Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
File:                     TShV3jcUZy5-qwceFh0RoDDT048.mft (raw, json)
Hash identifier:          tBJd8xceMR2hTxQ1zCQFuf41iyJMnBR3WJJr59QL+GA=
Subject key identifier:   CA:05:49:0B:CF:CB:9A:08:D1:F2:2C:0D:7D:D7:55:89:35:6D:09:41
Authority key identifier: 4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F
Certificate issuer:       /CN=4d2855de3714672e7eab071e161d11a030d3d38f
Certificate serial:       01988FFDEC267DC3981542034BA4280A5F60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
Manifest number:          02DF
Signing time:             Sat 09 Aug 2025 18:00:39 +0000
Manifest this update:     Sat 09 Aug 2025 18:00:39 +0000
Manifest next update:     Sun 10 Aug 2025 18:00:39 +0000
Files and hashes:         1: TShV3jcUZy5-qwceFh0RoDDT048.crl (hash: FzlbOpcXzeMES7m7YcayY/4FSe0URqnPuqxDN3q8iTQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 14:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8f:fd:ec:26:7d:c3:98:15:42:03:4b:a4:28:0a:5f:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2855de3714672e7eab071e161d11a030d3d38f
        Validity
            Not Before: Aug  9 18:00:39 2025 GMT
            Not After : Aug 10 18:00:39 2025 GMT
        Subject: CN=ca05490bcfcb9a08d1f22c0d7dd75589356d0941
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:15:fe:c4:1a:94:dc:c2:f0:23:eb:97:0b:a0:
                    a7:42:a1:53:f0:b9:52:1a:ae:c7:78:3c:80:ba:a0:
                    46:61:95:73:08:e1:e5:cb:54:ce:8e:84:82:e0:45:
                    b4:f4:09:30:5e:36:dc:c8:9e:e6:ed:88:7c:f6:d1:
                    8c:c3:b9:7b:29:23:74:6c:d3:99:9d:12:82:c6:a5:
                    10:0f:c6:23:1d:1b:80:83:af:8b:c9:73:cb:1b:25:
                    a1:d3:53:bb:c8:7a:9e:68:99:4a:c7:fe:99:fb:95:
                    70:8b:cd:c9:b1:76:53:a0:d7:14:48:5b:51:bd:3b:
                    99:09:9d:fd:d3:b7:ba:9b:a5:47:62:00:6d:e9:74:
                    7d:0b:0d:8d:a9:fa:63:74:71:7a:9a:19:2d:94:f6:
                    f2:18:c3:57:c1:25:dd:09:13:28:fb:f8:d0:ab:44:
                    99:54:03:b8:3a:a8:24:ea:41:18:a2:a6:48:99:f6:
                    bf:7f:fc:b2:4c:d6:da:73:19:09:6d:3e:80:7b:98:
                    63:03:c8:8e:76:6f:a4:6e:1d:4d:86:71:5f:e1:a3:
                    4a:b0:03:48:f8:6f:d1:c7:96:e8:54:f0:d0:6b:1a:
                    5d:a3:9c:de:ff:fe:f4:b0:4f:ec:c9:1a:80:4f:4b:
                    60:a9:77:5c:61:8f:a3:75:39:a1:ff:b8:da:8f:d7:
                    a0:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:05:49:0B:CF:CB:9A:08:D1:F2:2C:0D:7D:D7:55:89:35:6D:09:41
            X509v3 Authority Key Identifier:
                keyid:4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:29:10:bd:ab:50:bd:ee:99:12:67:ff:d6:f7:5d:08:cb:29:
         b6:99:d9:2d:06:ce:ea:4d:8e:8a:16:53:d8:cb:30:10:82:95:
         ee:85:a8:46:16:c2:92:bd:2d:0f:ee:3b:74:36:27:ae:69:80:
         bb:f6:ac:d1:b2:0a:9b:9e:98:0e:dd:82:41:e4:1f:5c:27:29:
         12:c7:9d:2e:6c:e4:03:7b:47:0f:7d:b8:cc:5f:44:6e:3b:4f:
         38:b7:ab:0d:6b:3a:89:41:a2:34:59:b9:e7:29:10:4d:b9:62:
         58:32:b8:81:c6:28:77:11:f4:2f:5f:b7:22:2d:9e:a1:36:b2:
         25:0b:c2:40:d1:d3:c2:fb:6e:03:55:2e:6c:30:42:45:50:08:
         34:66:65:84:4d:72:f1:cb:25:3b:26:95:8e:15:10:5c:53:33:
         b6:07:4c:f1:49:32:3e:58:0e:1a:5a:66:13:bb:07:c3:90:ec:
         e0:20:12:c7:18:f8:72:96:af:59:dd:55:20:98:b9:b7:3b:20:
         c1:a1:b1:72:77:7a:ee:1a:2d:32:52:1c:f6:bf:64:c7:7e:f4:
         8b:18:2a:ec:de:06:6f:f8:b1:29:58:86:e9:b5:85:c5:d8:40:
         b7:5d:f3:05:52:33:39:d3:ab:e1:bd:0a:9e:75:4c:a2:75:f9:
         5d:e2:42:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiP/ewmfcOYFUIDS6QoCl9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjg1NWRlMzcxNDY3MmU3ZWFiMDcxZTE2MWQxMWEwMzBk
M2QzOGYwHhcNMjUwODA5MTgwMDM5WhcNMjUwODEwMTgwMDM5WjAzMTEwLwYDVQQD
EyhjYTA1NDkwYmNmY2I5YTA4ZDFmMjJjMGQ3ZGQ3NTU4OTM1NmQwOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRX+xBqU3MLwI+uXC6CnQqFT8LlS
Gq7HeDyAuqBGYZVzCOHly1TOjoSC4EW09AkwXjbcyJ7m7Yh89tGMw7l7KSN0bNOZ
nRKCxqUQD8YjHRuAg6+LyXPLGyWh01O7yHqeaJlKx/6Z+5Vwi83JsXZToNcUSFtR
vTuZCZ3907e6m6VHYgBt6XR9Cw2NqfpjdHF6mhktlPbyGMNXwSXdCRMo+/jQq0SZ
VAO4Oqgk6kEYoqZImfa/f/yyTNbacxkJbT6Ae5hjA8iOdm+kbh1NhnFf4aNKsANI
+G/Rx5boVPDQaxpdo5ze//70sE/syRqAT0tgqXdcYY+jdTmh/7jaj9egpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMoFSQvPy5oI0fIsDX3XVYk1bQlBMB8GA1UdIwQY
MBaAFE0oVd43FGcufqsHHhYdEaAw09OPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYt
MzI4ZjY2OTk2ZWMxLzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYtMzI4ZjY2OTk2ZWMx
LzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVykQvatQ
ve6ZEmf/1vddCMsptpnZLQbO6k2OihZT2MswEIKV7oWoRhbCkr0tD+47dDYnrmmA
u/as0bIKm56YDt2CQeQfXCcpEsedLmzkA3tHD324zF9EbjtPOLerDWs6iUGiNFm5
5ykQTbliWDK4gcYodxH0L1+3Ii2eoTayJQvCQNHTwvtuA1UubDBCRVAINGZlhE1y
8cslOyaVjhUQXFMztgdM8UkyPlgOGlpmE7sHw5Ds4CASxxj4cpavWd1VIJi5tzsg
waGxcnd67hotMlIc9r9kx370ixgq7N4Gb/ixKViG6bWFxdhAt13zBVIzOdOr4b0K
nnVMonX5XeJCuQ==
-----END CERTIFICATE-----