Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b34d06-5247-48f8-9b56-60f6d4a5a74f/1/TORqOpla2FRclax7aSMcpiT8iJM.mft
File:                     TORqOpla2FRclax7aSMcpiT8iJM.mft (raw, json)
Hash identifier:          hjI58oSeQLz57pUYqVhS4Y6XUI4tsjoH25wfOcA5w8Y=
Subject key identifier:   32:E8:D4:71:E8:34:F6:0D:89:1B:45:60:FD:5D:42:52:30:3A:DE:6B
Authority key identifier: 4C:E4:6A:3A:99:5A:D8:54:5C:95:AC:7B:69:23:1C:A6:24:FC:88:93
Certificate issuer:       /CN=4ce46a3a995ad8545c95ac7b69231ca624fc8893
Certificate serial:       0197B6A21B1864CA5FB72F497061027A02E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TORqOpla2FRclax7aSMcpiT8iJM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b34d06-5247-48f8-9b56-60f6d4a5a74f/1/TORqOpla2FRclax7aSMcpiT8iJM.mft
Manifest number:          109A
Signing time:             Sat 28 Jun 2025 13:02:46 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:46 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:46 +0000
Files and hashes:         1: TORqOpla2FRclax7aSMcpiT8iJM.crl (hash: hxa9C12jw5047C0ahsMZeVSpsB0O6O9+u4uqJwOG/Mg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/b34d06-5247-48f8-9b56-60f6d4a5a74f/1/TORqOpla2FRclax7aSMcpiT8iJM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/b34d06-5247-48f8-9b56-60f6d4a5a74f/1/TORqOpla2FRclax7aSMcpiT8iJM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TORqOpla2FRclax7aSMcpiT8iJM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:1b:18:64:ca:5f:b7:2f:49:70:61:02:7a:02:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce46a3a995ad8545c95ac7b69231ca624fc8893
        Validity
            Not Before: Jun 28 13:02:46 2025 GMT
            Not After : Jun 29 13:02:46 2025 GMT
        Subject: CN=32e8d471e834f60d891b4560fd5d4252303ade6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:32:ad:e7:36:08:1e:e7:f2:75:f9:f7:d4:64:
                    30:63:8f:60:9d:e6:30:62:d4:d7:7c:6d:56:34:d9:
                    43:22:87:ee:3c:c0:69:58:22:bf:8f:f6:8e:20:d6:
                    67:63:8c:6d:ee:fa:62:48:12:3c:79:fc:dd:e7:d4:
                    08:1e:a4:07:25:04:dc:19:bd:f2:4e:7e:20:fb:e7:
                    fe:e2:f7:e9:51:85:ff:31:ce:ba:10:ea:57:73:af:
                    4d:0e:f8:6c:bd:99:05:b0:9b:f3:5f:0d:74:c5:cf:
                    4b:0d:c0:f3:69:66:16:71:2a:a0:f0:0f:83:0d:e5:
                    69:f7:29:1e:18:63:03:ec:17:f0:59:be:e5:a3:9d:
                    bc:68:95:b4:d5:6c:76:cb:58:3d:ff:2f:a1:9b:84:
                    36:56:ff:c1:7e:58:97:87:7a:4a:5f:78:ad:33:fe:
                    67:3f:30:3f:9b:ad:e9:81:83:5c:02:59:6e:93:0d:
                    a5:44:ab:ca:ce:25:49:26:8f:ac:09:ab:86:4b:d0:
                    8d:df:f4:5b:dd:f3:96:a4:b0:af:69:07:2b:62:4d:
                    c0:dc:18:88:12:7e:d9:5a:26:35:e4:6a:31:9d:3e:
                    b4:cf:57:1f:f2:eb:f9:14:11:11:16:bf:2c:9b:b5:
                    ce:f4:97:45:47:6d:ff:b4:a8:ed:44:57:b1:b4:c8:
                    db:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:E8:D4:71:E8:34:F6:0D:89:1B:45:60:FD:5D:42:52:30:3A:DE:6B
            X509v3 Authority Key Identifier:
                keyid:4C:E4:6A:3A:99:5A:D8:54:5C:95:AC:7B:69:23:1C:A6:24:FC:88:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TORqOpla2FRclax7aSMcpiT8iJM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b34d06-5247-48f8-9b56-60f6d4a5a74f/1/TORqOpla2FRclax7aSMcpiT8iJM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b34d06-5247-48f8-9b56-60f6d4a5a74f/1/TORqOpla2FRclax7aSMcpiT8iJM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:17:73:d4:93:ae:b7:2d:4d:30:4b:a9:ed:b7:e1:51:34:7b:
         d9:a7:7a:4c:63:74:dd:25:9b:7b:87:00:9f:f9:74:84:e2:78:
         f8:f6:4f:d0:77:0b:2e:e8:ce:2f:5a:fa:75:79:b8:c9:b3:4f:
         45:e3:2b:fd:3f:15:16:7f:a4:dd:10:5a:f3:c6:2c:16:44:ef:
         0f:07:dc:02:80:c4:ef:4a:e7:b8:27:ae:70:ec:93:cd:8d:a7:
         70:e4:09:e5:0b:8e:20:c1:a3:4e:70:79:fa:b9:6a:e8:54:f8:
         f1:69:75:a2:44:45:8f:8e:2b:f2:08:20:cb:51:b0:85:86:f2:
         23:99:6d:55:47:00:5c:ed:30:63:59:36:42:d3:5c:b7:30:46:
         75:58:18:70:c1:1b:d8:3d:d8:48:69:d6:2e:de:80:71:d9:08:
         80:e6:f7:f6:bd:11:88:32:93:c6:47:57:92:b9:5c:19:57:34:
         b5:e7:88:4a:e0:c0:34:bf:14:ea:3b:d0:11:b6:c8:c3:f0:bb:
         39:67:14:f8:12:00:2d:e0:dd:da:2e:eb:09:dd:d1:b2:c2:86:
         6a:6e:e8:36:a2:18:03:e5:d0:64:0c:24:37:4a:b6:43:f3:24:
         6e:6d:b5:d3:94:bf:11:7b:77:e9:f5:a4:8b:06:5f:65:22:af:
         37:49:b5:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ohsYZMpfty9JcGECegLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTQ2YTNhOTk1YWQ4NTQ1Yzk1YWM3YjY5MjMxY2E2MjRm
Yzg4OTMwHhcNMjUwNjI4MTMwMjQ2WhcNMjUwNjI5MTMwMjQ2WjAzMTEwLwYDVQQD
EygzMmU4ZDQ3MWU4MzRmNjBkODkxYjQ1NjBmZDVkNDI1MjMwM2FkZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjKt5zYIHufydfn31GQwY49gneYw
YtTXfG1WNNlDIofuPMBpWCK/j/aOINZnY4xt7vpiSBI8efzd59QIHqQHJQTcGb3y
Tn4g++f+4vfpUYX/Mc66EOpXc69NDvhsvZkFsJvzXw10xc9LDcDzaWYWcSqg8A+D
DeVp9ykeGGMD7BfwWb7lo528aJW01Wx2y1g9/y+hm4Q2Vv/BfliXh3pKX3itM/5n
PzA/m63pgYNcAllukw2lRKvKziVJJo+sCauGS9CN3/Rb3fOWpLCvaQcrYk3A3BiI
En7ZWiY15GoxnT60z1cf8uv5FBERFr8sm7XO9JdFR23/tKjtRFextMjbdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLo1HHoNPYNiRtFYP1dQlIwOt5rMB8GA1UdIwQY
MBaAFEzkajqZWthUXJWse2kjHKYk/IiTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9ScU9wbGEyRlJjbGF4N2FTTWNwaVQ4aUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iMzRkMDYtNTI0Ny00OGY4LTliNTYt
NjBmNmQ0YTVhNzRmLzEvVE9ScU9wbGEyRlJjbGF4N2FTTWNwaVQ4aUpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iMzRkMDYtNTI0Ny00OGY4LTliNTYtNjBmNmQ0YTVhNzRm
LzEvVE9ScU9wbGEyRlJjbGF4N2FTTWNwaVQ4aUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFBdz1JOu
ty1NMEup7bfhUTR72ad6TGN03SWbe4cAn/l0hOJ4+PZP0HcLLujOL1r6dXm4ybNP
ReMr/T8VFn+k3RBa88YsFkTvDwfcAoDE70rnuCeucOyTzY2ncOQJ5QuOIMGjTnB5
+rlq6FT48Wl1okRFj44r8gggy1GwhYbyI5ltVUcAXO0wY1k2QtNctzBGdVgYcMEb
2D3YSGnWLt6AcdkIgOb39r0RiDKTxkdXkrlcGVc0teeISuDANL8U6jvQEbbIw/C7
OWcU+BIALeDd2i7rCd3RssKGam7oNqIYA+XQZAwkN0q2Q/Mkbm2105S/EXt36fWk
iwZfZSKvN0m1Dg==
-----END CERTIFICATE-----