Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft
File:                     TOCCAEkieEhNbIj1OGuns5aWy5Y.mft (raw, json)
Hash identifier:          y9J21KXcSzoMO5AmtZsrljeWN8oCUswL5+IRoakWq4A=
Subject key identifier:   5B:A9:4C:C4:D8:E9:5E:A5:41:FA:B3:61:9E:8B:E1:CE:BA:91:3D:41
Authority key identifier: 4C:E0:82:00:49:22:78:48:4D:6C:88:F5:38:6B:A7:B3:96:96:CB:96
Certificate issuer:       /CN=4ce08200492278484d6c88f5386ba7b39696cb96
Certificate serial:       019A722584145A793227EC01C77F48C5F0AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft
Manifest number:          0DF2
Signing time:             Tue 11 Nov 2025 09:00:52 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:52 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:52 +0000
Files and hashes:         1: TOCCAEkieEhNbIj1OGuns5aWy5Y.crl (hash: gyTzO3eO4sutUQFkZCP2gi0uz/UgPSBwUD6j7IPo5lo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:84:14:5a:79:32:27:ec:01:c7:7f:48:c5:f0:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce08200492278484d6c88f5386ba7b39696cb96
        Validity
            Not Before: Nov 11 09:00:52 2025 GMT
            Not After : Nov 12 09:00:52 2025 GMT
        Subject: CN=5ba94cc4d8e95ea541fab3619e8be1ceba913d41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:20:65:ee:20:b3:d9:eb:68:92:b4:e5:41:b3:
                    c0:8e:9c:c3:80:37:a8:1c:42:97:ff:21:d1:72:7c:
                    0a:3a:fe:1a:f6:72:1b:e2:4d:2a:00:28:29:ed:95:
                    56:98:ad:41:12:19:7f:e0:04:00:e2:d4:b6:db:c1:
                    3b:7b:0f:25:a4:0f:f9:59:23:ae:5f:87:4b:1b:ea:
                    1c:e0:5d:5d:17:83:66:e1:c8:84:ff:73:e3:1c:6d:
                    88:72:22:7d:ad:96:42:48:f5:10:53:05:9c:b1:df:
                    23:b9:40:16:30:24:f5:3f:d8:b9:99:33:f6:5a:be:
                    d6:67:30:ca:52:62:03:17:54:dd:5b:42:6a:99:70:
                    e3:b9:74:a9:83:84:24:c7:e6:d9:a0:b6:c8:86:0f:
                    64:d4:4f:75:11:89:83:e3:2c:49:8a:5c:0a:74:a1:
                    64:a9:6c:be:e5:31:40:36:7b:11:26:46:54:a2:41:
                    93:03:e4:bf:0b:98:c1:3f:6b:cd:83:e9:9c:99:33:
                    14:13:83:bf:88:6f:ed:a8:3f:80:b6:e5:98:e5:4d:
                    a5:fa:c1:27:46:40:28:23:39:81:c7:0d:b9:42:75:
                    8d:bc:eb:a3:ab:c9:51:67:95:f4:11:80:d1:cf:00:
                    f3:72:ff:9a:d9:9d:22:12:4f:14:d2:ed:67:c3:2c:
                    cc:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:A9:4C:C4:D8:E9:5E:A5:41:FA:B3:61:9E:8B:E1:CE:BA:91:3D:41
            X509v3 Authority Key Identifier:
                keyid:4C:E0:82:00:49:22:78:48:4D:6C:88:F5:38:6B:A7:B3:96:96:CB:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:0d:75:a5:da:3c:34:00:6c:ed:e0:d3:49:72:10:c4:a8:ad:
         ed:a9:18:e3:80:d0:1b:6f:14:d8:b3:d7:6a:52:f4:ef:97:f8:
         cd:ad:9d:14:27:f7:d6:bb:bf:f0:f1:7d:95:fb:a9:34:9d:89:
         00:b8:46:f2:b7:85:e2:58:6f:89:f9:2f:ab:04:79:da:aa:56:
         2d:61:3b:11:cc:f6:18:4d:ee:eb:1f:7e:af:3e:aa:f1:bf:aa:
         74:f9:7d:70:20:8c:ec:71:6a:9e:17:90:bc:a5:62:63:1a:2a:
         02:6c:57:9e:f9:84:63:10:23:b4:83:af:32:0c:0f:e3:be:bb:
         be:24:a0:c1:55:87:ba:ce:1d:aa:b5:94:f2:10:b0:af:02:5f:
         91:2a:9f:2d:5b:dd:3d:f3:8d:30:af:6b:ed:79:d3:4d:fb:e3:
         da:99:a6:6c:a2:f3:8f:5a:0e:76:d4:8a:30:d5:1c:c1:0b:2c:
         20:b9:86:44:38:ec:b0:85:16:d1:f5:62:0b:33:e9:01:32:51:
         f4:42:d1:24:ce:41:fe:26:72:c7:75:12:cb:ef:fc:9e:f2:30:
         9a:c2:3f:52:6e:4d:d1:f8:72:3e:96:9e:7f:17:d8:87:ad:0d:
         d4:cc:3c:67:6e:70:75:d7:92:6b:97:ed:e2:6e:75:d7:80:85:
         e2:de:9a:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJYQUWnkyJ+wBx39IxfCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTA4MjAwNDkyMjc4NDg0ZDZjODhmNTM4NmJhN2IzOTY5
NmNiOTYwHhcNMjUxMTExMDkwMDUyWhcNMjUxMTEyMDkwMDUyWjAzMTEwLwYDVQQD
Eyg1YmE5NGNjNGQ4ZTk1ZWE1NDFmYWIzNjE5ZThiZTFjZWJhOTEzZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9iBl7iCz2etokrTlQbPAjpzDgDeo
HEKX/yHRcnwKOv4a9nIb4k0qACgp7ZVWmK1BEhl/4AQA4tS228E7ew8lpA/5WSOu
X4dLG+oc4F1dF4Nm4ciE/3PjHG2IciJ9rZZCSPUQUwWcsd8juUAWMCT1P9i5mTP2
Wr7WZzDKUmIDF1TdW0JqmXDjuXSpg4Qkx+bZoLbIhg9k1E91EYmD4yxJilwKdKFk
qWy+5TFANnsRJkZUokGTA+S/C5jBP2vNg+mcmTMUE4O/iG/tqD+AtuWY5U2l+sEn
RkAoIzmBxw25QnWNvOujq8lRZ5X0EYDRzwDzcv+a2Z0iEk8U0u1nwyzMYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFupTMTY6V6lQfqzYZ6L4c66kT1BMB8GA1UdIwQY
MBaAFEzgggBJInhITWyI9Thrp7OWlsuWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8yZDU0MmQtMWVjNS00OTQzLWI2M2Ut
OTE1MTIwYjYzMDkzLzEvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8yZDU0MmQtMWVjNS00OTQzLWI2M2UtOTE1MTIwYjYzMDkz
LzEvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmQ11pdo8
NABs7eDTSXIQxKit7akY44DQG28U2LPXalL075f4za2dFCf31ru/8PF9lfupNJ2J
ALhG8reF4lhvifkvqwR52qpWLWE7Ecz2GE3u6x9+rz6q8b+qdPl9cCCM7HFqnheQ
vKViYxoqAmxXnvmEYxAjtIOvMgwP4767viSgwVWHus4dqrWU8hCwrwJfkSqfLVvd
PfONMK9r7XnTTfvj2pmmbKLzj1oOdtSKMNUcwQssILmGRDjssIUW0fViCzPpATJR
9ELRJM5B/iZyx3USy+/8nvIwmsI/Um5N0fhyPpaefxfYh60N1Mw8Z25wddeSa5ft
4m5114CF4t6aFQ==
-----END CERTIFICATE-----