Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
File:                     TShV3jcUZy5-qwceFh0RoDDT048.mft (raw, json)
Hash identifier:          NW1+KEu2H2ZE2NYJgCkWF0U6eNMQ8EFIkMNY3ESDhi0=
Subject key identifier:   F4:9E:F3:4A:3C:88:3E:8F:46:94:88:95:A2:B9:23:6D:02:7B:82:9B
Authority key identifier: 4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F
Certificate issuer:       /CN=4d2855de3714672e7eab071e161d11a030d3d38f
Certificate serial:       0198D5834F853CAE42FECC3081325F81C9A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
Manifest number:          0303
Signing time:             Sat 23 Aug 2025 06:00:09 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:09 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:09 +0000
Files and hashes:         1: TShV3jcUZy5-qwceFh0RoDDT048.crl (hash: PjkNQ5lHsDh1U9+BkPQqy3In5J7MBFSfnqZIcYlw+AY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:4f:85:3c:ae:42:fe:cc:30:81:32:5f:81:c9:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2855de3714672e7eab071e161d11a030d3d38f
        Validity
            Not Before: Aug 23 06:00:09 2025 GMT
            Not After : Aug 24 06:00:09 2025 GMT
        Subject: CN=f49ef34a3c883e8f46948895a2b9236d027b829b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:1c:1c:54:b3:c3:d4:8e:c5:fb:f2:59:69:4c:
                    9a:c6:06:11:97:fe:c7:f2:ba:0e:e5:17:08:c4:e1:
                    e1:ff:55:f1:89:71:88:ce:d4:55:43:7f:21:72:e5:
                    7f:e8:2e:b6:a0:c2:ac:07:2a:0b:45:52:fd:c5:77:
                    e0:5d:e7:26:4a:70:ca:bb:cf:5f:b8:4b:96:40:51:
                    92:9c:56:0f:60:3a:b9:ef:6e:81:ef:b8:c2:4c:3b:
                    08:83:13:2d:e1:ad:fb:9d:25:24:cd:3d:02:b4:ee:
                    a2:a2:fb:99:6f:78:c4:c0:be:84:65:7b:7e:a8:4e:
                    e7:29:1f:d0:08:34:f9:1d:cb:39:bd:f5:62:71:54:
                    57:ab:e4:a5:85:86:4b:50:38:63:b8:66:81:19:84:
                    1f:57:df:64:be:0f:1e:ad:4f:78:52:b2:4a:af:5c:
                    27:96:b3:fa:04:97:9e:ff:44:68:95:16:9a:9b:39:
                    cb:03:7b:a3:5a:6c:5d:90:ec:d4:8d:df:4a:ed:49:
                    7b:4b:19:a6:c5:9a:0a:83:08:8a:88:1f:f1:a1:96:
                    c6:04:30:f2:49:52:8f:e9:5c:40:c7:a4:e6:af:6d:
                    f9:d2:53:96:f5:76:6c:f5:e0:40:b0:ad:e4:1c:da:
                    50:fe:ce:3c:d6:79:1b:09:a2:3e:89:ad:e2:74:2f:
                    fa:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:9E:F3:4A:3C:88:3E:8F:46:94:88:95:A2:B9:23:6D:02:7B:82:9B
            X509v3 Authority Key Identifier:
                keyid:4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:1a:d5:2c:7b:93:24:2f:ee:92:1c:ab:c3:32:fe:7b:aa:96:
         32:1e:eb:ce:fc:b1:e6:7d:7d:6a:b7:c6:ba:16:a9:2a:7c:91:
         d4:ef:51:58:ec:48:a3:cc:4e:4a:00:cc:a6:25:47:b3:4b:16:
         67:89:9a:95:df:23:12:d4:09:46:09:4a:f1:35:24:1c:bc:4d:
         d9:cb:2c:b5:88:b3:cc:ec:16:c5:42:77:42:3b:07:f5:e9:f7:
         f9:ee:6c:a3:33:75:f1:33:f4:ec:6e:cb:85:48:ea:97:6b:0a:
         f6:2d:3c:23:f4:25:8f:8e:c7:8b:e5:ac:f2:0b:1b:7e:7b:2e:
         09:e5:0f:ab:cf:29:f1:4a:20:e3:20:3a:bb:48:ee:9e:bc:09:
         e3:ea:85:de:59:d1:12:ad:ab:3c:08:ba:14:c9:1e:67:6f:bf:
         4c:f9:ed:2c:34:23:65:b7:2e:4a:8d:de:b4:ef:3d:e8:68:84:
         43:1f:70:95:42:5b:e6:db:bd:20:2b:0a:bc:6e:5f:8f:35:74:
         61:21:11:fb:e9:4b:72:36:ed:97:42:25:8c:ef:08:e8:fa:e9:
         70:13:64:bb:91:0d:2b:69:4a:e0:e9:7a:cc:19:5d:ff:01:61:
         e2:ab:3d:84:b2:c6:53:07:c5:55:26:f2:a5:d6:c3:0f:e6:d3:
         f0:81:ca:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg0+FPK5C/swwgTJfgcmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjg1NWRlMzcxNDY3MmU3ZWFiMDcxZTE2MWQxMWEwMzBk
M2QzOGYwHhcNMjUwODIzMDYwMDA5WhcNMjUwODI0MDYwMDA5WjAzMTEwLwYDVQQD
EyhmNDllZjM0YTNjODgzZThmNDY5NDg4OTVhMmI5MjM2ZDAyN2I4MjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6RwcVLPD1I7F+/JZaUyaxgYRl/7H
8roO5RcIxOHh/1XxiXGIztRVQ38hcuV/6C62oMKsByoLRVL9xXfgXecmSnDKu89f
uEuWQFGSnFYPYDq5726B77jCTDsIgxMt4a37nSUkzT0CtO6iovuZb3jEwL6EZXt+
qE7nKR/QCDT5Hcs5vfVicVRXq+SlhYZLUDhjuGaBGYQfV99kvg8erU94UrJKr1wn
lrP6BJee/0RolRaamznLA3ujWmxdkOzUjd9K7Ul7SxmmxZoKgwiKiB/xoZbGBDDy
SVKP6VxAx6Tmr2350lOW9XZs9eBAsK3kHNpQ/s481nkbCaI+ia3idC/6BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSe80o8iD6PRpSIlaK5I20Ce4KbMB8GA1UdIwQY
MBaAFE0oVd43FGcufqsHHhYdEaAw09OPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYt
MzI4ZjY2OTk2ZWMxLzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYtMzI4ZjY2OTk2ZWMx
LzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKxrVLHuT
JC/ukhyrwzL+e6qWMh7rzvyx5n19arfGuhapKnyR1O9RWOxIo8xOSgDMpiVHs0sW
Z4mald8jEtQJRglK8TUkHLxN2csstYizzOwWxUJ3QjsH9en3+e5sozN18TP07G7L
hUjql2sK9i08I/Qlj47Hi+Ws8gsbfnsuCeUPq88p8Uog4yA6u0junrwJ4+qF3lnR
Eq2rPAi6FMkeZ2+/TPntLDQjZbcuSo3etO896GiEQx9wlUJb5tu9ICsKvG5fjzV0
YSER++lLcjbtl0IljO8I6PrpcBNku5ENK2lK4Ol6zBld/wFh4qs9hLLGUwfFVSby
pdbDD+bT8IHK3g==
-----END CERTIFICATE-----