Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
File:                     TON2ekBU9IaN4L2fsjpcx2kP_tU.mft (raw, json)
Hash identifier:          vkLY/0DPQJIhKEOCXXrELLkzFYKVAVD32GVLHhWm13c=
Subject key identifier:   D2:E0:7C:01:35:99:22:14:5B:14:04:39:84:AF:B8:66:D2:F6:DB:3B
Authority key identifier: 4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5
Certificate issuer:       /CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
Certificate serial:       0198D5BBFCEB7CF465103DC708470548F4CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
Manifest number:          0DE8
Signing time:             Sat 23 Aug 2025 07:02:03 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:03 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:03 +0000
Files and hashes:         1: TON2ekBU9IaN4L2fsjpcx2kP_tU.crl (hash: tNsDIp4UKLUCaqw2+FcsWPQ8Fth+Fu3dECb4cQpK9Jk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:fc:eb:7c:f4:65:10:3d:c7:08:47:05:48:f4:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
        Validity
            Not Before: Aug 23 07:02:03 2025 GMT
            Not After : Aug 24 07:02:03 2025 GMT
        Subject: CN=d2e07c01359922145b14043984afb866d2f6db3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:cb:c4:54:8f:20:33:2f:bf:6a:80:20:56:c8:
                    f4:9c:1f:2e:fb:63:fd:db:b8:55:88:23:18:35:4c:
                    44:8d:7a:7c:03:e1:98:26:e6:2e:5c:01:16:90:88:
                    9e:4d:4b:1c:fe:93:d1:82:d7:25:84:ca:c1:c3:79:
                    14:69:02:6e:f8:82:7d:30:b6:47:57:bb:fa:1f:90:
                    15:3a:98:2e:28:d2:a8:4a:03:8e:8c:2e:58:0c:e3:
                    94:60:e9:d4:ee:74:6f:26:a1:d4:f1:f1:89:87:25:
                    59:36:bf:11:be:3f:c0:b7:cb:22:16:54:7f:10:aa:
                    39:d6:1b:e5:fc:fc:e3:e0:37:4c:bc:04:96:3d:4f:
                    78:fc:eb:ec:9c:73:23:5f:08:23:7d:87:ab:9e:6b:
                    ac:cc:90:c1:99:91:2e:3b:70:10:33:fa:4a:c7:46:
                    96:6b:e7:a5:ac:03:64:f0:5e:ae:f8:6f:6a:a1:f4:
                    6b:f8:f3:60:b8:77:0b:07:a2:c0:de:4b:21:f8:12:
                    20:42:d4:9d:51:89:f9:dd:05:a1:37:9a:0d:9e:c7:
                    bc:d6:fe:f7:c8:91:45:30:41:73:77:e4:64:1a:46:
                    62:77:78:20:0b:3d:6f:75:53:85:64:7f:c0:76:1b:
                    6b:ef:2d:6e:11:39:b4:75:2f:6a:7d:64:ea:81:d1:
                    44:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:E0:7C:01:35:99:22:14:5B:14:04:39:84:AF:B8:66:D2:F6:DB:3B
            X509v3 Authority Key Identifier:
                keyid:4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:cb:fe:73:9c:58:d9:4a:c4:0a:77:ec:53:4a:73:e2:07:e3:
         61:96:6f:b2:11:b3:95:53:f8:76:75:e6:cb:b1:c0:97:6e:3b:
         2b:61:0c:34:94:6b:5e:6e:4b:c7:29:a8:ca:92:67:33:de:13:
         0a:62:d5:be:f1:25:e7:60:3d:0d:ca:30:d0:9c:4d:24:60:c8:
         32:70:de:6e:21:56:da:77:3a:ab:95:eb:82:68:16:61:86:84:
         c2:a8:ba:8e:e4:60:30:5e:55:98:74:66:84:bb:49:e0:2c:8b:
         05:9d:a1:a5:76:35:9a:b2:f2:a7:04:7b:ca:6e:d2:1c:8c:da:
         cc:3d:94:f9:93:9b:81:21:87:0a:80:c8:db:23:c5:e0:d5:bd:
         81:ca:c8:d5:13:f8:85:98:84:6e:1b:3b:75:1f:ad:a9:92:2e:
         94:8d:fa:77:67:fc:0f:99:f8:4e:33:ed:82:82:1f:9a:ad:13:
         f3:b7:b6:3c:1d:dc:98:e2:ac:7d:7f:44:59:be:ae:4a:75:a8:
         b7:4e:24:41:7e:62:99:19:bc:92:7e:eb:e4:a0:f3:2b:93:6f:
         66:24:5f:ea:4f:eb:0e:3d:e2:95:ef:63:de:41:0b:a1:8b:70:
         67:41:63:b8:84:f8:37:5d:80:e3:ee:39:7e:c4:8a:a8:6d:23:
         83:31:8c:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu/zrfPRlED3HCEcFSPTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTM3NjdhNDA1NGY0ODY4ZGUwYmQ5ZmIyM2E1Y2M3Njkw
ZmZlZDUwHhcNMjUwODIzMDcwMjAzWhcNMjUwODI0MDcwMjAzWjAzMTEwLwYDVQQD
EyhkMmUwN2MwMTM1OTkyMjE0NWIxNDA0Mzk4NGFmYjg2NmQyZjZkYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8vEVI8gMy+/aoAgVsj0nB8u+2P9
27hViCMYNUxEjXp8A+GYJuYuXAEWkIieTUsc/pPRgtclhMrBw3kUaQJu+IJ9MLZH
V7v6H5AVOpguKNKoSgOOjC5YDOOUYOnU7nRvJqHU8fGJhyVZNr8Rvj/At8siFlR/
EKo51hvl/Pzj4DdMvASWPU94/OvsnHMjXwgjfYernmuszJDBmZEuO3AQM/pKx0aW
a+elrANk8F6u+G9qofRr+PNguHcLB6LA3ksh+BIgQtSdUYn53QWhN5oNnse81v73
yJFFMEFzd+RkGkZid3ggCz1vdVOFZH/Adhtr7y1uETm0dS9qfWTqgdFEdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLgfAE1mSIUWxQEOYSvuGbS9ts7MB8GA1UdIwQY
MBaAFEzjdnpAVPSGjeC9n7I6XMdpD/7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYt
YTAwNjY3ZjRjZjcxLzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYtYTAwNjY3ZjRjZjcx
LzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnMv+c5xY
2UrECnfsU0pz4gfjYZZvshGzlVP4dnXmy7HAl247K2EMNJRrXm5LxymoypJnM94T
CmLVvvEl52A9Dcow0JxNJGDIMnDebiFW2nc6q5XrgmgWYYaEwqi6juRgMF5VmHRm
hLtJ4CyLBZ2hpXY1mrLypwR7ym7SHIzazD2U+ZObgSGHCoDI2yPF4NW9gcrI1RP4
hZiEbhs7dR+tqZIulI36d2f8D5n4TjPtgoIfmq0T87e2PB3cmOKsfX9EWb6uSnWo
t04kQX5imRm8kn7r5KDzK5NvZiRf6k/rDj3ile9j3kELoYtwZ0FjuIT4N12A4+45
fsSKqG0jgzGMjg==
-----END CERTIFICATE-----