Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
File:                     cl3CBR5_PY1hf1UYng7m8xdNkto.mft (raw, json)
Hash identifier:          9o+BP9hA7xuAMjrQWl/Sc49qnQgTzssY3CfIgVzbpkQ=
Subject key identifier:   D7:5E:94:63:8E:40:80:F3:D9:47:35:71:4C:C6:AF:1A:B4:8A:AE:BF
Authority key identifier: 72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA
Certificate issuer:       /CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
Certificate serial:       0198D4E0A37BF5F62DFC433D83C845842789
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
Manifest number:          036E
Signing time:             Sat 23 Aug 2025 03:02:28 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:28 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:28 +0000
Files and hashes:         1: cl3CBR5_PY1hf1UYng7m8xdNkto.crl (hash: CYn/ogzQPmWCLl4aSWyIP62ENW4TQ1XpL8xPB4mmytw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:a3:7b:f5:f6:2d:fc:43:3d:83:c8:45:84:27:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
        Validity
            Not Before: Aug 23 03:02:28 2025 GMT
            Not After : Aug 24 03:02:28 2025 GMT
        Subject: CN=d75e94638e4080f3d94735714cc6af1ab48aaebf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:8e:1f:92:6d:00:31:0e:1b:a2:5b:c6:98:bc:
                    21:fd:97:d3:8d:4e:4b:d4:95:ee:5b:69:bc:a8:76:
                    a9:4a:f2:8e:07:73:f1:03:64:3f:b7:03:22:24:68:
                    b2:65:5a:31:38:4e:b3:91:dd:07:25:04:ad:96:e0:
                    ea:53:ee:d2:4c:0d:3e:78:a0:8e:5d:06:c6:81:5e:
                    ea:b8:b5:f6:a3:35:72:cb:de:1b:9a:ef:7b:69:71:
                    4b:09:79:00:b7:c0:34:4b:33:e2:47:64:2d:62:20:
                    c0:bf:bb:ca:32:e3:5c:46:f5:9d:6e:2d:87:0c:18:
                    29:1c:80:dd:45:29:fe:b8:e4:22:31:83:2d:64:63:
                    ca:d2:53:33:48:0d:6d:e8:d9:27:8e:24:c2:e6:29:
                    57:a2:9a:15:cb:4e:b7:77:57:ad:87:e5:55:dc:3c:
                    a1:dd:d2:a6:37:a5:cd:eb:2a:e8:92:f6:e2:56:85:
                    78:e3:ea:02:42:a0:97:02:bb:76:2b:c5:62:b6:ee:
                    3b:13:7c:52:e4:3a:80:04:3b:c8:b9:dc:a4:04:5c:
                    67:76:30:62:1a:c2:7d:90:bb:e7:93:4b:46:52:c0:
                    39:83:77:29:73:be:66:0c:d0:15:78:fa:d8:2c:40:
                    a5:37:ad:a7:fc:b8:c2:86:0d:e3:c8:54:2e:95:47:
                    3d:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:5E:94:63:8E:40:80:F3:D9:47:35:71:4C:C6:AF:1A:B4:8A:AE:BF
            X509v3 Authority Key Identifier:
                keyid:72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:ab:ff:c0:03:99:59:d2:63:37:fb:94:70:91:f8:cb:a0:05:
         6d:4b:bf:3a:af:25:62:e3:6a:ac:b3:7e:1e:8b:05:82:e6:6f:
         f2:f9:05:78:d1:26:82:a3:e1:7b:e6:75:96:61:c2:0e:42:a7:
         35:2c:e0:77:41:ce:14:9a:75:61:9e:23:ca:ca:22:70:b5:6d:
         8a:12:1a:d4:e4:8a:35:ba:9e:80:41:d6:e4:75:66:32:ae:56:
         94:d7:f4:32:72:23:77:2d:66:b4:41:7c:c7:da:f5:76:0f:37:
         c7:e9:ec:25:75:51:cf:8d:fb:95:81:30:f0:71:cb:99:12:e1:
         af:e7:6d:e0:3e:bb:e1:25:fa:58:86:83:2a:4b:a0:81:59:4f:
         2a:59:7b:19:df:09:a0:ce:f5:92:7b:32:18:52:71:6a:dd:1f:
         a1:e5:08:a4:83:92:3f:81:bb:84:7c:be:b7:3f:52:f6:1c:e7:
         ab:08:41:e2:b7:3f:70:71:46:80:5a:02:56:1f:30:81:49:ae:
         4f:05:ba:78:46:30:bc:3d:56:e0:af:b3:a8:30:05:ac:c9:c2:
         fd:4e:cc:d4:4e:b2:2c:a2:2b:e3:a7:99:3c:44:f7:9a:d6:10:
         92:dc:02:3d:14:ef:33:99:a9:ef:4d:7e:41:83:6e:c7:3e:b4:
         9d:57:80:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4KN79fYt/EM9g8hFhCeJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNWRjMjA1MWU3ZjNkOGQ2MTdmNTUxODllMGVlNmYzMTc0
ZDkyZGEwHhcNMjUwODIzMDMwMjI4WhcNMjUwODI0MDMwMjI4WjAzMTEwLwYDVQQD
EyhkNzVlOTQ2MzhlNDA4MGYzZDk0NzM1NzE0Y2M2YWYxYWI0OGFhZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvI4fkm0AMQ4bolvGmLwh/ZfTjU5L
1JXuW2m8qHapSvKOB3PxA2Q/twMiJGiyZVoxOE6zkd0HJQStluDqU+7STA0+eKCO
XQbGgV7quLX2ozVyy94bmu97aXFLCXkAt8A0SzPiR2QtYiDAv7vKMuNcRvWdbi2H
DBgpHIDdRSn+uOQiMYMtZGPK0lMzSA1t6NknjiTC5ilXopoVy063d1eth+VV3Dyh
3dKmN6XN6yrokvbiVoV44+oCQqCXArt2K8Vitu47E3xS5DqABDvIudykBFxndjBi
GsJ9kLvnk0tGUsA5g3cpc75mDNAVePrYLEClN62n/LjChg3jyFQulUc92wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNdelGOOQIDz2Uc1cUzGrxq0iq6/MB8GA1UdIwQY
MBaAFHJdwgUefz2NYX9VGJ4O5vMXTZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0Yzkt
ZmYwZjUyNjMzNTI3LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0YzktZmYwZjUyNjMzNTI3
LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAKv/wAOZ
WdJjN/uUcJH4y6AFbUu/Oq8lYuNqrLN+HosFguZv8vkFeNEmgqPhe+Z1lmHCDkKn
NSzgd0HOFJp1YZ4jysoicLVtihIa1OSKNbqegEHW5HVmMq5WlNf0MnIjdy1mtEF8
x9r1dg83x+nsJXVRz437lYEw8HHLmRLhr+dt4D674SX6WIaDKkuggVlPKll7Gd8J
oM71knsyGFJxat0foeUIpIOSP4G7hHy+tz9S9hznqwhB4rc/cHFGgFoCVh8wgUmu
TwW6eEYwvD1W4K+zqDAFrMnC/U7M1E6yLKIr46eZPET3mtYQktwCPRTvM5mp701+
QYNuxz60nVeAug==
-----END CERTIFICATE-----