Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
File:                     TShV3jcUZy5-qwceFh0RoDDT048.mft (raw, json)
Hash identifier:          vTYAIep/Bkp9qsb2SNWwbWEhSS1fhBY2EpIhC7Z5aj8=
Subject key identifier:   09:02:56:B7:69:00:40:80:15:F3:39:E7:3E:8A:EE:36:25:17:D3:58
Authority key identifier: 4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F
Certificate issuer:       /CN=4d2855de3714672e7eab071e161d11a030d3d38f
Certificate serial:       01976884FB36E2377AC79D56C4E7130463F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
Manifest number:          0246
Signing time:             Fri 13 Jun 2025 09:00:34 +0000
Manifest this update:     Fri 13 Jun 2025 09:00:34 +0000
Manifest next update:     Sat 14 Jun 2025 09:00:34 +0000
Files and hashes:         1: TShV3jcUZy5-qwceFh0RoDDT048.crl (hash: +4SFlHaD7Z/RBQMEmOv7YT/gglJ7LXmkkLD91n4Ux0o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 09:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:84:fb:36:e2:37:7a:c7:9d:56:c4:e7:13:04:63:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2855de3714672e7eab071e161d11a030d3d38f
        Validity
            Not Before: Jun 13 09:00:34 2025 GMT
            Not After : Jun 14 09:00:34 2025 GMT
        Subject: CN=090256b76900408015f339e73e8aee362517d358
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:80:1e:0c:99:2e:03:34:b6:81:0c:9f:5a:41:
                    41:dd:a7:1a:d8:59:89:a8:62:e5:8f:e3:99:c8:a0:
                    dd:26:9b:01:5d:7b:16:e1:e1:a4:9c:3f:65:c0:d8:
                    5a:a1:03:42:f7:18:72:f2:e4:e8:3a:94:a8:db:21:
                    58:16:53:6e:ea:8f:6a:72:fa:5b:17:bc:46:ac:31:
                    3b:b3:41:06:3d:fe:aa:6f:45:52:c5:55:49:fa:2b:
                    6d:43:ca:cc:84:a2:73:7b:4c:15:44:44:6b:78:90:
                    67:4d:7e:4c:ee:26:f4:74:d3:04:23:b2:11:44:e0:
                    2f:e6:b4:4d:6e:44:f0:d2:00:76:6d:2b:0c:9e:d2:
                    12:8f:cc:5e:cb:1c:89:bc:b7:ca:fb:e4:f3:ff:8d:
                    09:65:68:c6:89:b7:95:03:97:dc:15:e7:b2:ee:5f:
                    20:64:e2:a9:a0:87:a3:93:b3:d5:00:94:21:79:44:
                    4d:b0:4c:f4:e0:da:6f:ab:04:0d:10:2a:e1:f4:3b:
                    39:f9:cb:3d:89:3b:99:30:ba:60:f5:ee:70:b6:50:
                    de:51:1e:1a:39:6d:eb:58:2e:f9:16:78:65:37:b1:
                    65:ae:e8:f8:5c:e8:5a:81:54:a7:c5:90:14:66:a5:
                    71:63:3f:aa:68:32:54:8b:1f:f9:7a:50:35:61:0f:
                    c9:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:02:56:B7:69:00:40:80:15:F3:39:E7:3E:8A:EE:36:25:17:D3:58
            X509v3 Authority Key Identifier:
                keyid:4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:08:12:25:77:b4:f6:e5:5b:d7:84:1f:e2:d2:54:2a:a8:d2:
         4b:58:f5:e1:e2:36:99:c0:de:de:a4:17:89:05:57:0c:5c:45:
         ed:99:6d:ae:37:bd:a3:2a:3f:30:88:1a:54:8b:43:a5:01:4a:
         54:8e:5e:b1:e0:ea:4b:47:5d:13:05:b5:51:e6:3d:cf:1f:29:
         45:91:98:ac:62:f9:29:38:ed:00:8a:a5:03:ca:e7:58:a5:71:
         46:01:e1:70:ab:20:4e:41:6f:36:24:d2:28:bb:ac:ab:e1:0a:
         56:ff:33:b9:6f:e2:c0:7e:3c:5e:2c:3a:fa:da:ea:db:7a:80:
         e0:68:ad:38:fb:9e:e1:19:b8:09:92:17:55:d5:a0:fd:d7:c4:
         a2:05:b9:21:8f:6e:6e:99:c9:29:47:18:45:b9:7d:d8:f8:06:
         40:5a:75:fe:bd:92:c7:43:02:a3:22:dc:f1:cd:9b:a4:9f:7e:
         3a:94:a6:b6:70:67:eb:48:75:80:6e:63:33:9a:23:4c:9a:95:
         da:ac:8a:69:19:cb:12:51:36:4b:eb:9d:d2:a1:c1:e4:94:14:
         b0:13:bb:bb:a2:79:51:b5:0e:5a:02:35:62:3e:4a:c1:99:28:
         b4:c4:a1:8d:7f:98:1a:84:7a:de:43:89:81:9c:8a:bc:48:a4:
         5d:7a:0a:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdohPs24jd6x51WxOcTBGP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjg1NWRlMzcxNDY3MmU3ZWFiMDcxZTE2MWQxMWEwMzBk
M2QzOGYwHhcNMjUwNjEzMDkwMDM0WhcNMjUwNjE0MDkwMDM0WjAzMTEwLwYDVQQD
EygwOTAyNTZiNzY5MDA0MDgwMTVmMzM5ZTczZThhZWUzNjI1MTdkMzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4AeDJkuAzS2gQyfWkFB3aca2FmJ
qGLlj+OZyKDdJpsBXXsW4eGknD9lwNhaoQNC9xhy8uToOpSo2yFYFlNu6o9qcvpb
F7xGrDE7s0EGPf6qb0VSxVVJ+ittQ8rMhKJze0wVRERreJBnTX5M7ib0dNMEI7IR
ROAv5rRNbkTw0gB2bSsMntISj8xeyxyJvLfK++Tz/40JZWjGibeVA5fcFeey7l8g
ZOKpoIejk7PVAJQheURNsEz04NpvqwQNECrh9Ds5+cs9iTuZMLpg9e5wtlDeUR4a
OW3rWC75FnhlN7Flruj4XOhagVSnxZAUZqVxYz+qaDJUix/5elA1YQ/JowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkCVrdpAECAFfM55z6K7jYlF9NYMB8GA1UdIwQY
MBaAFE0oVd43FGcufqsHHhYdEaAw09OPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYt
MzI4ZjY2OTk2ZWMxLzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYtMzI4ZjY2OTk2ZWMx
LzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHwgSJXe0
9uVb14Qf4tJUKqjSS1j14eI2mcDe3qQXiQVXDFxF7Zltrje9oyo/MIgaVItDpQFK
VI5eseDqS0ddEwW1UeY9zx8pRZGYrGL5KTjtAIqlA8rnWKVxRgHhcKsgTkFvNiTS
KLusq+EKVv8zuW/iwH48Xiw6+trq23qA4GitOPue4Rm4CZIXVdWg/dfEogW5IY9u
bpnJKUcYRbl92PgGQFp1/r2Sx0MCoyLc8c2bpJ9+OpSmtnBn60h1gG5jM5ojTJqV
2qyKaRnLElE2S+ud0qHB5JQUsBO7u6J5UbUOWgI1Yj5KwZkotMShjX+YGoR63kOJ
gZyKvEikXXoKyw==
-----END CERTIFICATE-----