Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
File:                     cl3CBR5_PY1hf1UYng7m8xdNkto.mft (raw, json)
Hash identifier:          nY18iDxC+3O7ryit4zOP9PHf+EVDNcFsU8dmyZF208I=
Subject key identifier:   E3:E7:95:B4:18:D3:A9:12:53:BA:4C:AA:91:76:2F:49:07:47:C7:CA
Authority key identifier: 72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA
Certificate issuer:       /CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
Certificate serial:       019A4D73B50BEF352C66165D94C072BA5316
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
Manifest number:          0431
Signing time:             Tue 04 Nov 2025 06:00:19 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:19 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:19 +0000
Files and hashes:         1: cl3CBR5_PY1hf1UYng7m8xdNkto.crl (hash: ZUSTBBrs1ceEMzIYvL9ICH/IQGObHU4cqga2JJM423w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:73:b5:0b:ef:35:2c:66:16:5d:94:c0:72:ba:53:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
        Validity
            Not Before: Nov  4 06:00:19 2025 GMT
            Not After : Nov  5 06:00:19 2025 GMT
        Subject: CN=e3e795b418d3a91253ba4caa91762f490747c7ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:0f:5a:88:9b:4a:8d:3a:b4:8a:f1:58:ca:7f:
                    91:dd:a6:80:89:f9:45:a0:a0:21:fe:ba:5a:55:7e:
                    08:23:4b:1f:e9:1a:62:ed:f7:95:74:30:62:29:88:
                    92:37:f4:fd:42:00:6c:a8:d0:05:ea:e6:33:fb:34:
                    e6:5d:fd:91:b5:73:cd:c9:a3:fc:0a:50:b7:21:74:
                    07:42:61:34:b6:a2:c1:9a:96:38:a6:90:d7:9a:a2:
                    e1:b5:e9:63:64:64:fc:f0:8d:3b:a6:d0:1c:6e:33:
                    e5:e4:f1:d5:68:18:ba:1c:41:04:ae:65:d2:ab:c4:
                    00:3b:7f:2a:ea:e2:19:39:f1:f2:39:74:2c:09:6d:
                    06:41:d1:0d:c9:ab:1f:da:6d:00:96:ab:24:78:5a:
                    14:34:8f:e9:cc:ac:a2:8f:bb:1a:9f:e2:4d:1f:f2:
                    01:08:97:5a:78:f5:ec:61:fd:b5:c2:3e:54:86:dd:
                    ff:4a:8d:b8:7e:52:6b:1f:10:52:cb:ef:bf:5d:47:
                    81:1d:ec:84:9d:ad:bc:bc:60:eb:14:48:17:14:20:
                    00:78:c7:bd:d9:ac:0d:de:91:6b:7b:a4:5d:53:ff:
                    1f:41:2d:c6:b1:c4:d6:26:b5:e9:51:d5:ba:8d:24:
                    02:bd:7f:24:1b:5b:59:55:ef:db:d4:22:82:8b:4a:
                    a2:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:E7:95:B4:18:D3:A9:12:53:BA:4C:AA:91:76:2F:49:07:47:C7:CA
            X509v3 Authority Key Identifier:
                keyid:72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:7b:d0:63:57:9d:1d:64:ec:e3:6d:9c:ac:d9:a8:87:21:c7:
         8c:8e:f0:f6:c0:7f:0f:5a:d9:f9:0e:4e:58:b8:a2:aa:b6:5c:
         8b:cd:a6:3e:f4:09:31:67:f6:7f:c1:33:fb:d3:d4:9f:d7:7d:
         a3:69:a9:e2:04:45:01:3a:27:0b:fa:17:d9:18:75:26:da:7d:
         e6:71:b7:78:71:fc:cf:a2:de:22:04:81:43:6c:3a:f7:91:e2:
         43:5f:6f:4c:3e:44:ce:2d:09:46:e5:08:73:22:80:39:9a:7a:
         13:97:41:ef:11:61:be:09:80:49:db:56:c2:c9:3a:68:27:4a:
         64:92:62:14:b3:49:75:4d:21:1b:21:30:68:df:73:4d:73:19:
         7f:cc:78:f8:dc:70:37:13:b1:a6:e3:25:cf:64:c7:b5:71:30:
         b6:12:00:a5:5c:67:e5:94:f7:c6:88:42:85:25:e0:2f:1a:d0:
         be:15:cb:72:ed:b6:59:bb:1b:fc:88:bd:9a:f0:09:5c:48:8e:
         84:02:66:f6:10:42:43:36:7d:b9:1d:10:6b:d3:e6:cc:f5:ea:
         8c:41:f3:6f:b9:21:a3:59:72:87:01:68:ef:61:2e:e1:d2:18:
         45:79:10:b8:65:4c:2a:5e:42:6e:fe:80:02:6d:16:1b:e4:6c:
         94:e8:38:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc7UL7zUsZhZdlMByulMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNWRjMjA1MWU3ZjNkOGQ2MTdmNTUxODllMGVlNmYzMTc0
ZDkyZGEwHhcNMjUxMTA0MDYwMDE5WhcNMjUxMTA1MDYwMDE5WjAzMTEwLwYDVQQD
EyhlM2U3OTViNDE4ZDNhOTEyNTNiYTRjYWE5MTc2MmY0OTA3NDdjN2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA9aiJtKjTq0ivFYyn+R3aaAiflF
oKAh/rpaVX4II0sf6Rpi7feVdDBiKYiSN/T9QgBsqNAF6uYz+zTmXf2RtXPNyaP8
ClC3IXQHQmE0tqLBmpY4ppDXmqLhteljZGT88I07ptAcbjPl5PHVaBi6HEEErmXS
q8QAO38q6uIZOfHyOXQsCW0GQdENyasf2m0AlqskeFoUNI/pzKyij7san+JNH/IB
CJdaePXsYf21wj5Uht3/So24flJrHxBSy++/XUeBHeyEna28vGDrFEgXFCAAeMe9
2awN3pFre6RdU/8fQS3GscTWJrXpUdW6jSQCvX8kG1tZVe/b1CKCi0qiYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOPnlbQY06kSU7pMqpF2L0kHR8fKMB8GA1UdIwQY
MBaAFHJdwgUefz2NYX9VGJ4O5vMXTZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0Yzkt
ZmYwZjUyNjMzNTI3LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0YzktZmYwZjUyNjMzNTI3
LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ3vQY1ed
HWTs422crNmohyHHjI7w9sB/D1rZ+Q5OWLiiqrZci82mPvQJMWf2f8Ez+9PUn9d9
o2mp4gRFATonC/oX2Rh1Jtp95nG3eHH8z6LeIgSBQ2w695HiQ19vTD5Ezi0JRuUI
cyKAOZp6E5dB7xFhvgmASdtWwsk6aCdKZJJiFLNJdU0hGyEwaN9zTXMZf8x4+Nxw
NxOxpuMlz2THtXEwthIApVxn5ZT3xohChSXgLxrQvhXLcu22Wbsb/Ii9mvAJXEiO
hAJm9hBCQzZ9uR0Qa9PmzPXqjEHzb7kho1lyhwFo72Eu4dIYRXkQuGVMKl5Cbv6A
Am0WG+RslOg4aA==
-----END CERTIFICATE-----