Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
File:                     TON2ekBU9IaN4L2fsjpcx2kP_tU.mft (raw, json)
Hash identifier:          LJd1KxIQfxweMM6W2PxJ9nR9Oh+5/9Z8w37LXCRwYE8=
Subject key identifier:   4C:ED:4A:CC:DB:F0:8C:B2:94:E6:84:BA:A2:79:21:78:4B:63:33:44
Authority key identifier: 4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5
Certificate issuer:       /CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
Certificate serial:       019A4E18CB558F239F61C645EC6C1FFAB265
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
Manifest number:          0EAB
Signing time:             Tue 04 Nov 2025 09:00:39 +0000
Manifest this update:     Tue 04 Nov 2025 09:00:39 +0000
Manifest next update:     Wed 05 Nov 2025 09:00:39 +0000
Files and hashes:         1: TON2ekBU9IaN4L2fsjpcx2kP_tU.crl (hash: /P0WY4nMK8TJVdak/k+QiHKUkAr3AXtHN5ytM1HNEDA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:18:cb:55:8f:23:9f:61:c6:45:ec:6c:1f:fa:b2:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
        Validity
            Not Before: Nov  4 09:00:39 2025 GMT
            Not After : Nov  5 09:00:39 2025 GMT
        Subject: CN=4ced4accdbf08cb294e684baa27921784b633344
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:96:90:39:70:09:09:ed:8c:4a:94:45:bf:9b:
                    5e:88:60:54:d1:c7:61:6d:7a:b1:be:56:f9:73:ec:
                    f1:85:53:cd:35:b0:35:4c:64:b3:c8:0a:a2:79:10:
                    e6:9c:a3:b2:e3:4e:a9:64:45:41:9f:63:6a:23:40:
                    3e:4b:82:98:61:c2:99:e7:22:be:99:fb:0b:92:58:
                    d6:df:78:81:9f:4d:80:e6:f6:bf:93:b8:d2:81:05:
                    65:26:46:60:1b:83:18:5c:43:f6:6e:b1:cd:ee:b4:
                    fa:4a:7e:38:43:ab:85:96:f2:26:8d:41:48:b6:a0:
                    a4:fc:58:96:a3:54:1c:ef:c0:92:62:07:3a:5f:81:
                    10:75:72:52:a8:7c:b8:db:32:49:3c:a0:cc:90:e8:
                    95:e4:50:d8:f4:af:02:41:e7:ba:48:2d:02:e8:7e:
                    cd:60:f3:8a:88:16:04:4c:b9:5f:b3:b6:73:2e:a9:
                    32:17:77:50:c8:3b:96:1c:33:b6:91:13:01:75:e2:
                    81:4e:f6:64:55:84:fe:bf:d6:90:c8:5d:42:ec:9b:
                    a8:13:56:66:e7:be:82:da:ee:24:a7:f8:53:3b:33:
                    f8:46:f2:da:61:fb:b8:3b:da:18:d4:33:40:fb:44:
                    f8:ac:d0:e4:94:fd:ca:d5:02:d4:1c:4a:d2:0b:f1:
                    9e:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:ED:4A:CC:DB:F0:8C:B2:94:E6:84:BA:A2:79:21:78:4B:63:33:44
            X509v3 Authority Key Identifier:
                keyid:4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:64:76:cf:37:60:ec:76:ef:d1:e7:91:20:aa:db:ec:f6:15:
         e2:1e:9d:70:ba:59:16:73:42:2e:92:cf:fa:23:4f:59:c7:cf:
         3c:d2:4c:f4:e2:7e:6d:f0:83:27:5a:75:7b:98:5e:9b:34:c9:
         7d:9b:5c:2f:f7:26:c0:3c:8b:c3:91:4d:9b:a8:d8:9e:f2:e3:
         5a:a5:34:cc:6c:c4:60:f7:8e:48:16:ba:6a:3b:ec:3d:a6:10:
         09:0f:68:cb:1d:86:b1:d7:ce:3b:2f:ca:dd:d7:49:f6:bd:79:
         5f:2d:76:95:11:93:50:ad:86:0e:05:89:6e:c5:97:e9:d0:11:
         a9:0b:08:a8:c2:07:d0:de:44:0e:0c:40:79:d8:e7:46:1f:f5:
         bf:9e:45:08:10:87:17:8c:95:31:84:01:71:6c:9a:27:ac:ef:
         ef:31:2c:86:ee:83:23:7f:fe:0d:44:df:b9:5b:80:31:8a:50:
         6c:47:40:2a:b3:d6:3c:e7:fd:6a:e2:68:2d:65:91:83:b4:26:
         b4:21:f5:f8:ba:2e:f7:c0:df:7c:96:77:55:72:16:f5:00:69:
         b0:80:51:05:b1:66:15:ad:22:f6:da:e2:fa:2a:7c:94:aa:c8:
         98:32:cb:5a:fc:c7:21:62:8f:34:64:5c:be:58:04:d2:66:af:
         fe:03:c6:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGMtVjyOfYcZF7Gwf+rJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTM3NjdhNDA1NGY0ODY4ZGUwYmQ5ZmIyM2E1Y2M3Njkw
ZmZlZDUwHhcNMjUxMTA0MDkwMDM5WhcNMjUxMTA1MDkwMDM5WjAzMTEwLwYDVQQD
Eyg0Y2VkNGFjY2RiZjA4Y2IyOTRlNjg0YmFhMjc5MjE3ODRiNjMzMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6JaQOXAJCe2MSpRFv5teiGBU0cdh
bXqxvlb5c+zxhVPNNbA1TGSzyAqieRDmnKOy406pZEVBn2NqI0A+S4KYYcKZ5yK+
mfsLkljW33iBn02A5va/k7jSgQVlJkZgG4MYXEP2brHN7rT6Sn44Q6uFlvImjUFI
tqCk/FiWo1Qc78CSYgc6X4EQdXJSqHy42zJJPKDMkOiV5FDY9K8CQee6SC0C6H7N
YPOKiBYETLlfs7ZzLqkyF3dQyDuWHDO2kRMBdeKBTvZkVYT+v9aQyF1C7JuoE1Zm
576C2u4kp/hTOzP4RvLaYfu4O9oY1DNA+0T4rNDklP3K1QLUHErSC/GePwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEztSszb8IyylOaEuqJ5IXhLYzNEMB8GA1UdIwQY
MBaAFEzjdnpAVPSGjeC9n7I6XMdpD/7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYt
YTAwNjY3ZjRjZjcxLzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYtYTAwNjY3ZjRjZjcx
LzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnWR2zzdg
7Hbv0eeRIKrb7PYV4h6dcLpZFnNCLpLP+iNPWcfPPNJM9OJ+bfCDJ1p1e5hemzTJ
fZtcL/cmwDyLw5FNm6jYnvLjWqU0zGzEYPeOSBa6ajvsPaYQCQ9oyx2GsdfOOy/K
3ddJ9r15Xy12lRGTUK2GDgWJbsWX6dARqQsIqMIH0N5EDgxAedjnRh/1v55FCBCH
F4yVMYQBcWyaJ6zv7zEshu6DI3/+DUTfuVuAMYpQbEdAKrPWPOf9auJoLWWRg7Qm
tCH1+Lou98DffJZ3VXIW9QBpsIBRBbFmFa0i9tri+ip8lKrImDLLWvzHIWKPNGRc
vlgE0mav/gPGmw==
-----END CERTIFICATE-----