Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.mft
File:                     ews7OUhl5LhbaGo59V7UvmU2pII.mft (raw, json)
Hash identifier:          joAr0kSLPkJkVAghAaJ6Ggd54lonS0ufOUJvToRMiyw=
Subject key identifier:   4C:DC:42:C8:00:D4:37:E9:2F:EA:DC:EB:7B:9F:0C:A7:DB:7C:B2:34
Authority key identifier: 7B:0B:3B:39:48:65:E4:B8:5B:68:6A:39:F5:5E:D4:BE:65:36:A4:82
Certificate issuer:       /CN=7b0b3b394865e4b85b686a39f55ed4be6536a482
Certificate serial:       019A7225FB48D5039790D1655EA35A46B51E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ews7OUhl5LhbaGo59V7UvmU2pII.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.mft
Manifest number:          0804
Signing time:             Tue 11 Nov 2025 09:01:23 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:23 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:23 +0000
Files and hashes:         1: ews7OUhl5LhbaGo59V7UvmU2pII.crl (hash: MEknP7Sq+f8zvMhisQ2Gie5loPJRtOb+3S80uGb8OJc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ews7OUhl5LhbaGo59V7UvmU2pII.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:fb:48:d5:03:97:90:d1:65:5e:a3:5a:46:b5:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b0b3b394865e4b85b686a39f55ed4be6536a482
        Validity
            Not Before: Nov 11 09:01:23 2025 GMT
            Not After : Nov 12 09:01:23 2025 GMT
        Subject: CN=4cdc42c800d437e92feadceb7b9f0ca7db7cb234
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:a7:57:46:80:d9:23:63:bf:09:42:97:d0:84:
                    35:17:8c:be:0d:c7:88:c1:3a:53:81:18:50:57:42:
                    f1:a2:d2:92:25:57:dd:ef:de:27:4e:bd:aa:52:c4:
                    a4:a7:20:d6:36:73:34:88:bb:6a:d4:e6:87:78:94:
                    0f:cd:b2:44:ed:19:6c:76:a8:e7:6c:0d:82:99:69:
                    ce:49:7a:b9:59:52:90:5c:9f:c0:3b:19:af:52:87:
                    52:27:2c:f3:0a:6b:b4:a6:61:80:1f:6d:e2:fc:d0:
                    17:37:a7:28:df:2d:07:9a:d0:29:a4:77:1b:e0:27:
                    c5:02:c3:df:62:3a:79:cd:ba:66:71:27:2e:31:84:
                    b1:ad:f8:47:e0:23:da:d0:db:80:0c:fb:91:4d:4d:
                    3c:a3:71:56:bf:47:a3:a6:58:9a:aa:e2:da:00:c4:
                    c2:9a:27:ed:a3:51:1d:3f:17:b5:32:76:b3:2a:33:
                    70:33:a2:68:60:7b:18:58:9f:2c:cb:ff:dc:f4:7c:
                    f6:2c:30:c3:e8:5c:08:82:ca:49:7a:d5:79:ff:ce:
                    d1:54:16:35:69:36:c3:6b:03:6a:8e:71:b8:96:11:
                    12:11:8f:0f:d2:2d:ba:bb:20:16:e0:ec:58:3b:c4:
                    74:11:18:dc:b1:4d:4a:d3:77:41:f7:e4:2e:31:47:
                    09:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:DC:42:C8:00:D4:37:E9:2F:EA:DC:EB:7B:9F:0C:A7:DB:7C:B2:34
            X509v3 Authority Key Identifier:
                keyid:7B:0B:3B:39:48:65:E4:B8:5B:68:6A:39:F5:5E:D4:BE:65:36:A4:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ews7OUhl5LhbaGo59V7UvmU2pII.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:82:7b:e2:82:b6:3a:26:a6:53:d4:47:e8:7f:97:20:35:74:
         c7:92:5e:6f:06:0c:a3:48:a2:29:d7:5e:fc:04:6d:54:9a:ce:
         ef:d5:da:a3:54:fc:a2:5c:33:6d:97:78:95:ce:9d:d6:2f:64:
         96:5a:5b:05:74:61:82:a5:d4:46:02:a0:d5:cc:91:34:01:38:
         cc:8d:5d:28:b8:73:5d:09:1e:01:ce:15:7a:94:fe:15:6a:9f:
         7a:40:25:f6:2a:5a:5a:4f:35:45:c2:fd:85:af:c5:89:c5:ce:
         01:31:47:4e:2e:2c:ae:6c:46:c4:08:10:81:df:a1:7c:c7:1b:
         f9:e7:f3:67:5b:a0:0f:bc:5c:b6:9e:a6:d4:e5:c9:56:0e:d0:
         36:17:74:d4:6d:79:8e:dd:be:72:84:30:14:7b:4f:8e:15:e5:
         ee:85:0b:67:20:b8:74:87:9a:d6:ac:06:11:51:79:bb:4e:ec:
         88:6e:59:27:8e:5a:0e:e5:65:8f:df:8d:5f:40:4b:3c:83:dc:
         5a:8b:c4:b2:33:2d:fe:1f:79:a7:d4:7d:94:4e:5f:b0:1a:a0:
         b1:39:f8:0a:dd:99:ef:39:5f:cb:02:cb:79:e0:f3:37:ea:e6:
         d9:a8:dc:df:26:e4:22:11:1f:31:b7:fa:43:5c:2c:ba:40:dc:
         2e:3f:37:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJftI1QOXkNFlXqNaRrUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMGIzYjM5NDg2NWU0Yjg1YjY4NmEzOWY1NWVkNGJlNjUz
NmE0ODIwHhcNMjUxMTExMDkwMTIzWhcNMjUxMTEyMDkwMTIzWjAzMTEwLwYDVQQD
Eyg0Y2RjNDJjODAwZDQzN2U5MmZlYWRjZWI3YjlmMGNhN2RiN2NiMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKdXRoDZI2O/CUKX0IQ1F4y+DceI
wTpTgRhQV0LxotKSJVfd794nTr2qUsSkpyDWNnM0iLtq1OaHeJQPzbJE7Rlsdqjn
bA2CmWnOSXq5WVKQXJ/AOxmvUodSJyzzCmu0pmGAH23i/NAXN6co3y0HmtAppHcb
4CfFAsPfYjp5zbpmcScuMYSxrfhH4CPa0NuADPuRTU08o3FWv0ejpliaquLaAMTC
mifto1EdPxe1MnazKjNwM6JoYHsYWJ8sy//c9Hz2LDDD6FwIgspJetV5/87RVBY1
aTbDawNqjnG4lhESEY8P0i26uyAW4OxYO8R0ERjcsU1K03dB9+QuMUcJ8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEzcQsgA1DfpL+rc63ufDKfbfLI0MB8GA1UdIwQY
MBaAFHsLOzlIZeS4W2hqOfVe1L5lNqSCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXdzN09VaGw1TGhiYUdvNTlWN1V2bVUycElJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9kYjM4YWItYzNjZi00NjIyLTg3ZjYt
MmM4ZDAwMTFlODhhLzEvZXdzN09VaGw1TGhiYUdvNTlWN1V2bVUycElJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9kYjM4YWItYzNjZi00NjIyLTg3ZjYtMmM4ZDAwMTFlODhh
LzEvZXdzN09VaGw1TGhiYUdvNTlWN1V2bVUycElJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANoJ74oK2
OiamU9RH6H+XIDV0x5JebwYMo0iiKdde/ARtVJrO79Xao1T8olwzbZd4lc6d1i9k
llpbBXRhgqXURgKg1cyRNAE4zI1dKLhzXQkeAc4VepT+FWqfekAl9ipaWk81RcL9
ha/FicXOATFHTi4srmxGxAgQgd+hfMcb+efzZ1ugD7xctp6m1OXJVg7QNhd01G15
jt2+coQwFHtPjhXl7oULZyC4dIea1qwGEVF5u07siG5ZJ45aDuVlj9+NX0BLPIPc
WovEsjMt/h95p9R9lE5fsBqgsTn4Ct2Z7zlfywLLeeDzN+rm2ajc3ybkIhEfMbf6
Q1wsukDcLj83Ow==
-----END CERTIFICATE-----