Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
File:                     7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft (raw, json)
Hash identifier:          bnDNZ4xPSDR15zRMCP5rbqdHbsgVMRtTzpqj3KyFOKE=
Subject key identifier:   C7:FB:E4:77:3A:D1:8D:13:3D:E7:D6:47:37:90:7E:F6:55:12:68:DF
Authority key identifier: EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23
Certificate issuer:       /CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
Certificate serial:       01988DD93DD3E097D5C64D6681EA4EDE17D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
Manifest number:          0A4B
Signing time:             Sat 09 Aug 2025 08:01:21 +0000
Manifest this update:     Sat 09 Aug 2025 08:01:21 +0000
Manifest next update:     Sun 10 Aug 2025 08:01:21 +0000
Files and hashes:         1: 7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl (hash: XCDvyzel50xajjmZ/mw01OX9zE0cqEk5ilX4dJYZBXg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 05:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8d:d9:3d:d3:e0:97:d5:c6:4d:66:81:ea:4e:de:17:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
        Validity
            Not Before: Aug  9 08:01:21 2025 GMT
            Not After : Aug 10 08:01:21 2025 GMT
        Subject: CN=c7fbe4773ad18d133de7d64737907ef6551268df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ec:f5:59:1f:48:da:26:fd:ef:31:79:93:b4:
                    92:55:e3:bf:17:b9:03:da:64:d8:2e:7a:54:14:4b:
                    e5:d9:8a:ca:1d:b9:de:68:2a:7f:b3:db:16:4e:da:
                    6b:3e:bb:f9:50:6c:b1:58:09:f8:b9:d3:de:14:e7:
                    ce:bf:92:73:3f:d9:ee:67:46:5f:d8:a6:05:7b:cd:
                    97:46:e1:cd:f5:29:30:b3:f1:99:5e:c5:d1:99:12:
                    68:2e:e8:67:bf:e5:73:6a:32:b5:4a:68:61:49:15:
                    85:1a:75:6a:34:a7:4e:1a:6f:ce:a7:71:cd:61:a3:
                    bb:ba:0a:c7:16:01:dc:15:3f:7d:e4:fc:4a:ca:12:
                    4d:7c:dd:ac:dc:f5:b9:bd:cf:27:6f:b5:d5:dd:46:
                    d6:1d:fc:1b:2e:1f:5d:f6:19:34:ff:ba:5e:3a:69:
                    02:82:d1:4b:96:fd:76:07:6c:05:a7:a6:64:50:8a:
                    a8:6e:82:9f:87:c6:a2:6e:6b:bd:fa:67:8a:fb:2d:
                    5f:1e:cd:95:77:bd:f6:3c:82:57:f1:af:f7:d1:c0:
                    07:2d:06:10:a3:1d:8a:c2:5b:d9:ce:ef:0a:56:4f:
                    06:1a:a8:a3:6f:32:b7:14:40:4d:50:10:ff:70:04:
                    bd:72:cd:70:25:44:8a:63:e4:51:f5:6e:96:e1:28:
                    b5:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:FB:E4:77:3A:D1:8D:13:3D:E7:D6:47:37:90:7E:F6:55:12:68:DF
            X509v3 Authority Key Identifier:
                keyid:EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:91:eb:41:79:cd:c6:b9:4f:98:1d:12:76:f1:38:15:7e:be:
         44:b8:3f:41:ea:ae:23:d2:b4:bb:73:99:54:bf:1e:fb:d1:29:
         24:cc:bc:af:ad:74:01:c0:d0:3a:91:88:91:55:8d:44:7a:10:
         47:37:ea:fd:28:88:75:ec:5d:26:bc:e4:ad:a5:eb:b4:83:42:
         dd:04:7b:f7:7e:83:2f:7c:56:50:13:95:5b:6f:a8:69:a1:26:
         db:f2:ab:a4:76:e8:33:db:de:a7:ce:ea:a5:8e:dc:f0:b6:6b:
         f8:9f:07:fd:f6:b1:23:ba:bd:76:76:cd:56:74:88:7f:ae:ca:
         a5:09:d9:85:a4:ef:8e:0f:10:03:ba:c8:8d:be:98:f9:c4:40:
         05:94:bf:b1:f6:3f:07:fd:4f:fb:35:8a:bb:b1:42:31:fb:af:
         0b:2e:d8:7e:c8:bc:5a:90:83:03:1e:44:b8:a4:e1:58:31:df:
         4d:43:5f:63:a2:09:1a:28:6e:48:4b:72:5b:ef:07:14:89:e5:
         a2:11:75:b8:de:5f:67:8e:5e:c4:ea:3b:e5:71:56:ff:5d:a8:
         d2:c9:86:f6:ae:80:08:3b:c4:ed:14:75:4a:86:f5:4e:cc:45:
         cb:8d:60:29:1f:f5:e0:ea:db:7f:5b:c8:02:f3:64:ff:ba:d7:
         d7:3a:74:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiN2T3T4JfVxk1mgepO3hfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNjhiNjY0Y2NkNTBjYTc2N2Q0NmZmYjM0ZjUzYTA2ZDEy
MGI1MjMwHhcNMjUwODA5MDgwMTIxWhcNMjUwODEwMDgwMTIxWjAzMTEwLwYDVQQD
EyhjN2ZiZTQ3NzNhZDE4ZDEzM2RlN2Q2NDczNzkwN2VmNjU1MTI2OGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+z1WR9I2ib97zF5k7SSVeO/F7kD
2mTYLnpUFEvl2YrKHbneaCp/s9sWTtprPrv5UGyxWAn4udPeFOfOv5JzP9nuZ0Zf
2KYFe82XRuHN9Skws/GZXsXRmRJoLuhnv+VzajK1SmhhSRWFGnVqNKdOGm/Op3HN
YaO7ugrHFgHcFT995PxKyhJNfN2s3PW5vc8nb7XV3UbWHfwbLh9d9hk0/7peOmkC
gtFLlv12B2wFp6ZkUIqoboKfh8aibmu9+meK+y1fHs2Vd732PIJX8a/30cAHLQYQ
ox2KwlvZzu8KVk8GGqijbzK3FEBNUBD/cAS9cs1wJUSKY+RR9W6W4Si1cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMf75Hc60Y0TPefWRzeQfvZVEmjfMB8GA1UdIwQY
MBaAFO5otmTM1QynZ9Rv+zT1OgbRILUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUt
ZGVkN2FjMjUyNTQ0LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUtZGVkN2FjMjUyNTQ0
LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbpHrQXnN
xrlPmB0SdvE4FX6+RLg/QequI9K0u3OZVL8e+9EpJMy8r610AcDQOpGIkVWNRHoQ
Rzfq/SiIdexdJrzkraXrtINC3QR7936DL3xWUBOVW2+oaaEm2/KrpHboM9vep87q
pY7c8LZr+J8H/faxI7q9dnbNVnSIf67KpQnZhaTvjg8QA7rIjb6Y+cRABZS/sfY/
B/1P+zWKu7FCMfuvCy7Yfsi8WpCDAx5EuKThWDHfTUNfY6IJGihuSEtyW+8HFInl
ohF1uN5fZ45exOo75XFW/12o0smG9q6ACDvE7RR1Sob1TsxFy41gKR/14Orbf1vI
AvNk/7rX1zp0Tg==
-----END CERTIFICATE-----