Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
File:                     7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft (raw, json)
Hash identifier:          l1yjv4Da7HF91rQAMeykGtpI8ZOVHck8GYpmcCCUzow=
Subject key identifier:   8A:05:1D:73:6D:0F:A2:A6:38:1D:6A:96:04:6E:04:53:65:1A:C4:22
Authority key identifier: EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23
Certificate issuer:       /CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
Certificate serial:       0197B77C75E306BE38697ED36B1022A31D35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
Manifest number:          09DC
Signing time:             Sat 28 Jun 2025 17:01:16 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:16 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:16 +0000
Files and hashes:         1: 7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl (hash: 23zgnsyugqlt/8UMn1xwoYpKrV6GDIacpnvQ+mnjyyk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:75:e3:06:be:38:69:7e:d3:6b:10:22:a3:1d:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
        Validity
            Not Before: Jun 28 17:01:16 2025 GMT
            Not After : Jun 29 17:01:16 2025 GMT
        Subject: CN=8a051d736d0fa2a6381d6a96046e0453651ac422
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:a5:d8:e3:87:49:3a:7a:00:04:4d:b8:c7:90:
                    08:b1:b4:87:c0:80:53:be:45:ac:52:01:e1:d3:69:
                    0e:fb:cf:e2:be:52:4f:49:2b:01:1b:23:92:b9:fb:
                    16:e3:b0:27:52:d2:8d:38:6b:e6:74:a9:f6:e9:31:
                    b8:7e:e0:e2:dc:a7:71:85:8b:ae:08:35:0e:04:cf:
                    79:a5:af:af:91:4b:19:70:14:e9:52:3a:88:f1:db:
                    2b:11:dc:8f:76:27:85:bc:02:83:dc:8e:fb:22:10:
                    ae:25:2b:0f:67:02:63:b6:56:5d:86:f3:ca:51:87:
                    0c:82:ae:c4:d6:ac:99:05:46:a1:81:03:19:06:80:
                    61:24:b8:7d:9e:b4:10:fb:39:df:c9:7c:02:5e:40:
                    44:f9:aa:d8:55:33:6c:90:b8:27:e0:32:c1:ae:4a:
                    11:0f:a9:33:1b:5f:9f:a0:b2:6a:0a:cf:5e:b2:b5:
                    2c:e9:9c:cf:1e:19:c4:f2:88:b7:03:e3:94:80:d0:
                    47:be:56:92:ab:57:e9:9f:cc:2c:4e:00:a4:08:ca:
                    2f:42:d9:26:58:d2:5a:a2:aa:89:8b:3e:87:d2:aa:
                    e1:08:51:e6:37:ae:3e:e5:1a:9d:3c:e9:49:17:a9:
                    54:9b:fa:47:c8:d7:2d:d8:d7:b6:b3:97:ed:8d:e5:
                    51:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:05:1D:73:6D:0F:A2:A6:38:1D:6A:96:04:6E:04:53:65:1A:C4:22
            X509v3 Authority Key Identifier:
                keyid:EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:30:d1:3a:9a:79:04:77:a0:8a:f1:8a:25:67:d9:cc:4a:20:
         cd:06:d0:6e:c8:88:df:85:bf:9f:26:a3:f3:be:2c:71:00:6d:
         53:11:04:8d:ea:13:a5:e2:b7:93:00:4d:f9:05:40:43:66:35:
         ab:2d:6d:e7:ec:34:e0:46:62:3a:ac:b9:da:61:e9:c0:14:e1:
         f9:6e:3c:19:a3:1d:8a:94:2c:1c:ef:d5:c3:ed:72:fc:0b:80:
         d0:38:90:61:43:27:eb:4a:2d:c7:b9:99:60:d1:36:49:27:4f:
         99:88:01:fb:15:6e:af:3e:82:0a:ae:87:f4:d4:2e:88:b9:27:
         c7:fa:33:1d:55:58:cf:64:b4:55:e6:e8:79:ce:d3:4c:f3:22:
         41:18:f0:f0:8c:b9:e0:a3:1e:a0:bc:67:04:e9:b3:96:24:d7:
         af:2a:e7:11:9a:1b:7d:cd:4a:4c:7f:94:7a:00:e7:c9:5e:0d:
         ed:b9:61:ce:cf:aa:e0:71:e8:31:94:2e:8d:5f:29:ea:10:a3:
         ad:be:3b:bf:9e:b7:a1:93:60:41:bc:37:d0:38:02:c0:23:a3:
         b4:53:fa:eb:a8:31:38:d1:d0:a3:00:93:db:87:ac:4e:76:ad:
         20:b9:92:c6:ed:82:8f:4a:4d:52:8b:44:9c:eb:40:19:f3:88:
         7e:e6:4b:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fHXjBr44aX7TaxAiox01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNjhiNjY0Y2NkNTBjYTc2N2Q0NmZmYjM0ZjUzYTA2ZDEy
MGI1MjMwHhcNMjUwNjI4MTcwMTE2WhcNMjUwNjI5MTcwMTE2WjAzMTEwLwYDVQQD
Eyg4YTA1MWQ3MzZkMGZhMmE2MzgxZDZhOTYwNDZlMDQ1MzY1MWFjNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqXY44dJOnoABE24x5AIsbSHwIBT
vkWsUgHh02kO+8/ivlJPSSsBGyOSufsW47AnUtKNOGvmdKn26TG4fuDi3KdxhYuu
CDUOBM95pa+vkUsZcBTpUjqI8dsrEdyPdieFvAKD3I77IhCuJSsPZwJjtlZdhvPK
UYcMgq7E1qyZBUahgQMZBoBhJLh9nrQQ+znfyXwCXkBE+arYVTNskLgn4DLBrkoR
D6kzG1+foLJqCs9esrUs6ZzPHhnE8oi3A+OUgNBHvlaSq1fpn8wsTgCkCMovQtkm
WNJaoqqJiz6H0qrhCFHmN64+5RqdPOlJF6lUm/pHyNct2Ne2s5ftjeVR1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIoFHXNtD6KmOB1qlgRuBFNlGsQiMB8GA1UdIwQY
MBaAFO5otmTM1QynZ9Rv+zT1OgbRILUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUt
ZGVkN2FjMjUyNTQ0LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUtZGVkN2FjMjUyNTQ0
LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPjDROpp5
BHegivGKJWfZzEogzQbQbsiI34W/nyaj874scQBtUxEEjeoTpeK3kwBN+QVAQ2Y1
qy1t5+w04EZiOqy52mHpwBTh+W48GaMdipQsHO/Vw+1y/AuA0DiQYUMn60otx7mZ
YNE2SSdPmYgB+xVurz6CCq6H9NQuiLknx/ozHVVYz2S0Veboec7TTPMiQRjw8Iy5
4KMeoLxnBOmzliTXryrnEZobfc1KTH+UegDnyV4N7blhzs+q4HHoMZQujV8p6hCj
rb47v563oZNgQbw30DgCwCOjtFP666gxONHQowCT24esTnatILmSxu2Cj0pNUotE
nOtAGfOIfuZL0Q==
-----END CERTIFICATE-----