Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
File:                     TShV3jcUZy5-qwceFh0RoDDT048.mft (raw, json)
Hash identifier:          kDbIrN9i14vOIMmTfYXxuUQ2uWUtUOenDaVN+yk/GjE=
Subject key identifier:   9F:DB:57:29:21:28:08:8D:5A:8E:76:89:1B:36:24:FA:FD:C2:8A:91
Authority key identifier: 4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F
Certificate issuer:       /CN=4d2855de3714672e7eab071e161d11a030d3d38f
Certificate serial:       01969FAD1A04EF84D332965B871A4C7AE432
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
Manifest number:          01DE
Signing time:             Mon 05 May 2025 09:00:43 +0000
Manifest this update:     Mon 05 May 2025 09:00:43 +0000
Manifest next update:     Tue 06 May 2025 09:00:43 +0000
Files and hashes:         1: TShV3jcUZy5-qwceFh0RoDDT048.crl (hash: pif8zG5mf9Yl/SFLoYQPUpjxnVbELloiWh2kE/Q2JNk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 09:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9f:ad:1a:04:ef:84:d3:32:96:5b:87:1a:4c:7a:e4:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2855de3714672e7eab071e161d11a030d3d38f
        Validity
            Not Before: May  5 09:00:43 2025 GMT
            Not After : May  6 09:00:43 2025 GMT
        Subject: CN=9fdb57292128088d5a8e76891b3624fafdc28a91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d7:b4:df:d0:a0:a0:74:62:fd:37:29:3d:57:
                    c0:98:86:ee:2c:41:61:48:f2:40:38:1c:f1:40:57:
                    d5:f7:e2:62:25:96:a8:45:d2:2f:a5:01:1f:09:4b:
                    f2:61:74:1a:26:31:5e:4b:2e:ef:e8:15:19:4e:12:
                    0e:79:38:95:f5:3d:e9:70:32:0b:94:55:60:0c:35:
                    b2:5a:2a:23:26:93:a7:c9:00:40:74:15:f8:62:c0:
                    dc:f2:61:d9:0c:cb:b1:e4:37:65:44:06:2d:ae:93:
                    97:75:50:56:71:6d:fe:b4:65:f3:8a:12:06:45:8b:
                    a0:4b:e9:6d:88:02:1e:e3:1d:5b:86:68:aa:f9:16:
                    b3:3e:5d:20:d1:23:c0:88:bb:9d:64:48:c6:be:8a:
                    33:5e:2b:e1:94:cf:fa:da:8b:88:4d:9b:e6:46:56:
                    84:7f:96:47:0c:c6:25:77:5d:04:b3:e8:d0:1c:7c:
                    77:2b:cc:ae:5b:2e:05:25:6c:2e:cd:a6:48:d0:18:
                    17:0b:e2:69:74:92:07:fe:21:27:9e:bb:dc:a9:0f:
                    5f:42:16:12:17:63:91:30:68:74:e9:fc:9d:9c:ab:
                    e0:9d:e7:5e:ba:d5:a7:be:f1:45:b0:af:07:5d:a5:
                    cc:7f:96:2e:82:d3:ce:a6:84:f4:87:58:d1:48:66:
                    22:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:DB:57:29:21:28:08:8D:5A:8E:76:89:1B:36:24:FA:FD:C2:8A:91
            X509v3 Authority Key Identifier:
                keyid:4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:ae:c3:56:2d:36:16:e6:ad:a4:aa:ed:f8:7c:af:21:93:cd:
         98:e4:8f:51:54:df:c1:cf:c8:16:f8:d4:7c:59:49:76:87:42:
         b2:95:42:e8:aa:11:95:f5:6a:e6:c0:81:25:81:17:be:36:76:
         53:9f:07:6a:a6:97:e6:22:53:48:59:7f:73:e1:47:f9:24:32:
         ee:6c:b0:02:ba:20:81:18:97:9a:a8:ac:13:d2:5e:2b:a2:83:
         a6:7a:de:63:68:bc:1d:3b:38:21:34:9a:d8:41:52:4f:83:a0:
         23:ab:b3:28:51:65:84:06:dc:3d:56:79:78:18:71:31:5f:56:
         a2:4d:01:93:e2:9a:ea:e7:3c:75:96:bf:b4:cf:52:fd:e1:e7:
         00:dc:5a:b6:53:20:59:6c:1b:c9:5e:f2:d8:bd:1b:70:48:b1:
         65:5f:19:e7:ca:84:ca:9a:74:53:87:2c:d3:8b:35:91:f6:64:
         35:91:7d:4c:b8:54:38:ef:8b:74:f2:c3:c5:ae:15:ed:e7:02:
         f0:57:b0:8a:eb:2c:d6:7b:7a:58:ef:68:fc:b3:c9:7b:58:65:
         c6:77:18:5a:37:61:54:e2:53:2d:22:c3:88:bf:f9:b7:16:3b:
         fe:c4:8b:80:92:cb:c8:a2:37:f4:28:6e:d6:62:7c:e5:b6:ae:
         3e:e7:a5:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZafrRoE74TTMpZbhxpMeuQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjg1NWRlMzcxNDY3MmU3ZWFiMDcxZTE2MWQxMWEwMzBk
M2QzOGYwHhcNMjUwNTA1MDkwMDQzWhcNMjUwNTA2MDkwMDQzWjAzMTEwLwYDVQQD
Eyg5ZmRiNTcyOTIxMjgwODhkNWE4ZTc2ODkxYjM2MjRmYWZkYzI4YTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwde039CgoHRi/TcpPVfAmIbuLEFh
SPJAOBzxQFfV9+JiJZaoRdIvpQEfCUvyYXQaJjFeSy7v6BUZThIOeTiV9T3pcDIL
lFVgDDWyWiojJpOnyQBAdBX4YsDc8mHZDMux5DdlRAYtrpOXdVBWcW3+tGXzihIG
RYugS+ltiAIe4x1bhmiq+RazPl0g0SPAiLudZEjGvoozXivhlM/62ouITZvmRlaE
f5ZHDMYld10Es+jQHHx3K8yuWy4FJWwuzaZI0BgXC+JpdJIH/iEnnrvcqQ9fQhYS
F2ORMGh06fydnKvgnedeutWnvvFFsK8HXaXMf5YugtPOpoT0h1jRSGYizQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ/bVykhKAiNWo52iRs2JPr9woqRMB8GA1UdIwQY
MBaAFE0oVd43FGcufqsHHhYdEaAw09OPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYt
MzI4ZjY2OTk2ZWMxLzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYtMzI4ZjY2OTk2ZWMx
LzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAha7DVi02
FuatpKrt+HyvIZPNmOSPUVTfwc/IFvjUfFlJdodCspVC6KoRlfVq5sCBJYEXvjZ2
U58HaqaX5iJTSFl/c+FH+SQy7mywAroggRiXmqisE9JeK6KDpnreY2i8HTs4ITSa
2EFST4OgI6uzKFFlhAbcPVZ5eBhxMV9Wok0Bk+Ka6uc8dZa/tM9S/eHnANxatlMg
WWwbyV7y2L0bcEixZV8Z58qEypp0U4cs04s1kfZkNZF9TLhUOO+LdPLDxa4V7ecC
8Fewiuss1nt6WO9o/LPJe1hlxncYWjdhVOJTLSLDiL/5txY7/sSLgJLLyKI39Chu
1mJ85bauPuelug==
-----END CERTIFICATE-----