Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
File:                     LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft (raw, json)
Hash identifier:          6/7nHBEgcfy+3XNPNjmeE2/+KV/Hz5urEpiUM42PvTY=
Subject key identifier:   EF:32:27:DA:F7:52:23:82:5D:ED:A2:B5:63:C1:22:A9:75:28:8F:39
Authority key identifier: 2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43
Certificate issuer:       /CN=2c9822008d9cc7012d6030429b28d858dbbaca43
Certificate serial:       01974A7B1270CF94F0BA61C370F495D462D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
Manifest number:          0CDD
Signing time:             Sat 07 Jun 2025 13:01:08 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:08 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:08 +0000
Files and hashes:         1: LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl (hash: ucmu8PIJ+SxpRP1ob5iQOM/xwfridf67Tf1LzCA+vEU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 13:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:12:70:cf:94:f0:ba:61:c3:70:f4:95:d4:62:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c9822008d9cc7012d6030429b28d858dbbaca43
        Validity
            Not Before: Jun  7 13:01:08 2025 GMT
            Not After : Jun  8 13:01:08 2025 GMT
        Subject: CN=ef3227daf75223825deda2b563c122a975288f39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:ea:8e:df:6b:6c:65:44:f3:7f:20:b4:7b:a6:
                    43:13:b3:de:0e:ea:83:8c:d9:d0:e8:73:f9:08:cc:
                    e5:f3:94:aa:9a:f2:f1:dd:55:f5:61:be:34:8c:1d:
                    65:4a:50:26:7c:0e:a3:ea:48:cc:a3:76:46:fe:93:
                    74:7c:c2:a2:81:e3:2b:ed:a6:a6:0d:55:49:b0:41:
                    47:26:31:fb:44:7a:74:a5:fa:38:c8:17:2a:e1:9c:
                    a2:b3:7d:a4:15:3c:81:5e:c4:96:ed:7d:24:8d:8e:
                    43:a4:cd:ea:a6:29:97:27:59:f6:69:67:45:67:99:
                    4a:56:93:01:c1:f8:33:94:bb:a6:de:e1:d2:5a:cf:
                    10:ff:ef:e6:5d:c7:b8:2c:51:5f:76:35:49:55:6b:
                    b1:04:5a:13:4d:d9:42:1f:5d:dd:01:68:6a:ab:11:
                    a6:e6:22:de:4d:01:71:ab:56:36:6b:ec:b2:8c:32:
                    02:f3:08:cd:00:32:95:4d:b1:ae:38:6e:40:69:bd:
                    af:51:29:2a:27:32:ed:48:fb:9f:95:5b:12:99:94:
                    d1:59:72:f4:38:d5:56:22:18:e6:88:1f:71:b0:c8:
                    4d:e4:98:3d:ce:33:a7:2c:3f:cd:fd:f1:ae:7a:43:
                    77:60:9b:08:5d:bd:d1:2f:25:10:b6:78:86:ff:55:
                    84:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:32:27:DA:F7:52:23:82:5D:ED:A2:B5:63:C1:22:A9:75:28:8F:39
            X509v3 Authority Key Identifier:
                keyid:2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:29:78:51:1e:82:93:5b:47:5d:05:0f:e0:19:eb:aa:70:a2:
         80:ca:c3:c9:0f:35:53:93:31:fd:f0:45:47:28:ee:0a:93:11:
         b5:3e:e6:e1:4d:98:3d:0a:a9:6c:3c:f9:83:6f:53:b2:a7:7f:
         b1:f9:05:5c:1a:1d:59:26:9d:3a:f5:f0:ec:1d:ca:65:4b:33:
         20:59:59:13:b5:17:7e:63:d2:ec:cd:06:d1:87:71:db:63:43:
         f2:b5:d4:1b:90:08:60:ee:c6:13:07:5e:2d:cd:f7:f7:b1:ad:
         4a:2f:cc:74:c8:f3:e7:0d:d0:ba:57:94:4a:7f:6a:ff:9c:ca:
         ab:a0:81:5d:33:8c:0c:47:1a:1e:af:b9:6e:b7:74:0f:0b:4d:
         42:d0:ca:8b:72:29:3a:1a:fe:f4:af:e8:d4:e4:cb:85:9f:bd:
         a6:c4:c1:72:97:11:be:e3:27:02:32:c0:d3:f4:d6:dc:90:bf:
         f9:eb:19:16:6f:f3:3a:09:78:f7:03:4c:bd:e6:04:c3:e2:78:
         fc:85:bb:54:e6:c4:28:41:ca:53:f3:58:a1:b6:78:21:7f:42:
         87:f9:66:d2:85:5f:ca:c4:4c:df:fc:3c:77:8c:f0:66:28:e9:
         9e:bc:19:e5:5f:60:9b:09:da:24:05:c8:22:e6:1b:38:d3:41:
         5b:ad:2f:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKexJwz5TwumHDcPSV1GLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTgyMjAwOGQ5Y2M3MDEyZDYwMzA0MjliMjhkODU4ZGJi
YWNhNDMwHhcNMjUwNjA3MTMwMTA4WhcNMjUwNjA4MTMwMTA4WjAzMTEwLwYDVQQD
EyhlZjMyMjdkYWY3NTIyMzgyNWRlZGEyYjU2M2MxMjJhOTc1Mjg4ZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuqO32tsZUTzfyC0e6ZDE7PeDuqD
jNnQ6HP5CMzl85SqmvLx3VX1Yb40jB1lSlAmfA6j6kjMo3ZG/pN0fMKigeMr7aam
DVVJsEFHJjH7RHp0pfo4yBcq4Zyis32kFTyBXsSW7X0kjY5DpM3qpimXJ1n2aWdF
Z5lKVpMBwfgzlLum3uHSWs8Q/+/mXce4LFFfdjVJVWuxBFoTTdlCH13dAWhqqxGm
5iLeTQFxq1Y2a+yyjDIC8wjNADKVTbGuOG5Aab2vUSkqJzLtSPuflVsSmZTRWXL0
ONVWIhjmiB9xsMhN5Jg9zjOnLD/N/fGuekN3YJsIXb3RLyUQtniG/1WELwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO8yJ9r3UiOCXe2itWPBIql1KI85MB8GA1UdIwQY
MBaAFCyYIgCNnMcBLWAwQpso2FjbuspDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYt
NDFjYTJkM2FhZTcxLzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYtNDFjYTJkM2FhZTcx
LzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAESl4UR6C
k1tHXQUP4BnrqnCigMrDyQ81U5Mx/fBFRyjuCpMRtT7m4U2YPQqpbDz5g29Tsqd/
sfkFXBodWSadOvXw7B3KZUszIFlZE7UXfmPS7M0G0Ydx22ND8rXUG5AIYO7GEwde
Lc3397GtSi/MdMjz5w3QuleUSn9q/5zKq6CBXTOMDEcaHq+5brd0DwtNQtDKi3Ip
Ohr+9K/o1OTLhZ+9psTBcpcRvuMnAjLA0/TW3JC/+esZFm/zOgl49wNMveYEw+J4
/IW7VObEKEHKU/NYobZ4IX9Ch/lm0oVfysRM3/w8d4zwZijpnrwZ5V9gmwnaJAXI
IuYbONNBW60v6g==
-----END CERTIFICATE-----