Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft
File:                     dEMndQQU00na3gIjNJfPR2Vc0-Q.mft (raw, json)
Hash identifier:          8wvBZdGflw4C8h9EeBNN2rqBtSpvKEMf5Zcec+oQhDQ=
Subject key identifier:   3D:9F:DF:66:94:C1:FE:CE:FA:CC:C3:17:0A:02:A8:88:C0:2D:5F:D8
Authority key identifier: 74:43:27:75:04:14:D3:49:DA:DE:02:23:34:97:CF:47:65:5C:D3:E4
Certificate issuer:       /CN=744327750414d349dade02233497cf47655cd3e4
Certificate serial:       01991763C9264633025D5C92BC68C4C21C71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dEMndQQU00na3gIjNJfPR2Vc0-Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft
Manifest number:          103D
Signing time:             Fri 05 Sep 2025 01:00:39 +0000
Manifest this update:     Fri 05 Sep 2025 01:00:39 +0000
Manifest next update:     Sat 06 Sep 2025 01:00:39 +0000
Files and hashes:         1: dEMndQQU00na3gIjNJfPR2Vc0-Q.crl (hash: jutS4NgFLp0jcnkunf+rQFJxPIQoQOC86KWAFCWMTTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dEMndQQU00na3gIjNJfPR2Vc0-Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:17:63:c9:26:46:33:02:5d:5c:92:bc:68:c4:c2:1c:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=744327750414d349dade02233497cf47655cd3e4
        Validity
            Not Before: Sep  5 01:00:39 2025 GMT
            Not After : Sep  6 01:00:39 2025 GMT
        Subject: CN=3d9fdf6694c1fecefaccc3170a02a888c02d5fd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e1:73:06:c6:1b:cc:f1:69:6e:4b:d5:dd:73:
                    e5:d1:89:fd:36:96:43:18:ef:b7:e2:9c:e1:b5:f0:
                    68:7d:9f:41:3a:e9:61:93:47:09:86:95:f7:50:34:
                    15:2a:d7:75:aa:cd:fe:3f:72:b0:9d:f2:3d:73:cb:
                    3b:30:23:4c:64:a7:fe:f2:c6:58:a1:37:42:5c:60:
                    6c:06:d4:e2:c0:a1:83:bb:77:3a:13:84:63:b7:fa:
                    66:6b:23:5d:dc:86:e1:71:c7:6b:c6:00:15:48:dc:
                    5c:a7:56:fb:89:37:7c:89:e8:32:7e:f9:55:5e:41:
                    02:df:3d:40:43:00:c8:96:30:9d:dc:93:42:5d:62:
                    26:44:e4:fe:d4:d8:b6:f7:28:0f:31:26:1e:d4:13:
                    eb:b0:bd:f9:7c:d0:9d:f5:1a:03:0e:63:fb:ca:77:
                    d8:ac:af:d1:42:3c:5e:f1:c5:46:b8:83:cf:8c:77:
                    04:c3:2d:a4:99:a2:90:a6:91:99:2c:23:ac:5b:f9:
                    98:e0:e4:2d:0e:32:15:d5:95:c9:81:86:21:30:25:
                    36:82:ed:6c:27:2f:bd:85:e0:21:5a:9c:d9:2f:87:
                    5e:b2:fb:6b:f9:d7:a6:4e:20:4e:69:8e:39:11:d4:
                    78:33:cb:be:25:6b:44:51:50:7a:40:17:32:2a:df:
                    2f:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:9F:DF:66:94:C1:FE:CE:FA:CC:C3:17:0A:02:A8:88:C0:2D:5F:D8
            X509v3 Authority Key Identifier:
                keyid:74:43:27:75:04:14:D3:49:DA:DE:02:23:34:97:CF:47:65:5C:D3:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dEMndQQU00na3gIjNJfPR2Vc0-Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:c3:57:bd:e1:a2:41:76:42:19:4b:d5:26:90:62:43:4b:65:
         85:30:c9:3e:c8:72:ae:21:50:8a:7f:22:87:32:56:57:23:81:
         7c:74:3b:b3:82:a7:72:8d:92:75:3d:1f:34:11:ba:6c:c0:b9:
         ba:8b:6b:b9:d4:55:34:3d:f1:1a:f6:c5:d8:a2:21:b7:d8:95:
         4a:66:cb:a9:7e:3f:ff:15:b5:aa:39:94:b0:8d:1b:98:1d:9b:
         c6:6f:72:c9:9c:b3:fc:b1:ff:a8:bd:56:cd:28:6d:39:0b:5b:
         7f:97:e7:e0:81:f0:39:33:16:1c:ab:ca:c9:ff:37:b2:c0:d7:
         a2:5a:37:31:e4:f9:87:d8:79:dd:fb:0c:64:32:03:c1:3f:70:
         09:5e:38:2c:50:01:37:ed:67:7a:fa:f9:fa:97:8f:37:9d:44:
         a8:06:4d:16:72:ce:38:2c:98:aa:17:f5:e9:c8:6a:46:dc:31:
         d1:af:40:fe:60:47:d7:83:89:a8:41:a0:14:3e:86:2d:c9:53:
         15:f4:94:86:28:aa:17:30:41:58:85:54:26:7e:f1:73:36:ca:
         33:f2:12:9f:08:43:b5:7e:32:14:04:62:ac:a3:ba:77:c3:16:
         83:d5:d7:28:60:01:da:9b:2f:87:99:be:4d:3d:3e:e6:88:60:
         cd:2b:c5:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXY8kmRjMCXVySvGjEwhxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NDMyNzc1MDQxNGQzNDlkYWRlMDIyMzM0OTdjZjQ3NjU1
Y2QzZTQwHhcNMjUwOTA1MDEwMDM5WhcNMjUwOTA2MDEwMDM5WjAzMTEwLwYDVQQD
EygzZDlmZGY2Njk0YzFmZWNlZmFjY2MzMTcwYTAyYTg4OGMwMmQ1ZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruFzBsYbzPFpbkvV3XPl0Yn9NpZD
GO+34pzhtfBofZ9BOulhk0cJhpX3UDQVKtd1qs3+P3KwnfI9c8s7MCNMZKf+8sZY
oTdCXGBsBtTiwKGDu3c6E4Rjt/pmayNd3IbhccdrxgAVSNxcp1b7iTd8iegyfvlV
XkEC3z1AQwDIljCd3JNCXWImROT+1Ni29ygPMSYe1BPrsL35fNCd9RoDDmP7ynfY
rK/RQjxe8cVGuIPPjHcEwy2kmaKQppGZLCOsW/mY4OQtDjIV1ZXJgYYhMCU2gu1s
Jy+9heAhWpzZL4desvtr+demTiBOaY45EdR4M8u+JWtEUVB6QBcyKt8vCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2f32aUwf7O+szDFwoCqIjALV/YMB8GA1UdIwQY
MBaAFHRDJ3UEFNNJ2t4CIzSXz0dlXNPkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEVNbmRRUVUwMG5hM2dJak5KZlBSMlZjMC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MTA4NzItYjViNS00NDJmLWI2MzAt
ZTVkMWFmNTlkZWE2LzEvZEVNbmRRUVUwMG5hM2dJak5KZlBSMlZjMC1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MTA4NzItYjViNS00NDJmLWI2MzAtZTVkMWFmNTlkZWE2
LzEvZEVNbmRRUVUwMG5hM2dJak5KZlBSMlZjMC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGcNXveGi
QXZCGUvVJpBiQ0tlhTDJPshyriFQin8ihzJWVyOBfHQ7s4Knco2SdT0fNBG6bMC5
uotrudRVND3xGvbF2KIht9iVSmbLqX4//xW1qjmUsI0bmB2bxm9yyZyz/LH/qL1W
zShtOQtbf5fn4IHwOTMWHKvKyf83ssDXolo3MeT5h9h53fsMZDIDwT9wCV44LFAB
N+1nevr5+pePN51EqAZNFnLOOCyYqhf16chqRtwx0a9A/mBH14OJqEGgFD6GLclT
FfSUhiiqFzBBWIVUJn7xczbKM/ISnwhDtX4yFARirKO6d8MWg9XXKGAB2psvh5m+
TT0+5ohgzSvF/w==
-----END CERTIFICATE-----