Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
File:                     TShV3jcUZy5-qwceFh0RoDDT048.mft (raw, json)
Hash identifier:          evqD3QzWmtIFOiaWA/0GNg2wwcF6lEOe7aw40HmLvgc=
Subject key identifier:   C7:4C:29:FD:ED:9F:05:89:90:E4:86:9B:1C:C4:47:13:DE:B6:0D:56
Authority key identifier: 4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F
Certificate issuer:       /CN=4d2855de3714672e7eab071e161d11a030d3d38f
Certificate serial:       0194BAF20C5AAE48110467BAE6715BEDCF9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
Manifest number:          E3
Signing time:             Fri 31 Jan 2025 06:00:12 +0000
Manifest this update:     Fri 31 Jan 2025 06:00:12 +0000
Manifest next update:     Sat 01 Feb 2025 06:00:12 +0000
Files and hashes:         1: TShV3jcUZy5-qwceFh0RoDDT048.crl (hash: 9jgCQvPFrWc6rW5YRX9VAWQVwu1+esHcsZEmSwj58Us=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:f2:0c:5a:ae:48:11:04:67:ba:e6:71:5b:ed:cf:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2855de3714672e7eab071e161d11a030d3d38f
        Validity
            Not Before: Jan 31 06:00:12 2025 GMT
            Not After : Feb  1 06:00:12 2025 GMT
        Subject: CN=c74c29fded9f058990e4869b1cc44713deb60d56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:6a:63:42:67:c8:14:11:a6:08:96:13:e9:55:
                    18:bf:2f:f8:c5:8b:5e:a6:b2:01:1f:83:2a:ef:41:
                    ba:41:b8:b9:6b:3f:b5:b1:57:c1:be:59:03:f6:41:
                    62:dc:80:8f:3c:a2:06:77:eb:7e:79:ef:57:a7:76:
                    90:46:36:26:a1:b5:9b:a8:fc:26:bf:e7:ae:cd:2d:
                    ea:93:b7:22:29:18:76:68:99:e8:9a:c8:3a:b6:db:
                    0c:15:78:4f:65:1d:ff:eb:2f:db:1c:2c:79:bc:6c:
                    60:ac:0f:af:1f:99:53:80:79:10:19:c5:75:42:a9:
                    dd:63:35:f2:de:57:51:68:20:b7:9f:e8:a6:62:5c:
                    9c:07:df:6e:ae:14:85:06:bc:5f:3c:57:03:de:de:
                    19:c3:18:34:48:b0:6d:38:90:e5:3b:83:d6:cf:94:
                    7b:df:68:16:55:7f:71:bc:39:e3:fd:56:df:f5:61:
                    63:7b:e4:94:7f:fb:be:16:42:45:1f:21:18:55:44:
                    98:16:6b:e2:fd:36:b2:7c:6a:51:a3:2e:f1:67:fd:
                    60:0f:f0:8e:f0:86:2b:09:47:54:db:7b:c4:2d:fa:
                    b7:34:c8:75:76:ff:75:24:02:2b:59:df:3a:c2:55:
                    8b:47:5e:85:13:97:df:a0:d0:44:15:67:4d:9c:67:
                    4d:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:4C:29:FD:ED:9F:05:89:90:E4:86:9B:1C:C4:47:13:DE:B6:0D:56
            X509v3 Authority Key Identifier:
                keyid:4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:bb:52:82:db:30:a3:ab:1c:9c:70:33:a5:63:12:5a:21:cc:
         d3:af:cf:05:72:db:48:25:f4:de:b6:15:b4:9f:b8:d4:ad:9d:
         7e:30:37:60:d6:1e:09:17:23:70:79:b9:50:46:b5:dc:83:78:
         01:36:dd:56:23:81:20:9d:f8:2f:14:ba:37:94:5e:83:62:d5:
         76:d1:aa:f6:d3:52:37:b0:92:65:ea:8d:a4:17:44:e1:3a:8b:
         dd:70:b7:fc:6d:03:c9:cd:bd:c6:56:74:b4:d0:69:0e:03:d1:
         c1:4a:b8:77:25:b4:df:54:a2:06:7f:b7:a4:87:9a:71:44:c1:
         1b:06:ea:48:2e:28:94:c6:c2:0d:a4:c3:27:43:c2:65:bc:48:
         e8:e1:8b:21:4e:0b:4c:fd:f9:de:b0:6b:dc:56:be:32:0a:f9:
         74:1e:c4:9f:57:aa:df:8b:97:20:7f:7c:8f:aa:4a:06:b4:53:
         d5:8e:93:9d:37:ea:aa:ff:24:4d:01:d8:71:5f:52:3e:4c:70:
         a4:05:13:3b:ca:80:70:7c:86:4e:ef:c2:f3:bc:90:02:e5:f1:
         bb:fb:f7:40:e8:00:40:34:8f:4b:51:2a:ec:90:ad:5d:99:7e:
         7e:9f:1d:98:08:a7:eb:b3:ec:65:4a:e2:4b:75:60:0b:96:ae:
         3d:1d:16:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS68gxarkgRBGe65nFb7c+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjg1NWRlMzcxNDY3MmU3ZWFiMDcxZTE2MWQxMWEwMzBk
M2QzOGYwHhcNMjUwMTMxMDYwMDEyWhcNMjUwMjAxMDYwMDEyWjAzMTEwLwYDVQQD
EyhjNzRjMjlmZGVkOWYwNTg5OTBlNDg2OWIxY2M0NDcxM2RlYjYwZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mpjQmfIFBGmCJYT6VUYvy/4xYte
prIBH4Mq70G6Qbi5az+1sVfBvlkD9kFi3ICPPKIGd+t+ee9Xp3aQRjYmobWbqPwm
v+euzS3qk7ciKRh2aJnomsg6ttsMFXhPZR3/6y/bHCx5vGxgrA+vH5lTgHkQGcV1
QqndYzXy3ldRaCC3n+imYlycB99urhSFBrxfPFcD3t4Zwxg0SLBtOJDlO4PWz5R7
32gWVX9xvDnj/Vbf9WFje+SUf/u+FkJFHyEYVUSYFmvi/TayfGpRoy7xZ/1gD/CO
8IYrCUdU23vELfq3NMh1dv91JAIrWd86wlWLR16FE5ffoNBEFWdNnGdNRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMdMKf3tnwWJkOSGmxzERxPetg1WMB8GA1UdIwQY
MBaAFE0oVd43FGcufqsHHhYdEaAw09OPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYt
MzI4ZjY2OTk2ZWMxLzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYtMzI4ZjY2OTk2ZWMx
LzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATLtSgtsw
o6scnHAzpWMSWiHM06/PBXLbSCX03rYVtJ+41K2dfjA3YNYeCRcjcHm5UEa13IN4
ATbdViOBIJ34LxS6N5Reg2LVdtGq9tNSN7CSZeqNpBdE4TqL3XC3/G0Dyc29xlZ0
tNBpDgPRwUq4dyW031SiBn+3pIeacUTBGwbqSC4olMbCDaTDJ0PCZbxI6OGLIU4L
TP353rBr3Fa+Mgr5dB7En1eq34uXIH98j6pKBrRT1Y6TnTfqqv8kTQHYcV9SPkxw
pAUTO8qAcHyGTu/C87yQAuXxu/v3QOgAQDSPS1Eq7JCtXZl+fp8dmAin67PsZUri
S3VgC5auPR0W5Q==
-----END CERTIFICATE-----