Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
File:                     TON2ekBU9IaN4L2fsjpcx2kP_tU.mft (raw, json)
Hash identifier:          F1AXj2RhXpSTIic1yKr+cCEuDN2oyCZX6whTTGT1yGk=
Subject key identifier:   A8:44:AC:7B:57:79:DB:60:B2:F4:83:4F:29:55:13:79:5C:CF:33:90
Authority key identifier: 4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5
Certificate issuer:       /CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
Certificate serial:       0198752C3723055FF641F20395206F742660
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
Manifest number:          0DB6
Signing time:             Mon 04 Aug 2025 13:01:28 +0000
Manifest this update:     Mon 04 Aug 2025 13:01:28 +0000
Manifest next update:     Tue 05 Aug 2025 13:01:28 +0000
Files and hashes:         1: TON2ekBU9IaN4L2fsjpcx2kP_tU.crl (hash: lpaLhZlPLU2YfTkvQ9/QdxDvH5O9SmEm/T+8419gj70=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:2c:37:23:05:5f:f6:41:f2:03:95:20:6f:74:26:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
        Validity
            Not Before: Aug  4 13:01:28 2025 GMT
            Not After : Aug  5 13:01:28 2025 GMT
        Subject: CN=a844ac7b5779db60b2f4834f295513795ccf3390
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:8a:2d:e6:68:c7:7d:77:21:15:9c:83:ce:53:
                    67:75:35:10:da:45:78:ae:9c:bf:13:38:92:5a:a2:
                    7d:3a:74:9b:95:0a:d7:cf:32:b0:5a:48:e1:e6:2d:
                    24:6c:00:c4:19:12:d3:04:a5:ae:19:40:98:05:c1:
                    ef:c3:ef:a6:ed:4b:36:2d:65:bd:20:f3:66:be:10:
                    0e:e9:fe:d1:fa:22:e9:c7:71:08:9f:7a:b0:e7:63:
                    73:76:06:8d:13:98:37:44:16:b2:2b:15:dd:b3:77:
                    90:66:d6:8a:82:31:57:ed:e3:65:ec:ec:b0:a8:59:
                    71:e7:08:d6:de:c1:43:04:44:85:0e:41:a1:cd:59:
                    bb:60:1d:cb:b6:88:bf:c7:6f:56:a2:a9:9d:91:1c:
                    18:e0:ff:44:b3:45:3b:89:2f:36:41:7d:fa:b4:05:
                    ba:3e:34:ee:c5:72:f3:8b:a5:ed:4e:63:8c:86:c2:
                    8c:4b:17:0d:19:27:5b:cd:47:08:3f:4b:cb:9e:41:
                    85:29:d9:0b:9b:9b:72:1b:8d:8a:f8:7e:5c:60:d8:
                    38:02:59:5c:f8:c3:f4:ba:c4:a0:8e:9e:ff:30:21:
                    01:56:46:c3:d6:b7:71:78:f9:78:51:d7:c1:c9:e0:
                    30:06:d1:cf:27:89:bc:b3:e4:96:66:cd:50:47:53:
                    19:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:44:AC:7B:57:79:DB:60:B2:F4:83:4F:29:55:13:79:5C:CF:33:90
            X509v3 Authority Key Identifier:
                keyid:4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:0f:ef:a8:7f:6a:5c:8c:c0:1d:07:fb:cd:c6:a0:ca:26:c7:
         a2:14:b4:03:b5:d3:62:73:9b:3c:0b:87:09:ae:1b:51:aa:b6:
         ed:f1:f8:a8:c3:f9:34:4a:07:17:af:d0:1d:68:d5:db:1e:dc:
         71:18:61:fd:e4:2b:ba:0f:5c:84:d8:a2:f4:26:b4:79:ea:45:
         09:2e:0b:a4:9b:d6:b0:75:16:c2:ef:f7:78:74:a2:d2:17:d6:
         68:50:e3:b7:c2:42:53:f0:0a:65:6b:e9:c2:86:6f:67:29:c2:
         ec:e3:3f:3e:aa:a3:8f:4b:1d:48:45:ed:4c:a0:3d:80:54:f4:
         8b:0e:10:62:e0:95:f5:43:5f:2c:29:9e:15:f4:bc:17:da:43:
         f7:c3:66:72:11:3c:1f:ce:7c:ba:ca:b9:70:80:30:ae:70:ef:
         28:b3:c2:91:61:a4:3a:6c:a5:bb:ba:55:ec:d9:a2:86:d9:15:
         48:18:a9:43:bf:c6:f0:21:d7:39:cb:b6:f9:29:08:6a:de:2d:
         05:d2:72:d5:1e:e6:2e:d5:c4:b8:7d:2f:3c:98:00:cb:aa:8c:
         a9:19:13:0d:e2:09:be:0b:5d:19:a8:73:12:58:e9:71:de:4c:
         27:19:df:1e:6f:ef:da:ac:45:ba:b3:fb:54:96:21:a9:40:b5:
         7e:98:71:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh1LDcjBV/2QfIDlSBvdCZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTM3NjdhNDA1NGY0ODY4ZGUwYmQ5ZmIyM2E1Y2M3Njkw
ZmZlZDUwHhcNMjUwODA0MTMwMTI4WhcNMjUwODA1MTMwMTI4WjAzMTEwLwYDVQQD
EyhhODQ0YWM3YjU3NzlkYjYwYjJmNDgzNGYyOTU1MTM3OTVjY2YzMzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYot5mjHfXchFZyDzlNndTUQ2kV4
rpy/EziSWqJ9OnSblQrXzzKwWkjh5i0kbADEGRLTBKWuGUCYBcHvw++m7Us2LWW9
IPNmvhAO6f7R+iLpx3EIn3qw52NzdgaNE5g3RBayKxXds3eQZtaKgjFX7eNl7Oyw
qFlx5wjW3sFDBESFDkGhzVm7YB3Ltoi/x29WoqmdkRwY4P9Es0U7iS82QX36tAW6
PjTuxXLzi6XtTmOMhsKMSxcNGSdbzUcIP0vLnkGFKdkLm5tyG42K+H5cYNg4Allc
+MP0usSgjp7/MCEBVkbD1rdxePl4UdfByeAwBtHPJ4m8s+SWZs1QR1MZOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKhErHtXedtgsvSDTylVE3lczzOQMB8GA1UdIwQY
MBaAFEzjdnpAVPSGjeC9n7I6XMdpD/7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYt
YTAwNjY3ZjRjZjcxLzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYtYTAwNjY3ZjRjZjcx
LzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQQ/vqH9q
XIzAHQf7zcagyibHohS0A7XTYnObPAuHCa4bUaq27fH4qMP5NEoHF6/QHWjV2x7c
cRhh/eQrug9chNii9Ca0eepFCS4LpJvWsHUWwu/3eHSi0hfWaFDjt8JCU/AKZWvp
woZvZynC7OM/Pqqjj0sdSEXtTKA9gFT0iw4QYuCV9UNfLCmeFfS8F9pD98NmchE8
H858usq5cIAwrnDvKLPCkWGkOmylu7pV7NmihtkVSBipQ7/G8CHXOcu2+SkIat4t
BdJy1R7mLtXEuH0vPJgAy6qMqRkTDeIJvgtdGahzEljpcd5MJxnfHm/v2qxFurP7
VJYhqUC1fphxxQ==
-----END CERTIFICATE-----