Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
File:                     cl3CBR5_PY1hf1UYng7m8xdNkto.mft (raw, json)
Hash identifier:          oBa9FMx9xswKzMyNM5ayicWwWoM/3wkJ0v098IWW39E=
Subject key identifier:   44:34:21:DF:6C:5C:95:6F:F3:97:E3:0F:45:71:AD:35:1C:5A:29:EF
Authority key identifier: 72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA
Certificate issuer:       /CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
Certificate serial:       0196BC001F3DDF4B5D142D686E4099FD45FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
Manifest number:          0258
Signing time:             Sat 10 May 2025 21:00:46 +0000
Manifest this update:     Sat 10 May 2025 21:00:46 +0000
Manifest next update:     Sun 11 May 2025 21:00:46 +0000
Files and hashes:         1: cl3CBR5_PY1hf1UYng7m8xdNkto.crl (hash: EKcALqQJn3Y5n0BNn+N7M44Ui5vcrtXGY1xLc7Ub1+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 21:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:00:1f:3d:df:4b:5d:14:2d:68:6e:40:99:fd:45:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
        Validity
            Not Before: May 10 21:00:46 2025 GMT
            Not After : May 11 21:00:46 2025 GMT
        Subject: CN=443421df6c5c956ff397e30f4571ad351c5a29ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:05:7b:2f:28:bc:95:58:db:0e:eb:ef:84:17:
                    0a:d5:76:06:4d:8f:42:78:48:aa:9d:99:8c:ef:66:
                    67:3f:c2:fe:37:3a:e2:04:42:f9:86:13:8d:5c:34:
                    e3:b8:45:7c:85:17:31:83:c3:7f:95:c6:0a:ca:62:
                    6c:a4:50:7d:8b:80:a8:29:64:71:bc:e4:1f:5d:81:
                    10:d3:fe:80:e8:45:1c:38:06:a8:9c:c9:b9:c8:3e:
                    85:b4:6b:e0:32:53:0c:d1:c6:59:60:94:eb:20:62:
                    9c:d5:fa:3c:1d:8c:c9:df:3d:83:9e:70:ac:b0:a0:
                    58:94:84:3c:06:d2:60:f0:59:1c:33:50:6b:cd:16:
                    8e:2d:18:a8:e6:eb:1e:62:f5:ea:a5:68:15:ea:3d:
                    6b:95:e3:88:04:a3:ef:4a:5c:c7:a6:5b:b8:d1:dd:
                    91:ca:fa:e9:44:77:b9:a7:ce:2d:b0:20:95:46:06:
                    39:3a:f4:7d:94:81:e7:ef:1b:2f:7e:0b:f2:86:6d:
                    80:fa:16:fb:bf:0e:51:d5:81:9d:87:d7:f2:7a:f7:
                    31:54:ff:68:35:68:16:5c:b3:4a:2c:e5:fa:85:22:
                    93:4c:06:92:73:ae:f1:83:5d:ce:39:07:26:a8:63:
                    43:75:0f:95:b9:89:d1:e5:75:84:8c:4e:01:68:48:
                    ed:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:34:21:DF:6C:5C:95:6F:F3:97:E3:0F:45:71:AD:35:1C:5A:29:EF
            X509v3 Authority Key Identifier:
                keyid:72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:29:67:3f:b2:ef:8d:bf:1a:4d:76:44:af:5c:01:39:a7:85:
         f6:28:ac:4a:27:b8:fe:5c:bd:1a:bb:14:d8:6a:45:fd:dc:09:
         45:34:0e:f5:c6:18:23:e4:8b:c1:94:0c:35:9d:fc:eb:1a:32:
         02:5f:9a:b8:01:6c:d3:86:96:3a:62:b8:92:b2:d5:bb:ea:8e:
         88:62:fb:c7:05:0a:32:ea:a7:12:51:fb:f6:71:50:8f:d8:f8:
         53:7a:81:8b:74:f8:55:86:90:86:6a:aa:5e:15:a0:bf:f4:ff:
         2d:75:44:4c:cb:b0:6f:d2:87:e8:0f:e2:29:ee:0f:a0:42:57:
         24:99:ad:a2:13:b2:6b:9e:11:55:38:b3:17:86:99:23:01:39:
         c3:73:46:c0:ff:fa:77:3c:d4:8c:61:a5:68:c7:60:60:81:b5:
         7d:1a:d4:fe:0d:95:cb:18:1f:c2:d6:82:74:e9:b7:60:80:7b:
         99:cd:e1:2a:50:c5:1b:13:57:46:de:ac:0b:2f:c2:87:9d:5b:
         94:97:e0:cc:c5:29:57:2a:78:c3:e0:3b:fc:c1:ab:61:bc:41:
         a8:08:79:92:38:8d:7b:00:df:72:e2:09:23:66:3e:c5:2f:54:
         24:82:ab:3c:8d:54:b7:72:49:92:27:32:10:58:20:d4:72:73:
         42:49:66:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa8AB8930tdFC1obkCZ/UX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNWRjMjA1MWU3ZjNkOGQ2MTdmNTUxODllMGVlNmYzMTc0
ZDkyZGEwHhcNMjUwNTEwMjEwMDQ2WhcNMjUwNTExMjEwMDQ2WjAzMTEwLwYDVQQD
Eyg0NDM0MjFkZjZjNWM5NTZmZjM5N2UzMGY0NTcxYWQzNTFjNWEyOWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6gV7Lyi8lVjbDuvvhBcK1XYGTY9C
eEiqnZmM72ZnP8L+NzriBEL5hhONXDTjuEV8hRcxg8N/lcYKymJspFB9i4CoKWRx
vOQfXYEQ0/6A6EUcOAaonMm5yD6FtGvgMlMM0cZZYJTrIGKc1fo8HYzJ3z2DnnCs
sKBYlIQ8BtJg8FkcM1BrzRaOLRio5useYvXqpWgV6j1rleOIBKPvSlzHplu40d2R
yvrpRHe5p84tsCCVRgY5OvR9lIHn7xsvfgvyhm2A+hb7vw5R1YGdh9fyevcxVP9o
NWgWXLNKLOX6hSKTTAaSc67xg13OOQcmqGNDdQ+VuYnR5XWEjE4BaEjt6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEQ0Id9sXJVv85fjD0VxrTUcWinvMB8GA1UdIwQY
MBaAFHJdwgUefz2NYX9VGJ4O5vMXTZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0Yzkt
ZmYwZjUyNjMzNTI3LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0YzktZmYwZjUyNjMzNTI3
LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOClnP7Lv
jb8aTXZEr1wBOaeF9iisSie4/ly9GrsU2GpF/dwJRTQO9cYYI+SLwZQMNZ386xoy
Al+auAFs04aWOmK4krLVu+qOiGL7xwUKMuqnElH79nFQj9j4U3qBi3T4VYaQhmqq
XhWgv/T/LXVETMuwb9KH6A/iKe4PoEJXJJmtohOya54RVTizF4aZIwE5w3NGwP/6
dzzUjGGlaMdgYIG1fRrU/g2VyxgfwtaCdOm3YIB7mc3hKlDFGxNXRt6sCy/Ch51b
lJfgzMUpVyp4w+A7/MGrYbxBqAh5kjiNewDfcuIJI2Y+xS9UJIKrPI1Ut3JJkicy
EFgg1HJzQklm0Q==
-----END CERTIFICATE-----