Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
File:                     O5keroXFJmJwwx30GBqgerLge1Q.mft (raw, json)
Hash identifier:          eUkJHD/sa47xhIaD2FaPv2ryNB4oAmwi4ND7WeyhV+g=
Subject key identifier:   59:D6:5D:5D:65:3C:19:27:E8:0A:D6:F9:01:B2:DF:D6:50:00:5C:61
Authority key identifier: 3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54
Certificate issuer:       /CN=3b991eae85c5266270c31df4181aa07ab2e07b54
Certificate serial:       0198D473E959477366F94BCDA4AB21BFC98F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
Manifest number:          07DA
Signing time:             Sat 23 Aug 2025 01:03:42 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:42 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:42 +0000
Files and hashes:         1: O5keroXFJmJwwx30GBqgerLge1Q.crl (hash: VaXmHUYZgs8oOSHb84/dyYj3Kv2jqDfdfWK/d2eJxiU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:03:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:e9:59:47:73:66:f9:4b:cd:a4:ab:21:bf:c9:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b991eae85c5266270c31df4181aa07ab2e07b54
        Validity
            Not Before: Aug 23 01:03:42 2025 GMT
            Not After : Aug 24 01:03:42 2025 GMT
        Subject: CN=59d65d5d653c1927e80ad6f901b2dfd650005c61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:5d:9c:a4:bb:24:d6:21:f2:68:2b:08:e5:f6:
                    b1:bc:5a:83:3b:ee:1a:42:e9:a0:3c:31:1d:2f:c4:
                    77:a5:7b:29:f7:58:6f:58:48:cc:5e:44:ea:7c:48:
                    29:89:ba:60:fb:a3:e9:d0:28:52:6e:a5:03:ac:da:
                    99:7b:8a:30:d3:d9:3b:db:50:10:52:fe:2c:52:be:
                    fd:e6:79:c8:fc:0c:60:04:3b:a4:2c:32:00:36:9d:
                    8c:5a:72:54:2e:38:7d:18:f3:33:67:b3:16:40:3a:
                    99:18:7e:7e:ea:51:9b:fe:73:68:e8:85:df:22:c2:
                    d2:1f:f2:42:d2:42:49:c1:6f:65:c3:fd:b0:fa:f8:
                    66:e7:cd:cd:36:c1:40:e2:e6:e8:6a:01:df:fe:29:
                    99:5b:5f:a1:3a:9c:7b:8b:6b:cf:db:04:38:f2:36:
                    a4:2c:58:ee:c5:84:b4:71:18:a3:88:21:28:56:79:
                    89:32:c0:6e:e1:66:fa:23:33:45:41:6d:57:a0:95:
                    56:18:26:0a:bd:6a:af:ee:9a:e6:a3:fe:a3:eb:b6:
                    b0:6a:7c:c8:6a:83:92:af:9f:cc:24:c5:a6:ff:75:
                    cb:bf:b2:81:c8:6b:bd:7b:33:92:3e:73:f9:f6:6f:
                    0a:55:16:a3:b0:d2:01:48:71:fd:6d:09:bd:5e:c0:
                    79:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:D6:5D:5D:65:3C:19:27:E8:0A:D6:F9:01:B2:DF:D6:50:00:5C:61
            X509v3 Authority Key Identifier:
                keyid:3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:e8:aa:9a:2f:21:d1:00:9b:18:7f:63:4f:5a:42:ac:dd:6b:
         d7:ab:70:a2:49:0d:f9:54:78:b6:28:ff:16:fe:a5:e6:c9:e6:
         a6:1f:cb:ea:c6:4e:2a:0e:b5:1f:04:9b:7b:36:2e:b5:c8:0c:
         7a:64:aa:db:53:e3:cc:63:33:79:94:ba:3b:18:e5:0d:c8:f3:
         0a:3f:74:13:4d:a9:34:67:6b:88:49:06:67:9a:e6:18:1e:db:
         92:60:15:77:83:d9:68:a8:70:7a:0b:44:32:d9:85:61:8b:f5:
         67:27:88:94:76:f6:4d:1d:56:06:21:a7:a2:ea:11:21:24:4e:
         08:75:04:3e:3d:7b:8c:ce:c5:a1:52:d1:43:8f:df:2b:5b:a9:
         5f:a0:bb:18:f9:31:06:9f:74:e4:46:07:6f:f5:91:a5:fc:60:
         72:ac:61:b9:da:bc:2c:39:57:4f:a4:c8:d5:7a:44:b1:1e:c8:
         9c:22:e7:a4:1e:bb:88:a6:8c:fa:f0:4a:a8:4d:c2:be:c1:e1:
         2d:e8:37:c6:87:3d:b8:f0:26:48:ca:91:62:ed:68:f0:c7:9a:
         55:72:b8:11:4a:5e:cc:c4:dd:9a:ea:d5:78:08:fe:15:6e:5c:
         b3:d7:dd:69:47:ae:fa:b2:84:99:4f:5a:ad:92:b7:da:bb:0a:
         bd:92:95:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc+lZR3Nm+UvNpKshv8mPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTkxZWFlODVjNTI2NjI3MGMzMWRmNDE4MWFhMDdhYjJl
MDdiNTQwHhcNMjUwODIzMDEwMzQyWhcNMjUwODI0MDEwMzQyWjAzMTEwLwYDVQQD
Eyg1OWQ2NWQ1ZDY1M2MxOTI3ZTgwYWQ2ZjkwMWIyZGZkNjUwMDA1YzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAol2cpLsk1iHyaCsI5faxvFqDO+4a
QumgPDEdL8R3pXsp91hvWEjMXkTqfEgpibpg+6Pp0ChSbqUDrNqZe4ow09k721AQ
Uv4sUr795nnI/AxgBDukLDIANp2MWnJULjh9GPMzZ7MWQDqZGH5+6lGb/nNo6IXf
IsLSH/JC0kJJwW9lw/2w+vhm583NNsFA4uboagHf/imZW1+hOpx7i2vP2wQ48jak
LFjuxYS0cRijiCEoVnmJMsBu4Wb6IzNFQW1XoJVWGCYKvWqv7prmo/6j67awanzI
aoOSr5/MJMWm/3XLv7KByGu9ezOSPnP59m8KVRajsNIBSHH9bQm9XsB5PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnWXV1lPBkn6ArW+QGy39ZQAFxhMB8GA1UdIwQY
MBaAFDuZHq6FxSZicMMd9BgaoHqy4HtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDkt
ZTc5N2IyZDgyYjM5LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDktZTc5N2IyZDgyYjM5
LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoeiqmi8h
0QCbGH9jT1pCrN1r16twokkN+VR4tij/Fv6l5snmph/L6sZOKg61HwSbezYutcgM
emSq21PjzGMzeZS6OxjlDcjzCj90E02pNGdriEkGZ5rmGB7bkmAVd4PZaKhwegtE
MtmFYYv1ZyeIlHb2TR1WBiGnouoRISROCHUEPj17jM7FoVLRQ4/fK1upX6C7GPkx
Bp905EYHb/WRpfxgcqxhudq8LDlXT6TI1XpEsR7InCLnpB67iKaM+vBKqE3CvsHh
Leg3xoc9uPAmSMqRYu1o8MeaVXK4EUpezMTdmurVeAj+FW5cs9fdaUeu+rKEmU9a
rZK32rsKvZKVbg==
-----END CERTIFICATE-----