Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
File:                     O5keroXFJmJwwx30GBqgerLge1Q.mft (raw, json)
Hash identifier:          k8hYmc6pt4Zzs+X8iE5ZBjccJBVV7kWGdhhOeONdKXM=
Subject key identifier:   FD:2B:39:D6:A0:CC:FE:09:40:FA:47:EC:05:B5:CD:67:D1:AA:4B:BA
Authority key identifier: 3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54
Certificate issuer:       /CN=3b991eae85c5266270c31df4181aa07ab2e07b54
Certificate serial:       0199239FFFC93CE31D4F6117EC8355E57105
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
Manifest number:          0803
Signing time:             Sun 07 Sep 2025 10:01:51 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:51 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:51 +0000
Files and hashes:         1: O5keroXFJmJwwx30GBqgerLge1Q.crl (hash: 7yXr+e9SFn4Y83WjjrJ2jezg1dEzm1oZ5uYp6l1OQ5Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:ff:c9:3c:e3:1d:4f:61:17:ec:83:55:e5:71:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b991eae85c5266270c31df4181aa07ab2e07b54
        Validity
            Not Before: Sep  7 10:01:51 2025 GMT
            Not After : Sep  8 10:01:51 2025 GMT
        Subject: CN=fd2b39d6a0ccfe0940fa47ec05b5cd67d1aa4bba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:2f:72:2d:b9:61:5e:cb:00:88:ba:42:85:6f:
                    40:61:d5:1e:7e:23:36:83:98:01:57:fb:fe:ea:c2:
                    06:5b:22:fe:23:0a:f7:c9:6a:2b:24:6f:cb:a1:f3:
                    f2:3c:ec:a4:1b:08:9d:16:8a:37:b8:ba:7f:98:92:
                    2d:e7:26:88:8d:6b:fc:14:97:6a:8f:17:d9:a3:a7:
                    5d:78:83:14:be:a5:85:cd:e3:6e:2f:e4:c2:f5:85:
                    8c:94:df:5b:bb:52:54:99:c2:73:f2:36:df:89:17:
                    42:26:78:f6:a4:dd:d7:3a:f8:bf:71:a1:41:6a:d8:
                    2a:88:21:d0:a3:59:e0:43:be:5a:c2:32:0f:d0:2d:
                    1e:b3:1d:74:f1:34:63:4a:7f:09:b7:1c:05:38:38:
                    29:b7:7f:64:75:d9:29:c1:77:48:63:7d:76:ac:a2:
                    99:8a:81:9d:a4:48:44:93:bd:52:10:52:19:a5:32:
                    1b:4f:b8:b4:79:41:70:48:2c:cb:42:6e:ca:54:bf:
                    48:88:17:db:68:ba:09:f2:59:a0:e3:9c:d8:5a:5a:
                    db:1a:a2:c6:0a:c3:38:03:4c:bd:93:c4:02:03:80:
                    30:e0:84:f8:a8:fa:81:c9:40:3d:66:8a:fa:c0:0d:
                    e3:a0:75:10:d7:55:89:29:45:52:4c:83:ae:4a:f8:
                    6c:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:2B:39:D6:A0:CC:FE:09:40:FA:47:EC:05:B5:CD:67:D1:AA:4B:BA
            X509v3 Authority Key Identifier:
                keyid:3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:bb:ce:07:15:0a:b5:d2:78:d4:f7:da:90:44:19:0e:53:95:
         66:3b:ec:d7:ca:09:fb:91:f6:f4:6f:43:e2:f0:b5:21:b0:44:
         66:ee:bb:c4:8f:60:5a:61:c4:e4:1f:8c:fa:fd:c3:d3:fd:d5:
         42:f2:1d:be:a0:ae:78:9b:fd:d4:11:01:54:98:eb:52:9a:17:
         19:c6:15:05:3c:c4:2b:9d:35:e1:ec:21:17:48:2b:aa:26:92:
         b6:b4:38:69:1b:f0:01:8e:de:cd:89:b4:07:00:f1:6a:a2:7d:
         29:11:18:87:e3:79:4a:0c:37:9a:67:f2:66:6d:6a:6a:60:34:
         fa:a4:80:ab:cd:ca:f1:e1:73:42:7c:b4:61:4b:af:fb:57:02:
         f3:a9:ae:a2:aa:86:83:27:76:4a:90:0b:4d:56:76:ab:af:7a:
         1f:4c:f9:43:47:80:44:df:aa:c1:ad:9e:57:c7:f9:58:58:ab:
         25:ff:5e:2e:df:cd:8d:4c:cb:41:40:a3:fc:c5:60:9b:86:b0:
         88:96:6e:d5:16:d7:d4:97:bf:22:70:80:5f:25:ba:cb:2b:37:
         cf:9c:86:8e:c2:79:92:c5:ce:be:94:21:3a:4f:52:49:9d:25:
         bd:31:42:3f:67:9d:79:92:b0:17:a8:aa:43:cf:59:4e:e3:a0:
         c5:20:82:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn//JPOMdT2EX7INV5XEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTkxZWFlODVjNTI2NjI3MGMzMWRmNDE4MWFhMDdhYjJl
MDdiNTQwHhcNMjUwOTA3MTAwMTUxWhcNMjUwOTA4MTAwMTUxWjAzMTEwLwYDVQQD
EyhmZDJiMzlkNmEwY2NmZTA5NDBmYTQ3ZWMwNWI1Y2Q2N2QxYWE0YmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAli9yLblhXssAiLpChW9AYdUefiM2
g5gBV/v+6sIGWyL+Iwr3yWorJG/LofPyPOykGwidFoo3uLp/mJIt5yaIjWv8FJdq
jxfZo6ddeIMUvqWFzeNuL+TC9YWMlN9bu1JUmcJz8jbfiRdCJnj2pN3XOvi/caFB
atgqiCHQo1ngQ75awjIP0C0esx108TRjSn8JtxwFODgpt39kddkpwXdIY312rKKZ
ioGdpEhEk71SEFIZpTIbT7i0eUFwSCzLQm7KVL9IiBfbaLoJ8lmg45zYWlrbGqLG
CsM4A0y9k8QCA4Aw4IT4qPqByUA9Zor6wA3joHUQ11WJKUVSTIOuSvhsUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP0rOdagzP4JQPpH7AW1zWfRqku6MB8GA1UdIwQY
MBaAFDuZHq6FxSZicMMd9BgaoHqy4HtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDkt
ZTc5N2IyZDgyYjM5LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDktZTc5N2IyZDgyYjM5
LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZrvOBxUK
tdJ41PfakEQZDlOVZjvs18oJ+5H29G9D4vC1IbBEZu67xI9gWmHE5B+M+v3D0/3V
QvIdvqCueJv91BEBVJjrUpoXGcYVBTzEK5014ewhF0grqiaStrQ4aRvwAY7ezYm0
BwDxaqJ9KREYh+N5Sgw3mmfyZm1qamA0+qSAq83K8eFzQny0YUuv+1cC86muoqqG
gyd2SpALTVZ2q696H0z5Q0eARN+qwa2eV8f5WFirJf9eLt/NjUzLQUCj/MVgm4aw
iJZu1RbX1Je/InCAXyW6yys3z5yGjsJ5ksXOvpQhOk9SSZ0lvTFCP2edeZKwF6iq
Q89ZTuOgxSCCyg==
-----END CERTIFICATE-----