Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
File:                     7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft (raw, json)
Hash identifier:          U6BMWwxQH8yDH61J7PQa+ITmUC8fPkhtcT1k3b13+UI=
Subject key identifier:   D3:21:93:A1:C5:4B:31:04:BC:ED:28:8E:9B:E3:F6:F2:4E:D2:0F:08
Authority key identifier: EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23
Certificate issuer:       /CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
Certificate serial:       019D3375850922E8A2DCD67C0F3180F585F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
Manifest number:          0CB3
Signing time:             Sat 28 Mar 2026 08:00:32 +0000
Manifest this update:     Sat 28 Mar 2026 08:00:32 +0000
Manifest next update:     Sun 29 Mar 2026 08:00:32 +0000
Files and hashes:         1: 7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl (hash: pf8ZXcOkWsOChgT11edJlLNP8+IDC+oWpV1UHo38ppc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 08:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:75:85:09:22:e8:a2:dc:d6:7c:0f:31:80:f5:85:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
        Validity
            Not Before: Mar 28 08:00:32 2026 GMT
            Not After : Mar 29 08:00:32 2026 GMT
        Subject: CN=d32193a1c54b3104bced288e9be3f6f24ed20f08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:97:ac:25:ee:c3:d0:3f:0b:4b:9a:8e:1e:84:
                    89:2b:8c:dd:12:d9:31:a9:58:81:18:c1:71:fe:6c:
                    25:ba:27:2b:24:8a:0a:05:e1:f2:f6:ef:6a:8b:69:
                    cf:d7:41:ad:3d:3e:8e:17:21:e8:cd:be:0b:c2:f0:
                    25:9d:7f:2d:f7:30:58:0e:be:08:7e:ae:86:b2:2b:
                    8e:00:42:b1:97:a7:fb:b4:40:ef:f0:b9:0e:20:b3:
                    e0:2a:1f:d1:cf:c9:d3:65:22:00:6a:78:fa:fe:0a:
                    0a:69:3a:68:6b:3a:74:1f:46:14:79:f4:7c:39:bb:
                    a0:55:f9:42:57:71:0b:fd:87:0d:59:db:2c:28:9b:
                    ef:2c:d4:fd:05:04:56:5d:c5:0d:aa:99:ac:98:d0:
                    a5:7c:e9:6a:1e:9c:f1:3c:af:5b:c7:f2:d9:d5:9f:
                    36:9a:88:69:c2:79:bc:bb:ee:5b:b2:9d:c1:6a:6b:
                    5a:83:83:57:55:b8:cd:aa:40:80:d9:11:ee:95:24:
                    5f:91:a8:86:64:ed:a0:7c:85:4a:0f:54:4f:70:31:
                    29:d0:1f:0b:f9:62:14:54:49:b9:04:ad:de:15:14:
                    42:36:18:ff:f1:f7:dc:81:98:a5:7d:7d:cb:ad:c2:
                    38:e5:30:8f:3c:bd:a1:12:8c:f1:8c:f6:07:dd:e5:
                    8f:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:21:93:A1:C5:4B:31:04:BC:ED:28:8E:9B:E3:F6:F2:4E:D2:0F:08
            X509v3 Authority Key Identifier:
                keyid:EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:c4:c9:d7:a6:5d:94:91:29:14:0f:3d:76:bb:1e:86:d1:0a:
         22:74:f5:2e:4c:97:35:70:1d:39:dd:cb:5f:1d:a1:ce:21:95:
         c4:8a:2a:15:cb:bc:e8:9a:cf:2a:8a:ff:29:5a:f6:48:ce:db:
         a9:00:aa:d7:61:e7:80:28:5d:17:09:48:f5:97:99:b8:a0:e0:
         cf:64:ca:1a:11:f5:1b:db:10:03:78:c8:1a:ca:ee:eb:9f:61:
         d4:ec:1c:57:25:69:b0:77:a2:dc:46:20:e5:15:ac:6d:cd:09:
         a1:48:87:f5:f7:e3:90:e5:cf:28:83:9e:1e:6a:8f:77:03:1c:
         bc:17:b6:96:8e:43:af:12:e3:14:e7:41:33:b2:67:07:74:ef:
         e8:07:a8:07:2f:82:30:cf:ab:82:a7:96:70:36:99:2d:23:41:
         8c:b7:a9:9a:06:b4:49:b0:10:b5:52:8f:20:cf:70:a7:d5:4c:
         86:b6:cc:88:b7:ca:90:1b:2d:7f:89:14:5e:47:40:02:93:ab:
         43:7f:86:96:e7:f0:9e:24:ef:e1:db:6e:71:d3:0f:f5:f3:e7:
         17:73:ae:2d:a5:3a:e9:91:e4:86:c9:c4:54:fb:00:c9:04:b2:
         26:78:f5:73:5c:04:fc:83:e0:e8:64:46:15:39:19:bf:1f:96:
         89:98:c9:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zdYUJIuii3NZ8DzGA9YX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNjhiNjY0Y2NkNTBjYTc2N2Q0NmZmYjM0ZjUzYTA2ZDEy
MGI1MjMwHhcNMjYwMzI4MDgwMDMyWhcNMjYwMzI5MDgwMDMyWjAzMTEwLwYDVQQD
EyhkMzIxOTNhMWM1NGIzMTA0YmNlZDI4OGU5YmUzZjZmMjRlZDIwZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJesJe7D0D8LS5qOHoSJK4zdEtkx
qViBGMFx/mwluicrJIoKBeHy9u9qi2nP10GtPT6OFyHozb4LwvAlnX8t9zBYDr4I
fq6GsiuOAEKxl6f7tEDv8LkOILPgKh/Rz8nTZSIAanj6/goKaTpoazp0H0YUefR8
ObugVflCV3EL/YcNWdssKJvvLNT9BQRWXcUNqpmsmNClfOlqHpzxPK9bx/LZ1Z82
mohpwnm8u+5bsp3Bamtag4NXVbjNqkCA2RHulSRfkaiGZO2gfIVKD1RPcDEp0B8L
+WIUVEm5BK3eFRRCNhj/8ffcgZilfX3LrcI45TCPPL2hEozxjPYH3eWPnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMhk6HFSzEEvO0ojpvj9vJO0g8IMB8GA1UdIwQY
MBaAFO5otmTM1QynZ9Rv+zT1OgbRILUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUt
ZGVkN2FjMjUyNTQ0LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUtZGVkN2FjMjUyNTQ0
LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr8TJ16Zd
lJEpFA89drsehtEKInT1LkyXNXAdOd3LXx2hziGVxIoqFcu86JrPKor/KVr2SM7b
qQCq12HngChdFwlI9ZeZuKDgz2TKGhH1G9sQA3jIGsru659h1OwcVyVpsHei3EYg
5RWsbc0JoUiH9ffjkOXPKIOeHmqPdwMcvBe2lo5DrxLjFOdBM7JnB3Tv6AeoBy+C
MM+rgqeWcDaZLSNBjLepmga0SbAQtVKPIM9wp9VMhrbMiLfKkBstf4kUXkdAApOr
Q3+GlufwniTv4dtucdMP9fPnF3OuLaU66ZHkhsnEVPsAyQSyJnj1c1wE/IPg6GRG
FTkZvx+WiZjJHA==
-----END CERTIFICATE-----