Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
File:                     oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft (raw, json)
Hash identifier:          8ZsbuHnVsaBUQK06eZzhWjqHiepjIBk7C46SGh+ijxI=
Subject key identifier:   70:3A:B1:DC:FE:5E:94:A8:0A:0C:F1:AF:52:25:64:48:D4:D4:D3:7C
Authority key identifier: A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39
Certificate issuer:       /CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
Certificate serial:       019A54C08BB62A1AF56EEB47FA99933EB006
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
Manifest number:          12E0
Signing time:             Wed 05 Nov 2025 16:01:36 +0000
Manifest this update:     Wed 05 Nov 2025 16:01:36 +0000
Manifest next update:     Thu 06 Nov 2025 16:01:36 +0000
Files and hashes:         1: oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl (hash: l/QuEHrI8QgiunD/wxf47huPj2ybVo4rk8lBeXWUQIU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 12:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:54:c0:8b:b6:2a:1a:f5:6e:eb:47:fa:99:93:3e:b0:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
        Validity
            Not Before: Nov  5 16:01:36 2025 GMT
            Not After : Nov  6 16:01:36 2025 GMT
        Subject: CN=703ab1dcfe5e94a80a0cf1af52256448d4d4d37c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:28:d8:69:92:db:52:8a:eb:a0:f3:58:88:10:
                    37:0e:ac:d0:0d:96:a1:be:3c:ee:ff:7f:f4:3e:be:
                    39:88:d6:f7:44:1b:c4:d7:da:d4:40:80:ac:f4:08:
                    83:78:57:e7:50:74:9a:dd:4b:fd:56:84:76:6a:1d:
                    89:1e:f1:c7:e0:f4:bd:c4:b3:98:fe:5d:39:4c:62:
                    2f:4f:90:de:a4:7e:c9:76:25:fb:45:99:19:78:80:
                    02:e0:5f:e9:6c:34:21:92:8a:8a:b1:f9:88:86:57:
                    b9:e7:2e:0c:70:9c:cf:e9:87:9f:b7:9a:82:95:e3:
                    b5:6e:f7:f3:8f:da:af:75:48:56:9c:77:42:b1:64:
                    8c:85:45:05:20:7d:8d:d9:af:05:4d:ca:78:9b:b9:
                    18:67:c8:e6:dc:fc:6a:91:4f:27:d2:50:ac:e1:7d:
                    b8:0e:d0:6e:e5:4e:e6:1c:aa:10:28:d5:25:c9:e7:
                    09:ee:8b:28:2d:93:74:0a:52:92:62:f0:52:13:34:
                    85:12:02:ab:22:90:7e:71:89:3f:3d:10:bc:74:7a:
                    43:6a:6a:5e:e2:05:eb:8b:33:eb:9c:b8:10:4d:0e:
                    25:5e:05:cf:c8:1c:35:0c:e7:29:ef:c6:34:92:19:
                    69:48:81:30:1a:ce:79:6b:89:1c:9a:99:16:54:19:
                    db:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:3A:B1:DC:FE:5E:94:A8:0A:0C:F1:AF:52:25:64:48:D4:D4:D3:7C
            X509v3 Authority Key Identifier:
                keyid:A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:93:f3:50:06:03:58:0d:c8:62:b5:a9:ff:f2:37:49:7f:bd:
         53:ae:0c:67:fb:6b:66:68:8f:6e:ce:4e:18:6c:e3:15:c1:df:
         0a:52:ac:59:02:8e:cc:3d:5c:1f:3d:30:38:84:71:6b:43:48:
         72:f9:a8:c6:b6:3d:c0:2e:54:00:4c:b4:d9:89:bd:3d:73:2d:
         72:11:47:96:b6:0f:b8:b6:bb:9e:ff:94:3c:6c:75:c7:5d:2d:
         a2:aa:4e:b4:a5:12:b5:f7:c8:80:e0:c7:67:e0:ba:ec:f5:d5:
         28:8f:49:02:3f:2d:32:2a:fa:4a:97:f4:c8:71:9e:7a:68:e3:
         6a:cb:89:9f:1b:17:fa:ff:fd:b9:d9:15:4b:50:32:91:a2:53:
         29:8b:cb:30:b0:d9:0f:66:2c:d8:3b:e4:5a:45:5d:69:d8:34:
         dc:ff:a7:87:43:10:ac:52:e5:9d:9a:f4:aa:ef:8a:90:75:31:
         0b:3e:d5:13:7d:81:36:8b:cf:33:bf:1c:2d:28:38:e1:74:c5:
         bf:93:57:87:e5:cd:39:1d:f0:ab:5d:64:86:8f:b3:8d:44:ff:
         44:19:d3:cb:81:7d:79:ce:d8:97:8e:48:b6:26:81:df:d8:f1:
         55:7a:65:5e:d0:d1:c2:a4:4d:16:03:db:01:38:ed:7b:7f:80:
         4c:04:b3:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUwIu2Khr1butH+pmTPrAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwY2EzM2U3ZjY3MjVlYjRlZTg3YmE5MWIxZGQyZTFjNDIx
NjhjMzkwHhcNMjUxMTA1MTYwMTM2WhcNMjUxMTA2MTYwMTM2WjAzMTEwLwYDVQQD
Eyg3MDNhYjFkY2ZlNWU5NGE4MGEwY2YxYWY1MjI1NjQ0OGQ0ZDRkMzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSjYaZLbUorroPNYiBA3DqzQDZah
vjzu/3/0Pr45iNb3RBvE19rUQICs9AiDeFfnUHSa3Uv9VoR2ah2JHvHH4PS9xLOY
/l05TGIvT5DepH7JdiX7RZkZeIAC4F/pbDQhkoqKsfmIhle55y4McJzP6Yeft5qC
leO1bvfzj9qvdUhWnHdCsWSMhUUFIH2N2a8FTcp4m7kYZ8jm3PxqkU8n0lCs4X24
DtBu5U7mHKoQKNUlyecJ7osoLZN0ClKSYvBSEzSFEgKrIpB+cYk/PRC8dHpDampe
4gXrizPrnLgQTQ4lXgXPyBw1DOcp78Y0khlpSIEwGs55a4kcmpkWVBnbhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHA6sdz+XpSoCgzxr1IlZEjU1NN8MB8GA1UdIwQY
MBaAFKDKM+f2cl607oe6kbHdLhxCFow5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMt
ZjIxYWI3ZTllMWY1LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMtZjIxYWI3ZTllMWY1
LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE5PzUAYD
WA3IYrWp//I3SX+9U64MZ/trZmiPbs5OGGzjFcHfClKsWQKOzD1cHz0wOIRxa0NI
cvmoxrY9wC5UAEy02Ym9PXMtchFHlrYPuLa7nv+UPGx1x10toqpOtKUStffIgODH
Z+C67PXVKI9JAj8tMir6Spf0yHGeemjjasuJnxsX+v/9udkVS1AykaJTKYvLMLDZ
D2Ys2DvkWkVdadg03P+nh0MQrFLlnZr0qu+KkHUxCz7VE32BNovPM78cLSg44XTF
v5NXh+XNOR3wq11kho+zjUT/RBnTy4F9ec7Yl45ItiaB39jxVXplXtDRwqRNFgPb
ATjte3+ATASz9g==
-----END CERTIFICATE-----