Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
File:                     cl3CBR5_PY1hf1UYng7m8xdNkto.mft (raw, json)
Hash identifier:          p2QZYx4cVsSFHJAcG88IQ9MbYCqL/d+hqwX5oAnqmDU=
Subject key identifier:   A0:FF:07:EC:C6:89:F1:D6:93:8B:94:2B:CA:59:0D:51:15:06:F7:49
Authority key identifier: 72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA
Certificate issuer:       /CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
Certificate serial:       0197B70EEDA468A4A75451468C3FAFA25CB7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
Manifest number:          02DA
Signing time:             Sat 28 Jun 2025 15:01:38 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:38 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:38 +0000
Files and hashes:         1: cl3CBR5_PY1hf1UYng7m8xdNkto.crl (hash: r4WmDT2Vh/cI7xhy+omRmKTuhF7loGAq8DPWn2elq4g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:ed:a4:68:a4:a7:54:51:46:8c:3f:af:a2:5c:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
        Validity
            Not Before: Jun 28 15:01:38 2025 GMT
            Not After : Jun 29 15:01:38 2025 GMT
        Subject: CN=a0ff07ecc689f1d6938b942bca590d511506f749
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:cc:c0:bb:6c:6e:88:9f:87:e7:f0:0d:e8:44:
                    88:da:5f:56:2c:ec:b2:5d:60:a7:72:79:11:31:a2:
                    1f:18:f2:2a:f5:96:0b:6c:9f:c2:ca:02:0a:0e:1d:
                    95:0d:26:61:2b:d9:fc:07:c4:6a:b1:a9:07:ea:da:
                    46:e5:5c:d8:8c:dd:d8:bf:f2:8a:61:8f:77:18:c0:
                    52:dc:55:f8:d0:55:8b:3e:d5:62:6b:a5:14:60:cf:
                    1d:e8:c7:5a:84:88:f7:07:b9:7d:c7:9e:02:ea:94:
                    07:6d:e7:a7:48:cf:fe:94:d0:40:e1:92:27:6a:aa:
                    6b:02:dd:d1:87:a7:95:87:0c:ba:dd:26:cd:bd:3d:
                    39:dc:f3:8d:37:3b:42:8c:0d:4e:ad:7e:09:02:86:
                    36:3d:c0:ba:52:4f:86:ff:fc:19:c3:ea:52:5e:19:
                    9a:2d:87:fd:4c:2c:bc:67:fe:0a:79:2f:cf:9c:1c:
                    15:7f:1b:8b:8b:70:b0:20:bf:bb:e9:e6:e7:8d:7b:
                    05:1f:2a:46:3b:41:72:5a:07:5b:f1:f2:d9:b1:3e:
                    94:38:aa:36:df:c5:9c:6c:e3:5a:73:4c:b4:15:65:
                    53:10:35:3d:76:d0:9c:70:12:75:00:5f:72:01:cd:
                    b8:2d:ac:7b:f6:3d:b6:a9:ed:f3:3a:4d:b6:c1:90:
                    99:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:FF:07:EC:C6:89:F1:D6:93:8B:94:2B:CA:59:0D:51:15:06:F7:49
            X509v3 Authority Key Identifier:
                keyid:72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:b4:f0:ce:57:d3:3f:3f:97:69:a2:9b:9c:1e:68:ee:03:4c:
         01:fe:0e:f9:93:fc:ae:6a:cc:63:96:d4:9f:0a:0b:d7:f7:42:
         eb:58:53:bc:bf:97:c8:cc:77:cb:60:b7:e8:11:9d:19:b7:6e:
         61:60:06:d7:08:54:93:e8:2a:02:1d:ac:0f:85:a2:48:29:94:
         90:5a:cb:8b:1d:04:2c:1f:b9:66:4a:d6:b4:66:ed:29:3c:81:
         33:ab:48:d2:ad:9d:50:c9:82:0d:37:d8:a9:32:7d:9e:6c:23:
         b8:25:97:e4:3c:0d:cb:96:1a:ab:79:eb:49:0f:55:63:2a:ad:
         16:fe:00:17:bb:7a:ee:99:2c:08:e0:7f:e9:f1:23:57:b5:52:
         21:95:56:75:13:2a:87:e9:1f:3e:95:59:19:1b:f0:4e:df:77:
         db:63:36:a0:69:bd:1f:d2:bf:f8:8a:4d:d4:94:82:f2:e0:48:
         da:4e:46:38:be:08:19:79:cc:7e:de:3c:46:01:99:b2:71:b8:
         dc:ca:48:22:d2:e5:78:3f:ae:0e:53:88:18:a8:ee:3e:0b:de:
         73:0c:dc:a3:b8:e6:17:3d:15:bf:26:32:4a:2a:f7:3f:ed:78:
         99:ff:dd:49:c9:34:ee:42:46:ea:0c:05:63:c2:9d:7a:60:19:
         5b:94:f1:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Du2kaKSnVFFGjD+voly3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNWRjMjA1MWU3ZjNkOGQ2MTdmNTUxODllMGVlNmYzMTc0
ZDkyZGEwHhcNMjUwNjI4MTUwMTM4WhcNMjUwNjI5MTUwMTM4WjAzMTEwLwYDVQQD
EyhhMGZmMDdlY2M2ODlmMWQ2OTM4Yjk0MmJjYTU5MGQ1MTE1MDZmNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzszAu2xuiJ+H5/AN6ESI2l9WLOyy
XWCncnkRMaIfGPIq9ZYLbJ/CygIKDh2VDSZhK9n8B8RqsakH6tpG5VzYjN3Yv/KK
YY93GMBS3FX40FWLPtVia6UUYM8d6MdahIj3B7l9x54C6pQHbeenSM/+lNBA4ZIn
aqprAt3Rh6eVhwy63SbNvT053PONNztCjA1OrX4JAoY2PcC6Uk+G//wZw+pSXhma
LYf9TCy8Z/4KeS/PnBwVfxuLi3CwIL+76ebnjXsFHypGO0FyWgdb8fLZsT6UOKo2
38WcbONac0y0FWVTEDU9dtCccBJ1AF9yAc24Lax79j22qe3zOk22wZCZpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKD/B+zGifHWk4uUK8pZDVEVBvdJMB8GA1UdIwQY
MBaAFHJdwgUefz2NYX9VGJ4O5vMXTZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0Yzkt
ZmYwZjUyNjMzNTI3LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0YzktZmYwZjUyNjMzNTI3
LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZbTwzlfT
Pz+XaaKbnB5o7gNMAf4O+ZP8rmrMY5bUnwoL1/dC61hTvL+XyMx3y2C36BGdGbdu
YWAG1whUk+gqAh2sD4WiSCmUkFrLix0ELB+5ZkrWtGbtKTyBM6tI0q2dUMmCDTfY
qTJ9nmwjuCWX5DwNy5Yaq3nrSQ9VYyqtFv4AF7t67pksCOB/6fEjV7VSIZVWdRMq
h+kfPpVZGRvwTt9322M2oGm9H9K/+IpN1JSC8uBI2k5GOL4IGXnMft48RgGZsnG4
3MpIItLleD+uDlOIGKjuPgvecwzco7jmFz0VvyYySir3P+14mf/dSck07kJG6gwF
Y8KdemAZW5TxnA==
-----END CERTIFICATE-----