Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
File:                     7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft (raw, json)
Hash identifier:          bnbgvzeUNYuesqEAvdi9O2zGlB+jh3GKePfGM9qs0xw=
Subject key identifier:   77:E4:FD:0F:99:E7:02:D3:1C:EE:11:BC:B5:43:09:4A:B4:1F:B8:6B
Authority key identifier: EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23
Certificate issuer:       /CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
Certificate serial:       0199FCC6A42EB66CCB2C8B154AD8BFA4DEF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
Manifest number:          0B09
Signing time:             Sun 19 Oct 2025 14:01:40 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:40 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:40 +0000
Files and hashes:         1: 7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl (hash: YWZEqnWK2Ab5wtcONNCtJRwfyVSiMSvfoLhCyi20smo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 14:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:a4:2e:b6:6c:cb:2c:8b:15:4a:d8:bf:a4:de:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
        Validity
            Not Before: Oct 19 14:01:40 2025 GMT
            Not After : Oct 20 14:01:40 2025 GMT
        Subject: CN=77e4fd0f99e702d31cee11bcb543094ab41fb86b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:bc:ef:d6:73:84:8f:52:e6:07:6c:9b:a5:d6:
                    f0:9a:03:21:ab:69:36:fe:84:af:dd:53:92:b7:6e:
                    b6:fb:4d:05:85:67:d0:df:4d:6f:7b:28:5b:ce:0c:
                    10:02:ad:6a:f7:10:a3:e1:fc:f2:ef:0a:89:da:ca:
                    92:64:9e:dd:1b:e2:90:98:76:87:13:0d:34:83:2b:
                    26:1d:7a:70:54:0b:42:be:7a:13:5f:25:0b:77:82:
                    eb:75:7d:e3:de:3e:24:3c:3b:6d:c6:13:71:e5:fc:
                    6b:0b:fa:57:d1:b3:31:06:b2:51:42:32:42:4b:94:
                    98:2f:1b:3a:10:03:c2:75:b5:1c:ca:89:bb:31:96:
                    df:50:3b:c9:d5:48:5d:44:72:13:26:cd:aa:57:5e:
                    b9:fa:77:f3:cc:3e:f5:88:5a:87:2e:d1:67:49:3f:
                    16:9c:4e:3b:6b:3c:69:63:a8:8a:06:db:ac:b0:28:
                    7d:90:15:28:89:aa:15:ec:a2:fa:95:b8:06:94:8e:
                    3c:9f:38:14:85:05:5d:0b:4c:92:2e:54:c7:7d:c8:
                    87:42:be:ec:d1:f3:3b:e5:fa:7b:56:38:1f:4d:eb:
                    a3:1c:66:25:ad:cb:90:9d:26:e8:fb:ec:45:d0:c4:
                    2d:e4:cc:16:1b:0d:84:2a:fa:ba:ca:c7:d7:78:76:
                    d6:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:E4:FD:0F:99:E7:02:D3:1C:EE:11:BC:B5:43:09:4A:B4:1F:B8:6B
            X509v3 Authority Key Identifier:
                keyid:EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:f4:1b:87:ae:92:30:f9:e1:43:7c:0a:53:56:6f:9c:fd:e5:
         9a:27:48:5d:46:0f:5e:d0:96:d4:1a:b7:85:8a:6f:70:12:fe:
         17:d5:df:b0:c3:94:d3:cb:0d:5e:bb:9b:2a:26:ab:13:56:fb:
         bf:d0:33:9b:4f:0a:50:a1:a5:5a:fd:b9:c2:8e:5e:d9:f1:47:
         69:be:ef:6b:9a:6f:15:41:ae:3f:a9:a2:be:03:fd:e2:b6:46:
         c9:fc:21:4f:8d:4a:9d:fc:c8:51:6b:b9:fa:07:d9:8c:44:30:
         0f:a9:83:6c:4b:ee:28:ee:74:d7:d9:cc:6c:b9:bb:8b:68:6a:
         78:27:24:a6:6c:33:58:19:1f:e4:4b:41:99:3d:56:ea:59:09:
         7a:47:4d:61:4f:b7:d7:b4:98:e8:fa:d3:ce:5a:34:3a:c0:e5:
         1b:87:fe:34:36:56:44:64:cd:65:2e:6b:78:d0:87:7b:fc:3b:
         62:83:cb:1b:e1:2d:b9:ba:38:2b:84:79:bc:d1:de:44:47:23:
         2a:00:5a:c6:f7:82:f1:30:dd:e4:d0:1d:45:c3:90:ce:48:d1:
         ee:76:7d:ed:68:60:29:34:9f:bf:db:c8:41:59:a2:c5:0e:a3:
         95:0d:e0:b6:a3:5c:a4:57:18:b0:05:07:e2:4b:a4:e1:1d:55:
         e0:bb:9f:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xqQutmzLLIsVSti/pN7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNjhiNjY0Y2NkNTBjYTc2N2Q0NmZmYjM0ZjUzYTA2ZDEy
MGI1MjMwHhcNMjUxMDE5MTQwMTQwWhcNMjUxMDIwMTQwMTQwWjAzMTEwLwYDVQQD
Eyg3N2U0ZmQwZjk5ZTcwMmQzMWNlZTExYmNiNTQzMDk0YWI0MWZiODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLzv1nOEj1LmB2ybpdbwmgMhq2k2
/oSv3VOSt262+00FhWfQ301veyhbzgwQAq1q9xCj4fzy7wqJ2sqSZJ7dG+KQmHaH
Ew00gysmHXpwVAtCvnoTXyULd4LrdX3j3j4kPDttxhNx5fxrC/pX0bMxBrJRQjJC
S5SYLxs6EAPCdbUcyom7MZbfUDvJ1UhdRHITJs2qV165+nfzzD71iFqHLtFnST8W
nE47azxpY6iKBtussCh9kBUoiaoV7KL6lbgGlI48nzgUhQVdC0ySLlTHfciHQr7s
0fM75fp7VjgfTeujHGYlrcuQnSbo++xF0MQt5MwWGw2EKvq6ysfXeHbWIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHfk/Q+Z5wLTHO4RvLVDCUq0H7hrMB8GA1UdIwQY
MBaAFO5otmTM1QynZ9Rv+zT1OgbRILUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUt
ZGVkN2FjMjUyNTQ0LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUtZGVkN2FjMjUyNTQ0
LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn/Qbh66S
MPnhQ3wKU1ZvnP3lmidIXUYPXtCW1Bq3hYpvcBL+F9XfsMOU08sNXrubKiarE1b7
v9Azm08KUKGlWv25wo5e2fFHab7va5pvFUGuP6mivgP94rZGyfwhT41KnfzIUWu5
+gfZjEQwD6mDbEvuKO5019nMbLm7i2hqeCckpmwzWBkf5EtBmT1W6lkJekdNYU+3
17SY6PrTzlo0OsDlG4f+NDZWRGTNZS5reNCHe/w7YoPLG+Etubo4K4R5vNHeREcj
KgBaxveC8TDd5NAdRcOQzkjR7nZ97WhgKTSfv9vIQVmixQ6jlQ3gtqNcpFcYsAUH
4kuk4R1V4Lufew==
-----END CERTIFICATE-----