Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft
File:                     dEMndQQU00na3gIjNJfPR2Vc0-Q.mft (raw, json)
Hash identifier:          LtZCdQPcbqfJ8+IF+G/ceHSGvTxfXYyy9FgKEAZX39k=
Subject key identifier:   7B:D1:41:FE:BE:C6:B2:B1:68:D9:9B:CF:03:66:9D:48:D2:31:D1:77
Authority key identifier: 74:43:27:75:04:14:D3:49:DA:DE:02:23:34:97:CF:47:65:5C:D3:E4
Certificate issuer:       /CN=744327750414d349dade02233497cf47655cd3e4
Certificate serial:       01964CD9665EE8D892943C893CC8511657B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dEMndQQU00na3gIjNJfPR2Vc0-Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft
Manifest number:          0ECB
Signing time:             Sat 19 Apr 2025 07:00:37 +0000
Manifest this update:     Sat 19 Apr 2025 07:00:37 +0000
Manifest next update:     Sun 20 Apr 2025 07:00:37 +0000
Files and hashes:         1: dEMndQQU00na3gIjNJfPR2Vc0-Q.crl (hash: /HN6f94m7moo+zcz6eWeeLQjOMwxXe8UPz1Q9zUEEmg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dEMndQQU00na3gIjNJfPR2Vc0-Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:d9:66:5e:e8:d8:92:94:3c:89:3c:c8:51:16:57:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=744327750414d349dade02233497cf47655cd3e4
        Validity
            Not Before: Apr 19 07:00:37 2025 GMT
            Not After : Apr 20 07:00:37 2025 GMT
        Subject: CN=7bd141febec6b2b168d99bcf03669d48d231d177
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:26:b6:07:e4:83:22:e9:3b:0d:a8:79:45:02:
                    18:11:d9:f8:12:09:79:dd:f2:f9:60:9d:7c:07:49:
                    89:c8:56:eb:5e:b2:e5:89:6b:6c:91:66:ac:93:9a:
                    7d:e8:37:a2:72:a5:06:84:3a:5d:2c:b7:28:51:bf:
                    f6:8e:cd:0a:a3:57:62:40:f4:76:60:00:3c:9d:cb:
                    3b:0b:88:e6:1c:5b:eb:b5:4d:b6:36:f1:47:59:d8:
                    a7:07:77:37:2a:50:4b:9c:80:d2:56:dc:46:47:79:
                    d6:45:6a:d3:ec:a6:3d:7a:b2:e7:9c:c5:b6:46:af:
                    6a:e7:15:72:f2:ec:7a:13:08:32:6d:5b:ea:a2:5d:
                    e3:b4:2a:63:40:b7:64:d0:9f:b6:da:8f:c8:92:e6:
                    bd:00:1f:60:28:26:45:c3:55:c5:d6:7d:82:83:12:
                    36:19:b4:43:61:1e:89:fc:0e:3d:bf:d7:69:60:6f:
                    e4:44:75:0e:41:d1:41:49:43:2c:eb:cb:5f:7d:5f:
                    d3:c4:e7:01:7a:fb:86:51:44:68:25:d0:68:fa:50:
                    04:76:84:74:d9:09:73:1e:ee:6a:3e:56:bc:8c:37:
                    55:85:1a:37:ee:56:6f:fc:9b:d0:a0:2a:26:b9:19:
                    f4:15:c3:64:d8:84:28:43:d9:24:13:a9:b8:05:ca:
                    cb:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:D1:41:FE:BE:C6:B2:B1:68:D9:9B:CF:03:66:9D:48:D2:31:D1:77
            X509v3 Authority Key Identifier:
                keyid:74:43:27:75:04:14:D3:49:DA:DE:02:23:34:97:CF:47:65:5C:D3:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dEMndQQU00na3gIjNJfPR2Vc0-Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:0f:a3:ce:93:ed:16:dd:a2:65:59:9a:a5:c5:a5:f8:31:ad:
         7c:b5:4d:0a:3d:23:ac:62:f8:ac:f5:db:13:03:f8:df:e0:72:
         b7:4f:a2:c9:13:d6:49:04:76:8e:2f:d2:c5:95:13:c4:59:0f:
         4b:77:92:72:7f:4c:85:a6:e1:bc:b2:5f:31:07:5d:fe:13:16:
         83:34:d9:ed:08:4f:85:ff:d8:47:81:5a:09:ab:07:b6:86:15:
         d8:9a:27:ad:b8:7a:b2:3b:c7:32:dc:e3:bb:b8:7d:60:96:fd:
         a9:0f:47:12:58:fc:78:4c:a7:11:4d:3a:1c:61:0c:ce:2c:37:
         53:3b:89:5a:ed:cb:98:7e:44:41:6b:5c:46:b1:dd:34:d5:da:
         b6:ba:06:b8:6d:8a:8f:02:11:f6:65:30:82:2a:4c:8b:29:cc:
         5c:a6:3f:26:86:a6:0d:0e:28:61:94:4c:a0:aa:28:0a:45:9a:
         bd:92:c7:75:39:39:c6:e0:70:bd:96:f8:e1:8b:9e:28:10:b4:
         dc:98:f8:3a:2e:39:c1:b3:7e:2a:ac:04:3d:6d:33:74:c7:b3:
         9d:d1:25:a8:f4:89:d7:d7:96:67:1d:8e:be:0f:cf:aa:ea:d1:
         6d:69:1c:62:6b:cd:93:e4:2b:98:b9:57:d5:ed:3b:f5:c9:64:
         d9:07:fa:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZM2WZe6NiSlDyJPMhRFleyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NDMyNzc1MDQxNGQzNDlkYWRlMDIyMzM0OTdjZjQ3NjU1
Y2QzZTQwHhcNMjUwNDE5MDcwMDM3WhcNMjUwNDIwMDcwMDM3WjAzMTEwLwYDVQQD
Eyg3YmQxNDFmZWJlYzZiMmIxNjhkOTliY2YwMzY2OWQ0OGQyMzFkMTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmia2B+SDIuk7Dah5RQIYEdn4Egl5
3fL5YJ18B0mJyFbrXrLliWtskWask5p96DeicqUGhDpdLLcoUb/2js0Ko1diQPR2
YAA8ncs7C4jmHFvrtU22NvFHWdinB3c3KlBLnIDSVtxGR3nWRWrT7KY9erLnnMW2
Rq9q5xVy8ux6EwgybVvqol3jtCpjQLdk0J+22o/Ikua9AB9gKCZFw1XF1n2CgxI2
GbRDYR6J/A49v9dpYG/kRHUOQdFBSUMs68tffV/TxOcBevuGUURoJdBo+lAEdoR0
2QlzHu5qPla8jDdVhRo37lZv/JvQoComuRn0FcNk2IQoQ9kkE6m4BcrLuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvRQf6+xrKxaNmbzwNmnUjSMdF3MB8GA1UdIwQY
MBaAFHRDJ3UEFNNJ2t4CIzSXz0dlXNPkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEVNbmRRUVUwMG5hM2dJak5KZlBSMlZjMC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MTA4NzItYjViNS00NDJmLWI2MzAt
ZTVkMWFmNTlkZWE2LzEvZEVNbmRRUVUwMG5hM2dJak5KZlBSMlZjMC1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MTA4NzItYjViNS00NDJmLWI2MzAtZTVkMWFmNTlkZWE2
LzEvZEVNbmRRUVUwMG5hM2dJak5KZlBSMlZjMC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANA+jzpPt
Ft2iZVmapcWl+DGtfLVNCj0jrGL4rPXbEwP43+Byt0+iyRPWSQR2ji/SxZUTxFkP
S3eScn9MhabhvLJfMQdd/hMWgzTZ7QhPhf/YR4FaCasHtoYV2Jonrbh6sjvHMtzj
u7h9YJb9qQ9HElj8eEynEU06HGEMziw3UzuJWu3LmH5EQWtcRrHdNNXatroGuG2K
jwIR9mUwgipMiynMXKY/JoamDQ4oYZRMoKooCkWavZLHdTk5xuBwvZb44YueKBC0
3Jj4Oi45wbN+KqwEPW0zdMezndElqPSJ19eWZx2Ovg/PqurRbWkcYmvNk+QrmLlX
1e079clk2Qf6TA==
-----END CERTIFICATE-----