Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
File:                     TShV3jcUZy5-qwceFh0RoDDT048.mft (raw, json)
Hash identifier:          M1SAqFtJ2W2NI7p7ZaeN7lK9bSmjpdCVTilfvugUu24=
Subject key identifier:   66:D0:97:8F:EB:6E:3A:64:62:E9:9C:D6:BA:69:17:9B:2B:90:09:CA
Authority key identifier: 4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F
Certificate issuer:       /CN=4d2855de3714672e7eab071e161d11a030d3d38f
Certificate serial:       019745C2412A9E28A97D0CAFB56024C1808F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
Manifest number:          0234
Signing time:             Fri 06 Jun 2025 15:00:47 +0000
Manifest this update:     Fri 06 Jun 2025 15:00:47 +0000
Manifest next update:     Sat 07 Jun 2025 15:00:47 +0000
Files and hashes:         1: TShV3jcUZy5-qwceFh0RoDDT048.crl (hash: hlBJiXoOTUAXRyh9NmwKBddktetX0tFnpXvP/I8tL/Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:45:c2:41:2a:9e:28:a9:7d:0c:af:b5:60:24:c1:80:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2855de3714672e7eab071e161d11a030d3d38f
        Validity
            Not Before: Jun  6 15:00:47 2025 GMT
            Not After : Jun  7 15:00:47 2025 GMT
        Subject: CN=66d0978feb6e3a6462e99cd6ba69179b2b9009ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b8:35:bb:ad:85:35:dd:c1:c1:65:d2:f2:35:
                    1c:76:e0:f4:17:32:49:1a:ed:f3:23:73:8b:2b:4b:
                    ef:16:06:ee:6b:42:12:1a:0b:f4:34:a3:93:92:80:
                    e7:30:be:a8:f0:5b:2f:50:59:c3:a8:b6:93:ef:fa:
                    f0:02:48:20:cc:45:3e:29:e8:7d:0b:09:41:8b:16:
                    60:91:e2:2f:b1:32:4d:67:72:a1:e1:9b:90:5b:18:
                    08:4b:5c:fd:1f:6d:19:6c:ef:c4:60:19:55:2e:ed:
                    28:2f:8a:1a:b3:38:d7:72:d9:7f:55:16:c6:8c:10:
                    b7:f1:33:3e:ee:55:1a:92:d0:6c:ee:a5:ba:97:6b:
                    16:ab:b4:a7:55:dc:74:b4:de:40:52:5a:26:3f:0e:
                    10:44:c4:31:18:ca:a0:49:40:22:bc:ac:74:9e:18:
                    d9:f2:25:17:84:0b:3f:da:d6:71:19:96:25:0b:c9:
                    98:3e:44:cc:76:05:f4:4d:99:d4:1c:06:2c:44:87:
                    ad:c9:f7:42:cf:20:8b:3e:7e:ad:4a:18:da:28:a7:
                    fa:95:f7:9e:90:22:51:9f:94:23:54:94:26:56:7d:
                    66:5d:6f:78:61:34:30:2d:41:fa:38:62:fb:c9:78:
                    5c:13:67:bf:97:a9:15:46:fa:9b:cf:f7:64:c9:7f:
                    4f:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:D0:97:8F:EB:6E:3A:64:62:E9:9C:D6:BA:69:17:9B:2B:90:09:CA
            X509v3 Authority Key Identifier:
                keyid:4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:19:a0:25:e0:15:54:5f:07:8b:c5:1a:e0:76:ef:9b:b4:3c:
         49:c8:0f:b2:69:c7:3c:70:e4:9d:9b:24:91:5a:98:2b:39:be:
         75:ef:8c:a3:54:b9:94:d5:90:38:86:c2:21:ae:6f:33:b8:86:
         4d:1c:c2:75:15:9c:b3:5d:3a:6e:49:cc:52:a7:c5:6a:24:47:
         8a:a1:09:36:89:cb:d9:92:1a:f8:34:a0:c3:20:5c:f5:cc:37:
         9d:04:65:ad:64:d5:5d:00:72:bf:c3:65:95:e6:9c:1a:80:32:
         54:58:04:17:de:e0:5b:e7:a0:4d:96:7b:18:4c:eb:9b:05:e6:
         b4:ae:97:f9:9f:93:95:78:41:63:7d:9f:02:13:96:11:78:a9:
         93:2c:0a:03:7f:b4:13:e2:57:04:98:69:1a:bf:6f:66:96:2a:
         0d:59:33:be:de:fb:7b:cc:f6:2c:20:8f:b3:89:de:18:d8:b4:
         91:1d:95:c5:0c:ba:62:1f:da:d9:7c:85:2b:7b:7d:d0:f4:eb:
         74:fc:9c:b6:e9:c6:a9:4a:92:4b:4d:c5:68:18:5a:77:bf:1f:
         09:f2:4a:da:e7:2b:28:9b:97:95:cf:41:29:96:8f:df:41:28:
         bc:63:c5:ce:57:19:78:06:f5:00:07:fa:c5:f0:96:da:c8:f9:
         23:c8:4a:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdFwkEqniipfQyvtWAkwYCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjg1NWRlMzcxNDY3MmU3ZWFiMDcxZTE2MWQxMWEwMzBk
M2QzOGYwHhcNMjUwNjA2MTUwMDQ3WhcNMjUwNjA3MTUwMDQ3WjAzMTEwLwYDVQQD
Eyg2NmQwOTc4ZmViNmUzYTY0NjJlOTljZDZiYTY5MTc5YjJiOTAwOWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbg1u62FNd3BwWXS8jUcduD0FzJJ
Gu3zI3OLK0vvFgbua0ISGgv0NKOTkoDnML6o8FsvUFnDqLaT7/rwAkggzEU+Keh9
CwlBixZgkeIvsTJNZ3Kh4ZuQWxgIS1z9H20ZbO/EYBlVLu0oL4oaszjXctl/VRbG
jBC38TM+7lUaktBs7qW6l2sWq7SnVdx0tN5AUlomPw4QRMQxGMqgSUAivKx0nhjZ
8iUXhAs/2tZxGZYlC8mYPkTMdgX0TZnUHAYsRIetyfdCzyCLPn6tShjaKKf6lfee
kCJRn5QjVJQmVn1mXW94YTQwLUH6OGL7yXhcE2e/l6kVRvqbz/dkyX9P5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbQl4/rbjpkYumc1rppF5srkAnKMB8GA1UdIwQY
MBaAFE0oVd43FGcufqsHHhYdEaAw09OPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYt
MzI4ZjY2OTk2ZWMxLzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYtMzI4ZjY2OTk2ZWMx
LzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAchmgJeAV
VF8Hi8Ua4Hbvm7Q8ScgPsmnHPHDknZskkVqYKzm+de+Mo1S5lNWQOIbCIa5vM7iG
TRzCdRWcs106bknMUqfFaiRHiqEJNonL2ZIa+DSgwyBc9cw3nQRlrWTVXQByv8Nl
leacGoAyVFgEF97gW+egTZZ7GEzrmwXmtK6X+Z+TlXhBY32fAhOWEXipkywKA3+0
E+JXBJhpGr9vZpYqDVkzvt77e8z2LCCPs4neGNi0kR2VxQy6Yh/a2XyFK3t90PTr
dPyctunGqUqSS03FaBhad78fCfJK2ucrKJuXlc9BKZaP30EovGPFzlcZeAb1AAf6
xfCW2sj5I8hK5g==
-----END CERTIFICATE-----