Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
File:                     TShV3jcUZy5-qwceFh0RoDDT048.mft (raw, json)
Hash identifier:          cY32OsUIWitpmUJWNYz0WmsSnKylxWIVhEFcUHfpWDU=
Subject key identifier:   70:7E:64:DA:C1:8D:7F:DD:BC:F0:85:19:59:3B:3A:A5:EB:2E:47:FF
Authority key identifier: 4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F
Certificate issuer:       /CN=4d2855de3714672e7eab071e161d11a030d3d38f
Certificate serial:       0196526DBE8BBC069838FCC15733A21A1624
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
Manifest number:          01B6
Signing time:             Sun 20 Apr 2025 09:00:45 +0000
Manifest this update:     Sun 20 Apr 2025 09:00:45 +0000
Manifest next update:     Mon 21 Apr 2025 09:00:45 +0000
Files and hashes:         1: TShV3jcUZy5-qwceFh0RoDDT048.crl (hash: gejtrRHtMhoARbIUdUTZVmrRmYuZ9rcXwq1fRXRsXXU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:6d:be:8b:bc:06:98:38:fc:c1:57:33:a2:1a:16:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2855de3714672e7eab071e161d11a030d3d38f
        Validity
            Not Before: Apr 20 09:00:45 2025 GMT
            Not After : Apr 21 09:00:45 2025 GMT
        Subject: CN=707e64dac18d7fddbcf08519593b3aa5eb2e47ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:6d:47:a3:ba:10:e5:fe:91:e5:ff:12:9b:9f:
                    b7:36:c6:ab:53:11:c4:c3:0e:50:49:10:4a:b3:0d:
                    d5:a5:b0:ab:74:da:77:84:1d:48:0e:b4:98:5a:da:
                    4d:0a:20:42:ab:66:91:0c:63:d1:b1:76:81:17:4e:
                    1b:58:ef:7e:44:c1:c2:09:4e:4c:2c:d3:7d:9d:bc:
                    18:3a:e3:54:90:93:af:f9:f2:e3:90:c8:c4:e7:5e:
                    3b:3f:4f:53:44:35:1c:22:e3:34:f7:51:f4:6e:78:
                    ff:48:29:f2:83:79:fd:d6:ca:c0:45:e0:0d:ef:51:
                    97:94:b7:b2:18:2e:cb:d6:54:b7:99:c4:92:c0:96:
                    72:76:3b:bd:0c:5a:61:cb:80:75:45:ea:26:89:72:
                    cd:0a:60:c3:d3:d3:9b:5b:b2:39:d9:fd:f7:7b:ee:
                    cc:a7:bf:41:26:c6:16:51:7e:36:b3:f1:13:ca:c8:
                    f1:ed:00:86:ce:15:d4:a8:ce:94:56:28:d1:96:7e:
                    4e:cb:92:0a:02:b9:e2:07:03:7a:87:2a:fe:49:89:
                    bf:8d:c9:6f:0a:ce:23:f2:64:ca:f3:a5:50:97:44:
                    83:ac:8f:d8:10:7a:bc:e6:eb:26:a2:2b:ce:e3:fe:
                    7d:d5:2f:3e:84:78:b7:ca:0b:54:80:61:d2:4b:27:
                    35:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:7E:64:DA:C1:8D:7F:DD:BC:F0:85:19:59:3B:3A:A5:EB:2E:47:FF
            X509v3 Authority Key Identifier:
                keyid:4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:34:e4:d8:70:15:2a:5e:c2:9d:17:0c:06:b3:6b:8c:ec:48:
         99:24:ad:c2:89:21:a8:a3:39:7f:77:cb:37:c0:63:78:77:a9:
         b0:73:93:54:71:59:95:77:e6:40:10:a2:66:95:db:d6:f3:21:
         4a:2d:eb:c9:fb:f2:be:38:13:a7:25:c9:ef:2b:55:06:ab:dc:
         96:86:ae:5b:e1:8f:39:e6:44:21:b7:a1:47:cb:c2:49:6b:74:
         5e:ee:fa:95:ac:10:af:bd:a4:20:4b:3f:e8:e5:f5:96:cb:bc:
         ed:6f:75:16:07:66:fb:08:0b:82:16:b1:73:49:54:68:25:45:
         8f:07:c5:48:79:85:7f:02:10:c0:77:c7:ba:96:19:f7:fa:1c:
         d4:5b:82:e1:e9:6f:0d:46:6d:03:27:91:78:ee:e1:93:46:06:
         aa:b9:85:9c:c9:37:9c:3a:b7:f2:dc:e7:30:62:8a:f8:b8:75:
         d3:fd:4d:b7:7c:d1:7b:34:cc:e6:f1:e0:60:7e:e9:ab:39:3b:
         45:bc:12:10:50:dd:97:b2:8c:71:46:52:a0:48:7b:89:5c:bb:
         ba:55:10:d2:53:01:df:d8:a3:92:ad:6b:a2:d2:e1:37:9b:35:
         18:04:f8:79:a2:bf:fd:a3:15:60:1d:43:d0:97:67:ac:e2:68:
         8d:5f:4d:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSbb6LvAaYOPzBVzOiGhYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjg1NWRlMzcxNDY3MmU3ZWFiMDcxZTE2MWQxMWEwMzBk
M2QzOGYwHhcNMjUwNDIwMDkwMDQ1WhcNMjUwNDIxMDkwMDQ1WjAzMTEwLwYDVQQD
Eyg3MDdlNjRkYWMxOGQ3ZmRkYmNmMDg1MTk1OTNiM2FhNWViMmU0N2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAym1Ho7oQ5f6R5f8Sm5+3NsarUxHE
ww5QSRBKsw3VpbCrdNp3hB1IDrSYWtpNCiBCq2aRDGPRsXaBF04bWO9+RMHCCU5M
LNN9nbwYOuNUkJOv+fLjkMjE5147P09TRDUcIuM091H0bnj/SCnyg3n91srAReAN
71GXlLeyGC7L1lS3mcSSwJZydju9DFphy4B1ReomiXLNCmDD09ObW7I52f33e+7M
p79BJsYWUX42s/ETysjx7QCGzhXUqM6UVijRln5Oy5IKArniBwN6hyr+SYm/jclv
Cs4j8mTK86VQl0SDrI/YEHq85usmoivO4/591S8+hHi3ygtUgGHSSyc1hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHB+ZNrBjX/dvPCFGVk7OqXrLkf/MB8GA1UdIwQY
MBaAFE0oVd43FGcufqsHHhYdEaAw09OPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYt
MzI4ZjY2OTk2ZWMxLzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYtMzI4ZjY2OTk2ZWMx
LzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIjTk2HAV
Kl7CnRcMBrNrjOxImSStwokhqKM5f3fLN8BjeHepsHOTVHFZlXfmQBCiZpXb1vMh
Si3ryfvyvjgTpyXJ7ytVBqvcloauW+GPOeZEIbehR8vCSWt0Xu76lawQr72kIEs/
6OX1lsu87W91Fgdm+wgLghaxc0lUaCVFjwfFSHmFfwIQwHfHupYZ9/oc1FuC4elv
DUZtAyeReO7hk0YGqrmFnMk3nDq38tznMGKK+Lh10/1Nt3zRezTM5vHgYH7pqzk7
RbwSEFDdl7KMcUZSoEh7iVy7ulUQ0lMB39ijkq1rotLhN5s1GAT4eaK//aMVYB1D
0JdnrOJojV9NpQ==
-----END CERTIFICATE-----