Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
File:                     cl3CBR5_PY1hf1UYng7m8xdNkto.mft (raw, json)
Hash identifier:          J/LEC6Qpo5Ia7WubQ7PHLAqTS2EbcimbsWiYOr0zLu4=
Subject key identifier:   F3:DA:D9:AB:2C:E8:4A:7F:36:C2:5D:7F:F6:A7:2A:72:CD:F5:70:E0
Authority key identifier: 72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA
Certificate issuer:       /CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
Certificate serial:       01951134F9FA474E8DF4C1E22D7388D7222B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
Manifest number:          017B
Signing time:             Mon 17 Feb 2025 00:00:39 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:39 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:39 +0000
Files and hashes:         1: cl3CBR5_PY1hf1UYng7m8xdNkto.crl (hash: QzLqdnYmJwm7PqdJSybYc8b6THDnRrEHL8CteZOhk2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:34:f9:fa:47:4e:8d:f4:c1:e2:2d:73:88:d7:22:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
        Validity
            Not Before: Feb 17 00:00:39 2025 GMT
            Not After : Feb 18 00:00:39 2025 GMT
        Subject: CN=f3dad9ab2ce84a7f36c25d7ff6a72a72cdf570e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:23:1a:ad:ae:4e:cb:fb:5c:34:39:7a:eb:da:
                    07:ac:f7:52:7f:25:90:08:9f:07:6b:be:a0:bf:f1:
                    13:d6:96:35:e3:42:ff:b1:8a:6b:7e:e7:50:9e:95:
                    d8:28:c2:7c:06:81:fa:24:a9:3c:24:23:49:11:31:
                    97:bc:40:77:78:a9:f9:c3:03:56:11:cc:bc:3c:15:
                    ad:a6:b6:b1:e7:ef:65:d2:b4:92:27:00:25:dc:4f:
                    7d:7b:f5:a8:a0:53:8f:d9:05:ca:32:1f:f3:a8:f3:
                    d0:ac:a0:9d:96:61:a4:2b:f5:f5:f2:46:be:7c:1a:
                    6f:c5:d1:54:07:9a:7f:65:74:30:89:06:02:66:c4:
                    a0:f2:80:bc:94:a5:af:e7:da:d3:96:6f:0d:d0:ea:
                    55:c6:d0:de:b9:f4:c2:41:7a:a2:87:2c:ef:a7:30:
                    e5:9e:31:4d:12:26:1b:a7:aa:d2:a5:ee:b6:83:03:
                    a6:06:75:8a:0f:36:16:a9:16:98:ea:3f:fb:2e:05:
                    4e:4c:ee:6d:e6:28:47:12:0d:d3:70:2f:ee:e6:19:
                    e3:cf:4d:b5:16:e0:4f:47:ff:1a:6d:a1:e4:9d:61:
                    47:a2:60:b7:d2:d3:41:56:a4:ef:1a:03:6a:ee:ad:
                    0d:7c:69:67:31:42:9b:64:49:87:86:32:26:28:13:
                    27:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:DA:D9:AB:2C:E8:4A:7F:36:C2:5D:7F:F6:A7:2A:72:CD:F5:70:E0
            X509v3 Authority Key Identifier:
                keyid:72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:51:aa:66:3d:bf:59:c5:0f:90:e7:ee:29:b0:18:20:48:0d:
         b5:f8:c6:72:b9:ca:f0:b6:93:6a:9b:de:33:bb:e2:6c:c3:9a:
         69:6b:fe:77:99:c1:3b:10:67:a7:3d:c1:63:c9:53:c3:39:9f:
         c0:c5:2e:66:a3:16:b8:58:ac:e1:85:f2:16:93:49:9b:3b:a7:
         27:15:22:44:cb:f1:88:f8:07:75:6f:80:c3:4a:fc:a6:9e:40:
         be:08:86:9d:de:22:c9:b7:b3:62:94:3a:d9:79:bf:06:c6:ec:
         f0:71:f7:0f:86:b6:3d:12:d8:3f:ec:ef:65:ce:e0:0b:15:93:
         35:52:0b:72:ea:39:09:a6:23:30:b4:ad:2f:80:5b:e9:c5:64:
         1f:9b:61:be:07:64:a3:d5:27:9e:c1:6e:74:0e:e8:eb:d7:3e:
         3e:cf:d6:1e:c6:c3:6b:50:09:5f:63:49:2a:17:f3:bc:47:d9:
         63:04:6e:31:fd:04:30:16:70:a5:a4:1e:c1:3d:87:02:a1:1b:
         2e:66:5f:bf:12:69:c6:42:32:37:e1:3d:9d:49:8a:a5:69:61:
         e0:78:af:dc:a4:bf:07:1d:0d:03:48:b5:85:50:48:45:8d:86:
         40:66:05:5f:c1:a1:dc:fa:19:38:df:d2:46:95:1c:07:a8:7c:
         3e:bf:93:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNPn6R06N9MHiLXOI1yIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNWRjMjA1MWU3ZjNkOGQ2MTdmNTUxODllMGVlNmYzMTc0
ZDkyZGEwHhcNMjUwMjE3MDAwMDM5WhcNMjUwMjE4MDAwMDM5WjAzMTEwLwYDVQQD
EyhmM2RhZDlhYjJjZTg0YTdmMzZjMjVkN2ZmNmE3MmE3MmNkZjU3MGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCMara5Oy/tcNDl669oHrPdSfyWQ
CJ8Ha76gv/ET1pY140L/sYprfudQnpXYKMJ8BoH6JKk8JCNJETGXvEB3eKn5wwNW
Ecy8PBWtprax5+9l0rSSJwAl3E99e/WooFOP2QXKMh/zqPPQrKCdlmGkK/X18ka+
fBpvxdFUB5p/ZXQwiQYCZsSg8oC8lKWv59rTlm8N0OpVxtDeufTCQXqihyzvpzDl
njFNEiYbp6rSpe62gwOmBnWKDzYWqRaY6j/7LgVOTO5t5ihHEg3TcC/u5hnjz021
FuBPR/8abaHknWFHomC30tNBVqTvGgNq7q0NfGlnMUKbZEmHhjImKBMnNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPPa2ass6Ep/NsJdf/anKnLN9XDgMB8GA1UdIwQY
MBaAFHJdwgUefz2NYX9VGJ4O5vMXTZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0Yzkt
ZmYwZjUyNjMzNTI3LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0YzktZmYwZjUyNjMzNTI3
LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS1GqZj2/
WcUPkOfuKbAYIEgNtfjGcrnK8LaTapveM7vibMOaaWv+d5nBOxBnpz3BY8lTwzmf
wMUuZqMWuFis4YXyFpNJmzunJxUiRMvxiPgHdW+Aw0r8pp5AvgiGnd4iybezYpQ6
2Xm/Bsbs8HH3D4a2PRLYP+zvZc7gCxWTNVILcuo5CaYjMLStL4Bb6cVkH5thvgdk
o9UnnsFudA7o69c+Ps/WHsbDa1AJX2NJKhfzvEfZYwRuMf0EMBZwpaQewT2HAqEb
LmZfvxJpxkIyN+E9nUmKpWlh4Hiv3KS/Bx0NA0i1hVBIRY2GQGYFX8Gh3PoZON/S
RpUcB6h8Pr+T1A==
-----END CERTIFICATE-----