Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft
File:                     dEMndQQU00na3gIjNJfPR2Vc0-Q.mft (raw, json)
Hash identifier:          o8RbfQZv2H2G9HqM2QlobephcYK6zLsW5p4IGJ5S+O0=
Subject key identifier:   B2:DD:67:19:63:8D:2F:A2:40:15:B3:C3:5D:F4:F9:5C:9E:82:DE:63
Authority key identifier: 74:43:27:75:04:14:D3:49:DA:DE:02:23:34:97:CF:47:65:5C:D3:E4
Certificate issuer:       /CN=744327750414d349dade02233497cf47655cd3e4
Certificate serial:       019512103DAE321F9B9E63D2BAEC1A73C225
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dEMndQQU00na3gIjNJfPR2Vc0-Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft
Manifest number:          0E28
Signing time:             Mon 17 Feb 2025 04:00:09 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:09 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:09 +0000
Files and hashes:         1: dEMndQQU00na3gIjNJfPR2Vc0-Q.crl (hash: bPIHrCgmBhHlNmRakN7Dv/2hP3R5Fnl4dbSLNI8cFqA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dEMndQQU00na3gIjNJfPR2Vc0-Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:3d:ae:32:1f:9b:9e:63:d2:ba:ec:1a:73:c2:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=744327750414d349dade02233497cf47655cd3e4
        Validity
            Not Before: Feb 17 04:00:09 2025 GMT
            Not After : Feb 18 04:00:09 2025 GMT
        Subject: CN=b2dd6719638d2fa24015b3c35df4f95c9e82de63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:72:96:39:33:5d:ab:81:36:9f:11:62:92:9f:
                    39:d2:25:8a:2b:49:4c:c1:13:54:68:c1:c2:0f:0a:
                    d0:9a:e8:87:82:1e:35:d3:0e:b5:c2:a2:89:e5:e3:
                    3e:ae:5b:df:04:f8:dd:22:93:73:36:5d:b5:8a:1f:
                    97:2d:42:c1:bd:90:57:c2:b3:a3:76:3e:a2:c3:33:
                    65:4e:26:94:9c:97:27:9f:87:a5:6e:c7:aa:db:36:
                    6d:81:68:fa:64:85:4c:3a:b2:18:5e:9f:83:86:b9:
                    21:b8:b9:1a:40:f7:4d:39:66:0d:16:d3:75:8f:af:
                    8c:65:30:22:76:6f:ff:de:05:6e:e0:7f:90:e9:43:
                    af:b9:98:52:24:dc:f7:c9:66:65:99:06:bf:0e:9d:
                    0d:ac:04:24:e0:59:ee:9b:5c:4b:79:9f:d2:f5:93:
                    d7:23:8e:de:84:31:b2:ea:41:82:56:54:50:e3:53:
                    af:9a:dc:2b:2d:95:1f:c6:fb:b1:c8:1c:10:cd:69:
                    ca:bb:f1:c5:ef:a1:89:df:f3:9e:5c:3f:a1:e4:0a:
                    53:62:e1:9d:68:5c:f2:57:d5:d4:b1:ce:15:23:ad:
                    5f:f4:90:aa:0c:45:90:70:a8:27:dc:bf:49:f8:76:
                    5d:d1:97:ad:2b:e2:0d:6c:1c:21:f5:56:b3:18:2f:
                    de:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:DD:67:19:63:8D:2F:A2:40:15:B3:C3:5D:F4:F9:5C:9E:82:DE:63
            X509v3 Authority Key Identifier:
                keyid:74:43:27:75:04:14:D3:49:DA:DE:02:23:34:97:CF:47:65:5C:D3:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dEMndQQU00na3gIjNJfPR2Vc0-Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/610872-b5b5-442f-b630-e5d1af59dea6/1/dEMndQQU00na3gIjNJfPR2Vc0-Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:1a:81:b6:e8:33:a4:fa:22:73:62:e9:c2:1e:fa:2f:b3:6a:
         b9:cd:08:ec:35:19:16:78:89:a2:46:ff:d6:83:5b:c4:0d:80:
         80:b3:a2:0d:2f:a5:ba:41:d0:5d:95:43:d6:4f:d6:d2:d6:d5:
         be:12:97:f1:1e:36:5e:17:ca:3c:16:37:6f:5b:e8:2c:3a:16:
         a6:f0:eb:c6:7f:18:f0:19:e5:01:27:a4:ab:6c:e8:45:f1:d1:
         f4:8d:dc:0d:c7:e5:8f:bb:07:d1:4f:3c:79:b1:66:75:35:54:
         58:b2:a9:09:14:ca:ab:11:70:fb:b4:65:76:e9:89:e9:a4:b5:
         ff:76:19:0e:1a:33:86:01:58:a3:5c:23:c1:4e:71:37:9a:fa:
         8b:41:3d:a9:da:04:54:78:bb:24:3a:4a:8b:3e:75:4e:4e:f0:
         37:f4:15:62:15:e0:7a:ed:32:e0:00:c7:f0:76:8a:0b:02:74:
         8a:90:43:5c:8a:39:49:b1:73:22:6e:a8:d1:c8:28:9b:e8:06:
         57:af:1f:a0:b8:f7:09:0b:ff:e2:25:71:37:46:aa:6f:f2:40:
         39:f4:eb:73:30:17:3b:0a:0c:7b:b6:f2:61:77:76:02:15:f7:
         7a:6f:d4:9a:6b:4c:e6:6a:5e:40:a2:d2:22:c8:c8:06:77:e9:
         ff:19:98:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSED2uMh+bnmPSuuwac8IlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NDMyNzc1MDQxNGQzNDlkYWRlMDIyMzM0OTdjZjQ3NjU1
Y2QzZTQwHhcNMjUwMjE3MDQwMDA5WhcNMjUwMjE4MDQwMDA5WjAzMTEwLwYDVQQD
EyhiMmRkNjcxOTYzOGQyZmEyNDAxNWIzYzM1ZGY0Zjk1YzllODJkZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3KWOTNdq4E2nxFikp850iWKK0lM
wRNUaMHCDwrQmuiHgh410w61wqKJ5eM+rlvfBPjdIpNzNl21ih+XLULBvZBXwrOj
dj6iwzNlTiaUnJcnn4elbseq2zZtgWj6ZIVMOrIYXp+DhrkhuLkaQPdNOWYNFtN1
j6+MZTAidm//3gVu4H+Q6UOvuZhSJNz3yWZlmQa/Dp0NrAQk4Fnum1xLeZ/S9ZPX
I47ehDGy6kGCVlRQ41OvmtwrLZUfxvuxyBwQzWnKu/HF76GJ3/OeXD+h5ApTYuGd
aFzyV9XUsc4VI61f9JCqDEWQcKgn3L9J+HZd0ZetK+INbBwh9VazGC/eBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLLdZxljjS+iQBWzw130+Vyegt5jMB8GA1UdIwQY
MBaAFHRDJ3UEFNNJ2t4CIzSXz0dlXNPkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEVNbmRRUVUwMG5hM2dJak5KZlBSMlZjMC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MTA4NzItYjViNS00NDJmLWI2MzAt
ZTVkMWFmNTlkZWE2LzEvZEVNbmRRUVUwMG5hM2dJak5KZlBSMlZjMC1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MTA4NzItYjViNS00NDJmLWI2MzAtZTVkMWFmNTlkZWE2
LzEvZEVNbmRRUVUwMG5hM2dJak5KZlBSMlZjMC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmRqBtugz
pPoic2Lpwh76L7Nquc0I7DUZFniJokb/1oNbxA2AgLOiDS+lukHQXZVD1k/W0tbV
vhKX8R42XhfKPBY3b1voLDoWpvDrxn8Y8BnlASekq2zoRfHR9I3cDcflj7sH0U88
ebFmdTVUWLKpCRTKqxFw+7RldumJ6aS1/3YZDhozhgFYo1wjwU5xN5r6i0E9qdoE
VHi7JDpKiz51Tk7wN/QVYhXgeu0y4ADH8HaKCwJ0ipBDXIo5SbFzIm6o0cgom+gG
V68foLj3CQv/4iVxN0aqb/JAOfTrczAXOwoMe7byYXd2AhX3em/UmmtM5mpeQKLS
IsjIBnfp/xmYNA==
-----END CERTIFICATE-----