Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
File:                     C_TOA4nPk-LVfggvG-xh2oJy__E.mft (raw, json)
Hash identifier:          nyiglqdESs/jDOUP7f5JtUZMG1Zt2fFEMnFJ1cvBUO8=
Subject key identifier:   5B:CE:71:F2:94:55:DF:CB:29:C5:BD:EC:55:F3:98:EE:E3:53:C6:11
Authority key identifier: 0B:F4:CE:03:89:CF:93:E2:D5:7E:08:2F:1B:EC:61:DA:82:72:FF:F1
Certificate issuer:       /CN=0bf4ce0389cf93e2d57e082f1bec61da8272fff1
Certificate serial:       0197B77C08700D7841A6E6EE645ADDA46281
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
Manifest number:          0E83
Signing time:             Sat 28 Jun 2025 17:00:48 +0000
Manifest this update:     Sat 28 Jun 2025 17:00:48 +0000
Manifest next update:     Sun 29 Jun 2025 17:00:48 +0000
Files and hashes:         1: C_TOA4nPk-LVfggvG-xh2oJy__E.crl (hash: Ht/ZLDo4qikAn4JvwLgsUDrNFvUzaNi8VyArGUcmbsU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:08:70:0d:78:41:a6:e6:ee:64:5a:dd:a4:62:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bf4ce0389cf93e2d57e082f1bec61da8272fff1
        Validity
            Not Before: Jun 28 17:00:48 2025 GMT
            Not After : Jun 29 17:00:48 2025 GMT
        Subject: CN=5bce71f29455dfcb29c5bdec55f398eee353c611
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:31:2d:d1:29:02:0f:e3:95:9c:35:ba:b9:2f:
                    da:dd:50:4e:4c:ef:cf:40:27:04:84:0b:93:2a:f1:
                    73:97:49:b7:11:e6:c0:f0:ad:23:11:d8:66:51:ba:
                    36:28:f0:e3:8d:7a:c5:d0:7a:3c:26:62:d9:59:d2:
                    25:c4:9d:36:88:b4:3c:69:d8:c5:19:5a:0d:12:6f:
                    85:64:ab:c1:98:15:57:72:b7:6e:2b:d4:5c:d1:11:
                    19:5a:fb:78:27:a6:30:b4:08:a7:a0:6d:83:b9:0d:
                    b0:a9:8e:d3:c6:76:ad:56:58:7f:87:2c:5e:f2:96:
                    db:18:1b:49:82:1a:84:b4:0b:75:a3:c9:90:d2:2c:
                    67:68:df:6b:d1:29:4e:4a:81:7e:02:cf:9c:43:a1:
                    f5:83:43:c0:47:3a:02:9a:50:bd:ce:80:d6:42:8d:
                    f3:d2:59:b9:20:81:8f:2c:31:a6:e5:b4:6a:d4:3d:
                    bb:b7:1a:c8:25:97:2e:7a:0f:b8:81:de:40:95:a7:
                    e1:f3:8d:fd:33:90:37:50:c3:6f:df:a1:1d:75:37:
                    71:02:ab:69:b9:a7:41:c1:3e:7e:51:15:15:60:29:
                    ca:1e:95:68:4c:55:9b:99:40:c6:e7:a8:2f:b1:af:
                    b1:45:df:59:85:88:69:50:5d:c3:3d:06:6f:65:37:
                    27:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:CE:71:F2:94:55:DF:CB:29:C5:BD:EC:55:F3:98:EE:E3:53:C6:11
            X509v3 Authority Key Identifier:
                keyid:0B:F4:CE:03:89:CF:93:E2:D5:7E:08:2F:1B:EC:61:DA:82:72:FF:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:58:8e:22:6d:ac:56:7b:69:cb:8f:5e:e6:da:7c:8d:5d:d8:
         3f:5b:26:d8:db:e7:79:c6:b4:59:e1:e0:6a:7e:94:50:f6:bc:
         26:21:7c:11:70:fe:d2:be:35:12:4b:00:e5:05:49:27:db:2a:
         a8:70:82:ad:57:6e:da:35:7e:2e:e4:6b:b3:81:b9:8d:e3:9a:
         42:3b:32:d9:d2:22:2d:09:6c:71:6f:39:42:d0:58:b9:8d:da:
         6b:52:28:3d:39:a0:ce:3f:cc:24:1e:46:4c:0f:38:37:ab:73:
         16:f0:7c:bf:bd:dd:0d:26:ba:9f:9c:de:f7:ff:42:6d:33:8f:
         01:b6:05:9a:df:28:79:d8:e6:5e:32:04:2f:e6:1c:ad:55:0c:
         a1:e1:86:12:ad:be:93:51:d6:17:fa:a2:10:e2:a0:13:c4:99:
         4d:82:f0:24:67:41:36:fb:6e:a4:5f:9f:b5:67:62:c6:91:28:
         8e:78:ad:03:77:41:e6:ab:ef:87:e9:49:f4:bc:0e:75:16:a0:
         1e:6c:8e:e4:2b:5e:32:e4:c7:fb:04:bf:46:7c:52:1d:ea:e2:
         d8:06:40:ab:84:1f:31:3d:fa:9b:b2:2f:32:20:70:c8:aa:4e:
         74:6e:f7:18:54:03:93:7d:44:ca:4d:54:1b:9e:bb:a1:80:43:
         7a:e2:24:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fAhwDXhBpubuZFrdpGKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjRjZTAzODljZjkzZTJkNTdlMDgyZjFiZWM2MWRhODI3
MmZmZjEwHhcNMjUwNjI4MTcwMDQ4WhcNMjUwNjI5MTcwMDQ4WjAzMTEwLwYDVQQD
Eyg1YmNlNzFmMjk0NTVkZmNiMjljNWJkZWM1NWYzOThlZWUzNTNjNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozEt0SkCD+OVnDW6uS/a3VBOTO/P
QCcEhAuTKvFzl0m3EebA8K0jEdhmUbo2KPDjjXrF0Ho8JmLZWdIlxJ02iLQ8adjF
GVoNEm+FZKvBmBVXcrduK9Rc0REZWvt4J6YwtAinoG2DuQ2wqY7TxnatVlh/hyxe
8pbbGBtJghqEtAt1o8mQ0ixnaN9r0SlOSoF+As+cQ6H1g0PARzoCmlC9zoDWQo3z
0lm5IIGPLDGm5bRq1D27txrIJZcueg+4gd5Alafh8439M5A3UMNv36EddTdxAqtp
uadBwT5+URUVYCnKHpVoTFWbmUDG56gvsa+xRd9ZhYhpUF3DPQZvZTcnhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvOcfKUVd/LKcW97FXzmO7jU8YRMB8GA1UdIwQY
MBaAFAv0zgOJz5Pi1X4ILxvsYdqCcv/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYWM3ODMtOWZhYi00NjIzLTg5NGMt
NTYyOGZhZWZlMTFkLzEvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYWM3ODMtOWZhYi00NjIzLTg5NGMtNTYyOGZhZWZlMTFk
LzEvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcliOIm2s
Vntpy49e5tp8jV3YP1sm2Nvneca0WeHgan6UUPa8JiF8EXD+0r41EksA5QVJJ9sq
qHCCrVdu2jV+LuRrs4G5jeOaQjsy2dIiLQlscW85QtBYuY3aa1IoPTmgzj/MJB5G
TA84N6tzFvB8v73dDSa6n5ze9/9CbTOPAbYFmt8oedjmXjIEL+YcrVUMoeGGEq2+
k1HWF/qiEOKgE8SZTYLwJGdBNvtupF+ftWdixpEojnitA3dB5qvvh+lJ9LwOdRag
HmyO5CteMuTH+wS/RnxSHeri2AZAq4QfMT36m7IvMiBwyKpOdG73GFQDk31Eyk1U
G567oYBDeuIk3g==
-----END CERTIFICATE-----