Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
File:                     oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft (raw, json)
Hash identifier:          M6zwaaPw5WGxQmMmH678Xn8sdA2fENH90EJtrTQ2I1w=
Subject key identifier:   D1:A0:AB:17:60:2C:A8:54:62:3D:B1:9A:3D:DD:4E:4A:56:6D:C2:61
Authority key identifier: A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39
Certificate issuer:       /CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
Certificate serial:       0197696124FA8CAF743D0ECDF74B4D6D7F86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
Manifest number:          115D
Signing time:             Fri 13 Jun 2025 13:01:03 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:03 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:03 +0000
Files and hashes:         1: oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl (hash: nzMux4+H91utseeGd95eqvh9nq1FRSDEkzngOJyzL3Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:24:fa:8c:af:74:3d:0e:cd:f7:4b:4d:6d:7f:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
        Validity
            Not Before: Jun 13 13:01:03 2025 GMT
            Not After : Jun 14 13:01:03 2025 GMT
        Subject: CN=d1a0ab17602ca854623db19a3ddd4e4a566dc261
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:f7:66:1b:cf:ae:01:0e:d5:f1:b3:b7:b6:1b:
                    37:5d:cb:7c:84:e6:f6:24:37:d9:f8:dd:6e:84:f4:
                    12:e5:14:78:c3:ea:ce:63:e4:f0:50:62:c5:b9:44:
                    2e:9b:3a:55:5f:23:84:62:0e:8d:3f:47:9e:82:bc:
                    e6:cc:41:93:3c:e9:ac:09:b8:61:11:0d:67:fb:3b:
                    81:db:7a:f2:15:4d:92:30:17:46:2c:56:66:64:81:
                    11:e7:15:41:59:03:bb:93:3b:6a:db:5e:5b:02:a6:
                    31:08:8d:35:0b:ee:dd:33:8b:f6:25:df:a3:db:7c:
                    63:21:f5:bb:2a:d4:7f:63:60:38:28:01:1d:40:35:
                    25:57:80:26:7b:65:04:62:fe:ab:50:70:ea:f0:98:
                    74:18:d8:0e:e1:3e:6c:99:e8:0d:39:a5:09:3d:01:
                    ba:20:cb:63:af:8e:d2:47:62:3c:36:f6:c4:8e:72:
                    8f:85:4d:ab:18:5b:5a:46:e9:b6:94:0c:38:60:1f:
                    51:2e:ab:b6:32:9e:c4:70:9a:7b:b2:a0:bc:80:d0:
                    9a:f8:99:09:fc:f5:97:6e:11:2b:bd:9a:f6:e9:2e:
                    26:3e:f3:d9:a4:7b:58:ae:bd:f7:18:67:c1:fa:d2:
                    dd:29:f7:b1:2e:de:dd:ce:40:9b:f6:89:6d:a1:63:
                    ab:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:A0:AB:17:60:2C:A8:54:62:3D:B1:9A:3D:DD:4E:4A:56:6D:C2:61
            X509v3 Authority Key Identifier:
                keyid:A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:7b:47:d4:c5:49:03:47:ba:f2:bb:d3:55:53:bd:2a:c7:8e:
         a6:6e:0a:6d:2f:66:ce:68:de:e0:11:03:01:2a:c0:65:8c:06:
         18:c4:d2:15:b9:97:9a:4c:a6:cc:1e:40:e9:85:81:57:e5:3c:
         8a:57:fd:fe:d1:15:00:49:c3:4f:e9:ed:e7:2a:99:11:f3:bb:
         0a:65:96:4e:83:cc:38:75:74:0e:9a:2b:94:e6:4a:17:08:66:
         82:f8:be:78:a4:84:80:40:c2:34:24:b4:aa:b0:5b:1f:eb:80:
         94:b3:de:5f:52:6b:e5:a7:53:b0:ce:66:e8:ee:72:78:c9:62:
         b7:ec:c7:57:b5:9e:47:83:2c:16:40:86:90:b4:3a:fd:b4:90:
         8f:94:1c:46:a7:04:54:ac:46:ef:ef:91:7e:93:e5:dd:e7:f4:
         40:42:95:9a:44:8c:f8:e5:9f:62:17:50:36:58:40:9f:d1:81:
         50:09:a0:c1:21:53:d5:9a:1f:dd:8f:7f:aa:39:2c:81:ce:41:
         eb:b7:9d:6b:94:9c:50:9f:aa:19:d0:b7:45:66:1f:4b:44:0a:
         7d:17:da:fb:47:0c:78:d4:e4:06:e8:6c:e4:08:6f:a7:a4:48:
         72:44:9e:a1:18:79:e8:0b:bd:00:1f:b5:8f:a6:6f:20:b8:06:
         5a:d9:85:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYST6jK90PQ7N90tNbX+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwY2EzM2U3ZjY3MjVlYjRlZTg3YmE5MWIxZGQyZTFjNDIx
NjhjMzkwHhcNMjUwNjEzMTMwMTAzWhcNMjUwNjE0MTMwMTAzWjAzMTEwLwYDVQQD
EyhkMWEwYWIxNzYwMmNhODU0NjIzZGIxOWEzZGRkNGU0YTU2NmRjMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/dmG8+uAQ7V8bO3ths3Xct8hOb2
JDfZ+N1uhPQS5RR4w+rOY+TwUGLFuUQumzpVXyOEYg6NP0eegrzmzEGTPOmsCbhh
EQ1n+zuB23ryFU2SMBdGLFZmZIER5xVBWQO7kztq215bAqYxCI01C+7dM4v2Jd+j
23xjIfW7KtR/Y2A4KAEdQDUlV4Ame2UEYv6rUHDq8Jh0GNgO4T5smegNOaUJPQG6
IMtjr47SR2I8NvbEjnKPhU2rGFtaRum2lAw4YB9RLqu2Mp7EcJp7sqC8gNCa+JkJ
/PWXbhErvZr26S4mPvPZpHtYrr33GGfB+tLdKfexLt7dzkCb9oltoWOr/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGgqxdgLKhUYj2xmj3dTkpWbcJhMB8GA1UdIwQY
MBaAFKDKM+f2cl607oe6kbHdLhxCFow5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMt
ZjIxYWI3ZTllMWY1LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMtZjIxYWI3ZTllMWY1
LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALntH1MVJ
A0e68rvTVVO9KseOpm4KbS9mzmje4BEDASrAZYwGGMTSFbmXmkymzB5A6YWBV+U8
ilf9/tEVAEnDT+nt5yqZEfO7CmWWToPMOHV0DporlOZKFwhmgvi+eKSEgEDCNCS0
qrBbH+uAlLPeX1Jr5adTsM5m6O5yeMlit+zHV7WeR4MsFkCGkLQ6/bSQj5QcRqcE
VKxG7++RfpPl3ef0QEKVmkSM+OWfYhdQNlhAn9GBUAmgwSFT1Zof3Y9/qjksgc5B
67eda5ScUJ+qGdC3RWYfS0QKfRfa+0cMeNTkBuhs5Ahvp6RIckSeoRh56Au9AB+1
j6ZvILgGWtmFvQ==
-----END CERTIFICATE-----