Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
File:                     7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft (raw, json)
Hash identifier:          K+NjAMM9FMcbSVLdcFFXkNdMEcJwkKWKGLGzHlapPx8=
Subject key identifier:   FB:A7:D3:3A:7B:22:37:87:ED:A4:BC:BD:69:A3:68:0D:AC:24:62:35
Authority key identifier: EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23
Certificate issuer:       /CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
Certificate serial:       019688493AC7C4FB48744A26A7F45AED54E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
Manifest number:          093F
Signing time:             Wed 30 Apr 2025 20:00:22 +0000
Manifest this update:     Wed 30 Apr 2025 20:00:22 +0000
Manifest next update:     Thu 01 May 2025 20:00:22 +0000
Files and hashes:         1: 7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl (hash: +BrC+sMrhqTyw4zqlF5a9kdH91SVaLHgqpSmbAFquyQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 13:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:88:49:3a:c7:c4:fb:48:74:4a:26:a7:f4:5a:ed:54:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
        Validity
            Not Before: Apr 30 20:00:22 2025 GMT
            Not After : May  1 20:00:22 2025 GMT
        Subject: CN=fba7d33a7b223787eda4bcbd69a3680dac246235
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:95:52:d0:15:a5:14:89:13:2c:76:e2:86:45:
                    bd:75:e4:6d:84:f8:ea:78:1e:01:ed:29:21:68:e7:
                    c0:3b:20:6b:95:2f:3e:d6:d1:b5:eb:24:26:96:2c:
                    3c:7d:ab:f1:d9:6a:e4:2a:29:a8:4d:b6:7d:32:b7:
                    7b:47:b8:90:c1:0c:88:a1:fa:35:85:93:6d:f8:d5:
                    d5:3c:ea:2c:e2:78:ad:d8:8f:ce:be:07:18:0f:95:
                    cd:97:e4:a7:1a:bb:1f:a6:62:39:ab:87:0b:c6:84:
                    bd:28:f5:8a:a8:0b:e6:b7:b7:88:fa:7f:54:7e:4a:
                    f0:a9:40:3b:9f:7f:45:3f:62:6c:61:4e:dc:85:3a:
                    f8:41:e8:29:c9:38:b6:e6:8c:0a:7c:63:8e:fd:7a:
                    31:06:50:b0:da:fe:eb:86:cb:ef:86:27:01:e3:c5:
                    49:53:8b:e1:95:df:c2:ec:fe:e8:25:a5:9a:a5:4d:
                    65:6b:8e:aa:36:98:6a:a1:08:ec:73:fd:29:51:31:
                    0e:03:c6:71:e7:e7:0a:f9:80:74:af:ee:b4:6b:12:
                    4a:0d:45:ef:4a:83:0c:03:d1:b2:f9:0b:aa:2a:cb:
                    b7:1b:68:27:55:75:6e:9b:6e:07:6c:02:cb:67:a2:
                    01:75:a1:4a:8a:10:eb:7c:a9:b1:34:4b:72:61:c7:
                    f0:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:A7:D3:3A:7B:22:37:87:ED:A4:BC:BD:69:A3:68:0D:AC:24:62:35
            X509v3 Authority Key Identifier:
                keyid:EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:f1:00:9c:7e:2e:00:d9:ec:79:3c:7d:84:c1:fc:15:41:6d:
         67:a3:9d:90:e6:ac:7c:49:5f:87:cd:15:7a:4b:df:fd:ee:c2:
         45:86:48:25:ab:73:1d:ee:1d:16:37:8e:a1:82:b4:dd:41:9e:
         00:ad:64:67:25:de:4e:4f:d8:a7:85:61:5f:b1:66:c6:89:ab:
         db:4f:5d:6e:63:12:de:42:44:5c:a6:5a:24:5e:60:df:fe:de:
         25:40:c1:cc:74:fd:5c:b9:7e:91:10:95:57:eb:51:f3:b1:28:
         95:db:07:a9:76:b3:a3:99:72:6d:01:25:30:16:95:67:e4:4d:
         d3:3f:ab:2c:d3:cb:b7:5d:41:42:d2:4b:bc:f2:22:27:65:cb:
         b4:dd:21:ae:41:98:f2:41:dc:20:78:0e:d3:fd:9e:46:c3:85:
         29:fd:18:8e:b7:d4:ab:26:99:a4:81:0a:1e:14:19:0a:cf:3d:
         4d:61:03:63:52:31:ee:00:6c:f4:a7:95:f4:28:ee:38:a7:5b:
         78:49:b4:16:05:a1:ba:92:02:45:2a:28:47:9f:1e:b9:b5:20:
         ac:9e:b7:ea:c5:02:1b:6e:e1:4f:b9:b2:db:d2:01:ae:23:6f:
         14:55:f4:d6:85:9f:e9:95:58:80:05:f8:10:fc:37:50:59:bc:
         73:50:dc:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaISTrHxPtIdEomp/Ra7VToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNjhiNjY0Y2NkNTBjYTc2N2Q0NmZmYjM0ZjUzYTA2ZDEy
MGI1MjMwHhcNMjUwNDMwMjAwMDIyWhcNMjUwNTAxMjAwMDIyWjAzMTEwLwYDVQQD
EyhmYmE3ZDMzYTdiMjIzNzg3ZWRhNGJjYmQ2OWEzNjgwZGFjMjQ2MjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopVS0BWlFIkTLHbihkW9deRthPjq
eB4B7SkhaOfAOyBrlS8+1tG16yQmliw8favx2WrkKimoTbZ9Mrd7R7iQwQyIofo1
hZNt+NXVPOos4nit2I/OvgcYD5XNl+SnGrsfpmI5q4cLxoS9KPWKqAvmt7eI+n9U
fkrwqUA7n39FP2JsYU7chTr4QegpyTi25owKfGOO/XoxBlCw2v7rhsvvhicB48VJ
U4vhld/C7P7oJaWapU1la46qNphqoQjsc/0pUTEOA8Zx5+cK+YB0r+60axJKDUXv
SoMMA9Gy+QuqKsu3G2gnVXVum24HbALLZ6IBdaFKihDrfKmxNEtyYcfwhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPun0zp7IjeH7aS8vWmjaA2sJGI1MB8GA1UdIwQY
MBaAFO5otmTM1QynZ9Rv+zT1OgbRILUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUt
ZGVkN2FjMjUyNTQ0LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUtZGVkN2FjMjUyNTQ0
LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvPEAnH4u
ANnseTx9hMH8FUFtZ6OdkOasfElfh80Vekvf/e7CRYZIJatzHe4dFjeOoYK03UGe
AK1kZyXeTk/Yp4VhX7Fmxomr209dbmMS3kJEXKZaJF5g3/7eJUDBzHT9XLl+kRCV
V+tR87EoldsHqXazo5lybQElMBaVZ+RN0z+rLNPLt11BQtJLvPIiJ2XLtN0hrkGY
8kHcIHgO0/2eRsOFKf0YjrfUqyaZpIEKHhQZCs89TWEDY1Ix7gBs9KeV9CjuOKdb
eEm0FgWhupICRSooR58eubUgrJ636sUCG27hT7my29IBriNvFFX01oWf6ZVYgAX4
EPw3UFm8c1DcwA==
-----END CERTIFICATE-----