Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
File:                     TShV3jcUZy5-qwceFh0RoDDT048.mft (raw, json)
Hash identifier:          9u4diB6yQ7kEpDt39bGIQ1pWUzcL63ky/aJVxs28FB0=
Subject key identifier:   D5:15:5E:71:22:4C:88:59:8C:AE:9D:84:B9:5F:25:AC:7D:11:04:BD
Authority key identifier: 4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F
Certificate issuer:       /CN=4d2855de3714672e7eab071e161d11a030d3d38f
Certificate serial:       0197B5C4BFBA6AD5C83ECD997A857869CB9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
Manifest number:          026E
Signing time:             Sat 28 Jun 2025 09:00:59 +0000
Manifest this update:     Sat 28 Jun 2025 09:00:59 +0000
Manifest next update:     Sun 29 Jun 2025 09:00:59 +0000
Files and hashes:         1: TShV3jcUZy5-qwceFh0RoDDT048.crl (hash: AbF/Z9S1G4YsxtSCJDZACFsRXSnI2rEBaNbbHqOJT8Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 09:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:c4:bf:ba:6a:d5:c8:3e:cd:99:7a:85:78:69:cb:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2855de3714672e7eab071e161d11a030d3d38f
        Validity
            Not Before: Jun 28 09:00:59 2025 GMT
            Not After : Jun 29 09:00:59 2025 GMT
        Subject: CN=d5155e71224c88598cae9d84b95f25ac7d1104bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:dc:cf:69:5f:c3:ac:53:84:74:3d:75:a5:59:
                    5e:23:cd:d8:8b:65:7b:23:39:05:3c:62:1c:9a:85:
                    9b:f6:33:b5:3d:36:7a:e8:78:bc:2c:bb:ea:f3:6d:
                    06:5e:6b:96:6c:a7:29:91:72:2d:4d:b7:b7:3c:2c:
                    d4:0b:21:af:7f:57:a4:76:98:11:bf:5f:7f:88:6a:
                    f1:72:70:89:36:14:d5:e0:8f:ea:cc:b4:5d:1a:64:
                    bf:b3:0e:fc:2f:f9:3e:43:cf:b0:7c:90:6f:9f:bb:
                    59:15:6b:9a:45:f5:db:5a:e0:fc:2b:8e:29:ce:52:
                    23:2e:c9:a8:eb:77:19:1c:d4:15:5f:fe:65:52:fb:
                    b4:70:2b:1f:bb:0a:4f:78:24:50:72:32:00:ef:6d:
                    cc:3f:13:78:78:d1:31:ef:97:79:0c:e8:db:70:a2:
                    c5:dd:47:cb:40:ac:42:7d:00:bc:19:72:70:a4:4f:
                    af:39:90:b2:5e:13:f0:5d:46:d0:2d:45:bb:aa:83:
                    0c:c3:b1:c6:1c:79:2e:8b:56:e7:33:00:d8:b7:8e:
                    0d:c6:8a:5e:bf:d9:9e:12:4f:de:17:56:ce:5f:12:
                    55:fa:ea:fd:98:03:be:65:2d:d7:20:bd:e5:88:85:
                    1e:ca:75:af:cb:e5:bb:1d:2a:f1:cc:55:bd:b4:f0:
                    9a:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:15:5E:71:22:4C:88:59:8C:AE:9D:84:B9:5F:25:AC:7D:11:04:BD
            X509v3 Authority Key Identifier:
                keyid:4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:6b:4e:7a:c6:af:f6:8e:6d:ae:84:46:71:43:0d:0a:ae:b7:
         e0:cf:ab:68:ba:77:7a:e0:d5:1e:93:6d:f5:f9:6f:65:f4:1b:
         1a:e1:71:01:de:7d:99:e9:b4:27:dc:76:be:47:81:be:18:17:
         27:67:32:99:8c:8d:10:a3:a6:8a:3d:f4:56:16:53:cd:21:9d:
         b7:7a:69:1b:7b:f7:cc:36:33:c8:df:e9:2f:c2:8b:0c:ba:48:
         bd:a2:6b:8c:80:f0:8a:9f:91:8d:86:1c:b8:a1:d0:b6:7f:4a:
         3c:c4:4e:77:ea:ee:26:9d:53:70:28:4b:ee:0b:24:ef:fc:07:
         5e:0d:bc:18:19:8d:f2:6e:5f:50:b1:64:c8:02:f9:da:b5:f4:
         66:30:26:dd:4e:a1:a2:fd:c0:b4:2b:a3:0d:f3:1c:f3:74:72:
         76:33:ad:48:4a:b2:b9:f0:22:31:06:00:52:55:96:02:a5:ca:
         a9:06:73:96:b5:15:32:cf:af:21:a0:6e:c8:03:01:b7:00:b8:
         55:50:fd:40:c5:fe:0c:bc:f2:57:c6:2f:55:f6:0a:3a:91:7a:
         a8:c5:40:b4:e4:ec:fd:c5:7f:32:dc:f8:cd:c3:82:9d:3d:38:
         2b:47:14:6c:24:39:86:9c:37:6f:c1:2f:36:c5:91:d3:fd:bf:
         6c:5a:fe:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1xL+6atXIPs2ZeoV4acucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjg1NWRlMzcxNDY3MmU3ZWFiMDcxZTE2MWQxMWEwMzBk
M2QzOGYwHhcNMjUwNjI4MDkwMDU5WhcNMjUwNjI5MDkwMDU5WjAzMTEwLwYDVQQD
EyhkNTE1NWU3MTIyNGM4ODU5OGNhZTlkODRiOTVmMjVhYzdkMTEwNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9zPaV/DrFOEdD11pVleI83Yi2V7
IzkFPGIcmoWb9jO1PTZ66Hi8LLvq820GXmuWbKcpkXItTbe3PCzUCyGvf1ekdpgR
v19/iGrxcnCJNhTV4I/qzLRdGmS/sw78L/k+Q8+wfJBvn7tZFWuaRfXbWuD8K44p
zlIjLsmo63cZHNQVX/5lUvu0cCsfuwpPeCRQcjIA723MPxN4eNEx75d5DOjbcKLF
3UfLQKxCfQC8GXJwpE+vOZCyXhPwXUbQLUW7qoMMw7HGHHkui1bnMwDYt44Nxope
v9meEk/eF1bOXxJV+ur9mAO+ZS3XIL3liIUeynWvy+W7HSrxzFW9tPCaLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNUVXnEiTIhZjK6dhLlfJax9EQS9MB8GA1UdIwQY
MBaAFE0oVd43FGcufqsHHhYdEaAw09OPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYt
MzI4ZjY2OTk2ZWMxLzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYtMzI4ZjY2OTk2ZWMx
LzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUmtOesav
9o5troRGcUMNCq634M+raLp3euDVHpNt9flvZfQbGuFxAd59mem0J9x2vkeBvhgX
J2cymYyNEKOmij30VhZTzSGdt3ppG3v3zDYzyN/pL8KLDLpIvaJrjIDwip+RjYYc
uKHQtn9KPMROd+ruJp1TcChL7gsk7/wHXg28GBmN8m5fULFkyAL52rX0ZjAm3U6h
ov3AtCujDfMc83RydjOtSEqyufAiMQYAUlWWAqXKqQZzlrUVMs+vIaBuyAMBtwC4
VVD9QMX+DLzyV8YvVfYKOpF6qMVAtOTs/cV/Mtz4zcOCnT04K0cUbCQ5hpw3b8Ev
NsWR0/2/bFr+9g==
-----END CERTIFICATE-----