Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
File:                     cl3CBR5_PY1hf1UYng7m8xdNkto.mft (raw, json)
Hash identifier:          Ax1r/mw310PcF213wtpfLx2duamx1Oez4UMRIoGxIw4=
Subject key identifier:   14:8A:F4:EA:46:DF:20:E2:5C:9B:23:84:DD:59:38:0C:89:2A:9E:E9
Authority key identifier: 72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA
Certificate issuer:       /CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
Certificate serial:       019A722663F883E8C15F51821885DEBD388D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
Manifest number:          0444
Signing time:             Tue 11 Nov 2025 09:01:49 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:49 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:49 +0000
Files and hashes:         1: cl3CBR5_PY1hf1UYng7m8xdNkto.crl (hash: cTu9B8Ndup8tgMhZNmucC9/NwSTMX+vIq95Sw+b3xWA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:63:f8:83:e8:c1:5f:51:82:18:85:de:bd:38:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
        Validity
            Not Before: Nov 11 09:01:49 2025 GMT
            Not After : Nov 12 09:01:49 2025 GMT
        Subject: CN=148af4ea46df20e25c9b2384dd59380c892a9ee9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:46:91:8c:5f:bd:2b:e5:43:f2:f0:c2:68:ea:
                    f1:f4:a7:77:33:0f:c4:d7:d9:98:d3:7b:84:0c:29:
                    d3:b5:1a:5c:69:fb:8e:1d:a6:07:39:5e:9e:6e:58:
                    2c:5b:36:22:20:75:9d:59:e6:17:bb:8e:b9:27:b1:
                    c6:01:b6:c8:e7:82:70:85:e4:eb:e8:19:ad:4d:d1:
                    45:0c:15:f9:2b:a8:89:85:03:00:d9:30:b4:e2:b6:
                    91:05:4a:ff:89:4d:35:21:0f:b5:f8:54:e2:33:ea:
                    3b:6c:01:d6:c0:7b:16:3b:b6:0b:1b:31:ba:ba:07:
                    31:5b:10:0b:64:e0:38:f5:0a:7c:58:ee:68:0a:37:
                    ec:39:35:d7:d6:a2:03:ad:9f:dc:6c:9f:53:ee:1c:
                    3a:ac:33:38:16:6a:ba:4f:16:9f:fe:c8:be:5d:af:
                    71:30:b5:a7:1a:ce:9a:f2:cb:7f:e1:05:d8:2f:fc:
                    d2:6b:13:27:fe:6f:c8:99:3f:cd:4c:bb:70:a1:bb:
                    d1:83:3e:c8:bb:50:5c:14:ae:70:43:99:39:bb:48:
                    28:bd:36:12:ef:cf:8e:79:61:85:5e:64:f7:45:9b:
                    60:77:2b:6b:c3:e3:09:7f:0b:a9:f8:31:a1:9d:de:
                    03:04:69:29:43:dc:c4:46:2e:ea:97:ac:08:5e:dd:
                    b0:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:8A:F4:EA:46:DF:20:E2:5C:9B:23:84:DD:59:38:0C:89:2A:9E:E9
            X509v3 Authority Key Identifier:
                keyid:72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:50:93:9b:c5:6a:27:0f:b7:de:ac:d6:92:57:4f:80:b9:13:
         d1:63:af:ea:5f:cc:11:fb:e7:54:b8:de:43:4e:2d:f5:27:88:
         c1:3a:d4:47:af:e8:80:de:4b:98:20:de:e0:59:03:79:62:0f:
         b0:98:e1:48:b6:01:05:09:b0:4f:2c:75:16:34:35:01:1e:08:
         74:f3:7d:ab:f8:aa:ef:95:f6:da:8c:4b:ee:f3:1e:5b:5c:fa:
         a4:f1:26:2a:7d:c0:4e:db:f6:7f:83:2f:d1:53:8c:8b:8b:19:
         41:e7:ce:05:20:0e:e5:26:bf:63:49:1f:34:5d:2c:20:bf:74:
         3f:67:95:05:89:2d:1a:c8:d3:a3:84:62:1e:8e:cf:b4:73:13:
         32:dc:ae:4c:9f:7d:4d:92:c7:ec:4a:0c:dd:54:2f:c0:97:55:
         4c:1d:8b:07:f2:aa:34:04:bd:be:e6:3d:1d:eb:22:30:aa:09:
         fe:b0:70:c0:2a:c1:50:f8:c4:61:fa:08:40:ab:b1:3f:33:b5:
         5a:d9:60:04:f2:a1:e1:75:b4:78:63:91:01:54:9f:de:34:1c:
         a9:ef:70:d7:c7:9e:c1:2d:50:5c:ab:7b:cd:81:c2:c7:1b:a3:
         aa:b1:a1:c7:0f:b0:05:d9:65:e0:3e:a1:f5:39:75:05:3c:99:
         75:22:90:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJmP4g+jBX1GCGIXevTiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNWRjMjA1MWU3ZjNkOGQ2MTdmNTUxODllMGVlNmYzMTc0
ZDkyZGEwHhcNMjUxMTExMDkwMTQ5WhcNMjUxMTEyMDkwMTQ5WjAzMTEwLwYDVQQD
EygxNDhhZjRlYTQ2ZGYyMGUyNWM5YjIzODRkZDU5MzgwYzg5MmE5ZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkaRjF+9K+VD8vDCaOrx9Kd3Mw/E
19mY03uEDCnTtRpcafuOHaYHOV6eblgsWzYiIHWdWeYXu465J7HGAbbI54JwheTr
6BmtTdFFDBX5K6iJhQMA2TC04raRBUr/iU01IQ+1+FTiM+o7bAHWwHsWO7YLGzG6
ugcxWxALZOA49Qp8WO5oCjfsOTXX1qIDrZ/cbJ9T7hw6rDM4Fmq6Txaf/si+Xa9x
MLWnGs6a8st/4QXYL/zSaxMn/m/ImT/NTLtwobvRgz7Iu1BcFK5wQ5k5u0govTYS
78+OeWGFXmT3RZtgdytrw+MJfwup+DGhnd4DBGkpQ9zERi7ql6wIXt2w2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSK9OpG3yDiXJsjhN1ZOAyJKp7pMB8GA1UdIwQY
MBaAFHJdwgUefz2NYX9VGJ4O5vMXTZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0Yzkt
ZmYwZjUyNjMzNTI3LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0YzktZmYwZjUyNjMzNTI3
LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFFCTm8Vq
Jw+33qzWkldPgLkT0WOv6l/MEfvnVLjeQ04t9SeIwTrUR6/ogN5LmCDe4FkDeWIP
sJjhSLYBBQmwTyx1FjQ1AR4IdPN9q/iq75X22oxL7vMeW1z6pPEmKn3ATtv2f4Mv
0VOMi4sZQefOBSAO5Sa/Y0kfNF0sIL90P2eVBYktGsjTo4RiHo7PtHMTMtyuTJ99
TZLH7EoM3VQvwJdVTB2LB/KqNAS9vuY9HesiMKoJ/rBwwCrBUPjEYfoIQKuxPzO1
WtlgBPKh4XW0eGORAVSf3jQcqe9w18eewS1QXKt7zYHCxxujqrGhxw+wBdll4D6h
9Tl1BTyZdSKQBQ==
-----END CERTIFICATE-----