Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
File:                     LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft (raw, json)
Hash identifier:          S+l1ofm+esyQE6OqHLjAKJN1JcgJfKTJ1xAAdyDRWcQ=
Subject key identifier:   7B:1C:0C:C5:39:55:11:F4:EB:B0:F0:BC:29:B8:3E:C0:BF:82:42:73
Authority key identifier: 2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43
Certificate issuer:       /CN=2c9822008d9cc7012d6030429b28d858dbbaca43
Certificate serial:       019923A0FD0BBF0963DC728C0216F1BBFCB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
Manifest number:          0DD2
Signing time:             Sun 07 Sep 2025 10:02:56 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:56 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:56 +0000
Files and hashes:         1: LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl (hash: TuIN9+XHmuYthy/aJMqKY/ENI9I9EWnSI2TiqP2zRtg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:fd:0b:bf:09:63:dc:72:8c:02:16:f1:bb:fc:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c9822008d9cc7012d6030429b28d858dbbaca43
        Validity
            Not Before: Sep  7 10:02:56 2025 GMT
            Not After : Sep  8 10:02:56 2025 GMT
        Subject: CN=7b1c0cc5395511f4ebb0f0bc29b83ec0bf824273
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:31:55:5f:8b:99:db:6f:71:81:f7:ef:03:53:
                    26:20:35:37:fa:11:72:5d:c9:1b:50:0d:b5:bd:af:
                    19:e7:ce:64:4c:0c:7d:b9:ac:53:b7:f9:4a:91:5b:
                    eb:bc:3a:b2:68:9b:6a:08:74:ff:c3:5a:df:ab:9c:
                    a8:f6:e9:40:2f:ca:0c:03:72:9a:ed:32:4f:7f:ef:
                    83:f5:02:c5:51:37:00:9c:d6:ed:de:24:b2:91:ca:
                    ab:1b:c4:67:d8:a4:25:b5:05:d4:7e:97:b0:19:e4:
                    9b:3d:7e:ea:07:c1:f7:54:fa:f7:d8:35:a3:c8:1d:
                    97:c6:cb:ad:b3:b9:b1:dd:fb:09:3e:ce:1c:ce:0e:
                    37:ee:bb:4a:43:77:d8:bd:c2:1f:c7:6c:63:c8:11:
                    ba:61:37:b2:1f:fc:a0:81:6b:ff:ca:c9:1c:c3:43:
                    dc:41:94:04:28:2d:2e:82:21:64:95:01:76:12:32:
                    86:a7:8d:18:96:15:37:e3:6b:59:ff:a6:12:b9:47:
                    d0:62:09:1f:79:f8:56:6a:00:b8:f4:bf:52:76:d3:
                    47:cf:13:fd:89:b2:e8:33:df:8d:c5:e9:e4:e2:77:
                    85:91:4c:ad:5d:9e:57:4f:70:69:ef:0f:40:c6:54:
                    2d:84:54:89:0b:d8:ad:ae:de:69:51:a1:a1:ea:78:
                    e4:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:1C:0C:C5:39:55:11:F4:EB:B0:F0:BC:29:B8:3E:C0:BF:82:42:73
            X509v3 Authority Key Identifier:
                keyid:2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:cf:cf:40:70:95:c9:5b:bf:93:5f:0d:10:83:f7:e7:da:41:
         b4:04:e2:63:ba:35:57:82:99:cf:ee:1f:c6:c3:75:2a:70:ff:
         bf:f0:20:6b:56:0d:dc:f9:2e:52:29:3c:b6:d9:dc:96:c8:8e:
         76:9b:81:99:99:ea:7b:4e:3b:f9:95:1f:6a:3e:dd:57:ee:3c:
         d8:c0:24:ab:74:81:d7:49:99:0f:65:24:f3:70:69:96:33:3a:
         83:8a:e2:ca:20:ed:75:8f:dc:2f:5b:2e:c9:93:0b:36:21:c9:
         cc:19:79:17:40:ff:be:b3:fe:28:0a:56:50:d7:6d:4f:db:7c:
         3c:6a:b7:2b:8a:d3:6e:6d:e2:b8:d6:7a:af:7f:4b:ce:43:65:
         18:16:c1:70:42:14:8c:53:e0:06:38:88:8f:67:cd:6a:36:91:
         40:fa:e8:3f:57:6d:bb:5d:eb:92:f6:ad:e8:0d:70:26:c1:b6:
         14:7f:01:79:3b:11:65:86:f5:b1:5c:94:ea:8f:2e:99:a4:c9:
         a4:bf:33:e3:1d:be:e8:fc:53:9c:06:c4:33:69:52:73:57:97:
         c4:a5:d3:c8:0e:a6:cd:2d:9e:d3:ce:9f:ea:d3:7c:b9:10:ff:
         2e:3a:6d:f2:66:9d:be:e4:ff:b6:64:01:33:6a:ee:b4:15:3c:
         39:56:b1:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoP0Lvwlj3HKMAhbxu/yxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTgyMjAwOGQ5Y2M3MDEyZDYwMzA0MjliMjhkODU4ZGJi
YWNhNDMwHhcNMjUwOTA3MTAwMjU2WhcNMjUwOTA4MTAwMjU2WjAzMTEwLwYDVQQD
Eyg3YjFjMGNjNTM5NTUxMWY0ZWJiMGYwYmMyOWI4M2VjMGJmODI0MjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTFVX4uZ229xgffvA1MmIDU3+hFy
XckbUA21va8Z585kTAx9uaxTt/lKkVvrvDqyaJtqCHT/w1rfq5yo9ulAL8oMA3Ka
7TJPf++D9QLFUTcAnNbt3iSykcqrG8Rn2KQltQXUfpewGeSbPX7qB8H3VPr32DWj
yB2Xxsuts7mx3fsJPs4czg437rtKQ3fYvcIfx2xjyBG6YTeyH/yggWv/yskcw0Pc
QZQEKC0ugiFklQF2EjKGp40YlhU342tZ/6YSuUfQYgkfefhWagC49L9SdtNHzxP9
ibLoM9+Nxenk4neFkUytXZ5XT3Bp7w9AxlQthFSJC9itrt5pUaGh6njk1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHscDMU5VRH067DwvCm4PsC/gkJzMB8GA1UdIwQY
MBaAFCyYIgCNnMcBLWAwQpso2FjbuspDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYt
NDFjYTJkM2FhZTcxLzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYtNDFjYTJkM2FhZTcx
LzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdM/PQHCV
yVu/k18NEIP359pBtATiY7o1V4KZz+4fxsN1KnD/v/Aga1YN3PkuUik8ttnclsiO
dpuBmZnqe047+ZUfaj7dV+482MAkq3SB10mZD2Uk83BpljM6g4riyiDtdY/cL1su
yZMLNiHJzBl5F0D/vrP+KApWUNdtT9t8PGq3K4rTbm3iuNZ6r39LzkNlGBbBcEIU
jFPgBjiIj2fNajaRQProP1dtu13rkvat6A1wJsG2FH8BeTsRZYb1sVyU6o8umaTJ
pL8z4x2+6PxTnAbEM2lSc1eXxKXTyA6mzS2e086f6tN8uRD/Ljpt8madvuT/tmQB
M2rutBU8OVax+A==
-----END CERTIFICATE-----