Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
File:                     LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft (raw, json)
Hash identifier:          WkMWJn1R5YTpDbmCCVtFmy9nVaVnyih6hzZRfYgawh8=
Subject key identifier:   C8:64:4B:D8:22:69:9D:EC:95:47:37:5E:1A:4B:41:3D:F8:64:0A:1D
Authority key identifier: 2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9
Certificate issuer:       /CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
Certificate serial:       019A71B85D43A494F6C2B23FCCEC409D098B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
Manifest number:          0B98
Signing time:             Tue 11 Nov 2025 07:01:39 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:39 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:39 +0000
Files and hashes:         1: LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl (hash: bp0Qzd2WlgZk3J121Soqs78Us/2YnLMmCOb7hFmE2us=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:5d:43:a4:94:f6:c2:b2:3f:cc:ec:40:9d:09:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
        Validity
            Not Before: Nov 11 07:01:39 2025 GMT
            Not After : Nov 12 07:01:39 2025 GMT
        Subject: CN=c8644bd822699dec9547375e1a4b413df8640a1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ed:23:97:4e:69:a0:bf:9b:1a:6c:21:45:0a:
                    c1:51:72:e3:e2:da:63:b2:19:9a:a8:ad:f3:1b:f5:
                    2d:da:46:b3:73:07:38:b5:47:a3:62:5c:ab:a9:db:
                    b0:85:4d:88:ad:f7:d4:6f:68:07:98:40:d1:95:5f:
                    55:0c:ad:a9:ff:50:e3:e8:d1:61:34:d0:87:ad:58:
                    dd:59:24:81:9a:8f:46:5e:00:ce:83:fb:22:d2:17:
                    b7:26:0f:5e:d8:55:57:63:52:c2:4c:9e:0b:bf:1d:
                    42:f3:b6:c4:4e:87:60:17:84:9f:7c:01:81:17:48:
                    b6:05:2a:71:95:37:97:08:a5:67:84:b4:71:58:0c:
                    51:49:9c:a6:2b:ef:22:77:da:b3:9e:3e:8e:fe:12:
                    47:eb:04:57:18:59:bb:db:a5:b4:e2:6f:17:5d:1d:
                    2c:86:2f:ad:34:c9:da:45:24:ae:4f:a3:81:26:e7:
                    da:fe:23:67:8e:f5:4f:47:f8:ea:d5:67:5e:35:26:
                    ca:cf:96:49:42:35:a0:12:a8:45:ac:e2:16:94:b8:
                    ae:fe:89:af:47:f0:70:98:30:26:15:5a:5f:14:b7:
                    2b:75:5d:3e:b3:6f:52:e0:dd:27:ea:3d:53:1d:93:
                    0d:f3:c3:f8:26:db:24:d3:fe:a3:9e:e9:3d:bc:a0:
                    f4:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:64:4B:D8:22:69:9D:EC:95:47:37:5E:1A:4B:41:3D:F8:64:0A:1D
            X509v3 Authority Key Identifier:
                keyid:2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:c4:d2:4d:96:66:12:73:3c:7c:3e:f0:f2:99:49:b1:9d:d3:
         28:34:e3:5d:bd:5a:07:7b:0b:59:ea:22:f2:42:f7:ab:7a:dc:
         46:98:3f:71:55:6a:1c:fb:64:14:6d:c0:2f:2c:ec:9d:0d:a7:
         e8:fb:92:a0:05:c8:a3:08:08:ab:75:53:70:3f:2f:fa:a1:fb:
         d8:84:ee:4d:0e:d1:b1:4d:c9:8a:86:16:1e:54:4c:47:fe:05:
         7a:b1:82:82:5c:c9:1d:80:1e:f6:c5:5c:89:c6:45:fc:54:b3:
         f5:b4:0b:74:14:8a:83:28:6d:6a:ea:34:7e:a0:4d:df:92:50:
         99:be:6f:43:73:c8:4d:0a:f6:74:49:ba:8d:36:d1:c1:d8:c9:
         8b:99:b5:b8:ec:28:2a:dd:3b:ab:fe:d4:83:61:fa:5d:f9:a5:
         ef:4b:88:60:99:55:4c:66:c0:d7:6b:e2:a9:c2:66:3c:4d:82:
         01:80:a1:b5:a8:66:3b:df:e5:6a:89:c0:c0:dc:d7:7c:5a:36:
         76:2b:1d:bf:a1:d7:3b:a8:b3:3c:47:ec:e0:fe:d5:20:75:17:
         d1:f8:6b:79:9f:27:7d:54:85:1e:5b:a1:6b:9d:4b:90:7b:d5:
         67:90:48:67:46:0a:f1:d1:12:6e:56:ba:1d:0d:12:9b:c2:ba:
         fe:5e:82:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuF1DpJT2wrI/zOxAnQmLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzE2MzEyYWQyYjIxYWE5YTA0ODExZjYyYWQwMzZiZjY4
ODg1ZDkwHhcNMjUxMTExMDcwMTM5WhcNMjUxMTEyMDcwMTM5WjAzMTEwLwYDVQQD
EyhjODY0NGJkODIyNjk5ZGVjOTU0NzM3NWUxYTRiNDEzZGY4NjQwYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmu0jl05poL+bGmwhRQrBUXLj4tpj
shmaqK3zG/Ut2kazcwc4tUejYlyrqduwhU2IrffUb2gHmEDRlV9VDK2p/1Dj6NFh
NNCHrVjdWSSBmo9GXgDOg/si0he3Jg9e2FVXY1LCTJ4Lvx1C87bETodgF4SffAGB
F0i2BSpxlTeXCKVnhLRxWAxRSZymK+8id9qznj6O/hJH6wRXGFm726W04m8XXR0s
hi+tNMnaRSSuT6OBJufa/iNnjvVPR/jq1WdeNSbKz5ZJQjWgEqhFrOIWlLiu/omv
R/BwmDAmFVpfFLcrdV0+s29S4N0n6j1THZMN88P4Jtsk0/6jnuk9vKD0kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMhkS9giaZ3slUc3XhpLQT34ZAodMB8GA1UdIwQY
MBaAFC4xYxKtKyGqmgSBH2KtA2v2iIXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQt
M2I0NzY2NmQxMzY1LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQtM2I0NzY2NmQxMzY1
LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAesTSTZZm
EnM8fD7w8plJsZ3TKDTjXb1aB3sLWeoi8kL3q3rcRpg/cVVqHPtkFG3ALyzsnQ2n
6PuSoAXIowgIq3VTcD8v+qH72ITuTQ7RsU3JioYWHlRMR/4FerGCglzJHYAe9sVc
icZF/FSz9bQLdBSKgyhtauo0fqBN35JQmb5vQ3PITQr2dEm6jTbRwdjJi5m1uOwo
Kt07q/7Ug2H6Xfml70uIYJlVTGbA12viqcJmPE2CAYChtahmO9/laonAwNzXfFo2
disdv6HXO6izPEfs4P7VIHUX0fhreZ8nfVSFHluha51LkHvVZ5BIZ0YK8dESbla6
HQ0Sm8K6/l6CtQ==
-----END CERTIFICATE-----