Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
File:                     cl3CBR5_PY1hf1UYng7m8xdNkto.mft (raw, json)
Hash identifier:          08hsBHoUitcqslQ5xfQhd0QqgDRUnpmzisZKQmS5y6Y=
Subject key identifier:   EB:68:FB:DA:F6:4B:E8:71:E5:C6:B2:E9:94:FC:6E:10:F6:7E:00:EA
Authority key identifier: 72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA
Certificate issuer:       /CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
Certificate serial:       019CABD9E4A5EB7254667D6A2EDC62CD7B23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
Manifest number:          056B
Signing time:             Mon 02 Mar 2026 00:01:49 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:49 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:49 +0000
Files and hashes:         1: cl3CBR5_PY1hf1UYng7m8xdNkto.crl (hash: kHE1V0My8JzsC2cKi8eI0sPJG3Dx2qdFLBqGuWEWBMw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:e4:a5:eb:72:54:66:7d:6a:2e:dc:62:cd:7b:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
        Validity
            Not Before: Mar  2 00:01:49 2026 GMT
            Not After : Mar  3 00:01:49 2026 GMT
        Subject: CN=eb68fbdaf64be871e5c6b2e994fc6e10f67e00ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:17:60:ce:dd:bb:c6:b1:e5:40:63:50:59:9e:
                    5e:79:19:2c:93:40:81:8a:b3:c5:24:64:24:b9:39:
                    89:fa:2b:54:d8:08:72:50:24:d9:bb:1e:27:31:e6:
                    b2:59:9a:11:82:84:22:ff:88:27:53:22:86:a5:3a:
                    da:8c:39:21:71:2d:78:2f:55:a4:7d:6a:40:f2:19:
                    9b:46:01:d4:72:5a:27:e3:87:75:4a:d1:23:28:24:
                    d1:04:f2:d6:00:f6:d4:26:63:90:32:58:1f:a7:2d:
                    8e:12:ad:d5:21:6f:7e:7e:fa:ec:f5:a0:ba:f9:82:
                    d4:de:a6:aa:a3:07:f4:d3:2b:79:31:52:43:65:59:
                    51:35:cc:74:74:c6:0c:71:24:e3:48:7c:e1:28:6b:
                    05:a6:8d:a3:1e:b0:84:ff:a7:36:a9:68:ee:91:2a:
                    3c:c8:97:2f:5e:04:78:9e:77:bc:c3:9e:98:fe:73:
                    00:a3:c8:83:91:7a:1a:5b:3a:e7:fc:05:b8:bf:be:
                    8e:89:d2:3c:13:0b:00:61:c8:1e:6a:4c:e7:ad:93:
                    73:eb:29:f4:9f:1e:e3:0b:0d:86:5b:97:0e:74:f5:
                    12:57:2b:0f:60:9e:5a:a5:b3:e7:78:00:6d:49:48:
                    3f:06:9f:ca:a8:68:21:69:13:30:71:c4:51:9d:83:
                    df:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:68:FB:DA:F6:4B:E8:71:E5:C6:B2:E9:94:FC:6E:10:F6:7E:00:EA
            X509v3 Authority Key Identifier:
                keyid:72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:cd:56:eb:4a:e7:00:d2:54:3e:bf:25:8a:b1:1b:7c:55:ce:
         13:21:f2:9f:68:c1:1b:b4:b2:46:9c:da:a8:a0:65:19:61:94:
         bb:17:8e:f4:98:0e:d8:a4:33:79:8b:1e:6d:fc:a0:ae:ef:5b:
         a8:5f:cf:36:e8:1b:70:6f:e1:59:f2:96:00:ce:9b:93:9a:ba:
         15:5c:89:81:66:e3:7b:78:2a:c2:3c:0f:c2:23:63:c6:0a:15:
         09:7f:8a:ec:d0:eb:20:13:bd:c8:ad:fd:44:28:85:68:09:aa:
         66:d3:53:d4:c2:b2:99:6b:38:24:8f:8c:27:70:d2:85:4c:e3:
         0a:f1:d6:1b:75:61:4b:ea:5c:52:a1:05:2f:03:18:8a:fa:21:
         94:99:42:a6:c9:ff:86:92:8e:b9:9d:68:0c:f2:d2:c1:af:a1:
         7c:d8:a6:46:5e:07:b0:1c:c7:1b:33:40:67:e9:8d:86:30:f7:
         f7:03:66:04:bf:8b:46:86:0b:70:97:a8:7b:dd:37:7f:41:67:
         3b:e3:e0:86:1c:af:48:83:73:ad:27:1c:d6:74:87:55:15:d8:
         77:a2:09:f6:3b:c9:a1:0e:16:f2:01:78:bf:66:4a:8d:60:4c:
         b8:0c:7c:9a:e6:ad:5b:96:99:5f:da:35:5b:93:bf:fc:9f:8f:
         99:f0:c5:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2eSl63JUZn1qLtxizXsjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNWRjMjA1MWU3ZjNkOGQ2MTdmNTUxODllMGVlNmYzMTc0
ZDkyZGEwHhcNMjYwMzAyMDAwMTQ5WhcNMjYwMzAzMDAwMTQ5WjAzMTEwLwYDVQQD
EyhlYjY4ZmJkYWY2NGJlODcxZTVjNmIyZTk5NGZjNmUxMGY2N2UwMGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhdgzt27xrHlQGNQWZ5eeRksk0CB
irPFJGQkuTmJ+itU2AhyUCTZux4nMeayWZoRgoQi/4gnUyKGpTrajDkhcS14L1Wk
fWpA8hmbRgHUclon44d1StEjKCTRBPLWAPbUJmOQMlgfpy2OEq3VIW9+fvrs9aC6
+YLU3qaqowf00yt5MVJDZVlRNcx0dMYMcSTjSHzhKGsFpo2jHrCE/6c2qWjukSo8
yJcvXgR4nne8w56Y/nMAo8iDkXoaWzrn/AW4v76OidI8EwsAYcgeakznrZNz6yn0
nx7jCw2GW5cOdPUSVysPYJ5apbPneABtSUg/Bp/KqGghaRMwccRRnYPfmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOto+9r2S+hx5cay6ZT8bhD2fgDqMB8GA1UdIwQY
MBaAFHJdwgUefz2NYX9VGJ4O5vMXTZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0Yzkt
ZmYwZjUyNjMzNTI3LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0YzktZmYwZjUyNjMzNTI3
LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFc1W60rn
ANJUPr8lirEbfFXOEyHyn2jBG7SyRpzaqKBlGWGUuxeO9JgO2KQzeYsebfygru9b
qF/PNugbcG/hWfKWAM6bk5q6FVyJgWbje3gqwjwPwiNjxgoVCX+K7NDrIBO9yK39
RCiFaAmqZtNT1MKymWs4JI+MJ3DShUzjCvHWG3VhS+pcUqEFLwMYivohlJlCpsn/
hpKOuZ1oDPLSwa+hfNimRl4HsBzHGzNAZ+mNhjD39wNmBL+LRoYLcJeoe903f0Fn
O+PghhyvSINzrScc1nSHVRXYd6IJ9jvJoQ4W8gF4v2ZKjWBMuAx8muatW5aZX9o1
W5O//J+PmfDFHg==
-----END CERTIFICATE-----