Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft
File:                     TOCCAEkieEhNbIj1OGuns5aWy5Y.mft (raw, json)
Hash identifier:          BtqeEUPlGQUkmpQ7y+GeNFBuj2dXqnU92iUozcG2hpQ=
Subject key identifier:   F4:FC:1B:4E:8D:A1:D6:5A:04:C4:AB:28:48:2C:14:8C:0B:C2:67:64
Authority key identifier: 4C:E0:82:00:49:22:78:48:4D:6C:88:F5:38:6B:A7:B3:96:96:CB:96
Certificate issuer:       /CN=4ce08200492278484d6c88f5386ba7b39696cb96
Certificate serial:       01991688895EC0AEE7581EF864121458A3CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft
Manifest number:          0D3E
Signing time:             Thu 04 Sep 2025 21:01:10 +0000
Manifest this update:     Thu 04 Sep 2025 21:01:10 +0000
Manifest next update:     Fri 05 Sep 2025 21:01:10 +0000
Files and hashes:         1: TOCCAEkieEhNbIj1OGuns5aWy5Y.crl (hash: 7llGespXMG2RhBTAtrTeslLLIITr27E6jQ4wROFhXDg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:88:89:5e:c0:ae:e7:58:1e:f8:64:12:14:58:a3:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce08200492278484d6c88f5386ba7b39696cb96
        Validity
            Not Before: Sep  4 21:01:10 2025 GMT
            Not After : Sep  5 21:01:10 2025 GMT
        Subject: CN=f4fc1b4e8da1d65a04c4ab28482c148c0bc26764
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:bd:1e:f9:df:59:94:5c:5a:a9:8e:6d:cf:d0:
                    0b:fb:35:d7:d4:db:8a:2e:91:82:9d:98:aa:f9:f6:
                    a7:e8:0b:33:c8:d2:84:5c:26:a5:9d:58:d5:0b:55:
                    e3:80:79:28:2e:c1:8f:70:08:f2:c3:36:7e:c9:ea:
                    67:fd:2b:45:5e:4f:0a:22:58:34:d1:c8:c1:2d:4a:
                    2b:6e:b0:20:b2:d4:d8:8b:bb:54:dd:30:11:31:b0:
                    ee:3e:e1:01:ae:f7:20:20:09:ab:0c:c8:e5:7d:1d:
                    85:03:45:43:d7:c2:79:df:3c:3c:a4:74:c7:47:75:
                    6d:0e:d7:e1:9c:3e:17:09:9d:8e:92:0a:de:b3:09:
                    1b:90:cc:c4:86:be:a5:85:dd:6b:2c:64:d8:85:29:
                    08:85:58:85:0c:63:68:b4:00:ea:63:0f:9d:f8:29:
                    8b:ca:1b:94:2a:81:ae:03:51:66:45:c7:28:34:ab:
                    e2:13:cb:e0:1c:70:29:54:24:c2:4c:45:f9:c3:f0:
                    84:79:cf:68:b4:74:94:b5:1f:00:57:8e:8d:e2:9e:
                    4b:ab:d4:89:4b:8a:42:6e:93:bd:e2:7c:5f:2a:45:
                    f7:30:9a:06:0b:9c:fc:87:32:82:99:8f:15:2c:10:
                    26:e1:89:81:ce:e1:33:12:23:1a:28:4e:7f:66:a9:
                    1d:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:FC:1B:4E:8D:A1:D6:5A:04:C4:AB:28:48:2C:14:8C:0B:C2:67:64
            X509v3 Authority Key Identifier:
                keyid:4C:E0:82:00:49:22:78:48:4D:6C:88:F5:38:6B:A7:B3:96:96:CB:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:27:9f:9e:01:1a:d3:02:3a:b3:68:32:04:89:92:35:9b:70:
         d4:2e:4f:87:a8:d9:7e:83:f2:87:53:c4:81:9a:87:ac:21:52:
         5d:2e:be:94:a4:b0:f0:ba:ee:1c:da:16:fd:21:4a:02:7b:02:
         1a:4f:02:ad:99:7a:3b:3c:5b:53:d8:11:85:57:69:fe:cd:11:
         91:cc:6a:57:53:36:b0:d4:5f:fc:1b:d4:07:f3:62:ce:a3:b2:
         e5:f4:ed:96:09:af:0c:d5:e7:e6:ed:c9:71:ad:c7:ce:3d:6e:
         42:8f:e6:62:e6:96:c8:d0:78:0e:41:81:3f:97:8a:3b:fc:5e:
         22:b4:3d:cf:7c:db:46:b6:b6:b5:3e:4b:91:e3:b8:6d:45:55:
         0d:21:d8:36:42:a3:2b:10:75:e1:ba:5f:d2:d6:3a:db:0f:c1:
         fb:32:1b:3f:a1:e3:f6:21:03:20:49:ed:e2:52:eb:ee:6e:f8:
         01:04:5b:10:09:a9:ee:d1:83:2c:34:63:b8:9c:94:ae:3a:2c:
         f3:0b:35:fe:49:5c:f5:b0:b2:61:da:88:70:40:cd:1e:e6:df:
         2e:56:c9:35:00:37:bf:d8:5e:85:85:15:0e:c1:fa:d0:85:db:
         22:58:f9:09:a8:e0:a7:c6:9f:f0:2a:ec:c8:dd:45:6d:0c:20:
         5a:e6:d6:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWiIlewK7nWB74ZBIUWKPMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTA4MjAwNDkyMjc4NDg0ZDZjODhmNTM4NmJhN2IzOTY5
NmNiOTYwHhcNMjUwOTA0MjEwMTEwWhcNMjUwOTA1MjEwMTEwWjAzMTEwLwYDVQQD
EyhmNGZjMWI0ZThkYTFkNjVhMDRjNGFiMjg0ODJjMTQ4YzBiYzI2NzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor0e+d9ZlFxaqY5tz9AL+zXX1NuK
LpGCnZiq+fan6AszyNKEXCalnVjVC1XjgHkoLsGPcAjywzZ+yepn/StFXk8KIlg0
0cjBLUorbrAgstTYi7tU3TARMbDuPuEBrvcgIAmrDMjlfR2FA0VD18J53zw8pHTH
R3VtDtfhnD4XCZ2OkgreswkbkMzEhr6lhd1rLGTYhSkIhViFDGNotADqYw+d+CmL
yhuUKoGuA1FmRccoNKviE8vgHHApVCTCTEX5w/CEec9otHSUtR8AV46N4p5Lq9SJ
S4pCbpO94nxfKkX3MJoGC5z8hzKCmY8VLBAm4YmBzuEzEiMaKE5/Zqkd8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPT8G06NodZaBMSrKEgsFIwLwmdkMB8GA1UdIwQY
MBaAFEzgggBJInhITWyI9Thrp7OWlsuWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8yZDU0MmQtMWVjNS00OTQzLWI2M2Ut
OTE1MTIwYjYzMDkzLzEvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8yZDU0MmQtMWVjNS00OTQzLWI2M2UtOTE1MTIwYjYzMDkz
LzEvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoyefngEa
0wI6s2gyBImSNZtw1C5Ph6jZfoPyh1PEgZqHrCFSXS6+lKSw8LruHNoW/SFKAnsC
Gk8CrZl6OzxbU9gRhVdp/s0RkcxqV1M2sNRf/BvUB/NizqOy5fTtlgmvDNXn5u3J
ca3Hzj1uQo/mYuaWyNB4DkGBP5eKO/xeIrQ9z3zbRra2tT5LkeO4bUVVDSHYNkKj
KxB14bpf0tY62w/B+zIbP6Hj9iEDIEnt4lLr7m74AQRbEAmp7tGDLDRjuJyUrjos
8ws1/klc9bCyYdqIcEDNHubfLlbJNQA3v9hehYUVDsH60IXbIlj5Cajgp8af8Crs
yN1FbQwgWubWSQ==
-----END CERTIFICATE-----