Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
File:                     C_TOA4nPk-LVfggvG-xh2oJy__E.mft (raw, json)
Hash identifier:          8gLnN3Dl3UoLh3ysvYpX+bPR9xbZBVyaGqZE1zT0Dmw=
Subject key identifier:   A6:04:EE:93:4D:FA:01:3E:6D:E3:E8:A9:D4:BA:D3:67:0F:5B:51:8B
Authority key identifier: 0B:F4:CE:03:89:CF:93:E2:D5:7E:08:2F:1B:EC:61:DA:82:72:FF:F1
Certificate issuer:       /CN=0bf4ce0389cf93e2d57e082f1bec61da8272fff1
Certificate serial:       0198D54DEBBBB813117606C9F345B8F8B58D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
Manifest number:          0F17
Signing time:             Sat 23 Aug 2025 05:01:50 +0000
Manifest this update:     Sat 23 Aug 2025 05:01:50 +0000
Manifest next update:     Sun 24 Aug 2025 05:01:50 +0000
Files and hashes:         1: C_TOA4nPk-LVfggvG-xh2oJy__E.crl (hash: wApQs/jfdaTgI1Uu6IvOdgWQVBvzY4LK8ROWC4qdNzE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4d:eb:bb:b8:13:11:76:06:c9:f3:45:b8:f8:b5:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bf4ce0389cf93e2d57e082f1bec61da8272fff1
        Validity
            Not Before: Aug 23 05:01:50 2025 GMT
            Not After : Aug 24 05:01:50 2025 GMT
        Subject: CN=a604ee934dfa013e6de3e8a9d4bad3670f5b518b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:14:4f:f3:73:7a:62:63:b9:5b:97:5a:02:7a:
                    06:04:2a:c2:69:2f:64:12:84:b5:21:59:90:bd:67:
                    3c:77:95:07:63:31:c3:47:1c:fa:49:15:4e:fa:6b:
                    dd:01:19:14:e2:41:72:15:f8:cc:4a:f4:f2:f7:ec:
                    d6:d5:81:93:5f:57:be:71:75:9d:14:d7:8b:56:57:
                    a3:d1:6b:a3:eb:b0:3f:56:68:2b:08:a0:d5:a0:30:
                    81:0e:2a:a2:42:50:19:a7:e3:21:d6:a4:c0:7e:da:
                    d6:01:6a:51:9a:3c:91:f8:ad:c1:2b:a4:5c:6a:41:
                    77:b5:a9:30:ca:17:98:93:36:da:0f:41:cd:50:c0:
                    bc:86:78:e3:f3:ad:86:48:16:b0:6c:af:38:dc:0b:
                    df:8e:7a:fd:96:f1:fc:74:a0:a4:ae:4b:5e:db:4b:
                    7e:5a:9a:f2:8d:ee:86:d6:35:a3:93:50:18:2f:7e:
                    96:0d:74:d5:db:4f:a8:7f:ad:af:2a:7a:ba:a6:8f:
                    a3:0d:5e:2f:d5:1b:05:0d:24:aa:db:69:7e:61:4c:
                    fb:8b:b3:98:12:89:89:00:46:fd:5c:0b:af:d2:28:
                    20:d7:69:64:7e:1d:7f:e0:ea:fe:4c:29:51:3e:a9:
                    a9:36:08:89:be:b6:be:73:6f:20:3f:e1:4d:88:98:
                    d6:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:04:EE:93:4D:FA:01:3E:6D:E3:E8:A9:D4:BA:D3:67:0F:5B:51:8B
            X509v3 Authority Key Identifier:
                keyid:0B:F4:CE:03:89:CF:93:E2:D5:7E:08:2F:1B:EC:61:DA:82:72:FF:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:7e:b8:97:a4:00:04:69:d5:5c:e9:d5:6d:cd:5f:9d:e5:e2:
         c4:3e:6e:d8:b2:3b:29:22:2f:b2:79:48:52:3e:24:79:f5:12:
         16:c0:f1:8b:16:f0:15:e3:bc:c6:cd:f2:ff:0a:5f:ba:0c:65:
         a0:84:33:8e:be:db:02:f1:99:bc:70:3c:80:80:51:cb:74:fa:
         94:be:cb:b7:9e:2a:9c:eb:c2:95:62:d6:bf:36:49:a0:21:76:
         0e:6a:15:de:08:46:d2:12:3a:4a:80:cb:4b:c6:46:fd:53:69:
         ff:7a:b0:63:11:de:61:f8:2f:c6:4c:11:b2:9b:3f:db:b9:34:
         08:48:5d:77:d0:1b:21:01:51:85:9b:cb:7b:00:a2:df:35:b8:
         35:0e:bd:84:32:cb:8c:39:fb:b0:93:5b:75:26:23:09:9d:31:
         55:c3:9d:ab:14:f7:53:70:b9:7a:86:58:66:1f:5d:85:ee:2b:
         c2:34:30:2f:cd:60:9f:62:da:e3:2e:b5:d3:8b:39:15:72:e4:
         0a:09:c1:e2:9e:7f:53:f5:73:c8:d4:cd:3a:7c:cb:71:36:2e:
         ff:ca:34:24:77:f2:29:d5:12:f3:0b:42:25:9f:35:66:af:1d:
         82:da:d4:fa:e0:ab:74:a5:30:67:f0:a9:f1:54:15:b8:5e:55:
         eb:98:ad:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTeu7uBMRdgbJ80W4+LWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjRjZTAzODljZjkzZTJkNTdlMDgyZjFiZWM2MWRhODI3
MmZmZjEwHhcNMjUwODIzMDUwMTUwWhcNMjUwODI0MDUwMTUwWjAzMTEwLwYDVQQD
EyhhNjA0ZWU5MzRkZmEwMTNlNmRlM2U4YTlkNGJhZDM2NzBmNWI1MThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhRP83N6YmO5W5daAnoGBCrCaS9k
EoS1IVmQvWc8d5UHYzHDRxz6SRVO+mvdARkU4kFyFfjMSvTy9+zW1YGTX1e+cXWd
FNeLVlej0Wuj67A/VmgrCKDVoDCBDiqiQlAZp+Mh1qTAftrWAWpRmjyR+K3BK6Rc
akF3takwyheYkzbaD0HNUMC8hnjj862GSBawbK843Avfjnr9lvH8dKCkrkte20t+
Wpryje6G1jWjk1AYL36WDXTV20+of62vKnq6po+jDV4v1RsFDSSq22l+YUz7i7OY
EomJAEb9XAuv0igg12lkfh1/4Or+TClRPqmpNgiJvra+c28gP+FNiJjW8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYE7pNN+gE+bePoqdS602cPW1GLMB8GA1UdIwQY
MBaAFAv0zgOJz5Pi1X4ILxvsYdqCcv/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYWM3ODMtOWZhYi00NjIzLTg5NGMt
NTYyOGZhZWZlMTFkLzEvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYWM3ODMtOWZhYi00NjIzLTg5NGMtNTYyOGZhZWZlMTFk
LzEvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ364l6QA
BGnVXOnVbc1fneXixD5u2LI7KSIvsnlIUj4kefUSFsDxixbwFeO8xs3y/wpfugxl
oIQzjr7bAvGZvHA8gIBRy3T6lL7Lt54qnOvClWLWvzZJoCF2DmoV3ghG0hI6SoDL
S8ZG/VNp/3qwYxHeYfgvxkwRsps/27k0CEhdd9AbIQFRhZvLewCi3zW4NQ69hDLL
jDn7sJNbdSYjCZ0xVcOdqxT3U3C5eoZYZh9dhe4rwjQwL81gn2La4y6104s5FXLk
CgnB4p5/U/VzyNTNOnzLcTYu/8o0JHfyKdUS8wtCJZ81Zq8dgtrU+uCrdKUwZ/Cp
8VQVuF5V65it1w==
-----END CERTIFICATE-----