Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
File:                     O5keroXFJmJwwx30GBqgerLge1Q.mft (raw, json)
Hash identifier:          uShYyqxZxdHzcS/RnnM7QYTWWH1TQgjrAd01tbN/kQc=
Subject key identifier:   C9:12:C5:42:AF:2E:74:D8:35:0E:8D:8E:44:12:C4:91:DD:85:00:68
Authority key identifier: 3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54
Certificate issuer:       /CN=3b991eae85c5266270c31df4181aa07ab2e07b54
Certificate serial:       019D2AE0624CBB8B6FA4C4372781A01FE055
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
Manifest number:          0A19
Signing time:             Thu 26 Mar 2026 16:00:41 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:41 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:41 +0000
Files and hashes:         1: O5keroXFJmJwwx30GBqgerLge1Q.crl (hash: hVAlfvWVfjq59jVpp5Zcs4BoqmEmKwFrtNPaRVjlQV0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:62:4c:bb:8b:6f:a4:c4:37:27:81:a0:1f:e0:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b991eae85c5266270c31df4181aa07ab2e07b54
        Validity
            Not Before: Mar 26 16:00:41 2026 GMT
            Not After : Mar 27 16:00:41 2026 GMT
        Subject: CN=c912c542af2e74d8350e8d8e4412c491dd850068
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b3:ed:2b:7c:0f:92:40:5e:7c:48:25:0c:61:
                    da:8b:be:90:9f:0c:d3:9a:40:d3:91:95:d9:db:2f:
                    36:f1:84:16:b2:08:ef:2f:38:4b:0f:23:3e:e1:7a:
                    c1:1b:56:83:69:9b:ce:09:73:26:f2:6c:6b:ef:f3:
                    ac:4b:6c:09:a1:ea:0f:a3:dc:f2:fe:84:52:36:56:
                    26:18:95:d4:93:bf:e5:fb:9b:bf:7b:da:50:e8:c8:
                    b9:8a:8d:0a:80:75:58:69:1a:8d:54:86:9b:04:1f:
                    a8:c7:7e:ce:bf:f2:91:78:68:23:84:5f:d1:b0:a0:
                    99:64:2e:69:cf:fa:8f:57:59:cf:df:27:82:e5:85:
                    b2:55:a5:7e:58:27:12:7e:2f:17:b3:c5:7f:23:97:
                    dd:90:d3:6d:71:03:be:65:b5:24:44:e3:e3:bf:0f:
                    62:6c:b1:91:c3:2e:a1:d4:68:ed:1d:21:4d:47:cd:
                    b8:40:e0:8b:92:b2:e2:ff:9a:09:66:94:c5:53:38:
                    cf:9a:76:56:fc:57:04:30:09:ae:2a:7a:e1:5b:c8:
                    1e:ac:70:21:ba:75:2d:34:32:3b:7e:31:27:50:56:
                    95:98:2d:9c:d1:bd:63:01:2b:52:a7:f7:6a:45:a0:
                    c6:a1:62:89:18:d8:47:72:06:43:ee:d9:01:71:c3:
                    09:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:12:C5:42:AF:2E:74:D8:35:0E:8D:8E:44:12:C4:91:DD:85:00:68
            X509v3 Authority Key Identifier:
                keyid:3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:89:64:60:7c:52:af:ca:44:fe:cb:09:fe:b9:99:7f:88:80:
         f7:2c:7b:21:69:5a:ea:ba:e3:89:95:39:0a:e4:e4:03:8c:fc:
         c2:60:ab:ba:c1:bb:f3:d6:a1:09:71:e4:6f:c6:2e:46:4d:f3:
         90:3a:b0:37:32:ef:6e:0f:d3:c2:b9:26:d2:df:14:b7:e0:88:
         65:3b:f2:e6:f1:d2:4a:e8:ad:78:79:12:ce:86:6e:24:34:06:
         00:ea:ba:a8:4c:04:b3:ea:de:ef:bf:d0:ce:1b:a8:a2:18:c6:
         1f:42:68:2a:5f:17:1d:d0:30:51:45:a7:8d:af:15:b3:5e:80:
         c2:6c:d4:a4:c8:c1:a8:f2:a2:0f:4d:04:dc:b7:79:9c:e3:d2:
         16:ee:5f:ca:99:c7:6d:78:dd:f7:e0:56:a3:09:a5:51:da:86:
         e5:71:0c:95:33:27:f3:9b:f9:92:85:18:d6:9f:9e:f7:cd:f0:
         8a:75:1a:6a:7f:8d:de:d8:31:09:01:5d:89:42:4c:b0:a5:9f:
         40:a1:90:50:1f:15:80:66:9b:93:1e:3f:30:81:5d:10:2e:bd:
         14:48:a4:7d:69:88:3a:76:ab:e4:8b:98:66:74:be:c2:a3:31:
         0a:db:da:a9:5b:35:f6:bd:b1:92:cd:20:23:43:8f:10:30:54:
         1c:1b:b2:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4GJMu4tvpMQ3J4GgH+BVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTkxZWFlODVjNTI2NjI3MGMzMWRmNDE4MWFhMDdhYjJl
MDdiNTQwHhcNMjYwMzI2MTYwMDQxWhcNMjYwMzI3MTYwMDQxWjAzMTEwLwYDVQQD
EyhjOTEyYzU0MmFmMmU3NGQ4MzUwZThkOGU0NDEyYzQ5MWRkODUwMDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrPtK3wPkkBefEglDGHai76QnwzT
mkDTkZXZ2y828YQWsgjvLzhLDyM+4XrBG1aDaZvOCXMm8mxr7/OsS2wJoeoPo9zy
/oRSNlYmGJXUk7/l+5u/e9pQ6Mi5io0KgHVYaRqNVIabBB+ox37Ov/KReGgjhF/R
sKCZZC5pz/qPV1nP3yeC5YWyVaV+WCcSfi8Xs8V/I5fdkNNtcQO+ZbUkROPjvw9i
bLGRwy6h1GjtHSFNR824QOCLkrLi/5oJZpTFUzjPmnZW/FcEMAmuKnrhW8gerHAh
unUtNDI7fjEnUFaVmC2c0b1jAStSp/dqRaDGoWKJGNhHcgZD7tkBccMJnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkSxUKvLnTYNQ6NjkQSxJHdhQBoMB8GA1UdIwQY
MBaAFDuZHq6FxSZicMMd9BgaoHqy4HtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDkt
ZTc5N2IyZDgyYjM5LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDktZTc5N2IyZDgyYjM5
LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWYlkYHxS
r8pE/ssJ/rmZf4iA9yx7IWla6rrjiZU5CuTkA4z8wmCrusG789ahCXHkb8YuRk3z
kDqwNzLvbg/Twrkm0t8Ut+CIZTvy5vHSSuiteHkSzoZuJDQGAOq6qEwEs+re77/Q
zhuoohjGH0JoKl8XHdAwUUWnja8Vs16AwmzUpMjBqPKiD00E3Ld5nOPSFu5fypnH
bXjd9+BWowmlUdqG5XEMlTMn85v5koUY1p+e983winUaan+N3tgxCQFdiUJMsKWf
QKGQUB8VgGabkx4/MIFdEC69FEikfWmIOnar5IuYZnS+wqMxCtvaqVs19r2xks0g
I0OPEDBUHBuygQ==
-----END CERTIFICATE-----