Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
File:                     7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft (raw, json)
Hash identifier:          dz4CTQHE5022sUwv4r56Poh4j7d1QUJG++TxNL/Di/A=
Subject key identifier:   40:8A:17:F4:0C:04:90:00:9F:AA:20:AA:FE:E8:87:69:14:89:EB:3C
Authority key identifier: EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23
Certificate issuer:       /CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
Certificate serial:       019A4FCFD896D46128B4F0E4B4DA78DF5D9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
Manifest number:          0B34
Signing time:             Tue 04 Nov 2025 17:00:12 +0000
Manifest this update:     Tue 04 Nov 2025 17:00:12 +0000
Manifest next update:     Wed 05 Nov 2025 17:00:12 +0000
Files and hashes:         1: 7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl (hash: bNDoOuQthgn4q1kWs+4B9Juh1fV+no5GHgpLZtRPi+M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:cf:d8:96:d4:61:28:b4:f0:e4:b4:da:78:df:5d:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
        Validity
            Not Before: Nov  4 17:00:12 2025 GMT
            Not After : Nov  5 17:00:12 2025 GMT
        Subject: CN=408a17f40c0490009faa20aafee887691489eb3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b0:b9:45:ea:64:d0:17:76:66:19:e7:52:35:
                    17:11:d3:63:6d:c0:14:55:d1:d7:17:1e:6a:18:43:
                    ad:ea:68:36:d9:58:29:78:2c:55:41:18:8d:be:72:
                    10:65:26:d9:f1:ef:1b:24:03:51:49:fc:11:72:3f:
                    14:e3:1f:1b:e8:17:a6:8e:00:6a:4a:76:1b:db:cf:
                    dc:5f:ad:91:5e:eb:05:b0:b1:11:4f:cb:71:aa:9f:
                    b1:a0:4e:a7:10:24:ff:01:67:c8:ee:80:66:2a:4f:
                    2a:8c:9c:86:3c:2f:c0:53:cc:93:ab:06:dc:5d:86:
                    3b:12:70:4d:34:09:ea:a2:da:e5:e3:a8:71:d0:66:
                    11:72:b8:b3:89:1f:cc:79:5d:e6:ee:fa:20:81:eb:
                    cd:f5:d7:84:83:6c:d5:43:d0:cb:83:a5:d5:5e:0d:
                    50:1f:81:4e:bb:54:e7:34:bc:d9:6c:d0:a7:69:be:
                    76:24:c1:32:bb:92:ae:c5:21:a2:e1:ea:aa:e7:e1:
                    aa:a5:d2:a1:35:ab:ee:27:82:25:34:64:73:ad:81:
                    10:62:1a:bb:6f:14:9a:b4:c0:e9:80:56:8d:62:26:
                    b6:c7:15:e9:a0:77:1e:54:a1:f8:e0:1d:31:72:e0:
                    74:b3:57:7c:5d:72:5d:83:24:46:85:f9:95:e0:77:
                    05:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:8A:17:F4:0C:04:90:00:9F:AA:20:AA:FE:E8:87:69:14:89:EB:3C
            X509v3 Authority Key Identifier:
                keyid:EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:ee:04:1e:fa:28:ea:a2:39:6b:b7:2b:1e:75:03:d2:dd:dc:
         bc:75:6c:d9:f3:f1:58:e6:6d:61:72:a8:e2:01:7e:5d:b8:00:
         43:e3:a3:8e:16:dc:02:a7:f6:89:48:d1:c1:eb:28:f6:98:e3:
         3e:fb:43:d3:1c:aa:b8:be:12:5b:21:af:f0:89:cd:06:cd:88:
         6e:86:b5:8d:c6:5f:62:85:10:9d:f3:f3:d6:60:a6:c6:47:3e:
         c9:dc:0a:24:77:22:d1:f0:a9:7b:9e:cc:7c:ce:12:1d:ee:e4:
         5e:db:7f:91:8c:38:ca:f6:71:f1:d0:ad:46:40:5a:2a:f5:32:
         cb:81:67:3a:f6:92:83:55:aa:0b:08:7f:82:64:40:68:fd:9e:
         dd:63:d5:22:8d:58:2e:08:df:0c:af:a4:e6:1e:a5:01:38:8b:
         3b:eb:ed:38:6c:f4:81:5c:cd:0b:e3:b1:a8:c7:25:a6:b2:12:
         d7:6f:53:91:cb:c2:ab:ec:0b:ce:a2:9a:01:78:25:be:e8:b9:
         ce:a4:8b:97:0e:bd:7b:c8:66:62:76:50:1f:81:9a:f6:5f:0a:
         8d:d6:30:bc:59:ad:58:d4:39:f0:98:12:5d:3c:9d:8d:ff:8d:
         ea:28:db:70:67:73:eb:3c:b9:09:ce:54:10:8c:5a:d8:86:55:
         29:69:89:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPz9iW1GEotPDktNp4312aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNjhiNjY0Y2NkNTBjYTc2N2Q0NmZmYjM0ZjUzYTA2ZDEy
MGI1MjMwHhcNMjUxMTA0MTcwMDEyWhcNMjUxMTA1MTcwMDEyWjAzMTEwLwYDVQQD
Eyg0MDhhMTdmNDBjMDQ5MDAwOWZhYTIwYWFmZWU4ODc2OTE0ODllYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubC5Repk0Bd2ZhnnUjUXEdNjbcAU
VdHXFx5qGEOt6mg22VgpeCxVQRiNvnIQZSbZ8e8bJANRSfwRcj8U4x8b6BemjgBq
SnYb28/cX62RXusFsLERT8txqp+xoE6nECT/AWfI7oBmKk8qjJyGPC/AU8yTqwbc
XYY7EnBNNAnqotrl46hx0GYRcriziR/MeV3m7voggevN9deEg2zVQ9DLg6XVXg1Q
H4FOu1TnNLzZbNCnab52JMEyu5KuxSGi4eqq5+GqpdKhNavuJ4IlNGRzrYEQYhq7
bxSatMDpgFaNYia2xxXpoHceVKH44B0xcuB0s1d8XXJdgyRGhfmV4HcFwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECKF/QMBJAAn6ogqv7oh2kUies8MB8GA1UdIwQY
MBaAFO5otmTM1QynZ9Rv+zT1OgbRILUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUt
ZGVkN2FjMjUyNTQ0LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUtZGVkN2FjMjUyNTQ0
LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASe4EHvoo
6qI5a7crHnUD0t3cvHVs2fPxWOZtYXKo4gF+XbgAQ+OjjhbcAqf2iUjRweso9pjj
PvtD0xyquL4SWyGv8InNBs2Iboa1jcZfYoUQnfPz1mCmxkc+ydwKJHci0fCpe57M
fM4SHe7kXtt/kYw4yvZx8dCtRkBaKvUyy4FnOvaSg1WqCwh/gmRAaP2e3WPVIo1Y
LgjfDK+k5h6lATiLO+vtOGz0gVzNC+OxqMclprIS129TkcvCq+wLzqKaAXglvui5
zqSLlw69e8hmYnZQH4Ga9l8KjdYwvFmtWNQ58JgSXTydjf+N6ijbcGdz6zy5Cc5U
EIxa2IZVKWmJiA==
-----END CERTIFICATE-----