Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft
File:                     TOCCAEkieEhNbIj1OGuns5aWy5Y.mft (raw, json)
Hash identifier:          iHAZYEGvGFhADW7UFwXxwhxonQzm0xc0MF3i1MdbJf4=
Subject key identifier:   43:14:2A:F0:0E:31:CE:D3:C5:D4:F6:52:76:3C:1A:68:4E:93:F7:0B
Authority key identifier: 4C:E0:82:00:49:22:78:48:4D:6C:88:F5:38:6B:A7:B3:96:96:CB:96
Certificate issuer:       /CN=4ce08200492278484d6c88f5386ba7b39696cb96
Certificate serial:       01951134F1D7304255E4507B7B8A7D5B692E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft
Manifest number:          0B29
Signing time:             Mon 17 Feb 2025 00:00:37 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:37 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:37 +0000
Files and hashes:         1: TOCCAEkieEhNbIj1OGuns5aWy5Y.crl (hash: HyPDpISVB9yXhUsB6zt/b8kUUfg+SOgRm1kspCkg1po=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:34:f1:d7:30:42:55:e4:50:7b:7b:8a:7d:5b:69:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce08200492278484d6c88f5386ba7b39696cb96
        Validity
            Not Before: Feb 17 00:00:37 2025 GMT
            Not After : Feb 18 00:00:37 2025 GMT
        Subject: CN=43142af00e31ced3c5d4f652763c1a684e93f70b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:7b:11:9e:3e:54:db:bd:eb:62:1f:07:32:e7:
                    6f:5b:fe:cd:6e:ea:31:f7:00:3e:34:82:ec:da:55:
                    7f:45:86:14:70:71:e9:97:a7:87:43:1f:7c:0f:39:
                    a5:e4:72:1c:a1:bf:e9:9d:92:f9:86:a9:37:97:08:
                    16:55:99:ea:ff:a5:85:a9:84:23:9a:0a:5e:84:8d:
                    dc:16:b0:c2:53:70:ce:36:6b:13:a6:de:c4:f4:79:
                    24:22:1b:b1:64:99:10:b5:94:e5:82:c2:dd:26:5e:
                    cc:9f:a8:de:cf:18:e1:1b:9b:cb:1c:b9:94:b9:a9:
                    9d:03:46:57:c1:9a:5d:9c:20:5a:8d:10:bf:41:74:
                    9c:47:f8:19:00:2b:7d:c0:cb:dc:18:bc:e8:c6:6c:
                    bf:bd:81:8e:85:c4:af:0d:63:24:17:b3:71:8d:33:
                    fd:e0:97:a6:e3:b8:8d:49:85:d2:89:15:1d:f6:0b:
                    78:97:fd:ad:b1:23:ec:e5:9d:8e:31:ad:90:da:83:
                    33:82:85:7f:cb:ea:ee:c0:78:67:dd:62:75:5e:12:
                    d5:d3:d6:01:1f:7d:bc:6b:8f:3e:ba:2b:be:5e:0a:
                    fd:aa:80:74:6d:99:5b:19:b8:52:34:5a:34:f4:8f:
                    1f:89:1b:c4:05:d3:22:86:56:e2:f1:0b:7a:7d:da:
                    48:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:14:2A:F0:0E:31:CE:D3:C5:D4:F6:52:76:3C:1A:68:4E:93:F7:0B
            X509v3 Authority Key Identifier:
                keyid:4C:E0:82:00:49:22:78:48:4D:6C:88:F5:38:6B:A7:B3:96:96:CB:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:20:d7:17:d5:67:a7:66:83:f0:c9:2f:d4:86:c5:83:39:65:
         f9:b4:b6:ac:61:0e:a2:91:33:cf:c4:73:79:aa:30:7b:12:80:
         bc:5b:69:a9:62:cd:9d:a8:ca:40:ce:af:f4:53:5f:82:07:05:
         4e:d5:46:0e:43:51:74:7a:3c:47:84:c5:f1:7e:75:16:fc:10:
         90:8a:3e:3b:09:75:d2:bb:22:b3:2b:71:9c:2e:f6:bd:d9:7d:
         f3:84:4e:a7:bd:8d:52:67:5f:e0:5d:af:d7:e4:cf:80:d8:d8:
         88:fd:3f:bd:67:77:3d:a1:ec:96:85:c3:ce:69:eb:64:02:11:
         c3:19:4a:13:56:51:83:fd:63:7d:81:ab:d4:74:0c:f9:04:cc:
         c8:d7:8a:5a:84:a1:27:13:1c:8f:31:a6:a3:ac:75:ef:cf:85:
         82:8b:a7:a6:a5:dc:fc:f0:fc:c5:6a:9c:5c:26:7c:09:fa:da:
         a4:aa:1c:16:7e:29:7d:ee:15:ff:57:e1:93:0a:2e:b0:2d:9b:
         ca:06:24:eb:35:5f:cd:77:47:f8:4f:4b:d8:9d:59:b3:c1:97:
         ca:37:3b:fc:9f:99:e0:8e:f9:d4:42:c2:10:1d:b0:84:9d:9d:
         7b:46:db:7a:ca:7f:6a:e5:9c:25:06:8b:db:0e:93:bf:49:79:
         93:d2:26:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNPHXMEJV5FB7e4p9W2kuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTA4MjAwNDkyMjc4NDg0ZDZjODhmNTM4NmJhN2IzOTY5
NmNiOTYwHhcNMjUwMjE3MDAwMDM3WhcNMjUwMjE4MDAwMDM3WjAzMTEwLwYDVQQD
Eyg0MzE0MmFmMDBlMzFjZWQzYzVkNGY2NTI3NjNjMWE2ODRlOTNmNzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XsRnj5U273rYh8HMudvW/7Nbuox
9wA+NILs2lV/RYYUcHHpl6eHQx98Dzml5HIcob/pnZL5hqk3lwgWVZnq/6WFqYQj
mgpehI3cFrDCU3DONmsTpt7E9HkkIhuxZJkQtZTlgsLdJl7Mn6jezxjhG5vLHLmU
uamdA0ZXwZpdnCBajRC/QXScR/gZACt9wMvcGLzoxmy/vYGOhcSvDWMkF7NxjTP9
4Jem47iNSYXSiRUd9gt4l/2tsSPs5Z2OMa2Q2oMzgoV/y+ruwHhn3WJ1XhLV09YB
H328a48+uiu+Xgr9qoB0bZlbGbhSNFo09I8fiRvEBdMihlbi8Qt6fdpIlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEMUKvAOMc7TxdT2UnY8GmhOk/cLMB8GA1UdIwQY
MBaAFEzgggBJInhITWyI9Thrp7OWlsuWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8yZDU0MmQtMWVjNS00OTQzLWI2M2Ut
OTE1MTIwYjYzMDkzLzEvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8yZDU0MmQtMWVjNS00OTQzLWI2M2UtOTE1MTIwYjYzMDkz
LzEvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoiDXF9Vn
p2aD8Mkv1IbFgzll+bS2rGEOopEzz8RzeaowexKAvFtpqWLNnajKQM6v9FNfggcF
TtVGDkNRdHo8R4TF8X51FvwQkIo+Owl10rsisytxnC72vdl984ROp72NUmdf4F2v
1+TPgNjYiP0/vWd3PaHsloXDzmnrZAIRwxlKE1ZRg/1jfYGr1HQM+QTMyNeKWoSh
JxMcjzGmo6x178+FgounpqXc/PD8xWqcXCZ8CfrapKocFn4pfe4V/1fhkwousC2b
ygYk6zVfzXdH+E9L2J1Zs8GXyjc7/J+Z4I751ELCEB2whJ2de0bbesp/auWcJQaL
2w6Tv0l5k9Imvg==
-----END CERTIFICATE-----