Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
File:                     O5keroXFJmJwwx30GBqgerLge1Q.mft (raw, json)
Hash identifier:          Htc7gG/eNQyRGo9YnEIs1jqWqC7WCvetiHVa4ZPhRrg=
Subject key identifier:   98:AC:B1:B5:79:15:AA:54:9A:30:62:A0:E3:7B:BA:FD:36:28:B5:50
Authority key identifier: 3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54
Certificate issuer:       /CN=3b991eae85c5266270c31df4181aa07ab2e07b54
Certificate serial:       019CAD5947511437623A0598BEFB7A197D8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
Manifest number:          09D8
Signing time:             Mon 02 Mar 2026 07:00:35 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:35 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:35 +0000
Files and hashes:         1: O5keroXFJmJwwx30GBqgerLge1Q.crl (hash: 7mL8nMBFkDqF/24YPtRHWIQAPhGSbUz38CTyOQ8u/hE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:47:51:14:37:62:3a:05:98:be:fb:7a:19:7d:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b991eae85c5266270c31df4181aa07ab2e07b54
        Validity
            Not Before: Mar  2 07:00:35 2026 GMT
            Not After : Mar  3 07:00:35 2026 GMT
        Subject: CN=98acb1b57915aa549a3062a0e37bbafd3628b550
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:44:86:f1:59:c6:60:09:1c:8e:42:2e:59:da:
                    4d:00:3c:5c:77:01:ca:0f:89:36:87:2f:25:39:01:
                    e5:7d:bf:ce:81:b2:2d:6b:0e:e3:07:a4:96:de:d4:
                    cf:f1:ac:de:01:50:60:e1:e5:b2:a2:96:69:c1:b9:
                    8f:d6:ce:0b:5c:56:de:71:88:b8:c2:b8:f6:52:5f:
                    5e:e4:e0:54:dc:c0:7b:37:b5:0f:09:68:9c:1c:38:
                    4b:5e:27:24:1f:af:77:db:0d:a3:32:a2:16:70:30:
                    cf:2a:b4:3b:a5:f5:74:35:0b:78:87:5e:3d:50:1a:
                    ba:b7:49:a5:91:03:61:fc:99:e4:62:c2:0c:6c:e7:
                    d0:b9:4d:b4:9f:3a:a9:65:5d:f8:e2:d2:52:c4:3a:
                    71:8e:01:37:94:43:cd:7d:92:ea:4d:c8:ff:4a:40:
                    b8:c0:4d:02:bd:e2:40:87:10:35:62:d5:1b:82:b8:
                    15:36:ab:a0:ad:cf:c9:7a:2a:56:ea:08:8e:7b:e9:
                    5d:ad:09:01:10:cf:04:4a:dd:cf:44:f0:bc:19:9c:
                    47:71:82:4a:73:e5:11:58:66:e5:37:ab:59:38:b1:
                    0f:3a:a0:f6:83:94:37:06:5f:54:b8:f3:ad:0e:ba:
                    86:7d:5f:f3:4d:c1:8c:50:24:37:97:8b:a3:a7:3f:
                    17:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:AC:B1:B5:79:15:AA:54:9A:30:62:A0:E3:7B:BA:FD:36:28:B5:50
            X509v3 Authority Key Identifier:
                keyid:3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:51:cc:b0:ff:cd:d2:02:6f:ab:83:f1:0c:03:e6:10:96:ff:
         c6:c5:72:ef:ce:47:88:ad:ae:57:b0:e1:6c:21:da:d0:13:74:
         3a:0e:0f:74:c7:f2:b5:d8:e5:f4:55:03:ea:f5:27:02:3c:12:
         c0:28:ad:b7:da:02:bf:be:d8:4f:80:4a:d6:0e:3e:d4:fc:89:
         99:82:14:ea:31:ac:b7:04:64:e1:55:07:59:21:94:32:cf:47:
         4c:bd:26:9e:bd:95:71:7a:e7:57:cb:63:6a:c6:a9:5a:c7:f8:
         9a:51:e3:33:fb:a7:70:db:7d:4b:bc:f1:c7:9e:35:a3:20:a1:
         49:e5:55:57:8d:6f:eb:e3:95:26:47:54:7b:0a:ed:7d:83:f5:
         05:0e:dd:c2:02:26:09:12:c7:73:51:c0:e6:9c:54:a4:85:e4:
         8e:5b:ac:05:3b:23:f6:14:82:d8:49:72:2e:ec:2a:16:4d:32:
         32:e1:8b:32:b1:78:91:45:f5:08:d7:cc:93:7c:62:59:c0:d4:
         d2:f8:9d:1f:db:b5:e5:b5:59:e6:fa:a5:67:a7:20:52:3b:da:
         23:79:76:c9:b2:5f:f1:d1:b5:62:8f:3f:8f:2f:e0:79:7c:fb:
         aa:01:3c:e1:90:22:1c:de:9e:8b:2b:cc:9c:af:08:c5:b2:b9:
         47:5b:b9:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWUdRFDdiOgWYvvt6GX2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTkxZWFlODVjNTI2NjI3MGMzMWRmNDE4MWFhMDdhYjJl
MDdiNTQwHhcNMjYwMzAyMDcwMDM1WhcNMjYwMzAzMDcwMDM1WjAzMTEwLwYDVQQD
Eyg5OGFjYjFiNTc5MTVhYTU0OWEzMDYyYTBlMzdiYmFmZDM2MjhiNTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ESG8VnGYAkcjkIuWdpNADxcdwHK
D4k2hy8lOQHlfb/OgbItaw7jB6SW3tTP8azeAVBg4eWyopZpwbmP1s4LXFbecYi4
wrj2Ul9e5OBU3MB7N7UPCWicHDhLXickH6932w2jMqIWcDDPKrQ7pfV0NQt4h149
UBq6t0mlkQNh/JnkYsIMbOfQuU20nzqpZV344tJSxDpxjgE3lEPNfZLqTcj/SkC4
wE0CveJAhxA1YtUbgrgVNqugrc/JeipW6giOe+ldrQkBEM8ESt3PRPC8GZxHcYJK
c+URWGblN6tZOLEPOqD2g5Q3Bl9UuPOtDrqGfV/zTcGMUCQ3l4ujpz8X4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJissbV5FapUmjBioON7uv02KLVQMB8GA1UdIwQY
MBaAFDuZHq6FxSZicMMd9BgaoHqy4HtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDkt
ZTc5N2IyZDgyYjM5LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDktZTc5N2IyZDgyYjM5
LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAElHMsP/N
0gJvq4PxDAPmEJb/xsVy785HiK2uV7DhbCHa0BN0Og4PdMfytdjl9FUD6vUnAjwS
wCitt9oCv77YT4BK1g4+1PyJmYIU6jGstwRk4VUHWSGUMs9HTL0mnr2VcXrnV8tj
asapWsf4mlHjM/uncNt9S7zxx541oyChSeVVV41v6+OVJkdUewrtfYP1BQ7dwgIm
CRLHc1HA5pxUpIXkjlusBTsj9hSC2ElyLuwqFk0yMuGLMrF4kUX1CNfMk3xiWcDU
0vidH9u15bVZ5vqlZ6cgUjvaI3l2ybJf8dG1Yo8/jy/geXz7qgE84ZAiHN6eiyvM
nK8IxbK5R1u5BA==
-----END CERTIFICATE-----