Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft
File:                     dEMndQQU00na3gIjNJfPR2Vc0-Q.mft (raw, json)
Hash identifier:          xcS/Dw4WdBRIuxPhkk/aIeitvp3zRZ/T7DEIgC19xXM=
Subject key identifier:   87:6B:B3:26:78:ED:52:3C:2C:DB:98:81:C7:1B:E8:54:B4:58:B7:E4
Authority key identifier: 74:43:27:75:04:14:D3:49:DA:DE:02:23:34:97:CF:47:65:5C:D3:E4
Certificate issuer:       /CN=744327750414d349dade02233497cf47655cd3e4
Certificate serial:       0197C94BF2D2F296BFD1FB9F66EF2728890E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dEMndQQU00na3gIjNJfPR2Vc0-Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft
Manifest number:          0F90
Signing time:             Wed 02 Jul 2025 04:01:27 +0000
Manifest this update:     Wed 02 Jul 2025 04:01:27 +0000
Manifest next update:     Thu 03 Jul 2025 04:01:27 +0000
Files and hashes:         1: dEMndQQU00na3gIjNJfPR2Vc0-Q.crl (hash: Z1Oz++EmuPOJfsGigMAGeJ4S8cJ99LYYIOtj59IatIM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dEMndQQU00na3gIjNJfPR2Vc0-Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 04:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:4b:f2:d2:f2:96:bf:d1:fb:9f:66:ef:27:28:89:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=744327750414d349dade02233497cf47655cd3e4
        Validity
            Not Before: Jul  2 04:01:27 2025 GMT
            Not After : Jul  3 04:01:27 2025 GMT
        Subject: CN=876bb32678ed523c2cdb9881c71be854b458b7e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:01:0d:0c:23:e2:48:a5:0a:62:0b:41:a9:ff:
                    bb:8a:6e:59:68:1c:f8:45:ff:be:06:b8:62:2b:e2:
                    0f:59:df:5e:09:c5:0e:d4:ac:d8:a8:1e:cd:fe:8c:
                    5e:a5:99:01:17:ff:bd:7b:aa:89:f1:9d:75:e2:46:
                    d0:4f:4d:49:66:41:00:f9:ba:e0:be:cf:98:f9:8a:
                    34:f6:5f:2e:6e:48:20:5d:5b:2d:54:62:08:8e:b4:
                    69:a2:f1:4d:fb:1f:a7:61:23:3e:56:76:81:58:ec:
                    19:84:81:b5:91:b9:8c:3c:49:e0:56:48:3e:4b:d5:
                    fe:71:19:81:d8:27:1f:2c:e4:f9:8f:87:ca:ba:2a:
                    68:20:ec:a0:bf:ed:0a:cb:c6:c4:ca:0a:21:d4:1f:
                    4c:3d:2b:81:8f:71:04:6a:8f:71:7b:7f:49:d0:52:
                    95:d3:5a:81:11:2a:0e:b0:c5:cc:68:f5:f4:50:dd:
                    65:56:4f:c3:2f:f5:a5:4e:22:5c:95:b3:52:51:9a:
                    e4:ab:89:80:ac:40:ee:b3:1a:a8:70:99:8e:8c:d0:
                    51:d9:02:31:62:1d:39:c0:a5:76:26:5b:d7:a0:fc:
                    77:eb:c9:5b:2c:50:8b:29:d4:1e:36:de:ab:6a:5d:
                    7a:73:0a:67:33:ca:98:f5:c8:48:8d:31:31:3a:4d:
                    0e:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:6B:B3:26:78:ED:52:3C:2C:DB:98:81:C7:1B:E8:54:B4:58:B7:E4
            X509v3 Authority Key Identifier:
                keyid:74:43:27:75:04:14:D3:49:DA:DE:02:23:34:97:CF:47:65:5C:D3:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dEMndQQU00na3gIjNJfPR2Vc0-Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:9f:83:7e:61:53:2b:c4:30:9e:e5:9d:85:08:12:16:03:69:
         32:27:98:81:07:d5:a2:4e:bd:ea:39:9b:5d:f1:40:04:68:76:
         56:f2:7a:91:50:28:38:38:de:49:6b:d2:87:0b:c8:bc:22:d5:
         30:5e:ff:ad:d5:30:0a:02:9d:5f:a0:66:f2:74:57:bb:e1:08:
         8e:93:4c:c4:85:61:9d:0e:a4:8e:d5:35:80:60:eb:8b:a1:cf:
         2e:67:4f:fa:1a:0f:ff:f6:40:aa:f0:ae:a9:4f:22:a9:aa:56:
         3a:0d:a3:09:df:cf:ac:c9:eb:88:17:8a:ae:48:d6:06:a6:21:
         88:de:18:f4:5c:fe:45:2f:97:10:a8:68:ea:5b:d4:1e:7c:28:
         c1:c2:f2:00:19:0d:3e:96:da:2e:c7:bb:6e:08:71:9d:5c:47:
         11:6d:31:31:f7:5b:08:2c:a2:77:d7:41:30:4f:74:ed:36:c0:
         d0:e9:18:04:be:2e:08:13:9d:1a:59:70:d9:fc:20:b5:7e:19:
         01:db:b9:37:27:a4:a5:11:b0:c0:ff:f1:0e:6a:34:21:cd:ed:
         08:53:93:74:4b:99:3e:73:84:04:83:c5:fc:80:9b:d5:e3:b8:
         83:19:9e:29:c3:24:dd:55:c1:41:13:c6:80:8a:de:25:36:bc:
         ab:ca:91:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJS/LS8pa/0fufZu8nKIkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NDMyNzc1MDQxNGQzNDlkYWRlMDIyMzM0OTdjZjQ3NjU1
Y2QzZTQwHhcNMjUwNzAyMDQwMTI3WhcNMjUwNzAzMDQwMTI3WjAzMTEwLwYDVQQD
Eyg4NzZiYjMyNjc4ZWQ1MjNjMmNkYjk4ODFjNzFiZTg1NGI0NThiN2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwENDCPiSKUKYgtBqf+7im5ZaBz4
Rf++BrhiK+IPWd9eCcUO1KzYqB7N/oxepZkBF/+9e6qJ8Z114kbQT01JZkEA+brg
vs+Y+Yo09l8ubkggXVstVGIIjrRpovFN+x+nYSM+VnaBWOwZhIG1kbmMPEngVkg+
S9X+cRmB2CcfLOT5j4fKuipoIOygv+0Ky8bEygoh1B9MPSuBj3EEao9xe39J0FKV
01qBESoOsMXMaPX0UN1lVk/DL/WlTiJclbNSUZrkq4mArEDusxqocJmOjNBR2QIx
Yh05wKV2JlvXoPx368lbLFCLKdQeNt6ral16cwpnM8qY9chIjTExOk0OuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIdrsyZ47VI8LNuYgccb6FS0WLfkMB8GA1UdIwQY
MBaAFHRDJ3UEFNNJ2t4CIzSXz0dlXNPkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEVNbmRRUVUwMG5hM2dJak5KZlBSMlZjMC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MTA4NzItYjViNS00NDJmLWI2MzAt
ZTVkMWFmNTlkZWE2LzEvZEVNbmRRUVUwMG5hM2dJak5KZlBSMlZjMC1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MTA4NzItYjViNS00NDJmLWI2MzAtZTVkMWFmNTlkZWE2
LzEvZEVNbmRRUVUwMG5hM2dJak5KZlBSMlZjMC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFZ+DfmFT
K8QwnuWdhQgSFgNpMieYgQfVok696jmbXfFABGh2VvJ6kVAoODjeSWvShwvIvCLV
MF7/rdUwCgKdX6Bm8nRXu+EIjpNMxIVhnQ6kjtU1gGDri6HPLmdP+hoP//ZAqvCu
qU8iqapWOg2jCd/PrMnriBeKrkjWBqYhiN4Y9Fz+RS+XEKho6lvUHnwowcLyABkN
PpbaLse7bghxnVxHEW0xMfdbCCyid9dBME907TbA0OkYBL4uCBOdGllw2fwgtX4Z
Adu5NyekpRGwwP/xDmo0Ic3tCFOTdEuZPnOEBIPF/ICb1eO4gxmeKcMk3VXBQRPG
gIreJTa8q8qRwA==
-----END CERTIFICATE-----