Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
File:                     O5keroXFJmJwwx30GBqgerLge1Q.mft (raw, json)
Hash identifier:          Vrz6LSe+ZhNKLDOJMDyISG1U2KqziqJJBYQ1yTBSVrc=
Subject key identifier:   E9:3D:16:1A:20:0D:58:BD:5B:FE:49:1E:2B:90:22:90:9D:AC:32:F1
Authority key identifier: 3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54
Certificate issuer:       /CN=3b991eae85c5266270c31df4181aa07ab2e07b54
Certificate serial:       019763967F513A536D13E3105AD6522A271A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
Manifest number:          071B
Signing time:             Thu 12 Jun 2025 10:01:36 +0000
Manifest this update:     Thu 12 Jun 2025 10:01:36 +0000
Manifest next update:     Fri 13 Jun 2025 10:01:36 +0000
Files and hashes:         1: O5keroXFJmJwwx30GBqgerLge1Q.crl (hash: XrRqyIts2gGHLs8o//9j7nXaYiIfYKo0tI12WNivyvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:96:7f:51:3a:53:6d:13:e3:10:5a:d6:52:2a:27:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b991eae85c5266270c31df4181aa07ab2e07b54
        Validity
            Not Before: Jun 12 10:01:36 2025 GMT
            Not After : Jun 13 10:01:36 2025 GMT
        Subject: CN=e93d161a200d58bd5bfe491e2b9022909dac32f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:16:76:af:76:a2:65:ef:a0:70:e8:2c:f0:95:
                    58:d6:53:8b:90:c0:ae:4b:64:3b:5f:80:32:bd:7d:
                    41:53:a0:ec:41:7e:83:31:f0:6c:96:da:c4:a3:a0:
                    be:6f:cd:3f:dd:e3:ce:2f:59:fc:d3:31:4a:40:58:
                    f1:bb:07:66:a8:85:50:d3:21:d9:eb:a1:c6:ff:bd:
                    1b:d1:bc:8a:fe:d5:a2:c3:a7:c4:a6:a4:98:49:4d:
                    92:b0:a4:24:25:4c:39:b4:46:b1:5d:e6:80:46:17:
                    87:4e:25:2c:4e:53:17:93:61:19:71:23:bf:70:fb:
                    aa:9b:cf:f6:17:92:b1:a5:d4:81:b3:3e:46:d6:70:
                    72:fd:78:d3:5c:98:bd:e8:5d:e2:91:f5:b7:28:8d:
                    84:97:f7:e0:ad:b4:99:49:51:9e:2a:6e:c4:cb:25:
                    a0:c7:8c:8c:b8:f4:b7:06:bb:a3:82:93:fd:bc:00:
                    80:11:f7:06:df:77:79:a0:f2:3f:5e:e0:c6:21:bd:
                    45:f3:2e:f7:3c:b4:a7:4d:98:dc:30:fe:d1:1b:15:
                    1d:4d:41:43:eb:c7:83:bb:47:9f:d8:ea:99:59:20:
                    25:6b:15:be:46:35:24:f4:e2:cf:02:8e:cd:73:e7:
                    83:51:10:55:8e:73:71:2d:1e:2f:0f:5b:76:c9:d7:
                    6f:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:3D:16:1A:20:0D:58:BD:5B:FE:49:1E:2B:90:22:90:9D:AC:32:F1
            X509v3 Authority Key Identifier:
                keyid:3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:d0:05:3e:9d:fe:e1:4f:f8:40:b3:9d:45:9e:87:1f:df:57:
         16:f5:80:a6:0d:b6:7f:04:8e:21:8e:39:b4:96:eb:1b:ef:02:
         65:f4:5d:2b:11:3a:58:cf:be:d1:4b:9e:51:85:0f:cf:2d:3e:
         ca:55:9c:20:32:50:4e:0f:f2:af:55:9d:e6:96:a4:ba:8f:7c:
         9a:86:03:b1:eb:bd:15:09:8d:e4:c3:45:c0:6e:b8:07:70:54:
         ac:1f:a8:04:ab:e4:de:b4:8e:71:71:30:fd:f3:8b:82:a3:14:
         4a:84:f9:85:f8:f2:61:f5:b3:2a:2c:c4:10:ae:88:0f:ab:55:
         17:84:12:5f:72:6a:f6:69:9a:d6:e2:05:d7:53:95:f1:d8:0f:
         81:b3:08:89:74:68:d9:17:6c:e4:da:c5:ef:31:da:b0:f0:9a:
         0a:f2:38:6a:77:7b:f0:06:f9:e2:0a:09:d5:18:48:3b:5b:aa:
         a1:ca:df:da:33:77:5b:cb:40:ca:90:fa:d4:d8:6a:28:b0:f7:
         26:2f:43:01:ff:f3:8c:ce:a5:95:71:b5:a5:3c:1c:77:22:dd:
         9f:8a:80:1b:ad:de:1d:71:bd:6a:67:db:7c:3b:b6:1f:d4:9b:
         fd:79:f4:98:dd:21:b6:08:ed:dc:09:76:51:5f:d0:e2:b2:3f:
         ec:ea:ee:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjln9ROlNtE+MQWtZSKicaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTkxZWFlODVjNTI2NjI3MGMzMWRmNDE4MWFhMDdhYjJl
MDdiNTQwHhcNMjUwNjEyMTAwMTM2WhcNMjUwNjEzMTAwMTM2WjAzMTEwLwYDVQQD
EyhlOTNkMTYxYTIwMGQ1OGJkNWJmZTQ5MWUyYjkwMjI5MDlkYWMzMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBZ2r3aiZe+gcOgs8JVY1lOLkMCu
S2Q7X4AyvX1BU6DsQX6DMfBsltrEo6C+b80/3ePOL1n80zFKQFjxuwdmqIVQ0yHZ
66HG/70b0byK/tWiw6fEpqSYSU2SsKQkJUw5tEaxXeaARheHTiUsTlMXk2EZcSO/
cPuqm8/2F5KxpdSBsz5G1nBy/XjTXJi96F3ikfW3KI2El/fgrbSZSVGeKm7EyyWg
x4yMuPS3BrujgpP9vACAEfcG33d5oPI/XuDGIb1F8y73PLSnTZjcMP7RGxUdTUFD
68eDu0ef2OqZWSAlaxW+RjUk9OLPAo7Nc+eDURBVjnNxLR4vD1t2yddvCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOk9FhogDVi9W/5JHiuQIpCdrDLxMB8GA1UdIwQY
MBaAFDuZHq6FxSZicMMd9BgaoHqy4HtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDkt
ZTc5N2IyZDgyYjM5LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDktZTc5N2IyZDgyYjM5
LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ9AFPp3+
4U/4QLOdRZ6HH99XFvWApg22fwSOIY45tJbrG+8CZfRdKxE6WM++0UueUYUPzy0+
ylWcIDJQTg/yr1Wd5pakuo98moYDseu9FQmN5MNFwG64B3BUrB+oBKvk3rSOcXEw
/fOLgqMUSoT5hfjyYfWzKizEEK6ID6tVF4QSX3Jq9mma1uIF11OV8dgPgbMIiXRo
2Rds5NrF7zHasPCaCvI4and78Ab54goJ1RhIO1uqocrf2jN3W8tAypD61NhqKLD3
Ji9DAf/zjM6llXG1pTwcdyLdn4qAG63eHXG9amfbfDu2H9Sb/Xn0mN0htgjt3Al2
UV/Q4rI/7OrutQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 15:04:11 2025 by rpki-client