Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
File:                     7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft (raw, json)
Hash identifier:          ctxwjsi4Ga7BgJmFqu45QKDYcLxSmlzVBwvesIX2tRw=
Subject key identifier:   6A:85:71:F5:56:F9:52:73:3F:F5:AC:39:E9:84:9C:F7:2B:56:BA:62
Authority key identifier: EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23
Certificate issuer:       /CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
Certificate serial:       019D99CFD3E7B958EB4392E8621BCD8D1511
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
Manifest number:          0CE8
Signing time:             Fri 17 Apr 2026 05:00:27 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:27 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:27 +0000
Files and hashes:         1: 7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl (hash: gpmSCrzTNmz6BlvUkTc+2kXKR0tkMrCgcY36wpGksNs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:cf:d3:e7:b9:58:eb:43:92:e8:62:1b:cd:8d:15:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
        Validity
            Not Before: Apr 17 05:00:27 2026 GMT
            Not After : Apr 18 05:00:27 2026 GMT
        Subject: CN=6a8571f556f952733ff5ac39e9849cf72b56ba62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:98:ca:01:b9:6d:7b:40:d7:aa:69:20:95:b5:
                    d5:bf:b3:c4:7a:e1:a3:1a:58:75:60:3c:a3:52:5a:
                    ad:bc:07:64:11:aa:c9:01:2a:d1:a9:36:e5:ab:19:
                    d4:85:f1:41:ef:dd:f9:71:7c:21:3c:75:64:4f:fc:
                    96:8b:2f:bb:23:70:15:e1:c6:61:02:1e:db:37:4b:
                    e4:85:28:51:4a:b8:0c:1e:75:32:dd:7a:d8:ec:78:
                    5e:84:5c:10:c2:f5:ae:2d:5a:29:79:52:ad:f9:a0:
                    7b:cc:a0:24:11:f7:29:3a:53:9a:d9:93:8a:10:9c:
                    1a:c8:5e:4b:eb:e6:24:4c:eb:f3:99:7f:fc:d7:a1:
                    4e:2b:4a:c8:9e:5f:e8:13:b4:a3:9e:5d:1f:66:d5:
                    db:7c:76:89:73:24:cc:09:12:ed:e1:fb:52:ea:e0:
                    7f:08:7d:bc:ff:31:61:e7:e1:02:ba:a8:bd:7b:b6:
                    08:3d:b5:52:3e:95:38:fd:52:32:f4:a9:b4:11:e8:
                    21:57:34:c9:44:95:25:64:54:35:7d:5e:46:4d:8e:
                    3f:a1:52:3c:9d:69:88:33:ab:ec:6e:1f:81:ac:31:
                    38:ea:f6:17:e0:b5:89:c4:93:50:e8:4f:a8:42:16:
                    33:5a:7b:45:79:3c:db:f3:df:59:fd:d0:59:36:25:
                    2a:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:85:71:F5:56:F9:52:73:3F:F5:AC:39:E9:84:9C:F7:2B:56:BA:62
            X509v3 Authority Key Identifier:
                keyid:EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:01:d7:09:47:c9:0d:e8:bb:40:03:d4:97:34:5f:89:9e:a6:
         6f:d0:c4:05:14:d3:73:89:ff:17:90:ca:5c:c5:63:90:c9:a1:
         77:77:c7:b3:67:1e:e6:a8:1d:9f:99:88:ce:e8:f2:f7:50:9b:
         de:f4:cf:cb:52:36:a1:b2:2f:31:d8:cf:e4:be:14:0d:0f:84:
         87:42:a7:97:13:a8:57:4c:f2:8f:72:df:dc:9d:28:65:c7:d3:
         5d:85:38:72:61:df:75:0e:22:02:b1:94:3d:a2:02:c4:eb:43:
         9a:22:9e:36:77:12:e9:88:fd:1f:1c:92:81:89:42:a3:5c:b0:
         ac:c7:15:42:21:a8:50:09:e9:c3:ff:2b:e1:91:73:64:3d:60:
         e1:2f:58:14:08:94:d8:58:dd:32:71:43:66:79:20:62:14:9b:
         66:d6:91:51:7b:f8:d3:48:35:7b:04:2f:bd:0a:b0:12:94:c8:
         37:59:b5:31:29:b9:10:ec:79:eb:0d:1d:9b:3b:4a:ca:98:38:
         04:ee:26:f6:58:19:f3:45:66:5b:f1:78:c6:a0:0c:ed:c3:f9:
         7a:f2:bd:3b:ac:f1:72:99:19:96:b6:eb:fc:89:ff:d6:7f:a6:
         6f:4f:44:6b:1a:99:3e:f2:7c:07:c3:9d:59:4d:c2:87:ff:e4:
         2c:20:31:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Zz9PnuVjrQ5LoYhvNjRURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNjhiNjY0Y2NkNTBjYTc2N2Q0NmZmYjM0ZjUzYTA2ZDEy
MGI1MjMwHhcNMjYwNDE3MDUwMDI3WhcNMjYwNDE4MDUwMDI3WjAzMTEwLwYDVQQD
Eyg2YTg1NzFmNTU2Zjk1MjczM2ZmNWFjMzllOTg0OWNmNzJiNTZiYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspjKAblte0DXqmkglbXVv7PEeuGj
Glh1YDyjUlqtvAdkEarJASrRqTblqxnUhfFB7935cXwhPHVkT/yWiy+7I3AV4cZh
Ah7bN0vkhShRSrgMHnUy3XrY7HhehFwQwvWuLVopeVKt+aB7zKAkEfcpOlOa2ZOK
EJwayF5L6+YkTOvzmX/816FOK0rInl/oE7Sjnl0fZtXbfHaJcyTMCRLt4ftS6uB/
CH28/zFh5+ECuqi9e7YIPbVSPpU4/VIy9Km0EeghVzTJRJUlZFQ1fV5GTY4/oVI8
nWmIM6vsbh+BrDE46vYX4LWJxJNQ6E+oQhYzWntFeTzb899Z/dBZNiUqPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGqFcfVW+VJzP/WsOemEnPcrVrpiMB8GA1UdIwQY
MBaAFO5otmTM1QynZ9Rv+zT1OgbRILUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUt
ZGVkN2FjMjUyNTQ0LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUtZGVkN2FjMjUyNTQ0
LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqQHXCUfJ
Dei7QAPUlzRfiZ6mb9DEBRTTc4n/F5DKXMVjkMmhd3fHs2ce5qgdn5mIzujy91Cb
3vTPy1I2obIvMdjP5L4UDQ+Eh0KnlxOoV0zyj3Lf3J0oZcfTXYU4cmHfdQ4iArGU
PaICxOtDmiKeNncS6Yj9HxySgYlCo1ywrMcVQiGoUAnpw/8r4ZFzZD1g4S9YFAiU
2FjdMnFDZnkgYhSbZtaRUXv400g1ewQvvQqwEpTIN1m1MSm5EOx56w0dmztKypg4
BO4m9lgZ80VmW/F4xqAM7cP5evK9O6zxcpkZlrbr/In/1n+mb09EaxqZPvJ8B8Od
WU3Ch//kLCAxeg==
-----END CERTIFICATE-----