Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
File:                     Th1cISsoF0fIw-xuhm4Vs5TFu98.mft (raw, json)
Hash identifier:          ASjkW7qesT2SJAnu8UkkRav9cwtK9FPCHKBkHU0RriA=
Subject key identifier:   5A:0B:CC:92:AB:47:8F:B4:51:79:BA:C7:B6:21:96:91:6E:80:8F:78
Authority key identifier: 4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF
Certificate issuer:       /CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
Certificate serial:       019676B0FA6B31DF3E8876F4E7BD77F92969
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
Manifest number:          0C47
Signing time:             Sun 27 Apr 2025 10:00:31 +0000
Manifest this update:     Sun 27 Apr 2025 10:00:31 +0000
Manifest next update:     Mon 28 Apr 2025 10:00:31 +0000
Files and hashes:         1: Th1cISsoF0fIw-xuhm4Vs5TFu98.crl (hash: 5aiMEQr3QoAx7Eui5O5BYhB47sS5DXyjs7LbLo8zQ8c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:b0:fa:6b:31:df:3e:88:76:f4:e7:bd:77:f9:29:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
        Validity
            Not Before: Apr 27 10:00:31 2025 GMT
            Not After : Apr 28 10:00:31 2025 GMT
        Subject: CN=5a0bcc92ab478fb45179bac7b62196916e808f78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:8d:df:b7:05:fe:2e:dc:67:58:9b:0c:9b:25:
                    47:a3:24:2a:a6:bc:c3:2d:7a:1a:86:00:33:7b:83:
                    27:3c:de:34:6a:9a:77:9b:f0:09:06:9e:55:53:d5:
                    fc:ae:3c:f4:76:77:e3:8a:93:ab:77:a3:29:0d:9e:
                    74:b4:f4:64:ba:f5:16:9e:f0:c2:91:6e:50:b0:a5:
                    f9:01:25:1b:b8:fb:4d:a4:70:b3:b0:0d:86:b5:e2:
                    8f:5e:01:fa:f0:5e:1d:51:16:23:8b:76:48:8e:30:
                    24:83:f9:ef:1d:79:ac:3c:02:ca:1d:27:93:61:35:
                    ca:2a:30:4f:93:74:9f:59:ee:fa:67:70:8f:ba:87:
                    d7:30:2b:20:db:19:6d:d6:7c:6c:24:cc:fc:aa:c2:
                    b6:18:a4:b2:c7:7d:ad:75:51:04:2a:42:ac:38:6d:
                    60:2d:e3:fd:ac:22:86:5a:ed:16:33:a5:3b:96:43:
                    b9:e0:00:bc:38:8f:c3:6f:d0:fb:cc:b1:0b:40:94:
                    4c:2d:82:88:e0:e9:27:4e:82:bb:be:81:26:5e:1b:
                    cc:d9:92:ca:09:3e:1d:de:52:13:ef:68:38:9c:ee:
                    99:ec:f8:cd:de:5a:f0:5a:ee:2b:84:69:6b:fb:db:
                    0a:09:6e:4a:0c:ed:b2:6f:da:31:88:51:0a:3f:22:
                    b0:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:0B:CC:92:AB:47:8F:B4:51:79:BA:C7:B6:21:96:91:6E:80:8F:78
            X509v3 Authority Key Identifier:
                keyid:4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:a2:ee:b3:33:ed:69:16:47:e0:8d:e3:b4:89:97:90:92:da:
         c1:a5:f1:14:e4:b1:b9:cd:09:48:e5:3e:f9:af:fe:7d:c6:cd:
         ca:a8:5a:d9:e8:9f:1d:52:26:42:26:af:a1:3d:db:86:f6:85:
         41:76:a6:94:5e:de:af:48:55:fb:3b:5f:6f:ae:ca:44:59:bb:
         28:af:b0:b8:d2:b5:4b:89:e5:d5:3e:84:7f:16:ba:67:c3:44:
         0f:17:c2:74:16:f7:b7:82:01:3e:39:34:28:9a:75:c7:26:c2:
         61:fb:32:e8:2f:fb:a1:8e:2c:e1:68:85:b1:d6:86:be:c7:6d:
         fe:14:3e:a9:09:d8:33:38:a0:58:c3:69:5f:75:85:96:56:2d:
         96:7a:9c:9f:11:09:12:55:32:95:89:a5:f8:67:93:dd:3c:c6:
         c9:96:04:0f:ed:fa:dd:27:85:9d:b5:6d:96:a0:30:a7:68:90:
         a0:8b:46:c4:74:9c:d1:28:7e:68:da:0a:b7:9a:1d:b0:1f:91:
         cb:ca:35:2b:f6:f7:c8:99:f7:b7:a4:87:64:7c:d9:d1:ad:43:
         83:52:00:61:54:5b:c4:83:40:28:8e:f7:dc:44:0a:6a:9d:3c:
         2f:6e:0c:f7:bf:e0:0c:61:5e:c7:79:37:7a:e8:17:97:8e:af:
         d6:19:2c:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sPprMd8+iHb05713+SlpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMWQ1YzIxMmIyODE3NDdjOGMzZWM2ZTg2NmUxNWIzOTRj
NWJiZGYwHhcNMjUwNDI3MTAwMDMxWhcNMjUwNDI4MTAwMDMxWjAzMTEwLwYDVQQD
Eyg1YTBiY2M5MmFiNDc4ZmI0NTE3OWJhYzdiNjIxOTY5MTZlODA4Zjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI3ftwX+LtxnWJsMmyVHoyQqprzD
LXoahgAze4MnPN40app3m/AJBp5VU9X8rjz0dnfjipOrd6MpDZ50tPRkuvUWnvDC
kW5QsKX5ASUbuPtNpHCzsA2GteKPXgH68F4dURYji3ZIjjAkg/nvHXmsPALKHSeT
YTXKKjBPk3SfWe76Z3CPuofXMCsg2xlt1nxsJMz8qsK2GKSyx32tdVEEKkKsOG1g
LeP9rCKGWu0WM6U7lkO54AC8OI/Db9D7zLELQJRMLYKI4OknToK7voEmXhvM2ZLK
CT4d3lIT72g4nO6Z7PjN3lrwWu4rhGlr+9sKCW5KDO2yb9oxiFEKPyKw8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFoLzJKrR4+0UXm6x7YhlpFugI94MB8GA1UdIwQY
MBaAFE4dXCErKBdHyMPsboZuFbOUxbvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTkt
NzEyZTI3NjFkYWY1LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTktNzEyZTI3NjFkYWY1
LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGaLuszPt
aRZH4I3jtImXkJLawaXxFOSxuc0JSOU++a/+fcbNyqha2eifHVImQiavoT3bhvaF
QXamlF7er0hV+ztfb67KRFm7KK+wuNK1S4nl1T6Efxa6Z8NEDxfCdBb3t4IBPjk0
KJp1xybCYfsy6C/7oY4s4WiFsdaGvsdt/hQ+qQnYMzigWMNpX3WFllYtlnqcnxEJ
ElUylYml+GeT3TzGyZYED+363SeFnbVtlqAwp2iQoItGxHSc0Sh+aNoKt5odsB+R
y8o1K/b3yJn3t6SHZHzZ0a1Dg1IAYVRbxINAKI733EQKap08L24M97/gDGFex3k3
eugXl46v1hksxw==
-----END CERTIFICATE-----