Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
File:                     TShV3jcUZy5-qwceFh0RoDDT048.mft (raw, json)
Hash identifier:          mWCsnrECVvAjRnR8KOc4paf6HdrpHS7GkHM2YM15gBg=
Subject key identifier:   FC:B3:86:79:7B:EF:20:70:87:9A:04:5A:B1:21:6F:C2:0E:8D:E9:B6
Authority key identifier: 4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F
Certificate issuer:       /CN=4d2855de3714672e7eab071e161d11a030d3d38f
Certificate serial:       01936AEB9241AEA79C7FE7DAB6726D19223F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
Manifest number:          35
Signing time:             Wed 27 Nov 2024 00:00:43 +0000
Manifest this update:     Wed 27 Nov 2024 00:00:43 +0000
Manifest next update:     Thu 28 Nov 2024 00:00:43 +0000
Files and hashes:         1: TShV3jcUZy5-qwceFh0RoDDT048.crl (hash: /OXthA/w6hi2dKDdcZjlLv4Pu1BiMLUHj0LEfaSsFE4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:eb:92:41:ae:a7:9c:7f:e7:da:b6:72:6d:19:22:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2855de3714672e7eab071e161d11a030d3d38f
        Validity
            Not Before: Nov 27 00:00:43 2024 GMT
            Not After : Nov 28 00:00:43 2024 GMT
        Subject: CN=fcb386797bef2070879a045ab1216fc20e8de9b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:bf:29:ae:33:dc:18:31:ae:de:29:98:b7:54:
                    67:82:ad:42:e5:a3:c4:fa:71:7d:bf:38:e2:ac:b2:
                    98:35:0d:03:0d:4c:1e:d9:20:8b:4b:63:b4:18:02:
                    e9:d4:d8:0b:bb:45:b6:4f:65:63:43:3e:6e:fc:1f:
                    cb:ba:b3:69:8b:43:f8:fd:14:a5:f2:76:d2:8b:6e:
                    38:51:1b:7b:3b:ee:de:50:5d:21:80:70:a1:6e:a0:
                    f8:d5:1f:be:07:88:ca:ae:05:ec:83:fe:96:d5:4f:
                    34:6b:2e:17:c4:ba:18:20:cb:39:c9:3f:5d:28:05:
                    d6:d7:06:da:99:6e:1c:e9:eb:15:25:63:5c:5f:29:
                    ff:b8:e3:6c:29:76:74:db:f6:a9:58:82:ee:51:b8:
                    f0:f7:67:48:24:c2:5e:fd:d9:1f:2a:1d:75:da:53:
                    a9:bb:d9:d1:b8:2d:ba:8c:46:48:44:33:0a:bc:e2:
                    ff:fc:c6:fb:d4:70:37:c5:a9:10:6d:0d:97:1c:68:
                    4a:c2:ef:92:0a:03:fa:39:f4:0f:61:1e:45:08:54:
                    25:89:d5:7e:fe:b9:95:96:2c:ce:fa:71:40:d9:66:
                    79:ff:65:46:83:49:a8:2a:78:3b:75:76:c4:cb:5c:
                    ca:37:b5:d4:c8:d7:c4:37:e5:76:a9:2e:47:6b:c5:
                    10:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:B3:86:79:7B:EF:20:70:87:9A:04:5A:B1:21:6F:C2:0E:8D:E9:B6
            X509v3 Authority Key Identifier:
                keyid:4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:96:68:06:6c:07:38:0a:9e:3c:da:a6:a8:56:79:c3:d8:49:
         ec:5e:11:c1:03:e3:aa:83:37:bc:d3:fd:0c:ad:18:c7:94:43:
         9b:81:e9:ab:b6:b0:8b:53:4a:d2:66:5f:de:a5:91:3a:35:71:
         fe:c3:fd:81:f0:62:5f:e8:b1:df:11:c7:90:ac:f8:5c:3a:d3:
         0b:4e:91:bc:db:d1:b6:24:1c:68:54:e5:54:a1:19:47:fb:52:
         ed:e1:d1:fe:ce:53:3f:11:93:fc:85:9c:03:f4:6e:8e:c7:8a:
         b6:ba:9b:f7:ac:47:2c:f9:24:b1:07:38:27:f4:1b:4d:d3:f5:
         71:e4:ed:d9:64:ab:09:02:50:7e:18:c3:ef:a6:1a:40:cd:18:
         eb:75:b7:87:5d:68:ea:be:02:21:ae:0a:61:93:9a:69:bc:7e:
         35:19:cc:d4:01:40:26:0e:6b:c7:0b:71:9c:1e:7f:ca:dd:cc:
         97:d0:e0:ad:6d:9e:08:ad:6d:a5:02:2a:29:07:21:3c:54:4f:
         b1:5f:88:2c:2f:29:ac:9f:45:04:5e:06:b6:9a:47:ba:a2:00:
         f2:62:57:de:11:9f:96:c6:fc:6e:d9:8c:cb:63:f3:53:6b:0f:
         57:90:77:b5:2d:1b:71:57:54:c4:d6:46:8b:37:85:c6:b8:63:
         30:3d:c1:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNq65JBrqecf+fatnJtGSI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjg1NWRlMzcxNDY3MmU3ZWFiMDcxZTE2MWQxMWEwMzBk
M2QzOGYwHhcNMjQxMTI3MDAwMDQzWhcNMjQxMTI4MDAwMDQzWjAzMTEwLwYDVQQD
EyhmY2IzODY3OTdiZWYyMDcwODc5YTA0NWFiMTIxNmZjMjBlOGRlOWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4b8prjPcGDGu3imYt1Rngq1C5aPE
+nF9vzjirLKYNQ0DDUwe2SCLS2O0GALp1NgLu0W2T2VjQz5u/B/LurNpi0P4/RSl
8nbSi244URt7O+7eUF0hgHChbqD41R++B4jKrgXsg/6W1U80ay4XxLoYIMs5yT9d
KAXW1wbamW4c6esVJWNcXyn/uONsKXZ02/apWILuUbjw92dIJMJe/dkfKh112lOp
u9nRuC26jEZIRDMKvOL//Mb71HA3xakQbQ2XHGhKwu+SCgP6OfQPYR5FCFQlidV+
/rmVlizO+nFA2WZ5/2VGg0moKng7dXbEy1zKN7XUyNfEN+V2qS5Ha8UQ3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPyzhnl77yBwh5oEWrEhb8IOjem2MB8GA1UdIwQY
MBaAFE0oVd43FGcufqsHHhYdEaAw09OPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYt
MzI4ZjY2OTk2ZWMxLzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYtMzI4ZjY2OTk2ZWMx
LzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcJZoBmwH
OAqePNqmqFZ5w9hJ7F4RwQPjqoM3vNP9DK0Yx5RDm4Hpq7awi1NK0mZf3qWROjVx
/sP9gfBiX+ix3xHHkKz4XDrTC06RvNvRtiQcaFTlVKEZR/tS7eHR/s5TPxGT/IWc
A/RujseKtrqb96xHLPkksQc4J/QbTdP1ceTt2WSrCQJQfhjD76YaQM0Y63W3h11o
6r4CIa4KYZOaabx+NRnM1AFAJg5rxwtxnB5/yt3Ml9DgrW2eCK1tpQIqKQchPFRP
sV+ILC8prJ9FBF4GtppHuqIA8mJX3hGflsb8btmMy2PzU2sPV5B3tS0bcVdUxNZG
izeFxrhjMD3BqQ==
-----END CERTIFICATE-----