Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/391c70-c3bc-407f-935b-fd70867bc334/1/7GV-idqz-xXjuuDrGsf6yT32OF0.mft
File:                     7GV-idqz-xXjuuDrGsf6yT32OF0.mft (raw, json)
Hash identifier:          OHJ3GxZl1CAxNDul/d5iU31NazPGVsXxdMdY2yIw31U=
Subject key identifier:   73:A6:3B:A2:D5:09:4B:23:64:13:BF:61:40:55:C3:BC:D2:B0:E9:BB
Authority key identifier: EC:65:7E:89:DA:B3:FB:15:E3:BA:E0:EB:1A:C7:FA:C9:3D:F6:38:5D
Certificate issuer:       /CN=ec657e89dab3fb15e3bae0eb1ac7fac93df6385d
Certificate serial:       019A51F552FADE49DE2D1747028373FB6D13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7GV-idqz-xXjuuDrGsf6yT32OF0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/391c70-c3bc-407f-935b-fd70867bc334/1/7GV-idqz-xXjuuDrGsf6yT32OF0.mft
Manifest number:          0700
Signing time:             Wed 05 Nov 2025 03:00:23 +0000
Manifest this update:     Wed 05 Nov 2025 03:00:23 +0000
Manifest next update:     Thu 06 Nov 2025 03:00:23 +0000
Files and hashes:         1: 7GV-idqz-xXjuuDrGsf6yT32OF0.crl (hash: obOqZU3FrKDrFXuSEkGq7ynJcy8+8eM85vZvE0kFq64=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/391c70-c3bc-407f-935b-fd70867bc334/1/7GV-idqz-xXjuuDrGsf6yT32OF0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/391c70-c3bc-407f-935b-fd70867bc334/1/7GV-idqz-xXjuuDrGsf6yT32OF0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7GV-idqz-xXjuuDrGsf6yT32OF0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:f5:52:fa:de:49:de:2d:17:47:02:83:73:fb:6d:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec657e89dab3fb15e3bae0eb1ac7fac93df6385d
        Validity
            Not Before: Nov  5 03:00:23 2025 GMT
            Not After : Nov  6 03:00:23 2025 GMT
        Subject: CN=73a63ba2d5094b236413bf614055c3bcd2b0e9bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:e7:6f:0b:f2:17:f3:6e:d4:cb:d3:51:5a:c7:
                    52:2f:3b:cc:48:41:d8:80:45:8f:b0:ac:8a:ea:38:
                    8e:c0:81:21:8b:7e:e9:54:40:d8:e5:1d:f8:95:ce:
                    30:1d:3e:2f:8b:9e:2b:f8:ec:9b:f1:f3:5c:17:2d:
                    d7:72:d5:0a:a2:78:00:8b:e4:9f:60:a5:af:66:81:
                    b9:d9:c2:5b:b2:02:74:8c:12:75:7a:25:79:6f:98:
                    62:44:5a:db:1f:14:48:f8:09:fc:34:b9:e5:77:da:
                    ee:c6:88:d2:79:0a:dc:3f:a1:89:10:36:20:c2:5b:
                    11:50:16:60:b6:ec:c3:f1:08:35:b1:c9:cb:cb:dd:
                    98:41:99:81:5b:3c:4b:46:fd:cb:fb:83:01:76:2a:
                    db:02:70:5b:61:ed:27:83:db:9d:81:73:65:54:ce:
                    94:22:56:fa:6a:4d:bc:26:64:16:1c:a4:76:31:d8:
                    14:26:a0:6e:62:bd:3c:ae:c5:46:69:38:d9:d1:cc:
                    3d:c5:ee:33:16:d4:0d:e8:b0:1e:c2:ab:c3:03:6e:
                    05:47:17:3b:9a:51:50:c9:35:5b:91:45:2d:9f:1d:
                    7e:85:31:3c:7c:5a:99:80:79:17:d8:16:9e:52:93:
                    07:19:d6:6d:24:23:ee:b3:e0:44:f1:e8:f9:44:a5:
                    52:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:A6:3B:A2:D5:09:4B:23:64:13:BF:61:40:55:C3:BC:D2:B0:E9:BB
            X509v3 Authority Key Identifier:
                keyid:EC:65:7E:89:DA:B3:FB:15:E3:BA:E0:EB:1A:C7:FA:C9:3D:F6:38:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GV-idqz-xXjuuDrGsf6yT32OF0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/391c70-c3bc-407f-935b-fd70867bc334/1/7GV-idqz-xXjuuDrGsf6yT32OF0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/391c70-c3bc-407f-935b-fd70867bc334/1/7GV-idqz-xXjuuDrGsf6yT32OF0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:77:1e:e9:d2:5b:c6:f2:da:f6:7b:5e:59:4d:7b:d3:b2:b5:
         f1:96:11:cd:e7:7f:6f:c3:cd:d2:37:e4:43:01:f8:f8:67:97:
         de:5e:a3:d6:82:1b:49:63:3e:b0:75:c5:fe:35:7a:14:04:aa:
         c6:0f:91:ef:12:b4:dc:b3:b5:10:2f:37:fd:60:18:d5:64:0c:
         d5:97:25:3c:0e:ea:00:67:e5:9c:b3:cd:89:1c:a7:8a:b2:5f:
         8f:2b:50:38:eb:50:ee:78:41:95:37:2d:23:fd:0c:fd:f0:4c:
         36:28:21:1a:18:e6:3e:a7:22:3e:1b:5b:41:f1:e4:66:79:1a:
         fa:a6:e9:f8:78:cd:02:b8:04:e0:43:3f:34:5a:70:6a:4b:8f:
         b6:a1:4b:ce:fc:63:24:f9:2e:c3:10:e8:a3:0c:12:d4:5b:e4:
         5d:d7:c9:0f:95:ba:bc:6c:c2:3f:0b:12:2f:1e:d1:6b:c5:77:
         67:45:55:4c:36:0e:6c:e0:bb:cd:e1:0c:a9:fe:a2:8c:06:da:
         94:e3:e6:91:6f:0b:d6:57:22:c3:7b:b6:9e:bd:52:07:c2:b6:
         24:64:97:db:27:d6:25:a1:c5:d5:83:5b:da:5d:f5:99:41:96:
         3c:d3:a1:bb:1b:43:75:86:21:eb:05:b3:0c:3a:3e:c3:43:34:
         7e:33:17:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpR9VL63kneLRdHAoNz+20TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNjU3ZTg5ZGFiM2ZiMTVlM2JhZTBlYjFhYzdmYWM5M2Rm
NjM4NWQwHhcNMjUxMTA1MDMwMDIzWhcNMjUxMTA2MDMwMDIzWjAzMTEwLwYDVQQD
Eyg3M2E2M2JhMmQ1MDk0YjIzNjQxM2JmNjE0MDU1YzNiY2QyYjBlOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOdvC/IX827Uy9NRWsdSLzvMSEHY
gEWPsKyK6jiOwIEhi37pVEDY5R34lc4wHT4vi54r+Oyb8fNcFy3XctUKongAi+Sf
YKWvZoG52cJbsgJ0jBJ1eiV5b5hiRFrbHxRI+An8NLnld9ruxojSeQrcP6GJEDYg
wlsRUBZgtuzD8Qg1scnLy92YQZmBWzxLRv3L+4MBdirbAnBbYe0ng9udgXNlVM6U
Ilb6ak28JmQWHKR2MdgUJqBuYr08rsVGaTjZ0cw9xe4zFtQN6LAewqvDA24FRxc7
mlFQyTVbkUUtnx1+hTE8fFqZgHkX2BaeUpMHGdZtJCPus+BE8ej5RKVSfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHOmO6LVCUsjZBO/YUBVw7zSsOm7MB8GA1UdIwQY
MBaAFOxlfonas/sV47rg6xrH+sk99jhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0dWLWlkcXoteFhqdXVEckdzZjZ5VDMyT0YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8zOTFjNzAtYzNiYy00MDdmLTkzNWIt
ZmQ3MDg2N2JjMzM0LzEvN0dWLWlkcXoteFhqdXVEckdzZjZ5VDMyT0YwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8zOTFjNzAtYzNiYy00MDdmLTkzNWItZmQ3MDg2N2JjMzM0
LzEvN0dWLWlkcXoteFhqdXVEckdzZjZ5VDMyT0YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa3ce6dJb
xvLa9nteWU1707K18ZYRzed/b8PN0jfkQwH4+GeX3l6j1oIbSWM+sHXF/jV6FASq
xg+R7xK03LO1EC83/WAY1WQM1ZclPA7qAGflnLPNiRynirJfjytQOOtQ7nhBlTct
I/0M/fBMNighGhjmPqciPhtbQfHkZnka+qbp+HjNArgE4EM/NFpwakuPtqFLzvxj
JPkuwxDoowwS1FvkXdfJD5W6vGzCPwsSLx7Ra8V3Z0VVTDYObOC7zeEMqf6ijAba
lOPmkW8L1lciw3u2nr1SB8K2JGSX2yfWJaHF1YNb2l31mUGWPNOhuxtDdYYh6wWz
DDo+w0M0fjMXTA==
-----END CERTIFICATE-----