA9S49bBDtlBg6gkQE0udd9DLqzhMB8GA1UdIwQY
MBaAFKDKM+f2cl607oe6kbHdLhxCFow5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMt
ZjIxYWI3ZTllMWY1LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMtZjIxYWI3ZTllMWY1
LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABgSjiQyY
ubszieyKwYqjbWafnEEoJ9tQiIKui2fns+1wOIrcAHimgLXuk3ILz9i4e9ZuHwdI
y04IpD59git8PMYbaL7NKzJ/O5yghPANNyOW+FmrN0hJui3zyE6aOnChEHYzgWD/
Lf3GzKnBixucjKP+HIBbXqA9uxXYHsVN/kL7Tz0voVcXIeb5Ryuv5r0zv0RjVCrt
SzSn2TmCPWj27t93aPHW7OZi4dwc2W40yxhCAu/clBaxnmVbXAgVlqHYLIF9p6Sk
VhK2HzZwPPjZPtyJqUt1y//RCQ2uTkAT4O+B/99f+ck/CWzGZGdRkswpZ0XwKq3e
hGMBwmbZy8cewA==
-----END CERTIFICATE-----