Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft
File:                     TOCCAEkieEhNbIj1OGuns5aWy5Y.mft (raw, json)
Hash identifier:          CzdnGvv1+SlgcwE7UWQiDhsVjFWA3ROjybHwUCFTiJg=
Subject key identifier:   72:01:F1:34:7F:D9:5C:B0:01:94:3E:43:30:57:05:6C:8E:65:B2:29
Authority key identifier: 4C:E0:82:00:49:22:78:48:4D:6C:88:F5:38:6B:A7:B3:96:96:CB:96
Certificate issuer:       /CN=4ce08200492278484d6c88f5386ba7b39696cb96
Certificate serial:       019748FA7CF0997A10C71D7C52CF7739C5B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft
Manifest number:          0C4F
Signing time:             Sat 07 Jun 2025 06:01:04 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:04 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:04 +0000
Files and hashes:         1: TOCCAEkieEhNbIj1OGuns5aWy5Y.crl (hash: L0LHuguWCDlLb3lFBcuxbDwOrGInK48ViP+wjgUaJGA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:7c:f0:99:7a:10:c7:1d:7c:52:cf:77:39:c5:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce08200492278484d6c88f5386ba7b39696cb96
        Validity
            Not Before: Jun  7 06:01:04 2025 GMT
            Not After : Jun  8 06:01:04 2025 GMT
        Subject: CN=7201f1347fd95cb001943e433057056c8e65b229
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:74:fb:f3:1e:73:ef:31:3f:a8:2e:3b:2c:d3:
                    be:71:d2:28:1b:22:74:34:dc:a6:e2:a3:1c:cd:ff:
                    8e:55:bd:7b:e9:ae:e8:ac:65:8e:54:41:cf:91:47:
                    e8:31:0e:26:93:98:6c:c8:1a:95:e2:1d:35:52:f6:
                    24:ae:ee:17:3b:99:b6:ea:37:d5:ee:75:28:c8:63:
                    d9:75:65:48:80:ef:2b:ba:86:78:cb:0b:a1:4f:a1:
                    62:ed:d1:48:e1:d1:a1:d1:65:10:89:ce:f6:7e:b4:
                    3f:9f:b2:36:0e:fd:fe:fa:ef:86:27:4c:7a:fe:59:
                    54:37:20:b5:20:e7:52:6e:27:5f:5d:3f:92:16:f2:
                    0f:38:ba:8c:b8:b9:bd:59:54:45:b6:f4:b1:fd:12:
                    cf:0a:b2:79:78:e4:b9:24:9f:2c:5a:9c:dd:b0:03:
                    bc:16:80:f5:35:d3:c6:c8:1c:07:59:b9:9a:2e:3a:
                    bb:75:9f:18:a0:bf:71:6f:d7:d1:89:21:58:6d:d6:
                    a7:ef:6a:db:5e:2c:1b:cd:8d:72:f9:bf:14:49:a5:
                    6d:98:2c:d3:9e:34:6e:42:88:87:10:93:09:e8:be:
                    42:f2:9a:d6:02:bd:95:af:80:12:05:68:bb:48:4b:
                    0d:04:be:fb:71:20:aa:68:46:7d:cb:ec:c9:5b:82:
                    42:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:01:F1:34:7F:D9:5C:B0:01:94:3E:43:30:57:05:6C:8E:65:B2:29
            X509v3 Authority Key Identifier:
                keyid:4C:E0:82:00:49:22:78:48:4D:6C:88:F5:38:6B:A7:B3:96:96:CB:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:30:c3:f4:5b:01:46:24:cf:76:fb:ea:57:33:ea:f1:f9:39:
         a3:79:ec:88:dc:de:6b:fe:c9:2d:0a:7a:8b:42:df:ee:4b:ce:
         f2:f7:79:e6:29:53:10:f5:87:e2:31:39:8a:6a:a2:c6:ba:71:
         51:62:7c:f3:92:67:de:23:ea:01:74:14:88:1a:56:e1:80:72:
         89:d3:77:8e:52:de:48:e1:12:da:68:ce:e4:d3:2e:9c:2a:82:
         ce:14:a2:58:75:f8:36:e7:5c:16:00:5f:1a:d0:f7:e4:81:40:
         fc:1e:8c:a0:dd:54:bc:2e:ca:1a:c1:31:ba:48:d5:c5:7a:79:
         96:db:0e:06:e9:54:b2:0f:d0:99:4c:18:06:ef:9c:9e:53:33:
         21:89:c7:60:58:96:f7:f0:8b:5c:e7:6c:3b:bc:df:6e:37:c2:
         2a:cf:a6:f8:fd:cb:45:fc:ba:1f:68:cc:29:9b:62:ad:8c:cb:
         53:40:fb:67:68:5d:18:99:06:c7:0e:a9:6e:f8:33:d0:ae:b5:
         e9:23:91:cd:65:3e:3e:9c:c9:39:3c:a6:f6:62:63:34:53:0b:
         e4:d9:00:96:a5:a3:ba:b5:c3:06:ec:0c:7e:85:40:fd:9b:16:
         a5:6d:92:29:e8:de:7a:1b:cd:5b:f0:73:c9:a2:46:c5:f1:fd:
         f0:d3:bb:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+nzwmXoQxx18Us93OcW2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTA4MjAwNDkyMjc4NDg0ZDZjODhmNTM4NmJhN2IzOTY5
NmNiOTYwHhcNMjUwNjA3MDYwMTA0WhcNMjUwNjA4MDYwMTA0WjAzMTEwLwYDVQQD
Eyg3MjAxZjEzNDdmZDk1Y2IwMDE5NDNlNDMzMDU3MDU2YzhlNjViMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3T78x5z7zE/qC47LNO+cdIoGyJ0
NNym4qMczf+OVb176a7orGWOVEHPkUfoMQ4mk5hsyBqV4h01UvYkru4XO5m26jfV
7nUoyGPZdWVIgO8ruoZ4ywuhT6Fi7dFI4dGh0WUQic72frQ/n7I2Dv3++u+GJ0x6
/llUNyC1IOdSbidfXT+SFvIPOLqMuLm9WVRFtvSx/RLPCrJ5eOS5JJ8sWpzdsAO8
FoD1NdPGyBwHWbmaLjq7dZ8YoL9xb9fRiSFYbdan72rbXiwbzY1y+b8USaVtmCzT
njRuQoiHEJMJ6L5C8prWAr2Vr4ASBWi7SEsNBL77cSCqaEZ9y+zJW4JC6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIB8TR/2VywAZQ+QzBXBWyOZbIpMB8GA1UdIwQY
MBaAFEzgggBJInhITWyI9Thrp7OWlsuWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8yZDU0MmQtMWVjNS00OTQzLWI2M2Ut
OTE1MTIwYjYzMDkzLzEvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8yZDU0MmQtMWVjNS00OTQzLWI2M2UtOTE1MTIwYjYzMDkz
LzEvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXzDD9FsB
RiTPdvvqVzPq8fk5o3nsiNzea/7JLQp6i0Lf7kvO8vd55ilTEPWH4jE5imqixrpx
UWJ885Jn3iPqAXQUiBpW4YByidN3jlLeSOES2mjO5NMunCqCzhSiWHX4NudcFgBf
GtD35IFA/B6MoN1UvC7KGsExukjVxXp5ltsOBulUsg/QmUwYBu+cnlMzIYnHYFiW
9/CLXOdsO7zfbjfCKs+m+P3LRfy6H2jMKZtirYzLU0D7Z2hdGJkGxw6pbvgz0K61
6SORzWU+PpzJOTym9mJjNFML5NkAlqWjurXDBuwMfoVA/ZsWpW2SKejeehvNW/Bz
yaJGxfH98NO7Pw==
-----END CERTIFICATE-----