Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
File:                     cl3CBR5_PY1hf1UYng7m8xdNkto.mft (raw, json)
Hash identifier:          BcQeuZORyfLLv/ughMDIOTWrSNmo3g17XCn3IYxMC6E=
Subject key identifier:   F9:55:5E:D7:5F:2B:84:40:5C:93:06:B0:38:ED:6A:45:57:7C:CF:1B
Authority key identifier: 72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA
Certificate issuer:       /CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
Certificate serial:       01974AE8C1AD6E37EA75EF8A44FC52F088CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
Manifest number:          02A2
Signing time:             Sat 07 Jun 2025 15:00:57 +0000
Manifest this update:     Sat 07 Jun 2025 15:00:57 +0000
Manifest next update:     Sun 08 Jun 2025 15:00:57 +0000
Files and hashes:         1: cl3CBR5_PY1hf1UYng7m8xdNkto.crl (hash: jjQywNmvCJpho6MZmvMyIN66faAU120drAFP+EV9Ejk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 15:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:c1:ad:6e:37:ea:75:ef:8a:44:fc:52:f0:88:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
        Validity
            Not Before: Jun  7 15:00:57 2025 GMT
            Not After : Jun  8 15:00:57 2025 GMT
        Subject: CN=f9555ed75f2b84405c9306b038ed6a45577ccf1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:28:ab:bb:d1:8d:87:16:54:db:ee:24:88:ee:
                    cb:91:83:15:4e:90:00:9c:08:ff:95:40:70:85:cf:
                    8a:09:7f:29:f1:f8:01:c7:16:be:17:ea:0c:c0:55:
                    85:73:3c:d5:14:b4:02:9d:55:35:1a:d5:12:32:c4:
                    49:7c:f0:e3:e1:8a:bc:82:f4:25:57:cf:6f:1e:b0:
                    da:03:a8:b3:fa:36:b7:5a:46:73:58:0e:c7:6e:da:
                    25:c2:b2:c5:2f:34:b6:c8:03:fe:d4:8f:ba:d7:10:
                    7e:67:32:dc:82:97:33:d6:d3:41:c4:6c:41:b7:0d:
                    56:79:ca:44:4c:eb:c4:70:b5:89:08:ce:19:df:db:
                    87:5a:9c:55:48:43:0a:af:f1:80:06:f7:8b:b0:b2:
                    ec:42:52:6a:1f:6b:03:6d:73:7c:6a:92:3f:94:0f:
                    aa:41:0b:2b:ee:18:81:0d:4b:ba:13:50:10:c4:1c:
                    af:5f:ee:a2:22:3c:10:dc:eb:0f:64:2a:dd:9d:58:
                    58:1e:25:cd:65:d9:ee:88:54:21:82:4b:ce:a4:c9:
                    4a:39:67:7b:21:3d:76:01:65:ee:3b:92:f1:7e:3b:
                    3a:fb:62:c9:f2:cf:1c:46:d0:67:c5:b2:fc:9a:bc:
                    64:1e:4c:bb:83:b9:ab:7e:13:e5:72:af:4a:81:06:
                    78:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:55:5E:D7:5F:2B:84:40:5C:93:06:B0:38:ED:6A:45:57:7C:CF:1B
            X509v3 Authority Key Identifier:
                keyid:72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:87:3e:13:e6:9d:55:11:96:11:e8:d3:76:f7:c0:2f:97:a6:
         7f:8b:87:39:4c:1d:1b:ef:ec:c7:59:3f:ee:cd:92:fe:4e:e1:
         10:bc:9e:31:cd:51:cc:28:14:fb:a0:99:52:c5:11:62:4c:94:
         01:92:58:fc:9d:6f:e3:e1:5a:e4:ad:af:07:28:a4:37:67:20:
         8e:d2:e9:35:9a:f4:74:69:a0:58:54:7d:86:28:58:cc:63:f7:
         5e:33:02:e8:e3:50:cb:f5:f2:fc:8f:24:69:54:d8:2b:2e:49:
         8b:71:cf:c6:54:7a:73:2a:bb:75:57:b1:44:d1:83:4f:f5:47:
         61:00:50:fd:fc:99:9f:6a:da:09:9d:3e:53:51:d6:53:5f:69:
         53:15:65:17:70:1d:c1:04:be:4a:f0:f7:6e:28:03:b1:de:98:
         ea:b2:0e:9b:ef:79:66:50:ff:cc:63:3f:40:93:98:eb:b8:1d:
         7e:41:6b:5f:31:75:ff:36:ec:8c:ea:76:f8:91:02:14:b2:15:
         38:fd:22:24:bd:e0:ea:68:f9:6c:b8:96:39:86:72:40:f9:1c:
         81:d4:4a:56:d0:d2:d4:ba:3e:87:59:dd:a2:c0:cb:77:67:33:
         f9:53:13:40:af:5b:78:d5:6c:0b:4d:07:bc:72:57:c8:14:37:
         5d:70:93:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6MGtbjfqde+KRPxS8IjKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNWRjMjA1MWU3ZjNkOGQ2MTdmNTUxODllMGVlNmYzMTc0
ZDkyZGEwHhcNMjUwNjA3MTUwMDU3WhcNMjUwNjA4MTUwMDU3WjAzMTEwLwYDVQQD
EyhmOTU1NWVkNzVmMmI4NDQwNWM5MzA2YjAzOGVkNmE0NTU3N2NjZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Siru9GNhxZU2+4kiO7LkYMVTpAA
nAj/lUBwhc+KCX8p8fgBxxa+F+oMwFWFczzVFLQCnVU1GtUSMsRJfPDj4Yq8gvQl
V89vHrDaA6iz+ja3WkZzWA7HbtolwrLFLzS2yAP+1I+61xB+ZzLcgpcz1tNBxGxB
tw1WecpETOvEcLWJCM4Z39uHWpxVSEMKr/GABveLsLLsQlJqH2sDbXN8apI/lA+q
QQsr7hiBDUu6E1AQxByvX+6iIjwQ3OsPZCrdnVhYHiXNZdnuiFQhgkvOpMlKOWd7
IT12AWXuO5Lxfjs6+2LJ8s8cRtBnxbL8mrxkHky7g7mrfhPlcq9KgQZ4qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlVXtdfK4RAXJMGsDjtakVXfM8bMB8GA1UdIwQY
MBaAFHJdwgUefz2NYX9VGJ4O5vMXTZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0Yzkt
ZmYwZjUyNjMzNTI3LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0YzktZmYwZjUyNjMzNTI3
LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX4c+E+ad
VRGWEejTdvfAL5emf4uHOUwdG+/sx1k/7s2S/k7hELyeMc1RzCgU+6CZUsURYkyU
AZJY/J1v4+Fa5K2vByikN2cgjtLpNZr0dGmgWFR9hihYzGP3XjMC6ONQy/Xy/I8k
aVTYKy5Ji3HPxlR6cyq7dVexRNGDT/VHYQBQ/fyZn2raCZ0+U1HWU19pUxVlF3Ad
wQS+SvD3bigDsd6Y6rIOm+95ZlD/zGM/QJOY67gdfkFrXzF1/zbsjOp2+JECFLIV
OP0iJL3g6mj5bLiWOYZyQPkcgdRKVtDS1Lo+h1ndosDLd2cz+VMTQK9beNVsC00H
vHJXyBQ3XXCTZg==
-----END CERTIFICATE-----