Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
File:                     TON2ekBU9IaN4L2fsjpcx2kP_tU.mft (raw, json)
Hash identifier:          S72QBg2dZIPPqmdyNUmNtsGjCfX7vnn5VEGwhsXoCkU=
Subject key identifier:   E8:43:A2:B5:57:A3:A2:0F:18:E4:66:DF:F7:3F:5B:0A:97:32:D2:B2
Authority key identifier: 4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5
Certificate issuer:       /CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
Certificate serial:       01976C98CC709D780B0C198FAAB40FE904E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
Manifest number:          0D2D
Signing time:             Sat 14 Jun 2025 04:00:42 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:42 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:42 +0000
Files and hashes:         1: TON2ekBU9IaN4L2fsjpcx2kP_tU.crl (hash: B2WtGtMlwuqPZVtpSx1SVfID/TGdhGXOSketRcL8Ibk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:cc:70:9d:78:0b:0c:19:8f:aa:b4:0f:e9:04:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
        Validity
            Not Before: Jun 14 04:00:42 2025 GMT
            Not After : Jun 15 04:00:42 2025 GMT
        Subject: CN=e843a2b557a3a20f18e466dff73f5b0a9732d2b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:e4:62:aa:da:f9:17:7e:6b:7d:38:e9:d6:61:
                    10:47:c0:8c:b5:e3:ad:e6:18:33:3f:7f:94:5c:a5:
                    8a:6b:ba:64:30:9a:98:b3:bd:ec:55:df:c4:90:08:
                    5a:5a:5e:e9:60:42:79:e4:ab:f2:14:a4:0d:c8:47:
                    5f:49:01:5f:83:9d:5c:2b:67:cb:3d:85:92:df:7a:
                    7c:d1:22:e9:ca:21:97:0a:e2:a6:5b:af:2f:e0:ed:
                    07:1f:f8:37:01:84:3a:47:78:b9:0a:52:17:58:f7:
                    50:81:78:c1:36:fa:b1:1b:fd:70:e1:97:ce:5d:61:
                    ef:44:bc:77:ac:ea:26:71:da:b3:09:9e:20:d3:be:
                    a5:7d:25:4d:fc:6a:ad:68:01:e0:25:2c:4b:9e:dc:
                    8b:50:e8:1d:a7:42:7a:cf:66:4c:84:ca:5b:66:14:
                    0e:b6:30:32:1e:bd:2f:ad:5c:58:14:34:cc:f8:4b:
                    4d:ee:9f:df:c5:2e:bf:76:94:3a:c2:86:70:98:cf:
                    4c:46:c6:a3:5c:be:98:a5:75:56:1e:fa:2a:72:98:
                    da:72:0a:c1:31:17:89:31:c7:58:59:2a:bf:6d:7d:
                    57:42:fb:25:02:9a:cf:0d:d9:66:c6:81:bd:6d:f9:
                    79:25:a8:37:ab:9f:38:94:ab:71:49:ac:da:b2:a6:
                    9e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:43:A2:B5:57:A3:A2:0F:18:E4:66:DF:F7:3F:5B:0A:97:32:D2:B2
            X509v3 Authority Key Identifier:
                keyid:4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:14:1d:0f:41:a8:ab:6b:26:dd:70:d1:20:e8:ef:a7:75:d8:
         f2:18:a7:c8:bb:14:b5:98:31:17:65:42:02:38:f1:af:61:8d:
         cf:23:a1:b0:8b:ee:00:58:da:fe:8b:30:5c:2f:6b:1e:f5:4d:
         8d:ea:8a:bc:8b:71:1e:bf:b0:27:0c:67:65:5a:7e:1b:25:5a:
         2a:d3:1f:68:6e:55:1b:6c:2d:c9:f5:8a:75:5e:e1:14:bc:d9:
         dc:66:71:8c:a1:2f:38:78:f5:93:16:50:79:0c:23:c3:2a:89:
         13:76:d5:df:d1:70:7f:3d:aa:8b:2f:a2:3b:70:a0:72:df:f2:
         59:f7:7b:c9:bd:54:8f:d1:0e:71:e4:87:cf:9e:52:a5:a5:a9:
         fe:fc:99:5e:be:49:eb:ae:5f:d6:75:f7:26:94:f4:ff:6f:34:
         a0:38:88:3e:6e:5e:ee:16:ac:67:48:d2:e2:7b:01:7b:33:0b:
         f6:43:78:c8:36:ed:c1:5f:18:bd:ac:04:55:b1:b5:33:18:a0:
         c3:85:3b:5c:8e:58:06:a6:5c:83:53:52:3f:01:43:39:cc:ce:
         ac:11:20:2d:42:c4:a4:b6:a1:98:64:08:7a:33:d5:58:c3:39:
         57:8c:44:11:b5:fd:fd:b8:db:87:9c:2b:9d:2e:d6:70:be:15:
         bd:47:2e:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmMxwnXgLDBmPqrQP6QThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTM3NjdhNDA1NGY0ODY4ZGUwYmQ5ZmIyM2E1Y2M3Njkw
ZmZlZDUwHhcNMjUwNjE0MDQwMDQyWhcNMjUwNjE1MDQwMDQyWjAzMTEwLwYDVQQD
EyhlODQzYTJiNTU3YTNhMjBmMThlNDY2ZGZmNzNmNWIwYTk3MzJkMmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+Riqtr5F35rfTjp1mEQR8CMteOt
5hgzP3+UXKWKa7pkMJqYs73sVd/EkAhaWl7pYEJ55KvyFKQNyEdfSQFfg51cK2fL
PYWS33p80SLpyiGXCuKmW68v4O0HH/g3AYQ6R3i5ClIXWPdQgXjBNvqxG/1w4ZfO
XWHvRLx3rOomcdqzCZ4g076lfSVN/GqtaAHgJSxLntyLUOgdp0J6z2ZMhMpbZhQO
tjAyHr0vrVxYFDTM+EtN7p/fxS6/dpQ6woZwmM9MRsajXL6YpXVWHvoqcpjacgrB
MReJMcdYWSq/bX1XQvslAprPDdlmxoG9bfl5Jag3q584lKtxSazasqaeSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOhDorVXo6IPGORm3/c/WwqXMtKyMB8GA1UdIwQY
MBaAFEzjdnpAVPSGjeC9n7I6XMdpD/7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYt
YTAwNjY3ZjRjZjcxLzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYtYTAwNjY3ZjRjZjcx
LzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANhQdD0Go
q2sm3XDRIOjvp3XY8hinyLsUtZgxF2VCAjjxr2GNzyOhsIvuAFja/oswXC9rHvVN
jeqKvItxHr+wJwxnZVp+GyVaKtMfaG5VG2wtyfWKdV7hFLzZ3GZxjKEvOHj1kxZQ
eQwjwyqJE3bV39Fwfz2qiy+iO3Cgct/yWfd7yb1Uj9EOceSHz55SpaWp/vyZXr5J
665f1nX3JpT0/280oDiIPm5e7hasZ0jS4nsBezML9kN4yDbtwV8YvawEVbG1Mxig
w4U7XI5YBqZcg1NSPwFDOczOrBEgLULEpLahmGQIejPVWMM5V4xEEbX9/bjbh5wr
nS7WcL4VvUcuyw==
-----END CERTIFICATE-----