Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
File:                     cl3CBR5_PY1hf1UYng7m8xdNkto.mft (raw, json)
Hash identifier:          LbJ1gAo+OlskBKpKWBHyS0Zg0pBrW/ui2nH4Cr6QMkk=
Subject key identifier:   72:AD:75:76:E3:0D:B3:01:E7:EC:F0:6B:2E:78:FA:4E:E2:2E:7C:37
Authority key identifier: 72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA
Certificate issuer:       /CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
Certificate serial:       0198745077EBF9EB684037E34691FB268085
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
Manifest number:          033C
Signing time:             Mon 04 Aug 2025 09:01:27 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:27 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:27 +0000
Files and hashes:         1: cl3CBR5_PY1hf1UYng7m8xdNkto.crl (hash: M3ZCtm/3LrvKsfh/PE7IZcTkLPG1VsOZJI+VIOcVvjs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:77:eb:f9:eb:68:40:37:e3:46:91:fb:26:80:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
        Validity
            Not Before: Aug  4 09:01:27 2025 GMT
            Not After : Aug  5 09:01:27 2025 GMT
        Subject: CN=72ad7576e30db301e7ecf06b2e78fa4ee22e7c37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:cf:2d:3c:92:7a:55:8b:72:47:61:99:06:c0:
                    83:32:be:97:92:49:3b:98:d1:2a:b3:4b:d5:a0:dc:
                    fa:15:86:4a:40:81:50:55:03:5f:27:23:42:88:65:
                    a7:e1:84:9b:48:dd:c5:66:1d:df:4b:8c:af:2a:80:
                    c2:ec:b3:bf:e9:03:e1:fd:9e:13:d4:80:8c:0f:06:
                    1e:d9:fc:03:d6:e5:2a:83:f2:ee:da:0e:34:ca:45:
                    e6:85:9b:79:3f:d1:cb:da:23:50:6b:5d:c9:af:30:
                    fa:dc:b4:f7:34:52:f3:8e:94:57:a9:71:d2:40:93:
                    a9:d9:b7:8b:07:90:a0:8b:58:ba:34:80:cc:5c:b9:
                    3f:93:0b:b6:ec:43:3d:c3:38:e2:30:fe:6b:9f:65:
                    4b:21:1b:61:9c:3b:a3:8d:f1:5d:23:21:e1:ec:b8:
                    7a:2f:19:e7:5e:8f:16:36:f2:85:71:6f:3a:e3:12:
                    48:9e:26:56:f8:3a:58:3b:3a:e1:b2:9c:f6:e2:93:
                    3a:4b:b9:ac:10:a0:7a:08:1c:af:f1:f0:b8:61:a4:
                    3e:27:aa:a9:68:28:90:c3:f1:bd:81:30:85:0d:f7:
                    84:81:30:b3:f0:7b:c5:e1:94:fb:03:94:e5:01:8f:
                    49:68:39:51:77:e1:f1:c1:87:de:d2:89:6d:6f:47:
                    a7:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:AD:75:76:E3:0D:B3:01:E7:EC:F0:6B:2E:78:FA:4E:E2:2E:7C:37
            X509v3 Authority Key Identifier:
                keyid:72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:a0:3f:28:dc:eb:75:e4:9f:6f:92:7a:9c:f0:cb:4f:d2:ed:
         47:bc:80:dc:99:77:91:08:06:d7:29:6a:28:82:c2:ac:8b:05:
         a2:fc:11:21:f5:fa:6e:cd:01:96:3a:31:65:70:d2:f6:6d:f7:
         f9:e6:21:c1:86:06:46:4a:5f:9d:d0:62:25:de:ae:38:24:1b:
         4c:19:ef:1b:75:a1:49:f9:41:0a:97:26:c7:49:92:e5:87:ff:
         92:f1:82:95:30:38:9d:1b:69:1b:78:7a:9e:9f:72:43:0c:3d:
         56:62:0a:d3:3b:36:1f:ea:a2:34:2a:ad:ec:89:5a:96:c0:53:
         81:e6:ca:8d:05:e0:2a:2f:23:42:b4:37:ff:8b:8a:3b:93:f3:
         a3:8c:c1:f7:ba:ea:e1:f1:38:20:c4:28:f9:d6:d2:d2:c3:8c:
         10:09:44:60:e2:c8:b6:5f:bc:40:50:b9:a0:c8:49:b8:46:17:
         77:a6:84:be:68:1b:48:4d:ea:68:1b:90:5e:8b:22:77:de:67:
         c0:2d:4a:57:c8:82:e0:f3:4d:a2:fe:dc:12:1a:46:40:5c:eb:
         a1:97:6e:c3:fe:64:46:4f:10:b3:e4:b4:1f:4e:88:ec:a3:ee:
         d6:f8:75:de:89:cf:dd:d2:a8:de:9a:13:1f:d8:b1:b6:fa:b8:
         7e:9b:a8:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UHfr+etoQDfjRpH7JoCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNWRjMjA1MWU3ZjNkOGQ2MTdmNTUxODllMGVlNmYzMTc0
ZDkyZGEwHhcNMjUwODA0MDkwMTI3WhcNMjUwODA1MDkwMTI3WjAzMTEwLwYDVQQD
Eyg3MmFkNzU3NmUzMGRiMzAxZTdlY2YwNmIyZTc4ZmE0ZWUyMmU3YzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAus8tPJJ6VYtyR2GZBsCDMr6Xkkk7
mNEqs0vVoNz6FYZKQIFQVQNfJyNCiGWn4YSbSN3FZh3fS4yvKoDC7LO/6QPh/Z4T
1ICMDwYe2fwD1uUqg/Lu2g40ykXmhZt5P9HL2iNQa13JrzD63LT3NFLzjpRXqXHS
QJOp2beLB5Cgi1i6NIDMXLk/kwu27EM9wzjiMP5rn2VLIRthnDujjfFdIyHh7Lh6
LxnnXo8WNvKFcW864xJIniZW+DpYOzrhspz24pM6S7msEKB6CByv8fC4YaQ+J6qp
aCiQw/G9gTCFDfeEgTCz8HvF4ZT7A5TlAY9JaDlRd+HxwYfe0oltb0enzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKtdXbjDbMB5+zway54+k7iLnw3MB8GA1UdIwQY
MBaAFHJdwgUefz2NYX9VGJ4O5vMXTZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0Yzkt
ZmYwZjUyNjMzNTI3LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0YzktZmYwZjUyNjMzNTI3
LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUaA/KNzr
deSfb5J6nPDLT9LtR7yA3Jl3kQgG1ylqKILCrIsFovwRIfX6bs0BljoxZXDS9m33
+eYhwYYGRkpfndBiJd6uOCQbTBnvG3WhSflBCpcmx0mS5Yf/kvGClTA4nRtpG3h6
np9yQww9VmIK0zs2H+qiNCqt7IlalsBTgebKjQXgKi8jQrQ3/4uKO5Pzo4zB97rq
4fE4IMQo+dbS0sOMEAlEYOLItl+8QFC5oMhJuEYXd6aEvmgbSE3qaBuQXosid95n
wC1KV8iC4PNNov7cEhpGQFzroZduw/5kRk8Qs+S0H06I7KPu1vh13onP3dKo3poT
H9ixtvq4fpuoEg==
-----END CERTIFICATE-----