Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
File:                     O5keroXFJmJwwx30GBqgerLge1Q.mft (raw, json)
Hash identifier:          GML4txyYTwcrrrPi6s4BBR8wTz7IXs5f2A8m9qZYBoI=
Subject key identifier:   31:20:27:4D:40:7B:52:E7:85:D9:37:89:8E:A7:24:52:72:FB:E9:EC
Authority key identifier: 3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54
Certificate issuer:       /CN=3b991eae85c5266270c31df4181aa07ab2e07b54
Certificate serial:       019D9AE389DEBCAC2D6B8CEF3EA7E969DAE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
Manifest number:          0A53
Signing time:             Fri 17 Apr 2026 10:01:36 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:36 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:36 +0000
Files and hashes:         1: O5keroXFJmJwwx30GBqgerLge1Q.crl (hash: tMMKqBjIsTnhcdNkari82HKuOchBe/7ALLHqsVMva9w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:89:de:bc:ac:2d:6b:8c:ef:3e:a7:e9:69:da:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b991eae85c5266270c31df4181aa07ab2e07b54
        Validity
            Not Before: Apr 17 10:01:36 2026 GMT
            Not After : Apr 18 10:01:36 2026 GMT
        Subject: CN=3120274d407b52e785d937898ea7245272fbe9ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:60:74:cd:56:d4:4a:fc:93:3a:08:3d:04:8c:
                    5f:5b:8e:b6:2d:fe:22:75:24:aa:16:a4:ad:9c:c6:
                    6e:1b:8c:c9:e0:0f:1e:0b:d1:54:f4:cc:0d:65:30:
                    43:a1:0e:5b:ae:3c:10:a0:b0:e3:e8:d1:af:c7:9c:
                    a1:76:e8:ca:97:cf:ea:cb:89:b1:74:a4:7c:ab:4c:
                    40:cc:a2:3c:a2:8b:43:1f:77:12:f6:39:df:ef:5a:
                    5f:7b:bd:07:e1:76:3f:2f:0c:2a:69:9b:ec:73:7e:
                    ae:25:ea:5a:41:ea:3c:f5:6f:61:91:3e:64:b9:8b:
                    25:5c:f3:1b:a6:e4:2d:b2:1c:48:12:58:ca:4b:82:
                    57:5d:42:d9:50:fd:b7:32:b1:e3:fb:a3:cb:b7:6e:
                    85:48:63:53:71:13:9f:0f:6f:f2:d4:fe:3f:9a:35:
                    b9:bd:8a:0c:7c:ab:ba:fe:17:4e:12:66:d7:fa:0e:
                    03:12:6b:6f:1a:7f:ba:3b:9f:04:8a:80:a0:d6:ed:
                    b1:d4:93:e8:c9:a0:14:83:cf:c0:80:7f:b8:02:30:
                    91:23:a4:55:fb:1a:22:95:71:38:2b:04:11:52:a7:
                    aa:ef:eb:32:0b:b4:40:04:0b:d9:22:1e:0a:55:e1:
                    a1:25:7f:1b:5c:cd:42:af:f9:77:03:2e:c1:fe:94:
                    35:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:20:27:4D:40:7B:52:E7:85:D9:37:89:8E:A7:24:52:72:FB:E9:EC
            X509v3 Authority Key Identifier:
                keyid:3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:7d:5f:e7:74:4b:53:96:6e:72:d3:19:c8:7a:c7:a5:de:5b:
         5c:5e:0e:a3:23:f2:71:a7:69:99:88:05:92:61:3b:64:0f:7f:
         6d:7d:d1:a5:13:fb:36:57:0e:04:7a:81:a6:92:79:7b:cf:02:
         e4:b8:f1:d6:b4:b7:19:ca:d8:cc:c9:88:00:a7:ca:15:7f:7a:
         17:dc:49:e8:c8:3f:13:76:99:57:ba:b5:74:d8:68:c0:a5:8d:
         f7:b0:44:91:be:36:21:96:6a:df:71:f6:be:fb:da:6e:08:e4:
         3e:81:55:68:ab:1f:17:cd:a9:c6:72:96:87:a1:b7:9a:e7:ce:
         0f:e3:ec:b6:02:f7:24:5b:a3:f7:77:22:ac:21:3c:92:d0:4d:
         a2:f6:d6:a5:87:05:e5:cd:cc:c5:29:13:d2:70:8f:c2:25:5c:
         3f:ef:c0:1e:59:2c:50:12:1b:11:ef:5a:b8:2e:9c:45:ca:28:
         a3:91:79:cb:02:b1:24:0b:40:7a:e9:a1:24:96:3f:d9:4d:18:
         cf:79:69:8f:ac:0f:bd:5f:81:ec:8f:1e:1e:be:3a:85:d2:6b:
         4d:7f:67:17:e0:5f:f2:45:4a:e3:25:53:77:33:cf:63:15:f3:
         50:f7:84:a6:b2:43:8d:19:f1:7b:38:b3:ed:d7:e5:c8:20:e9:
         f2:b0:b7:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a44nevKwta4zvPqfpadrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTkxZWFlODVjNTI2NjI3MGMzMWRmNDE4MWFhMDdhYjJl
MDdiNTQwHhcNMjYwNDE3MTAwMTM2WhcNMjYwNDE4MTAwMTM2WjAzMTEwLwYDVQQD
EygzMTIwMjc0ZDQwN2I1MmU3ODVkOTM3ODk4ZWE3MjQ1MjcyZmJlOWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWB0zVbUSvyTOgg9BIxfW462Lf4i
dSSqFqStnMZuG4zJ4A8eC9FU9MwNZTBDoQ5brjwQoLDj6NGvx5yhdujKl8/qy4mx
dKR8q0xAzKI8ootDH3cS9jnf71pfe70H4XY/LwwqaZvsc36uJepaQeo89W9hkT5k
uYslXPMbpuQtshxIEljKS4JXXULZUP23MrHj+6PLt26FSGNTcROfD2/y1P4/mjW5
vYoMfKu6/hdOEmbX+g4DEmtvGn+6O58EioCg1u2x1JPoyaAUg8/AgH+4AjCRI6RV
+xoilXE4KwQRUqeq7+syC7RABAvZIh4KVeGhJX8bXM1Cr/l3Ay7B/pQ1swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDEgJ01Ae1Lnhdk3iY6nJFJy++nsMB8GA1UdIwQY
MBaAFDuZHq6FxSZicMMd9BgaoHqy4HtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDkt
ZTc5N2IyZDgyYjM5LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDktZTc5N2IyZDgyYjM5
LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApX1f53RL
U5ZuctMZyHrHpd5bXF4OoyPycadpmYgFkmE7ZA9/bX3RpRP7NlcOBHqBppJ5e88C
5Ljx1rS3GcrYzMmIAKfKFX96F9xJ6Mg/E3aZV7q1dNhowKWN97BEkb42IZZq33H2
vvvabgjkPoFVaKsfF82pxnKWh6G3mufOD+PstgL3JFuj93cirCE8ktBNovbWpYcF
5c3MxSkT0nCPwiVcP+/AHlksUBIbEe9auC6cRcooo5F5ywKxJAtAeumhJJY/2U0Y
z3lpj6wPvV+B7I8eHr46hdJrTX9nF+Bf8kVK4yVTdzPPYxXzUPeEprJDjRnxeziz
7dflyCDp8rC3Dw==
-----END CERTIFICATE-----