Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
File:                     TON2ekBU9IaN4L2fsjpcx2kP_tU.mft (raw, json)
Hash identifier:          ImjsbIUoOhXcm4ORVOO8dUUuteh126RBOE5MYWM+wsE=
Subject key identifier:   3B:52:53:0E:5B:E8:18:FB:9F:EE:D1:EE:3B:8E:09:39:C9:D3:2C:3E
Authority key identifier: 4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5
Certificate issuer:       /CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
Certificate serial:       0199FEEBAACB522D30892E238C5B458706DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
Manifest number:          0E82
Signing time:             Mon 20 Oct 2025 00:01:21 +0000
Manifest this update:     Mon 20 Oct 2025 00:01:21 +0000
Manifest next update:     Tue 21 Oct 2025 00:01:21 +0000
Files and hashes:         1: TON2ekBU9IaN4L2fsjpcx2kP_tU.crl (hash: BMPtdOXzT9XUDvXjDLlCCjtXfmMIeodlxAb6DVRgeDU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:eb:aa:cb:52:2d:30:89:2e:23:8c:5b:45:87:06:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
        Validity
            Not Before: Oct 20 00:01:21 2025 GMT
            Not After : Oct 21 00:01:21 2025 GMT
        Subject: CN=3b52530e5be818fb9feed1ee3b8e0939c9d32c3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:8d:38:01:6d:05:96:25:1b:f7:18:f0:52:d3:
                    ce:df:81:f5:ff:81:42:87:54:1d:6f:66:19:ba:39:
                    8e:74:a0:6f:6b:b9:1d:bd:79:08:24:ba:d9:f6:d7:
                    6e:03:48:45:bb:3c:4f:a2:f3:fb:15:81:61:b7:39:
                    61:ba:02:bc:54:63:8c:be:86:12:13:78:b5:0f:68:
                    07:a7:73:b9:5a:90:2e:2f:16:ae:9e:cf:b2:f7:3f:
                    29:f3:c6:4e:16:60:cd:24:a6:c7:c9:97:23:65:4c:
                    b8:51:f6:3e:1d:41:1a:40:48:8b:6d:87:c9:11:93:
                    ea:f1:ec:8d:5c:3c:bf:81:9c:ae:65:ed:d3:82:bb:
                    72:08:8f:53:86:4b:84:94:04:72:f2:4e:ce:29:57:
                    38:bb:7e:a4:97:4b:41:90:4d:4a:52:de:e9:60:c7:
                    17:74:53:67:56:86:a4:3a:b9:0c:58:c9:20:f7:40:
                    0a:cc:12:a4:f5:8e:51:58:10:31:f3:27:d9:d1:13:
                    fa:71:bb:40:19:f2:c5:6a:61:05:6c:3f:52:60:63:
                    c7:05:c4:36:b1:91:a4:06:c4:d2:e1:0d:58:fa:bd:
                    6a:8a:53:9d:03:bd:5c:89:5c:7c:6d:18:bc:ac:50:
                    f7:f7:3b:3e:75:f8:20:c3:ee:91:b7:86:6c:71:9b:
                    89:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:52:53:0E:5B:E8:18:FB:9F:EE:D1:EE:3B:8E:09:39:C9:D3:2C:3E
            X509v3 Authority Key Identifier:
                keyid:4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:83:62:b8:d3:c3:d2:49:83:7a:96:79:20:7b:55:0c:80:f4:
         84:70:32:19:ba:cf:c4:d2:77:19:c4:4f:08:a5:3f:98:e9:8c:
         e1:1a:ab:56:a9:22:34:17:f4:c0:3f:62:54:e2:8b:45:1f:42:
         80:17:6f:4f:0e:e8:3f:76:ca:6e:3d:a0:ef:31:ed:23:a3:8d:
         11:2f:38:67:6d:ce:e2:eb:79:b2:fc:45:d1:15:dd:04:8c:5c:
         2b:c3:0c:20:80:70:20:df:7f:be:37:15:f8:7a:f6:9d:d1:b1:
         86:98:b8:5a:27:9d:a5:b5:78:df:9b:93:8d:0a:4a:e2:91:8d:
         f4:b5:e9:7f:77:e6:3a:6d:0f:c1:3e:25:79:a4:a2:48:01:a5:
         9a:9b:30:66:27:e3:0f:0e:35:35:90:ac:af:9c:8a:b6:16:97:
         89:5d:ff:3d:dd:fb:da:5b:db:38:72:b3:bd:92:04:62:b0:56:
         d5:9d:9f:23:0b:39:0f:9b:8c:b1:0e:38:5a:4b:b3:e6:6c:4c:
         6f:7c:f1:c1:16:90:b5:24:51:c2:ae:bd:26:29:48:56:0a:cf:
         0e:a1:a7:2e:bf:05:5e:ec:01:8e:46:8b:d8:50:cc:76:51:70:
         cb:09:24:f9:aa:dd:e4:5a:a2:17:c2:89:71:e1:67:00:1e:28:
         85:1b:ab:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+66rLUi0wiS4jjFtFhwbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTM3NjdhNDA1NGY0ODY4ZGUwYmQ5ZmIyM2E1Y2M3Njkw
ZmZlZDUwHhcNMjUxMDIwMDAwMTIxWhcNMjUxMDIxMDAwMTIxWjAzMTEwLwYDVQQD
EygzYjUyNTMwZTViZTgxOGZiOWZlZWQxZWUzYjhlMDkzOWM5ZDMyYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm404AW0FliUb9xjwUtPO34H1/4FC
h1Qdb2YZujmOdKBva7kdvXkIJLrZ9tduA0hFuzxPovP7FYFhtzlhugK8VGOMvoYS
E3i1D2gHp3O5WpAuLxauns+y9z8p88ZOFmDNJKbHyZcjZUy4UfY+HUEaQEiLbYfJ
EZPq8eyNXDy/gZyuZe3TgrtyCI9ThkuElARy8k7OKVc4u36kl0tBkE1KUt7pYMcX
dFNnVoakOrkMWMkg90AKzBKk9Y5RWBAx8yfZ0RP6cbtAGfLFamEFbD9SYGPHBcQ2
sZGkBsTS4Q1Y+r1qilOdA71ciVx8bRi8rFD39zs+dfggw+6Rt4ZscZuJAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtSUw5b6Bj7n+7R7juOCTnJ0yw+MB8GA1UdIwQY
MBaAFEzjdnpAVPSGjeC9n7I6XMdpD/7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYt
YTAwNjY3ZjRjZjcxLzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYtYTAwNjY3ZjRjZjcx
LzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeoNiuNPD
0kmDepZ5IHtVDID0hHAyGbrPxNJ3GcRPCKU/mOmM4RqrVqkiNBf0wD9iVOKLRR9C
gBdvTw7oP3bKbj2g7zHtI6ONES84Z23O4ut5svxF0RXdBIxcK8MMIIBwIN9/vjcV
+Hr2ndGxhpi4WiedpbV435uTjQpK4pGN9LXpf3fmOm0PwT4leaSiSAGlmpswZifj
Dw41NZCsr5yKthaXiV3/Pd372lvbOHKzvZIEYrBW1Z2fIws5D5uMsQ44Wkuz5mxM
b3zxwRaQtSRRwq69JilIVgrPDqGnLr8FXuwBjkaL2FDMdlFwywkk+ard5FqiF8KJ
ceFnAB4ohRurJA==
-----END CERTIFICATE-----