Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
File:                     LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft (raw, json)
Hash identifier:          UCiMHXHlnI+9b9dFXV+RLWpu8B04Yahgk//ttIU8xXc=
Subject key identifier:   8F:D4:78:0A:8A:01:A5:8C:7A:15:D2:50:11:C3:21:2E:4E:83:7B:55
Authority key identifier: 2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43
Certificate issuer:       /CN=2c9822008d9cc7012d6030429b28d858dbbaca43
Certificate serial:       019A71B8DAA0ADBC1E7FAC9B8B4E8DACAB79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
Manifest number:          0E7F
Signing time:             Tue 11 Nov 2025 07:02:11 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:11 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:11 +0000
Files and hashes:         1: LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl (hash: DddCr8YoFHoZHO5yQ1sxVI1NadZGjqXB2mESwfCU+oA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:da:a0:ad:bc:1e:7f:ac:9b:8b:4e:8d:ac:ab:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c9822008d9cc7012d6030429b28d858dbbaca43
        Validity
            Not Before: Nov 11 07:02:11 2025 GMT
            Not After : Nov 12 07:02:11 2025 GMT
        Subject: CN=8fd4780a8a01a58c7a15d25011c3212e4e837b55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:5f:f4:02:ee:ef:b6:59:83:b1:a3:23:9f:ab:
                    5b:1f:0c:07:57:62:9a:d3:e5:ce:c5:28:f6:25:03:
                    e1:b7:ef:d3:22:4f:ab:f9:d6:02:49:b3:2c:12:fd:
                    63:b4:3b:24:86:2a:fd:81:02:79:50:a3:aa:8e:f7:
                    ca:c1:f5:02:96:3e:48:7f:1e:e3:5f:67:16:29:ff:
                    30:53:85:48:48:88:ae:99:60:74:c3:c7:ff:3c:a2:
                    ad:9b:73:b9:08:2e:f0:fe:7c:7b:52:dd:75:a7:8b:
                    46:b9:d9:ee:9f:cd:3a:93:0a:5e:80:51:ac:15:38:
                    a9:83:fb:3a:de:06:cd:6e:4a:30:4e:2c:b5:c3:7d:
                    8c:cc:fb:2b:d0:6e:9d:27:07:2c:6e:3f:5d:d7:63:
                    29:7f:1c:3a:25:7e:b1:97:be:c6:76:02:15:f3:06:
                    56:3c:e1:b5:55:09:9a:9f:19:49:c4:94:d3:36:7a:
                    6e:a2:6e:8c:cf:58:d7:fa:0d:02:e8:c8:8e:fc:ac:
                    ef:64:c4:d7:a5:b4:71:23:4d:9c:74:80:75:53:cf:
                    c0:06:11:30:7f:7d:49:e9:b3:98:ed:42:f1:f7:da:
                    28:b8:a6:bd:5a:1e:b4:66:88:fd:c9:34:0a:2a:d7:
                    19:65:40:bf:02:c9:2d:ae:98:a0:d9:e4:88:c4:3f:
                    64:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:D4:78:0A:8A:01:A5:8C:7A:15:D2:50:11:C3:21:2E:4E:83:7B:55
            X509v3 Authority Key Identifier:
                keyid:2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:72:6e:ee:bc:bb:b5:62:c5:62:fb:3b:9e:f1:b9:78:20:c0:
         58:47:91:c8:df:5f:07:72:6b:c8:67:b1:e7:96:eb:71:67:d1:
         6f:f2:79:f2:ab:ce:65:44:e3:26:cd:e2:5b:93:36:ba:cb:ae:
         03:61:37:d9:7b:45:12:ba:ce:e7:3f:09:c9:08:be:79:6c:2b:
         cc:8a:ad:e2:c3:db:64:00:dd:8b:19:79:d4:63:08:ce:6d:66:
         4d:bb:06:99:23:9c:45:24:20:99:4f:ce:5e:e7:35:79:a1:95:
         d4:75:60:df:bd:27:83:ca:f3:d0:92:d8:06:5a:0a:f1:90:91:
         24:23:d9:55:7b:cf:20:46:00:af:e4:7b:81:f6:ec:92:c7:2d:
         ef:d9:cc:74:f7:b5:b8:da:30:13:c8:97:66:a9:c0:34:6b:35:
         ee:95:71:b2:fe:f0:f0:7d:b2:42:ed:37:3c:6c:0b:8a:95:1e:
         f5:c4:c2:81:53:e5:42:a2:40:71:bb:3f:d1:bc:f1:51:5f:2a:
         3e:f7:47:ba:95:24:de:6f:2b:86:46:f5:88:32:7a:29:b5:50:
         ac:a0:48:83:f9:06:44:8c:05:f6:bf:41:25:a1:28:c5:fd:b7:
         9b:e9:d0:f4:24:5c:07:45:be:65:80:dc:cf:ae:8b:bb:1f:8f:
         2b:f4:49:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNqgrbwef6ybi06NrKt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTgyMjAwOGQ5Y2M3MDEyZDYwMzA0MjliMjhkODU4ZGJi
YWNhNDMwHhcNMjUxMTExMDcwMjExWhcNMjUxMTEyMDcwMjExWjAzMTEwLwYDVQQD
Eyg4ZmQ0NzgwYThhMDFhNThjN2ExNWQyNTAxMWMzMjEyZTRlODM3YjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3l/0Au7vtlmDsaMjn6tbHwwHV2Ka
0+XOxSj2JQPht+/TIk+r+dYCSbMsEv1jtDskhir9gQJ5UKOqjvfKwfUClj5Ifx7j
X2cWKf8wU4VISIiumWB0w8f/PKKtm3O5CC7w/nx7Ut11p4tGudnun806kwpegFGs
FTipg/s63gbNbkowTiy1w32MzPsr0G6dJwcsbj9d12Mpfxw6JX6xl77GdgIV8wZW
POG1VQmanxlJxJTTNnpuom6Mz1jX+g0C6MiO/KzvZMTXpbRxI02cdIB1U8/ABhEw
f31J6bOY7ULx99oouKa9Wh60Zoj9yTQKKtcZZUC/Asktrpig2eSIxD9k7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI/UeAqKAaWMehXSUBHDIS5Og3tVMB8GA1UdIwQY
MBaAFCyYIgCNnMcBLWAwQpso2FjbuspDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYt
NDFjYTJkM2FhZTcxLzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYtNDFjYTJkM2FhZTcx
LzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHHJu7ry7
tWLFYvs7nvG5eCDAWEeRyN9fB3JryGex55brcWfRb/J58qvOZUTjJs3iW5M2usuu
A2E32XtFErrO5z8JyQi+eWwrzIqt4sPbZADdixl51GMIzm1mTbsGmSOcRSQgmU/O
Xuc1eaGV1HVg370ng8rz0JLYBloK8ZCRJCPZVXvPIEYAr+R7gfbsksct79nMdPe1
uNowE8iXZqnANGs17pVxsv7w8H2yQu03PGwLipUe9cTCgVPlQqJAcbs/0bzxUV8q
PvdHupUk3m8rhkb1iDJ6KbVQrKBIg/kGRIwF9r9BJaEoxf23m+nQ9CRcB0W+ZYDc
z66Lux+PK/RJYg==
-----END CERTIFICATE-----