Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
File:                     cl3CBR5_PY1hf1UYng7m8xdNkto.mft (raw, json)
Hash identifier:          QSTYkZ2STikngZB+giwMvlYWuaoXqPmCgvFORMwurkQ=
Subject key identifier:   5A:15:B0:65:7C:6A:49:FA:22:BF:3E:F4:57:40:40:D2:C3:F7:55:A9
Authority key identifier: 72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA
Certificate issuer:       /CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
Certificate serial:       01958CCED868667B79B12F30306ADB26F0A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
Manifest number:          01BB
Signing time:             Thu 13 Mar 2025 00:02:00 +0000
Manifest this update:     Thu 13 Mar 2025 00:02:00 +0000
Manifest next update:     Fri 14 Mar 2025 00:02:00 +0000
Files and hashes:         1: cl3CBR5_PY1hf1UYng7m8xdNkto.crl (hash: rUYhKeMGnDCRQ8VOY4AxsbngraseoMM3sGNO4JO4S5U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:ce:d8:68:66:7b:79:b1:2f:30:30:6a:db:26:f0:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
        Validity
            Not Before: Mar 13 00:02:00 2025 GMT
            Not After : Mar 14 00:02:00 2025 GMT
        Subject: CN=5a15b0657c6a49fa22bf3ef4574040d2c3f755a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:69:2f:9c:d8:52:1e:b5:b5:1f:5a:b7:b0:86:
                    4e:a8:e2:eb:2f:f8:22:68:f2:bb:cc:59:cf:8a:a5:
                    45:b6:62:6d:77:e1:5d:4c:2e:69:a5:7a:7f:d5:43:
                    a8:ab:e2:83:11:2c:7a:02:51:21:88:29:79:81:4a:
                    12:17:42:c5:1e:a1:10:b3:4d:0b:44:1e:e4:40:fb:
                    17:9e:f8:63:66:a4:29:25:7f:d8:19:35:5d:23:dd:
                    47:e9:b2:95:49:78:7d:1f:4e:47:91:ea:eb:4c:04:
                    70:82:9c:5f:f8:8c:d8:71:ac:c9:af:a0:07:d7:9d:
                    14:ce:16:11:af:4a:33:fc:00:a7:4e:51:cb:18:d9:
                    1d:6b:b6:ae:e7:37:e3:f3:ab:f5:3e:f6:62:12:7b:
                    56:39:0b:98:a4:07:dd:ae:0a:a2:64:0d:ae:a3:ae:
                    e7:36:08:6a:89:0a:ac:d9:2a:57:78:a3:dd:c1:e2:
                    c2:d6:84:8f:62:8d:21:eb:56:99:f7:31:d0:2d:5d:
                    6c:01:b7:f1:fe:90:26:f0:59:85:26:48:48:61:4f:
                    16:d8:ba:ec:c2:ca:04:23:f9:6a:c5:98:48:3b:47:
                    de:13:39:f2:1f:0d:d1:d9:11:00:bc:31:37:90:b8:
                    6e:01:19:29:c9:e5:29:51:27:e9:13:5d:8f:a3:7f:
                    56:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:15:B0:65:7C:6A:49:FA:22:BF:3E:F4:57:40:40:D2:C3:F7:55:A9
            X509v3 Authority Key Identifier:
                keyid:72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:d3:55:97:c5:91:ba:0c:c9:f7:cf:10:46:c0:d8:97:9f:25:
         db:a5:1a:45:ae:c2:02:46:ad:47:9a:6d:de:b6:42:bc:8d:d7:
         1a:7e:f5:e6:73:89:fa:df:2c:15:32:a7:57:2b:c2:75:02:c5:
         c6:7f:a3:ef:b3:f0:2c:2f:70:11:e7:f7:76:bf:46:c5:5c:ed:
         22:e0:93:23:00:8b:fd:f9:d0:7d:dc:45:81:0b:8f:ef:b9:97:
         b2:29:69:4c:23:ec:aa:1c:f6:c7:8b:08:4a:d9:3c:55:5c:bc:
         71:5d:25:83:94:f5:e1:50:36:e6:59:f1:5b:7e:fc:0b:e1:94:
         e7:01:c3:0c:51:4d:f9:b8:b1:85:a4:e4:dd:99:3b:50:e6:9d:
         3f:be:e2:fc:84:4e:f1:1b:fc:0e:f9:69:cb:11:1b:03:ed:f4:
         88:c4:49:a8:c6:96:1f:77:85:f3:40:29:05:2f:89:62:16:d2:
         57:7f:ef:47:aa:80:61:78:db:d5:c3:d7:68:51:2d:97:81:65:
         cd:21:54:a7:4e:db:0c:b3:8f:91:77:9d:d0:6b:a7:52:df:98:
         dc:29:e4:73:be:30:35:9d:e9:70:98:28:29:c8:7c:17:c9:cd:
         80:5f:ad:84:d7:a6:e8:d1:a3:0d:aa:9e:a1:71:57:44:51:68:
         70:d8:d6:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMzthoZnt5sS8wMGrbJvCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNWRjMjA1MWU3ZjNkOGQ2MTdmNTUxODllMGVlNmYzMTc0
ZDkyZGEwHhcNMjUwMzEzMDAwMjAwWhcNMjUwMzE0MDAwMjAwWjAzMTEwLwYDVQQD
Eyg1YTE1YjA2NTdjNmE0OWZhMjJiZjNlZjQ1NzQwNDBkMmMzZjc1NWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGkvnNhSHrW1H1q3sIZOqOLrL/gi
aPK7zFnPiqVFtmJtd+FdTC5ppXp/1UOoq+KDESx6AlEhiCl5gUoSF0LFHqEQs00L
RB7kQPsXnvhjZqQpJX/YGTVdI91H6bKVSXh9H05HkerrTARwgpxf+IzYcazJr6AH
150UzhYRr0oz/ACnTlHLGNkda7au5zfj86v1PvZiEntWOQuYpAfdrgqiZA2uo67n
NghqiQqs2SpXeKPdweLC1oSPYo0h61aZ9zHQLV1sAbfx/pAm8FmFJkhIYU8W2Lrs
wsoEI/lqxZhIO0feEznyHw3R2REAvDE3kLhuARkpyeUpUSfpE12Po39WPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFoVsGV8akn6Ir8+9FdAQNLD91WpMB8GA1UdIwQY
MBaAFHJdwgUefz2NYX9VGJ4O5vMXTZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0Yzkt
ZmYwZjUyNjMzNTI3LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0YzktZmYwZjUyNjMzNTI3
LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAedNVl8WR
ugzJ988QRsDYl58l26UaRa7CAkatR5pt3rZCvI3XGn715nOJ+t8sFTKnVyvCdQLF
xn+j77PwLC9wEef3dr9GxVztIuCTIwCL/fnQfdxFgQuP77mXsilpTCPsqhz2x4sI
Stk8VVy8cV0lg5T14VA25lnxW378C+GU5wHDDFFN+bixhaTk3Zk7UOadP77i/IRO
8Rv8DvlpyxEbA+30iMRJqMaWH3eF80ApBS+JYhbSV3/vR6qAYXjb1cPXaFEtl4Fl
zSFUp07bDLOPkXed0GunUt+Y3Cnkc74wNZ3pcJgoKch8F8nNgF+thNem6NGjDaqe
oXFXRFFocNjWbg==
-----END CERTIFICATE-----