Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
File:                     cl3CBR5_PY1hf1UYng7m8xdNkto.mft (raw, json)
Hash identifier:          nBqH5OP571I5WQryYmsN5RaiBQl3JRmRaNVxuE3YOYs=
Subject key identifier:   99:7D:BC:0B:42:98:3C:2F:1E:0A:13:EF:06:8D:61:3E:2C:0E:3C:09
Authority key identifier: 72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA
Certificate issuer:       /CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
Certificate serial:       01967A56E0D49E61EB767B3A5239AFB8AB22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
Manifest number:          0236
Signing time:             Mon 28 Apr 2025 03:00:36 +0000
Manifest this update:     Mon 28 Apr 2025 03:00:36 +0000
Manifest next update:     Tue 29 Apr 2025 03:00:36 +0000
Files and hashes:         1: cl3CBR5_PY1hf1UYng7m8xdNkto.crl (hash: nMcFqBjL9cES5AksauUfl3VjIaVP7k35/mPUGLLphXk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7a:56:e0:d4:9e:61:eb:76:7b:3a:52:39:af:b8:ab:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da
        Validity
            Not Before: Apr 28 03:00:36 2025 GMT
            Not After : Apr 29 03:00:36 2025 GMT
        Subject: CN=997dbc0b42983c2f1e0a13ef068d613e2c0e3c09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c6:9a:5a:0c:73:7e:16:d9:93:75:43:17:93:
                    8b:c7:be:33:49:e5:8d:c7:a0:36:e8:87:06:6b:cb:
                    c8:f4:e8:57:31:5e:e5:a1:64:5d:ac:fc:17:bd:c7:
                    c1:30:81:11:1c:0f:ba:3f:05:b1:56:10:dc:49:0c:
                    97:ef:9a:5f:a6:9c:ad:2f:c3:49:7c:f8:9b:0d:c9:
                    2d:f1:6d:5f:a0:c9:e5:d2:e0:eb:75:95:95:b7:ee:
                    3e:5b:95:ad:c5:fa:68:2c:7e:c5:a4:43:71:db:b9:
                    d4:ba:c3:ab:e0:04:10:da:14:ca:d8:69:a2:9d:bf:
                    44:4f:99:36:b5:28:63:7a:44:6b:a5:5a:4b:e0:55:
                    99:28:ad:11:62:d2:6e:34:94:a8:77:2c:f3:04:7e:
                    2d:dd:94:75:8f:13:e9:1a:d9:48:27:1a:30:49:37:
                    d2:c0:f0:9d:cb:c7:1c:63:4a:7a:ab:e7:07:a8:1f:
                    cf:70:4d:28:13:76:74:a2:c3:f7:95:ed:08:9e:3a:
                    f4:8f:12:cd:aa:d2:bb:83:4f:3a:5f:a1:c5:2c:e0:
                    12:79:10:85:ad:ae:3f:3e:c5:ba:ca:79:19:09:1f:
                    a0:25:fc:ba:c6:fd:b6:f0:d7:5c:d1:2a:01:ca:b7:
                    47:dd:61:1c:a9:d6:34:2c:a9:37:d2:12:a2:af:9e:
                    2f:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:7D:BC:0B:42:98:3C:2F:1E:0A:13:EF:06:8D:61:3E:2C:0E:3C:09
            X509v3 Authority Key Identifier:
                keyid:72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:a7:5c:3c:3e:96:b9:98:03:cb:ff:f7:74:ce:26:cb:6f:78:
         0e:f9:a8:32:b4:b3:57:2d:4f:b8:18:4c:a2:2c:09:42:01:cc:
         53:01:f8:5d:d9:bd:e7:57:c8:15:a5:0c:75:32:ee:69:d0:44:
         6d:88:33:d7:7b:51:0d:d5:f1:00:d7:f4:44:d1:3e:86:5d:f4:
         3e:7f:85:b8:88:da:eb:b6:d0:4b:0f:43:88:ef:a1:16:c3:ee:
         63:38:bc:2b:2f:b8:6b:2c:4d:5a:fb:fb:4c:2f:91:1b:67:26:
         31:f8:c6:65:4c:3a:ac:4c:9f:b1:02:2f:4d:73:8d:a9:f1:43:
         36:bd:f4:50:75:ca:2e:d3:d6:17:49:80:50:55:cd:57:ce:72:
         a8:48:0b:50:19:31:ea:4e:f2:25:ed:6a:6f:27:c3:b1:29:89:
         69:86:9f:0c:e4:a6:d8:2a:9a:57:49:6e:7f:9d:cc:ea:8e:aa:
         f1:be:b3:c0:57:1b:36:a1:61:06:c2:fd:13:37:a1:b8:e8:b7:
         8f:4b:dc:25:f0:94:d8:e4:95:37:14:b9:e8:78:98:81:1f:f3:
         8a:88:07:cf:90:a6:dd:db:90:64:8f:93:35:6c:3c:55:a6:d0:
         5c:32:4d:10:34:0b:d2:20:8a:3f:00:ed:37:91:e5:d5:5b:e2:
         52:b5:91:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6VuDUnmHrdns6UjmvuKsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNWRjMjA1MWU3ZjNkOGQ2MTdmNTUxODllMGVlNmYzMTc0
ZDkyZGEwHhcNMjUwNDI4MDMwMDM2WhcNMjUwNDI5MDMwMDM2WjAzMTEwLwYDVQQD
Eyg5OTdkYmMwYjQyOTgzYzJmMWUwYTEzZWYwNjhkNjEzZTJjMGUzYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8aaWgxzfhbZk3VDF5OLx74zSeWN
x6A26IcGa8vI9OhXMV7loWRdrPwXvcfBMIERHA+6PwWxVhDcSQyX75pfppytL8NJ
fPibDckt8W1foMnl0uDrdZWVt+4+W5WtxfpoLH7FpENx27nUusOr4AQQ2hTK2Gmi
nb9ET5k2tShjekRrpVpL4FWZKK0RYtJuNJSodyzzBH4t3ZR1jxPpGtlIJxowSTfS
wPCdy8ccY0p6q+cHqB/PcE0oE3Z0osP3le0Injr0jxLNqtK7g086X6HFLOASeRCF
ra4/PsW6ynkZCR+gJfy6xv228Ndc0SoByrdH3WEcqdY0LKk30hKir54vkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJl9vAtCmDwvHgoT7waNYT4sDjwJMB8GA1UdIwQY
MBaAFHJdwgUefz2NYX9VGJ4O5vMXTZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0Yzkt
ZmYwZjUyNjMzNTI3LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0YzktZmYwZjUyNjMzNTI3
LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATadcPD6W
uZgDy//3dM4my294DvmoMrSzVy1PuBhMoiwJQgHMUwH4Xdm951fIFaUMdTLuadBE
bYgz13tRDdXxANf0RNE+hl30Pn+FuIja67bQSw9DiO+hFsPuYzi8Ky+4ayxNWvv7
TC+RG2cmMfjGZUw6rEyfsQIvTXONqfFDNr30UHXKLtPWF0mAUFXNV85yqEgLUBkx
6k7yJe1qbyfDsSmJaYafDOSm2CqaV0luf53M6o6q8b6zwFcbNqFhBsL9EzehuOi3
j0vcJfCU2OSVNxS56HiYgR/ziogHz5Cm3duQZI+TNWw8VabQXDJNEDQL0iCKPwDt
N5Hl1VviUrWRIw==
-----END CERTIFICATE-----