Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
File:                     oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft (raw, json)
Hash identifier:          QAEZkejtOmteRHB5Fixf5zzR2cFGfndFKvuFr/Y/etk=
Subject key identifier:   AB:E3:DC:2D:97:23:BB:F3:3A:A2:12:F7:28:3B:CC:2F:5D:38:64:81
Authority key identifier: A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39
Certificate issuer:       /CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
Certificate serial:       0198835594725E64D426BC17372E57F85E41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
Manifest number:          11EF
Signing time:             Thu 07 Aug 2025 07:01:20 +0000
Manifest this update:     Thu 07 Aug 2025 07:01:20 +0000
Manifest next update:     Fri 08 Aug 2025 07:01:20 +0000
Files and hashes:         1: oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl (hash: D5eYC5qPafHuVpEFwh7fwoa0c9UmBNfvNmBY5XxAvoo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 07:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:83:55:94:72:5e:64:d4:26:bc:17:37:2e:57:f8:5e:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
        Validity
            Not Before: Aug  7 07:01:20 2025 GMT
            Not After : Aug  8 07:01:20 2025 GMT
        Subject: CN=abe3dc2d9723bbf33aa212f7283bcc2f5d386481
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:36:76:15:72:0a:fc:70:19:cf:db:2c:de:41:
                    42:2b:ac:35:45:27:f6:39:f6:d6:04:5a:ac:c3:fb:
                    ce:f0:16:cd:4f:7e:df:dd:9a:29:cb:a5:14:1a:42:
                    5c:6e:65:82:f3:15:e5:b4:89:9f:4e:45:e8:2d:55:
                    65:64:0d:21:89:68:d3:3b:f0:7c:90:70:57:36:e1:
                    5d:1b:7b:5b:8e:e0:f1:c2:f6:30:97:9b:0b:ae:b0:
                    48:4e:fe:c9:5c:d9:c0:33:8e:bd:55:2c:e0:09:4a:
                    a6:9a:90:09:e1:27:bf:27:6b:f9:80:72:8c:b1:90:
                    e8:b5:b9:d0:3f:dd:00:0c:66:78:44:15:4a:02:a2:
                    a2:21:4a:06:be:c9:56:65:43:71:05:28:5b:3f:c8:
                    3a:e8:6c:28:07:7b:ef:01:08:4f:fa:ae:60:c0:20:
                    4e:51:89:e4:aa:f0:1a:ac:97:0b:06:72:b4:8a:f9:
                    8b:f8:58:6a:e9:f1:a5:bd:66:10:5f:1d:66:15:23:
                    3c:aa:f8:fd:68:c5:72:9b:4f:bf:be:74:b8:dc:64:
                    f2:08:16:08:a7:28:a0:98:85:00:c0:64:fb:8f:11:
                    48:1e:5b:63:fd:a6:5e:e1:fc:ac:3f:3b:1a:23:30:
                    9a:ad:cd:6c:d2:d8:31:2b:76:e6:2a:6c:c4:10:76:
                    ec:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:E3:DC:2D:97:23:BB:F3:3A:A2:12:F7:28:3B:CC:2F:5D:38:64:81
            X509v3 Authority Key Identifier:
                keyid:A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:bc:c3:e1:69:66:0d:6a:d0:02:9b:8d:94:52:26:7b:ed:04:
         ab:be:9e:a2:38:05:12:f5:af:94:83:68:25:84:cb:98:0e:68:
         f5:fb:b2:82:14:a2:89:ec:1b:64:9f:75:67:00:dd:92:b5:02:
         ad:d2:dc:1e:9b:7e:52:20:32:fd:83:7c:92:a5:9f:12:16:80:
         8f:dd:30:a1:a9:1a:cc:75:aa:21:02:75:f7:bf:3f:0b:70:62:
         98:56:3b:28:29:2b:8c:ab:8a:49:bb:1d:50:e3:10:ac:15:42:
         92:bc:74:0d:51:03:27:83:e3:8d:2c:b2:d6:a3:a9:8b:99:e9:
         29:84:c3:0a:60:54:0e:b7:99:65:6e:26:7f:99:19:97:9c:1f:
         06:66:0c:e8:1c:7b:f2:ff:62:8a:0a:e4:41:8c:92:76:0a:bc:
         b5:65:2b:cf:bc:4d:09:23:8f:4f:b5:88:63:0f:f5:52:f8:11:
         de:b9:c6:18:ab:87:35:05:92:09:81:f8:82:0c:cb:b7:99:d3:
         ac:0b:b6:36:d6:8c:41:9e:92:f5:ed:8f:30:de:c4:ec:51:fd:
         7c:d8:3f:75:77:b9:92:ad:d2:de:dd:9e:73:79:95:65:b1:ed:
         71:d5:cd:8c:19:81:dc:5e:ac:66:bd:99:6a:ae:30:1a:a2:0e:
         b9:91:00:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiDVZRyXmTUJrwXNy5X+F5BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwY2EzM2U3ZjY3MjVlYjRlZTg3YmE5MWIxZGQyZTFjNDIx
NjhjMzkwHhcNMjUwODA3MDcwMTIwWhcNMjUwODA4MDcwMTIwWjAzMTEwLwYDVQQD
EyhhYmUzZGMyZDk3MjNiYmYzM2FhMjEyZjcyODNiY2MyZjVkMzg2NDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDZ2FXIK/HAZz9ss3kFCK6w1RSf2
OfbWBFqsw/vO8BbNT37f3Zopy6UUGkJcbmWC8xXltImfTkXoLVVlZA0hiWjTO/B8
kHBXNuFdG3tbjuDxwvYwl5sLrrBITv7JXNnAM469VSzgCUqmmpAJ4Se/J2v5gHKM
sZDotbnQP90ADGZ4RBVKAqKiIUoGvslWZUNxBShbP8g66GwoB3vvAQhP+q5gwCBO
UYnkqvAarJcLBnK0ivmL+Fhq6fGlvWYQXx1mFSM8qvj9aMVym0+/vnS43GTyCBYI
pyigmIUAwGT7jxFIHltj/aZe4fysPzsaIzCarc1s0tgxK3bmKmzEEHbsOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKvj3C2XI7vzOqIS9yg7zC9dOGSBMB8GA1UdIwQY
MBaAFKDKM+f2cl607oe6kbHdLhxCFow5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMt
ZjIxYWI3ZTllMWY1LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMtZjIxYWI3ZTllMWY1
LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi7zD4Wlm
DWrQApuNlFIme+0Eq76eojgFEvWvlINoJYTLmA5o9fuyghSiiewbZJ91ZwDdkrUC
rdLcHpt+UiAy/YN8kqWfEhaAj90woakazHWqIQJ1978/C3BimFY7KCkrjKuKSbsd
UOMQrBVCkrx0DVEDJ4PjjSyy1qOpi5npKYTDCmBUDreZZW4mf5kZl5wfBmYM6Bx7
8v9iigrkQYySdgq8tWUrz7xNCSOPT7WIYw/1UvgR3rnGGKuHNQWSCYH4ggzLt5nT
rAu2NtaMQZ6S9e2PMN7E7FH9fNg/dXe5kq3S3t2ec3mVZbHtcdXNjBmB3F6sZr2Z
aq4wGqIOuZEAnQ==
-----END CERTIFICATE-----