Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
File:                     LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft (raw, json)
Hash identifier:          1lCpIVP/OcPjKZ06iCnGjfzVX1fvSQWBNEdddlEWWHQ=
Subject key identifier:   B8:22:1E:30:E7:5A:A3:1D:EA:08:C1:B3:93:66:19:B4:CF:AA:C2:7D
Authority key identifier: 2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43
Certificate issuer:       /CN=2c9822008d9cc7012d6030429b28d858dbbaca43
Certificate serial:       019D38655ADDC8E1691332B52D220191DACA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
Manifest number:          0FEF
Signing time:             Sun 29 Mar 2026 07:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 07:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 07:00:59 +0000
Files and hashes:         1: LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl (hash: d8e4RUHPhFMzsSDmNseVvWEm2absUoH/sPJcEYnxukg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:5a:dd:c8:e1:69:13:32:b5:2d:22:01:91:da:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c9822008d9cc7012d6030429b28d858dbbaca43
        Validity
            Not Before: Mar 29 07:00:59 2026 GMT
            Not After : Mar 30 07:00:59 2026 GMT
        Subject: CN=b8221e30e75aa31dea08c1b3936619b4cfaac27d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:7f:f9:58:48:09:52:b1:9a:8d:61:d5:27:92:
                    36:e4:c3:81:c9:fe:b1:ee:c8:2f:4c:12:a6:3f:f3:
                    67:63:97:4e:98:ef:9a:85:6d:12:bf:71:9b:b2:15:
                    b8:6e:36:b3:86:c1:01:ad:e0:b4:3c:a1:a2:83:9e:
                    7c:2c:d0:c8:df:3a:c0:a3:a1:1b:2e:76:5f:58:5e:
                    85:06:11:9a:63:5b:3d:e5:b8:2d:68:48:74:dd:d2:
                    4a:99:cc:77:af:6c:a1:ba:8e:8f:88:1b:e2:98:e8:
                    57:68:40:92:4b:c1:14:98:87:4f:a7:6c:a3:4e:74:
                    21:e1:75:28:5d:ec:60:e6:47:13:1d:31:48:16:b1:
                    ae:98:37:8c:91:c8:d4:71:61:27:35:2e:f6:fd:6f:
                    fa:0c:ab:6d:7f:9f:f6:e5:f0:1a:27:52:77:7a:f3:
                    05:e2:db:fc:08:0d:50:48:16:72:af:1f:0b:99:87:
                    04:f1:c2:e7:9d:2d:2e:21:e9:83:c0:cc:83:c8:d0:
                    4c:4c:fb:07:c6:9e:e2:da:fc:5c:50:21:65:f3:11:
                    b4:a4:15:ed:e6:32:e2:d6:ce:4f:90:c5:a3:85:4e:
                    a1:fb:a1:a2:c5:29:87:9f:2e:c3:ae:2a:0c:51:27:
                    86:19:8f:3d:2a:6b:eb:51:bd:24:b1:ce:d7:ed:6c:
                    04:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:22:1E:30:E7:5A:A3:1D:EA:08:C1:B3:93:66:19:B4:CF:AA:C2:7D
            X509v3 Authority Key Identifier:
                keyid:2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:65:09:88:29:ca:d2:f7:26:e0:bc:5a:f7:c7:18:95:4c:57:
         44:76:b6:01:72:39:95:4f:a1:77:d9:38:e4:98:f8:a8:0d:28:
         2b:95:ea:4d:58:47:b6:81:4d:65:c6:39:b3:42:c4:03:c5:14:
         3c:48:17:98:5c:32:d7:fa:64:78:c1:d4:98:ec:0c:27:d5:f5:
         bf:5a:ef:42:1e:56:e8:50:cd:e8:16:8c:60:67:b8:d4:18:df:
         45:7f:ff:64:06:c5:7a:27:ad:45:2d:2b:cc:ce:be:fe:66:36:
         76:93:4d:a9:1b:19:da:96:af:ff:a2:9e:7d:ba:ed:30:64:11:
         a6:31:96:9b:41:ac:a9:b2:9b:7f:d4:0e:c5:02:6c:29:a9:f2:
         d1:f8:23:97:f5:14:7e:eb:64:89:02:a1:cf:02:44:af:a2:5b:
         b9:ad:91:e9:83:e9:33:0a:28:29:37:c2:b3:ae:88:3d:32:40:
         12:5f:9a:4e:a9:82:7a:15:5a:46:1c:f3:e7:93:93:c3:d6:b7:
         55:83:a1:98:31:84:2c:ff:83:1e:c2:0e:ee:b7:ee:17:20:95:
         88:06:65:f0:f1:b4:94:84:3e:e0:df:d4:29:64:20:51:9c:b2:
         5f:1c:51:77:f3:e9:a3:4c:2e:4d:bc:16:ac:2a:da:ed:7a:de:
         52:d7:a3:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZVrdyOFpEzK1LSIBkdrKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTgyMjAwOGQ5Y2M3MDEyZDYwMzA0MjliMjhkODU4ZGJi
YWNhNDMwHhcNMjYwMzI5MDcwMDU5WhcNMjYwMzMwMDcwMDU5WjAzMTEwLwYDVQQD
EyhiODIyMWUzMGU3NWFhMzFkZWEwOGMxYjM5MzY2MTliNGNmYWFjMjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmn/5WEgJUrGajWHVJ5I25MOByf6x
7sgvTBKmP/NnY5dOmO+ahW0Sv3GbshW4bjazhsEBreC0PKGig558LNDI3zrAo6Eb
LnZfWF6FBhGaY1s95bgtaEh03dJKmcx3r2yhuo6PiBvimOhXaECSS8EUmIdPp2yj
TnQh4XUoXexg5kcTHTFIFrGumDeMkcjUcWEnNS72/W/6DKttf5/25fAaJ1J3evMF
4tv8CA1QSBZyrx8LmYcE8cLnnS0uIemDwMyDyNBMTPsHxp7i2vxcUCFl8xG0pBXt
5jLi1s5PkMWjhU6h+6GixSmHny7DrioMUSeGGY89KmvrUb0ksc7X7WwEuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgiHjDnWqMd6gjBs5NmGbTPqsJ9MB8GA1UdIwQY
MBaAFCyYIgCNnMcBLWAwQpso2FjbuspDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYt
NDFjYTJkM2FhZTcxLzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYtNDFjYTJkM2FhZTcx
LzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcGUJiCnK
0vcm4Lxa98cYlUxXRHa2AXI5lU+hd9k45Jj4qA0oK5XqTVhHtoFNZcY5s0LEA8UU
PEgXmFwy1/pkeMHUmOwMJ9X1v1rvQh5W6FDN6BaMYGe41BjfRX//ZAbFeietRS0r
zM6+/mY2dpNNqRsZ2pav/6KefbrtMGQRpjGWm0GsqbKbf9QOxQJsKany0fgjl/UU
futkiQKhzwJEr6Jbua2R6YPpMwooKTfCs66IPTJAEl+aTqmCehVaRhzz55OTw9a3
VYOhmDGELP+DHsIO7rfuFyCViAZl8PG0lIQ+4N/UKWQgUZyyXxxRd/Ppo0wuTbwW
rCra7XreUtejyA==
-----END CERTIFICATE-----