Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
File:                     O5keroXFJmJwwx30GBqgerLge1Q.mft (raw, json)
Hash identifier:          Ux6ESYrdazxHJhF9Qa0JW0Do/tq3O9tC8Pr8qPIIPHQ=
Subject key identifier:   6D:72:CF:A1:2D:69:35:3B:D6:3A:7B:5F:DE:07:42:74:AD:33:C1:F4
Authority key identifier: 3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54
Certificate issuer:       /CN=3b991eae85c5266270c31df4181aa07ab2e07b54
Certificate serial:       0199FBEAC382A1073F756FCF80BEF7B590B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
Manifest number:          0873
Signing time:             Sun 19 Oct 2025 10:01:30 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:30 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:30 +0000
Files and hashes:         1: O5keroXFJmJwwx30GBqgerLge1Q.crl (hash: YyOL6WKj+r+iERseZ18WKHhtFTyI+92EIWi5w67UFZE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:c3:82:a1:07:3f:75:6f:cf:80:be:f7:b5:90:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b991eae85c5266270c31df4181aa07ab2e07b54
        Validity
            Not Before: Oct 19 10:01:30 2025 GMT
            Not After : Oct 20 10:01:30 2025 GMT
        Subject: CN=6d72cfa12d69353bd63a7b5fde074274ad33c1f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:1d:c2:7f:c7:57:d3:24:94:0c:b5:06:5e:94:
                    09:ed:e2:78:b5:90:1f:b1:02:96:a9:59:6d:7d:4a:
                    05:ee:f4:2c:a4:fe:21:27:d7:b9:81:fc:60:15:b9:
                    b8:7a:7a:86:05:c9:c2:c3:fa:75:cb:61:b5:93:08:
                    02:b1:05:0b:5b:ab:12:f0:f1:82:48:c4:95:4e:bf:
                    31:f5:88:47:38:6d:53:5f:10:c0:88:63:78:02:0c:
                    a3:ee:ff:f3:39:d9:8e:69:0c:68:01:f1:12:90:7a:
                    7a:a5:98:a4:80:59:af:19:b8:f6:df:26:f3:b3:a0:
                    ee:5d:37:ee:dc:92:8b:30:a5:7e:c6:d0:ff:33:ed:
                    03:9a:64:1a:21:2a:b1:bf:a3:b1:dd:7b:4c:0a:78:
                    b2:2b:2b:03:c3:37:26:55:2b:ca:24:ee:42:f9:af:
                    bc:1d:d8:93:2b:00:0d:cb:5a:27:b5:37:44:14:06:
                    bc:35:5a:34:8b:4d:9b:6d:99:c4:f7:f4:a4:e0:27:
                    e1:8b:45:de:f5:3c:43:86:f8:23:08:dc:e5:bc:3a:
                    f1:8d:09:d0:89:84:d7:38:cc:cc:7a:b8:57:e4:4b:
                    01:5e:6e:9e:98:d9:55:2a:1f:c9:87:c0:d9:20:f8:
                    c2:d8:13:b4:0b:bd:ae:d7:7d:ca:60:b9:4e:67:28:
                    c6:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:72:CF:A1:2D:69:35:3B:D6:3A:7B:5F:DE:07:42:74:AD:33:C1:F4
            X509v3 Authority Key Identifier:
                keyid:3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:4c:8d:58:87:be:ba:4d:a3:e1:05:b6:39:33:3e:7b:5d:2f:
         fd:fb:e9:46:d2:97:e8:9a:8e:6c:42:d5:7a:94:10:0d:d7:3f:
         82:fc:80:e2:3d:16:af:e8:d7:d9:a3:b4:62:05:61:37:87:16:
         5b:11:21:72:86:8a:c4:10:d5:6e:f6:cc:f8:11:66:a6:05:7d:
         f1:5e:0d:1b:f4:a6:2e:4b:3f:27:c9:80:50:9b:0c:67:af:1a:
         c1:6f:29:d5:af:9a:a9:81:8f:6f:d0:87:55:3b:12:77:e4:2b:
         ae:11:e9:05:3c:a2:4f:b8:5e:a9:8f:7a:ea:7d:c5:1c:f6:e8:
         8b:8e:6d:73:be:84:a5:4f:48:a5:99:11:41:b9:57:a2:54:84:
         5e:6a:cb:4a:f1:af:ac:83:1b:42:9e:ed:7e:56:d7:fd:d5:24:
         1a:c1:99:21:f8:8c:e0:5e:ff:8f:90:21:bc:1d:b7:66:06:d0:
         a3:43:36:18:c1:91:c8:44:b2:63:e7:93:9c:95:cc:28:db:57:
         80:5c:8b:42:65:3a:53:48:e4:87:c6:ec:3d:6b:02:10:ba:2d:
         e8:90:82:d5:bb:68:f9:f1:42:2a:46:bc:65:5a:4a:ba:4a:d5:
         e6:6c:61:f9:21:e8:42:79:43:2c:ac:81:0d:c8:c7:ca:b7:96:
         6f:9f:0a:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76sOCoQc/dW/PgL73tZC5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTkxZWFlODVjNTI2NjI3MGMzMWRmNDE4MWFhMDdhYjJl
MDdiNTQwHhcNMjUxMDE5MTAwMTMwWhcNMjUxMDIwMTAwMTMwWjAzMTEwLwYDVQQD
Eyg2ZDcyY2ZhMTJkNjkzNTNiZDYzYTdiNWZkZTA3NDI3NGFkMzNjMWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h3Cf8dX0ySUDLUGXpQJ7eJ4tZAf
sQKWqVltfUoF7vQspP4hJ9e5gfxgFbm4enqGBcnCw/p1y2G1kwgCsQULW6sS8PGC
SMSVTr8x9YhHOG1TXxDAiGN4Agyj7v/zOdmOaQxoAfESkHp6pZikgFmvGbj23ybz
s6DuXTfu3JKLMKV+xtD/M+0DmmQaISqxv6Ox3XtMCniyKysDwzcmVSvKJO5C+a+8
HdiTKwANy1ontTdEFAa8NVo0i02bbZnE9/Sk4Cfhi0Xe9TxDhvgjCNzlvDrxjQnQ
iYTXOMzMerhX5EsBXm6emNlVKh/Jh8DZIPjC2BO0C72u133KYLlOZyjGHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG1yz6EtaTU71jp7X94HQnStM8H0MB8GA1UdIwQY
MBaAFDuZHq6FxSZicMMd9BgaoHqy4HtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDkt
ZTc5N2IyZDgyYjM5LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDktZTc5N2IyZDgyYjM5
LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgUyNWIe+
uk2j4QW2OTM+e10v/fvpRtKX6JqObELVepQQDdc/gvyA4j0Wr+jX2aO0YgVhN4cW
WxEhcoaKxBDVbvbM+BFmpgV98V4NG/SmLks/J8mAUJsMZ68awW8p1a+aqYGPb9CH
VTsSd+QrrhHpBTyiT7heqY966n3FHPboi45tc76EpU9IpZkRQblXolSEXmrLSvGv
rIMbQp7tflbX/dUkGsGZIfiM4F7/j5AhvB23ZgbQo0M2GMGRyESyY+eTnJXMKNtX
gFyLQmU6U0jkh8bsPWsCELot6JCC1bto+fFCKka8ZVpKukrV5mxh+SHoQnlDLKyB
DcjHyreWb58Kdw==
-----END CERTIFICATE-----