Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
File:                     C_TOA4nPk-LVfggvG-xh2oJy__E.mft (raw, json)
Hash identifier:          BIP3t7Wi2N/cOqLrHvTHwMqtXcQBn7P98pVyFmV/KWc=
Subject key identifier:   2D:79:CB:D7:F6:B9:5A:9B:46:3A:37:29:A8:E4:CE:B3:AC:19:DE:86
Authority key identifier: 0B:F4:CE:03:89:CF:93:E2:D5:7E:08:2F:1B:EC:61:DA:82:72:FF:F1
Certificate issuer:       /CN=0bf4ce0389cf93e2d57e082f1bec61da8272fff1
Certificate serial:       0199FCC64E9CDC8E0E430DE33C7F4540CFA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
Manifest number:          0FB0
Signing time:             Sun 19 Oct 2025 14:01:18 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:18 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:18 +0000
Files and hashes:         1: C_TOA4nPk-LVfggvG-xh2oJy__E.crl (hash: QhOMRH+sTPc7Oog9sLTEHg1KgTuthclZsr9/Pu3p2zM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:4e:9c:dc:8e:0e:43:0d:e3:3c:7f:45:40:cf:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bf4ce0389cf93e2d57e082f1bec61da8272fff1
        Validity
            Not Before: Oct 19 14:01:18 2025 GMT
            Not After : Oct 20 14:01:18 2025 GMT
        Subject: CN=2d79cbd7f6b95a9b463a3729a8e4ceb3ac19de86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:cd:b9:0a:a8:87:51:e2:10:0e:bb:a4:96:69:
                    a9:8e:86:c0:dc:71:66:b7:0a:db:ca:c4:28:f1:25:
                    bc:42:2b:b1:6b:ed:02:c1:03:19:f4:98:87:c2:7c:
                    71:ac:ae:7a:3a:f4:fa:c4:9f:1d:b9:44:45:bb:39:
                    21:fe:40:48:0d:a7:c3:37:13:95:9f:50:ff:52:30:
                    c8:30:b2:91:23:38:e6:f1:32:d1:51:38:7d:03:c3:
                    2c:e8:53:ad:e6:0f:11:56:df:c7:92:26:4c:e0:4d:
                    95:1e:cb:4d:7f:ed:a5:c0:26:68:80:30:cd:56:39:
                    27:c7:94:71:00:03:b5:4d:8c:57:62:1a:91:17:e1:
                    0b:db:2b:dd:ea:62:29:56:8c:2a:53:c1:c1:69:c0:
                    c2:9d:90:a3:24:23:b0:3c:27:14:32:22:65:ac:b3:
                    44:1e:7d:75:49:ec:eb:9d:5d:86:83:48:13:92:79:
                    39:52:db:ac:07:02:8a:a0:69:7c:39:6c:a4:af:c1:
                    6d:9f:41:e9:de:95:17:90:b9:1e:72:23:fe:87:19:
                    a3:25:1b:d9:7d:85:14:c2:1c:02:4c:72:ed:fb:3a:
                    28:cf:38:83:c0:09:ff:1f:a8:e6:9d:0a:17:eb:fc:
                    09:f1:0e:e4:da:ad:77:f4:1f:05:ec:1e:cf:9c:42:
                    94:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:79:CB:D7:F6:B9:5A:9B:46:3A:37:29:A8:E4:CE:B3:AC:19:DE:86
            X509v3 Authority Key Identifier:
                keyid:0B:F4:CE:03:89:CF:93:E2:D5:7E:08:2F:1B:EC:61:DA:82:72:FF:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:61:80:43:7a:8d:fa:3c:b2:9c:7a:6b:a2:ae:a3:91:b2:d8:
         03:e5:92:c6:05:1f:41:c6:6a:9b:0d:5b:6b:e5:8c:6d:e2:59:
         9d:14:0e:98:74:fa:f9:92:c6:8f:93:63:d0:c9:45:0d:dd:12:
         73:2e:ac:cc:19:57:87:1c:3f:3a:d5:8c:64:6c:b9:23:25:7d:
         75:46:ac:c3:62:2c:2a:8f:65:b6:ef:b4:f4:78:22:49:ef:a0:
         a9:5e:6b:ea:48:ba:eb:ea:9f:97:03:c7:49:65:a8:e3:59:79:
         83:9f:83:9c:e3:f7:e1:dd:34:e4:83:7b:61:07:89:ba:4c:8f:
         5a:68:33:e5:61:20:f5:b3:20:a7:de:38:4e:e0:b9:fa:07:ab:
         7b:33:92:7f:ec:e8:b1:b4:75:b1:fb:74:57:bd:61:7c:73:ea:
         2d:17:aa:0d:89:10:ab:d8:92:be:24:f7:ac:15:80:5d:34:fe:
         22:04:54:ba:ce:a9:30:e7:aa:d1:3d:b9:67:4d:4d:7a:89:07:
         11:04:d5:ee:c4:bc:ff:ef:3c:13:1d:18:50:11:6e:a5:5c:52:
         64:3e:8c:28:87:48:e2:f0:b8:94:6e:06:3c:ad:32:d8:2f:66:
         32:d8:b2:21:00:90:56:eb:46:32:22:ab:4e:ef:8c:28:42:00:
         ba:8b:c0:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xk6c3I4OQw3jPH9FQM+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjRjZTAzODljZjkzZTJkNTdlMDgyZjFiZWM2MWRhODI3
MmZmZjEwHhcNMjUxMDE5MTQwMTE4WhcNMjUxMDIwMTQwMTE4WjAzMTEwLwYDVQQD
EygyZDc5Y2JkN2Y2Yjk1YTliNDYzYTM3MjlhOGU0Y2ViM2FjMTlkZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM25CqiHUeIQDruklmmpjobA3HFm
twrbysQo8SW8Qiuxa+0CwQMZ9JiHwnxxrK56OvT6xJ8duURFuzkh/kBIDafDNxOV
n1D/UjDIMLKRIzjm8TLRUTh9A8Ms6FOt5g8RVt/HkiZM4E2VHstNf+2lwCZogDDN
Vjknx5RxAAO1TYxXYhqRF+EL2yvd6mIpVowqU8HBacDCnZCjJCOwPCcUMiJlrLNE
Hn11SezrnV2Gg0gTknk5UtusBwKKoGl8OWykr8Ftn0Hp3pUXkLkeciP+hxmjJRvZ
fYUUwhwCTHLt+zoozziDwAn/H6jmnQoX6/wJ8Q7k2q139B8F7B7PnEKUQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC15y9f2uVqbRjo3KajkzrOsGd6GMB8GA1UdIwQY
MBaAFAv0zgOJz5Pi1X4ILxvsYdqCcv/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYWM3ODMtOWZhYi00NjIzLTg5NGMt
NTYyOGZhZWZlMTFkLzEvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYWM3ODMtOWZhYi00NjIzLTg5NGMtNTYyOGZhZWZlMTFk
LzEvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf2GAQ3qN
+jyynHproq6jkbLYA+WSxgUfQcZqmw1ba+WMbeJZnRQOmHT6+ZLGj5Nj0MlFDd0S
cy6szBlXhxw/OtWMZGy5IyV9dUasw2IsKo9ltu+09HgiSe+gqV5r6ki66+qflwPH
SWWo41l5g5+DnOP34d005IN7YQeJukyPWmgz5WEg9bMgp944TuC5+gerezOSf+zo
sbR1sft0V71hfHPqLReqDYkQq9iSviT3rBWAXTT+IgRUus6pMOeq0T25Z01NeokH
EQTV7sS8/+88Ex0YUBFupVxSZD6MKIdI4vC4lG4GPK0y2C9mMtiyIQCQVutGMiKr
Tu+MKEIAuovA1w==
-----END CERTIFICATE-----