Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/391c70-c3bc-407f-935b-fd70867bc334/1/7GV-idqz-xXjuuDrGsf6yT32OF0.mft
File:                     7GV-idqz-xXjuuDrGsf6yT32OF0.mft (raw, json)
Hash identifier:          QmI8HYFHURTHnsTs2nH6jynOU5fo9KGahGOhvXTOWiQ=
Subject key identifier:   35:54:6A:C6:B2:D3:28:F4:C6:62:78:04:00:A1:C4:16:1A:A7:66:7A
Authority key identifier: EC:65:7E:89:DA:B3:FB:15:E3:BA:E0:EB:1A:C7:FA:C9:3D:F6:38:5D
Certificate issuer:       /CN=ec657e89dab3fb15e3bae0eb1ac7fac93df6385d
Certificate serial:       01967AFB4C762E043188CCC859AAD9D1B9B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7GV-idqz-xXjuuDrGsf6yT32OF0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/391c70-c3bc-407f-935b-fd70867bc334/1/7GV-idqz-xXjuuDrGsf6yT32OF0.mft
Manifest number:          0503
Signing time:             Mon 28 Apr 2025 06:00:11 +0000
Manifest this update:     Mon 28 Apr 2025 06:00:11 +0000
Manifest next update:     Tue 29 Apr 2025 06:00:11 +0000
Files and hashes:         1: 7GV-idqz-xXjuuDrGsf6yT32OF0.crl (hash: J0T5YyQGZbCfQrp0JBMQ3INGZKPkR7BhWaPes0QqHRI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/391c70-c3bc-407f-935b-fd70867bc334/1/7GV-idqz-xXjuuDrGsf6yT32OF0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/391c70-c3bc-407f-935b-fd70867bc334/1/7GV-idqz-xXjuuDrGsf6yT32OF0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7GV-idqz-xXjuuDrGsf6yT32OF0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 06:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7a:fb:4c:76:2e:04:31:88:cc:c8:59:aa:d9:d1:b9:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec657e89dab3fb15e3bae0eb1ac7fac93df6385d
        Validity
            Not Before: Apr 28 06:00:11 2025 GMT
            Not After : Apr 29 06:00:11 2025 GMT
        Subject: CN=35546ac6b2d328f4c662780400a1c4161aa7667a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:83:cf:63:68:b7:83:6c:c8:df:cb:20:3b:ad:
                    3a:8d:da:c7:4e:cd:e5:53:99:2d:52:3b:67:32:eb:
                    1d:a2:de:18:a3:4f:f6:be:b8:b5:9c:04:e2:55:0f:
                    48:43:c2:5d:50:98:5d:e7:5c:ac:b9:fc:ab:b2:3a:
                    44:8f:a5:7b:f1:81:fb:57:e2:6e:11:70:5f:63:fc:
                    f0:2b:cb:97:14:76:17:1c:3e:ea:df:49:01:3e:e3:
                    b1:c9:fe:d1:3d:eb:7b:6d:9c:06:a0:05:bd:7b:ca:
                    9a:3c:d9:b1:3f:b0:f6:33:43:47:bb:45:d1:5b:d9:
                    01:df:e2:f1:d1:1c:d4:40:39:0d:ab:3c:38:2a:11:
                    12:39:e1:c7:dd:8e:60:07:0d:d7:11:13:44:b1:3f:
                    83:c9:88:45:4e:8d:15:15:e4:42:1c:1a:c1:68:de:
                    e1:c5:9c:e4:d0:0f:94:8f:02:2a:7e:80:9f:fe:75:
                    d2:3f:07:10:81:aa:cc:09:0e:75:a7:c9:7a:0c:15:
                    5f:86:a4:37:ab:d7:75:b1:43:64:68:17:c9:1a:e2:
                    0b:7c:dc:eb:17:6a:a4:30:cf:ee:03:26:e8:a8:9f:
                    2d:e8:4d:ec:18:f1:92:b7:49:df:ec:45:e3:03:d4:
                    2b:b2:99:e9:85:cc:f6:24:47:62:0e:fa:14:b2:63:
                    3a:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:54:6A:C6:B2:D3:28:F4:C6:62:78:04:00:A1:C4:16:1A:A7:66:7A
            X509v3 Authority Key Identifier:
                keyid:EC:65:7E:89:DA:B3:FB:15:E3:BA:E0:EB:1A:C7:FA:C9:3D:F6:38:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GV-idqz-xXjuuDrGsf6yT32OF0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/391c70-c3bc-407f-935b-fd70867bc334/1/7GV-idqz-xXjuuDrGsf6yT32OF0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/391c70-c3bc-407f-935b-fd70867bc334/1/7GV-idqz-xXjuuDrGsf6yT32OF0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:19:ba:cb:33:12:ac:c6:88:77:22:3c:e3:ab:fe:b2:d8:3b:
         ff:25:ac:54:ba:c0:3f:bd:13:21:6a:e2:6e:23:40:d8:9c:f8:
         4b:17:9c:b4:15:83:44:55:d2:d5:ef:57:4e:2d:71:06:84:3f:
         9a:c4:90:13:0b:98:68:40:79:ff:07:b5:98:6a:e4:6c:d3:a6:
         63:f1:59:ea:14:8c:0a:3a:3f:2e:94:2c:f0:38:0e:a6:86:c1:
         d2:2c:c2:32:79:76:c9:66:00:2a:92:94:3c:16:a9:68:8c:b1:
         29:da:a2:3f:2a:b8:4a:ed:4a:81:df:d5:e3:59:06:f5:9e:59:
         36:5f:2f:c0:00:52:a7:f0:81:20:5b:64:5a:49:00:ec:b4:7b:
         9c:21:f6:28:9d:68:cd:91:aa:04:59:03:d5:4a:a0:6b:a2:4a:
         b7:2f:49:f3:0c:5c:9f:8b:49:53:7f:a5:76:43:70:93:dd:15:
         c4:40:22:8c:52:76:eb:73:fd:eb:74:5e:fa:41:b1:6b:4d:80:
         af:7d:9e:19:d4:a0:f1:93:2b:2c:ef:d2:af:4a:b1:da:34:4b:
         41:7a:16:c9:53:d8:f1:53:01:e2:c2:a4:e8:8e:cd:7a:73:ab:
         e0:5d:f0:d7:a1:45:6d:66:51:87:d8:35:2a:3f:4a:df:84:66:
         7d:d5:ce:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6+0x2LgQxiMzIWarZ0bmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNjU3ZTg5ZGFiM2ZiMTVlM2JhZTBlYjFhYzdmYWM5M2Rm
NjM4NWQwHhcNMjUwNDI4MDYwMDExWhcNMjUwNDI5MDYwMDExWjAzMTEwLwYDVQQD
EygzNTU0NmFjNmIyZDMyOGY0YzY2Mjc4MDQwMGExYzQxNjFhYTc2NjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYPPY2i3g2zI38sgO606jdrHTs3l
U5ktUjtnMusdot4Yo0/2vri1nATiVQ9IQ8JdUJhd51ysufyrsjpEj6V78YH7V+Ju
EXBfY/zwK8uXFHYXHD7q30kBPuOxyf7RPet7bZwGoAW9e8qaPNmxP7D2M0NHu0XR
W9kB3+Lx0RzUQDkNqzw4KhESOeHH3Y5gBw3XERNEsT+DyYhFTo0VFeRCHBrBaN7h
xZzk0A+UjwIqfoCf/nXSPwcQgarMCQ51p8l6DBVfhqQ3q9d1sUNkaBfJGuILfNzr
F2qkMM/uAyboqJ8t6E3sGPGSt0nf7EXjA9Qrspnphcz2JEdiDvoUsmM6WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVUasay0yj0xmJ4BAChxBYap2Z6MB8GA1UdIwQY
MBaAFOxlfonas/sV47rg6xrH+sk99jhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0dWLWlkcXoteFhqdXVEckdzZjZ5VDMyT0YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8zOTFjNzAtYzNiYy00MDdmLTkzNWIt
ZmQ3MDg2N2JjMzM0LzEvN0dWLWlkcXoteFhqdXVEckdzZjZ5VDMyT0YwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8zOTFjNzAtYzNiYy00MDdmLTkzNWItZmQ3MDg2N2JjMzM0
LzEvN0dWLWlkcXoteFhqdXVEckdzZjZ5VDMyT0YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgxm6yzMS
rMaIdyI846v+stg7/yWsVLrAP70TIWribiNA2Jz4SxectBWDRFXS1e9XTi1xBoQ/
msSQEwuYaEB5/we1mGrkbNOmY/FZ6hSMCjo/LpQs8DgOpobB0izCMnl2yWYAKpKU
PBapaIyxKdqiPyq4Su1Kgd/V41kG9Z5ZNl8vwABSp/CBIFtkWkkA7LR7nCH2KJ1o
zZGqBFkD1Uqga6JKty9J8wxcn4tJU3+ldkNwk90VxEAijFJ263P963Re+kGxa02A
r32eGdSg8ZMrLO/Sr0qx2jRLQXoWyVPY8VMB4sKk6I7NenOr4F3w16FFbWZRh9g1
Kj9K34RmfdXO3A==
-----END CERTIFICATE-----