Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
File:                     O5keroXFJmJwwx30GBqgerLge1Q.mft (raw, json)
Hash identifier:          8HLe53khGMtZwQECHodTx54Q5aryge2yOq0aqOmDaZA=
Subject key identifier:   C0:18:FA:FB:96:FA:46:E5:D8:47:4F:A8:24:DA:D6:4C:A6:B2:04:92
Authority key identifier: 3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54
Certificate issuer:       /CN=3b991eae85c5266270c31df4181aa07ab2e07b54
Certificate serial:       01976F2BC51110F4F93D1DC5EBC5D15A638A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
Manifest number:          0721
Signing time:             Sat 14 Jun 2025 16:00:28 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:28 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:28 +0000
Files and hashes:         1: O5keroXFJmJwwx30GBqgerLge1Q.crl (hash: MiokSzkXsy1R8eiLemXNTHALzSjBHBJdBk91vUbF/jA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2b:c5:11:10:f4:f9:3d:1d:c5:eb:c5:d1:5a:63:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b991eae85c5266270c31df4181aa07ab2e07b54
        Validity
            Not Before: Jun 14 16:00:28 2025 GMT
            Not After : Jun 15 16:00:28 2025 GMT
        Subject: CN=c018fafb96fa46e5d8474fa824dad64ca6b20492
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:93:f9:e3:6b:1b:b7:b6:46:de:c4:ec:1b:94:
                    bc:e5:75:18:59:52:4b:11:ab:70:c8:b4:42:be:dc:
                    c8:22:af:4e:b5:8f:6e:83:cd:8a:88:b4:b4:81:90:
                    79:71:f8:2c:f5:3b:8a:1f:da:20:97:75:97:e3:0b:
                    b3:8c:71:4a:79:ee:4e:ee:33:58:68:1e:a3:3a:5c:
                    09:b8:91:d4:91:3a:b4:b7:2c:d1:a3:0d:f9:92:0d:
                    95:98:90:58:9c:d4:6a:d0:10:05:59:49:4d:e3:d6:
                    16:1e:19:70:78:f9:eb:e0:1d:8c:83:5d:53:56:40:
                    e3:10:43:02:e9:c1:d3:60:e6:cd:95:eb:e7:9e:cb:
                    c4:72:c0:47:3a:4b:6e:65:91:8a:94:62:b8:9f:4b:
                    e2:3e:51:d6:37:26:f4:a1:6d:04:a1:8f:29:80:26:
                    97:ae:66:7c:2a:99:3d:68:a4:a7:32:23:b1:56:82:
                    a0:6f:51:2f:61:d1:84:dc:11:ef:51:83:5f:6c:8f:
                    10:c2:54:f3:ed:35:95:6d:1a:d4:2b:02:8a:c5:73:
                    ef:00:63:c2:3f:f0:3d:f7:ca:9f:5c:37:47:d6:ee:
                    7c:f5:41:de:e3:f2:88:b3:04:8f:b1:0c:65:2a:07:
                    29:b6:48:c4:f4:3e:b9:84:57:c4:1b:78:22:71:04:
                    fa:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:18:FA:FB:96:FA:46:E5:D8:47:4F:A8:24:DA:D6:4C:A6:B2:04:92
            X509v3 Authority Key Identifier:
                keyid:3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:f8:52:ec:c3:89:ae:dd:55:14:ae:d3:e5:61:d7:77:e2:55:
         6c:65:b3:79:d4:40:4f:6f:b9:04:02:ec:d3:d3:d1:c0:a4:94:
         07:a4:b9:26:f8:5b:4f:0f:bb:2c:b9:63:cb:5c:5e:03:d5:65:
         73:bd:e8:32:28:9e:af:44:87:72:91:2d:9b:e1:df:15:8f:86:
         9f:3b:e7:e0:3b:ef:91:f8:0f:97:bb:f6:16:2a:62:5f:a7:d1:
         22:1d:77:11:10:af:03:dc:ca:87:82:a5:e0:67:6c:ba:c9:16:
         58:fa:d4:53:f5:76:fc:ee:77:1d:8d:a0:95:0f:42:13:19:91:
         00:d7:ac:ae:62:49:90:a5:53:61:ee:cd:5f:e6:04:7a:d2:bb:
         5c:20:0f:68:ab:49:85:53:66:61:e6:d8:8a:fb:9e:a6:3e:f4:
         54:07:83:33:f6:16:77:09:12:a5:39:47:52:bb:26:0b:b3:ab:
         cc:ee:a9:db:62:8f:93:e4:44:f9:43:be:f8:ff:01:66:22:5d:
         ea:33:5c:8d:35:84:9b:65:b3:6a:02:f9:31:2c:b4:e4:55:50:
         23:52:7c:ea:7e:c5:a7:ab:c0:f3:97:08:d9:83:cb:0a:a0:7f:
         41:9b:4e:a5:8e:0a:fc:5c:75:35:a8:5b:d4:8f:6b:f2:c5:72:
         75:f4:60:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvK8UREPT5PR3F68XRWmOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTkxZWFlODVjNTI2NjI3MGMzMWRmNDE4MWFhMDdhYjJl
MDdiNTQwHhcNMjUwNjE0MTYwMDI4WhcNMjUwNjE1MTYwMDI4WjAzMTEwLwYDVQQD
EyhjMDE4ZmFmYjk2ZmE0NmU1ZDg0NzRmYTgyNGRhZDY0Y2E2YjIwNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZP542sbt7ZG3sTsG5S85XUYWVJL
EatwyLRCvtzIIq9OtY9ug82KiLS0gZB5cfgs9TuKH9ogl3WX4wuzjHFKee5O7jNY
aB6jOlwJuJHUkTq0tyzRow35kg2VmJBYnNRq0BAFWUlN49YWHhlwePnr4B2Mg11T
VkDjEEMC6cHTYObNlevnnsvEcsBHOktuZZGKlGK4n0viPlHWNyb0oW0EoY8pgCaX
rmZ8Kpk9aKSnMiOxVoKgb1EvYdGE3BHvUYNfbI8QwlTz7TWVbRrUKwKKxXPvAGPC
P/A998qfXDdH1u589UHe4/KIswSPsQxlKgcptkjE9D65hFfEG3gicQT6+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMAY+vuW+kbl2EdPqCTa1kymsgSSMB8GA1UdIwQY
MBaAFDuZHq6FxSZicMMd9BgaoHqy4HtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDkt
ZTc5N2IyZDgyYjM5LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDktZTc5N2IyZDgyYjM5
LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASfhS7MOJ
rt1VFK7T5WHXd+JVbGWzedRAT2+5BALs09PRwKSUB6S5JvhbTw+7LLljy1xeA9Vl
c73oMiier0SHcpEtm+HfFY+Gnzvn4DvvkfgPl7v2FipiX6fRIh13ERCvA9zKh4Kl
4GdsuskWWPrUU/V2/O53HY2glQ9CExmRANesrmJJkKVTYe7NX+YEetK7XCAPaKtJ
hVNmYebYivuepj70VAeDM/YWdwkSpTlHUrsmC7OrzO6p22KPk+RE+UO++P8BZiJd
6jNcjTWEm2WzagL5MSy05FVQI1J86n7Fp6vA85cI2YPLCqB/QZtOpY4K/Fx1Nahb
1I9r8sVydfRgjA==
-----END CERTIFICATE-----