Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
File:                     7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft (raw, json)
Hash identifier:          z0Jemk3zLxfHa6DJKoBKjw2b4yqkEPeHkp7EbgkZnPw=
Subject key identifier:   08:B9:8B:D5:F5:E6:69:EB:74:CF:B0:D0:D6:AC:1B:1C:53:06:DB:D6
Authority key identifier: EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23
Certificate issuer:       /CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
Certificate serial:       0196C04A8A9154B742D5056DD89765CB1E99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
Manifest number:          095C
Signing time:             Sun 11 May 2025 17:00:32 +0000
Manifest this update:     Sun 11 May 2025 17:00:32 +0000
Manifest next update:     Mon 12 May 2025 17:00:32 +0000
Files and hashes:         1: 7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl (hash: 1hZ8ysTLMyKUzWlENlN+rNTup8enUmRU63tFo81rxR8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c0:4a:8a:91:54:b7:42:d5:05:6d:d8:97:65:cb:1e:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
        Validity
            Not Before: May 11 17:00:32 2025 GMT
            Not After : May 12 17:00:32 2025 GMT
        Subject: CN=08b98bd5f5e669eb74cfb0d0d6ac1b1c5306dbd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:6a:18:f7:21:62:68:72:a1:12:6a:43:b3:e7:
                    92:4b:e8:67:d9:b5:f9:47:07:d1:cc:e0:42:6e:9b:
                    41:2c:68:07:79:55:1d:66:29:2c:96:ee:45:e3:03:
                    09:16:7d:02:e3:f0:58:9f:7d:c6:1a:75:9e:ee:58:
                    72:46:13:08:d4:02:7f:93:f7:20:07:66:10:61:0a:
                    9f:f7:d9:47:de:ea:a6:f1:0e:9e:30:a2:79:e0:f9:
                    1f:15:26:53:de:f3:d9:50:21:99:db:07:3a:fb:b9:
                    5a:f7:0f:1e:ac:74:8a:99:72:b3:ae:d0:2c:38:38:
                    3a:95:63:2e:85:19:a3:d4:5a:7e:d3:5f:f1:ce:d3:
                    1b:dd:ad:c4:4d:f2:05:41:5b:20:f4:e7:47:38:06:
                    53:11:45:8e:11:e9:7f:f3:19:19:c8:98:fc:46:3a:
                    9c:91:b3:2e:3a:29:c0:51:85:3f:f4:22:1d:02:b7:
                    ee:74:fc:b0:69:bf:63:33:bf:14:9e:64:d6:c0:40:
                    4d:58:91:13:56:35:b2:38:3a:20:e2:44:18:d2:b8:
                    f1:c7:45:57:bd:1d:fd:8e:89:18:c7:a4:76:1e:3a:
                    13:ab:8d:4f:0c:b6:3a:21:e0:15:4e:86:95:e5:07:
                    cc:a2:b0:11:c8:74:21:72:9f:52:3d:ea:c2:71:ab:
                    03:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:B9:8B:D5:F5:E6:69:EB:74:CF:B0:D0:D6:AC:1B:1C:53:06:DB:D6
            X509v3 Authority Key Identifier:
                keyid:EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:27:02:36:1e:1d:61:24:b7:62:0b:42:2f:db:d8:bd:0b:bc:
         4d:74:00:a5:8f:df:19:92:e4:7d:48:3b:1b:20:a2:14:39:42:
         32:45:83:d9:85:10:e0:32:26:b8:5e:03:b1:65:76:a6:5b:43:
         d6:8b:46:25:bc:a7:95:9e:ef:d0:f8:49:ca:84:4e:50:04:eb:
         c0:83:ef:bd:fa:ce:99:45:2e:2f:7a:a9:9a:2b:d3:6b:6b:0c:
         4b:49:10:2f:96:8e:d0:2c:b5:9f:31:4d:fb:b0:1b:df:bf:91:
         ff:d6:2d:0b:a5:35:31:ef:7f:44:a3:65:49:be:22:7e:7a:16:
         5e:78:82:84:61:4b:2b:65:44:43:ed:25:bb:83:8f:af:7a:6f:
         f5:ef:d9:03:15:05:e3:b1:f3:fc:47:55:56:9e:b7:ae:4e:7e:
         47:f4:69:61:58:83:9f:2a:e2:cf:f6:d4:18:e5:2d:34:79:93:
         14:53:65:44:3b:5c:1a:c9:7d:eb:36:71:f5:44:da:44:76:bc:
         60:ba:51:d1:af:4b:2f:32:66:33:38:0a:1a:72:1a:21:a3:ad:
         27:08:26:78:52:3b:3c:df:96:e2:a4:ae:df:c8:5f:a4:af:4d:
         39:66:98:6e:67:3c:40:c9:7b:b4:b2:74:b8:8a:51:f3:fa:38:
         f2:46:7c:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbASoqRVLdC1QVt2Jdlyx6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNjhiNjY0Y2NkNTBjYTc2N2Q0NmZmYjM0ZjUzYTA2ZDEy
MGI1MjMwHhcNMjUwNTExMTcwMDMyWhcNMjUwNTEyMTcwMDMyWjAzMTEwLwYDVQQD
EygwOGI5OGJkNWY1ZTY2OWViNzRjZmIwZDBkNmFjMWIxYzUzMDZkYmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimoY9yFiaHKhEmpDs+eSS+hn2bX5
RwfRzOBCbptBLGgHeVUdZikslu5F4wMJFn0C4/BYn33GGnWe7lhyRhMI1AJ/k/cg
B2YQYQqf99lH3uqm8Q6eMKJ54PkfFSZT3vPZUCGZ2wc6+7la9w8erHSKmXKzrtAs
ODg6lWMuhRmj1Fp+01/xztMb3a3ETfIFQVsg9OdHOAZTEUWOEel/8xkZyJj8Rjqc
kbMuOinAUYU/9CIdArfudPywab9jM78UnmTWwEBNWJETVjWyODog4kQY0rjxx0VX
vR39jokYx6R2HjoTq41PDLY6IeAVToaV5QfMorARyHQhcp9SPerCcasDrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAi5i9X15mnrdM+w0NasGxxTBtvWMB8GA1UdIwQY
MBaAFO5otmTM1QynZ9Rv+zT1OgbRILUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUt
ZGVkN2FjMjUyNTQ0LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUtZGVkN2FjMjUyNTQ0
LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmicCNh4d
YSS3YgtCL9vYvQu8TXQApY/fGZLkfUg7GyCiFDlCMkWD2YUQ4DImuF4DsWV2pltD
1otGJbynlZ7v0PhJyoROUATrwIPvvfrOmUUuL3qpmivTa2sMS0kQL5aO0Cy1nzFN
+7Ab37+R/9YtC6U1Me9/RKNlSb4ifnoWXniChGFLK2VEQ+0lu4OPr3pv9e/ZAxUF
47Hz/EdVVp63rk5+R/RpYViDnyriz/bUGOUtNHmTFFNlRDtcGsl96zZx9UTaRHa8
YLpR0a9LLzJmMzgKGnIaIaOtJwgmeFI7PN+W4qSu38hfpK9NOWaYbmc8QMl7tLJ0
uIpR8/o48kZ8Lw==
-----END CERTIFICATE-----