Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.mft
File:                     ews7OUhl5LhbaGo59V7UvmU2pII.mft (raw, json)
Hash identifier:          8S7aFpvvA4SoarpjwFwM8TE7cWOnaMOntBq0PQq6L2w=
Subject key identifier:   A7:75:AA:91:30:05:70:D7:55:7D:1D:F7:B7:CD:51:A9:FB:F5:51:B6
Authority key identifier: 7B:0B:3B:39:48:65:E4:B8:5B:68:6A:39:F5:5E:D4:BE:65:36:A4:82
Certificate issuer:       /CN=7b0b3b394865e4b85b686a39f55ed4be6536a482
Certificate serial:       01974AE88EF64526C1D4FEBCC221BF84195C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ews7OUhl5LhbaGo59V7UvmU2pII.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.mft
Manifest number:          0662
Signing time:             Sat 07 Jun 2025 15:00:44 +0000
Manifest this update:     Sat 07 Jun 2025 15:00:44 +0000
Manifest next update:     Sun 08 Jun 2025 15:00:44 +0000
Files and hashes:         1: ews7OUhl5LhbaGo59V7UvmU2pII.crl (hash: xBgdPHAHA21X2Pf4/NY1xOlU60xtquAZ/TwyPCRaUgw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ews7OUhl5LhbaGo59V7UvmU2pII.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 15:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:8e:f6:45:26:c1:d4:fe:bc:c2:21:bf:84:19:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b0b3b394865e4b85b686a39f55ed4be6536a482
        Validity
            Not Before: Jun  7 15:00:44 2025 GMT
            Not After : Jun  8 15:00:44 2025 GMT
        Subject: CN=a775aa91300570d7557d1df7b7cd51a9fbf551b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:b5:74:52:c1:37:c6:3b:e4:63:5b:27:c2:38:
                    82:0d:73:dc:cd:09:b3:61:51:b1:97:1e:01:2e:d5:
                    ab:53:2c:8d:46:66:20:bb:fc:a1:17:1d:5b:e1:5d:
                    f3:3e:e6:a3:93:08:7f:58:60:61:56:c9:f9:58:fc:
                    fa:7f:3f:47:63:75:ac:c9:a5:94:e7:59:0a:15:c2:
                    46:21:5f:0d:d3:1a:88:09:96:a0:98:45:ab:eb:24:
                    5e:61:ce:59:93:b6:8c:ae:a3:40:60:3e:da:13:2f:
                    1b:31:a6:ca:6e:bf:4b:13:ad:c6:54:73:64:ee:67:
                    63:f3:9f:02:30:15:66:16:78:60:e2:42:de:a7:e4:
                    2a:86:c9:13:da:37:57:e1:d3:65:c1:fd:8c:6b:f9:
                    8e:8e:e6:0c:b7:94:50:35:ea:40:bc:af:55:32:3a:
                    8e:5a:55:a5:a7:15:de:c7:23:c1:45:05:bc:f8:32:
                    92:73:4c:cd:15:9d:ce:fd:2f:40:d4:d7:14:66:b6:
                    d9:2a:38:bd:4b:4b:10:4f:7d:59:17:20:e7:fa:d3:
                    5d:7e:b6:7b:04:38:ca:40:93:04:a6:e9:13:73:77:
                    77:ae:cf:1c:2d:cd:98:9d:c7:e8:53:73:2c:3d:fb:
                    f1:45:dc:d7:c8:30:99:40:ab:c6:a5:49:5f:18:97:
                    90:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:75:AA:91:30:05:70:D7:55:7D:1D:F7:B7:CD:51:A9:FB:F5:51:B6
            X509v3 Authority Key Identifier:
                keyid:7B:0B:3B:39:48:65:E4:B8:5B:68:6A:39:F5:5E:D4:BE:65:36:A4:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ews7OUhl5LhbaGo59V7UvmU2pII.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:35:72:90:1c:b3:8a:e9:a0:66:34:df:a6:7a:1a:b6:d9:8a:
         04:3e:97:34:ba:9d:d2:20:f9:38:58:0c:7b:68:04:18:28:85:
         cf:23:14:c5:76:8e:1c:31:45:09:75:1e:6a:d1:ba:65:23:f9:
         c3:58:94:72:63:ea:e8:94:38:7d:d9:94:0f:a9:ae:a1:db:6b:
         74:2c:06:8d:17:55:33:10:92:b2:e8:46:2c:89:7a:4a:1e:54:
         a8:35:7d:3e:71:08:1e:1a:52:57:9f:23:5c:2a:d5:4c:41:b6:
         47:fc:72:02:7d:81:c9:89:f6:62:2b:d9:78:0e:72:01:89:89:
         9c:13:9f:17:d2:31:2c:cb:61:50:f9:66:76:d6:68:e3:76:0d:
         b3:79:32:d4:b6:02:ae:16:71:80:6b:45:55:5e:84:70:36:ed:
         37:50:37:e5:80:36:1e:43:ef:70:48:af:6c:b5:c5:ba:1f:0c:
         d4:b4:84:31:a4:8b:8a:83:0d:fc:f5:51:c5:e1:74:3e:dc:e8:
         fb:a7:bf:07:5a:ba:36:06:ad:43:9e:26:8f:bb:22:b3:2c:e3:
         d7:53:e2:8f:19:65:bb:9c:04:65:54:6e:a8:8b:d9:c4:42:04:
         59:e9:f0:67:87:d2:d3:b4:eb:cf:34:70:c2:c7:77:a9:c9:aa:
         ea:e7:02:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6I72RSbB1P68wiG/hBlcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMGIzYjM5NDg2NWU0Yjg1YjY4NmEzOWY1NWVkNGJlNjUz
NmE0ODIwHhcNMjUwNjA3MTUwMDQ0WhcNMjUwNjA4MTUwMDQ0WjAzMTEwLwYDVQQD
EyhhNzc1YWE5MTMwMDU3MGQ3NTU3ZDFkZjdiN2NkNTFhOWZiZjU1MWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LV0UsE3xjvkY1snwjiCDXPczQmz
YVGxlx4BLtWrUyyNRmYgu/yhFx1b4V3zPuajkwh/WGBhVsn5WPz6fz9HY3WsyaWU
51kKFcJGIV8N0xqICZagmEWr6yReYc5Zk7aMrqNAYD7aEy8bMabKbr9LE63GVHNk
7mdj858CMBVmFnhg4kLep+QqhskT2jdX4dNlwf2Ma/mOjuYMt5RQNepAvK9VMjqO
WlWlpxXexyPBRQW8+DKSc0zNFZ3O/S9A1NcUZrbZKji9S0sQT31ZFyDn+tNdfrZ7
BDjKQJMEpukTc3d3rs8cLc2YncfoU3MsPfvxRdzXyDCZQKvGpUlfGJeQOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKd1qpEwBXDXVX0d97fNUan79VG2MB8GA1UdIwQY
MBaAFHsLOzlIZeS4W2hqOfVe1L5lNqSCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXdzN09VaGw1TGhiYUdvNTlWN1V2bVUycElJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9kYjM4YWItYzNjZi00NjIyLTg3ZjYt
MmM4ZDAwMTFlODhhLzEvZXdzN09VaGw1TGhiYUdvNTlWN1V2bVUycElJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9kYjM4YWItYzNjZi00NjIyLTg3ZjYtMmM4ZDAwMTFlODhh
LzEvZXdzN09VaGw1TGhiYUdvNTlWN1V2bVUycElJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQDVykByz
iumgZjTfpnoattmKBD6XNLqd0iD5OFgMe2gEGCiFzyMUxXaOHDFFCXUeatG6ZSP5
w1iUcmPq6JQ4fdmUD6muodtrdCwGjRdVMxCSsuhGLIl6Sh5UqDV9PnEIHhpSV58j
XCrVTEG2R/xyAn2ByYn2YivZeA5yAYmJnBOfF9IxLMthUPlmdtZo43YNs3ky1LYC
rhZxgGtFVV6EcDbtN1A35YA2HkPvcEivbLXFuh8M1LSEMaSLioMN/PVRxeF0Ptzo
+6e/B1q6NgatQ54mj7sisyzj11Pijxllu5wEZVRuqIvZxEIEWenwZ4fS07TrzzRw
wsd3qcmq6ucCEQ==
-----END CERTIFICATE-----