Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
File:                     LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft (raw, json)
Hash identifier:          Yo0X1nnKb547c8tH+8n2BKIiL8dn71RM0JJtNIqzv7M=
Subject key identifier:   97:9B:92:73:55:0E:E6:18:E7:AC:F0:C3:72:C9:85:38:6A:8E:1D:D9
Authority key identifier: 2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43
Certificate issuer:       /CN=2c9822008d9cc7012d6030429b28d858dbbaca43
Certificate serial:       019776E55605F97F906B8C3B033F070E1725
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
Manifest number:          0CF4
Signing time:             Mon 16 Jun 2025 04:00:30 +0000
Manifest this update:     Mon 16 Jun 2025 04:00:30 +0000
Manifest next update:     Tue 17 Jun 2025 04:00:30 +0000
Files and hashes:         1: LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl (hash: O7BVUTzaf98pualfPjmEukrgmdjKibg6N6EGmrp42sg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 04:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:76:e5:56:05:f9:7f:90:6b:8c:3b:03:3f:07:0e:17:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c9822008d9cc7012d6030429b28d858dbbaca43
        Validity
            Not Before: Jun 16 04:00:30 2025 GMT
            Not After : Jun 17 04:00:30 2025 GMT
        Subject: CN=979b9273550ee618e7acf0c372c985386a8e1dd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:64:fc:cb:c1:df:88:83:fc:f3:96:f1:bb:18:
                    1a:0f:69:06:8a:50:1a:a0:1c:46:9e:c4:2e:91:49:
                    fd:a6:50:1f:da:ef:89:f1:63:7f:07:a1:63:14:bd:
                    da:65:41:93:b0:b2:a1:f7:bb:e4:b7:a7:c8:d7:9c:
                    bd:b9:65:bd:0a:b0:64:b6:b4:a1:4b:5a:cd:00:7e:
                    44:00:da:95:8c:fe:f5:e5:61:be:33:bf:f3:61:84:
                    85:1b:48:f5:71:b9:41:07:b7:1b:ee:ed:48:17:3f:
                    20:a4:98:8d:8a:a8:de:e6:96:28:9f:14:11:f1:39:
                    a1:0c:fd:1e:c2:9e:f1:31:7e:86:5c:51:b4:4e:f8:
                    91:03:12:e1:10:0c:36:7b:65:aa:21:ea:ce:56:21:
                    7f:f5:7b:61:db:27:68:20:20:06:e4:05:4e:a1:f4:
                    92:c6:a1:92:d9:ee:e3:75:0e:5b:b1:fe:87:4e:93:
                    ce:ab:99:41:c7:03:cb:0e:2a:b4:a9:01:20:70:bb:
                    02:af:8f:03:89:f0:fb:52:a1:b8:12:b0:7f:74:e8:
                    f5:f6:a4:f6:a3:74:9c:9b:a7:ea:12:bf:55:68:1d:
                    5e:ae:90:ef:2d:86:1e:a5:d4:59:dd:bb:c1:96:47:
                    d6:fd:65:a2:26:7f:35:d8:f4:52:77:b0:95:c6:b0:
                    7c:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:9B:92:73:55:0E:E6:18:E7:AC:F0:C3:72:C9:85:38:6A:8E:1D:D9
            X509v3 Authority Key Identifier:
                keyid:2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:22:03:76:75:01:2b:51:8a:a2:83:cd:4d:29:c9:7b:59:e8:
         90:5e:43:f5:64:19:1b:64:c8:0a:28:10:ba:76:2f:87:3a:2b:
         78:d3:20:0a:04:0f:ed:cd:b9:f4:f5:9b:36:80:e2:5b:10:de:
         68:36:e2:2c:25:95:c5:9b:5b:bd:58:c2:a6:5d:9e:aa:b4:d3:
         86:ec:fd:71:ee:ff:a2:98:fd:85:73:2b:8b:da:79:f7:df:eb:
         40:66:cf:56:83:3b:c3:5d:a2:e8:cf:7a:a1:fa:ee:45:e5:0e:
         36:1d:3b:9f:69:0e:85:e1:6f:71:3c:27:3a:ad:f7:55:4f:ac:
         37:f4:de:86:d4:0c:45:0a:9a:18:0a:30:6f:e3:95:31:02:a4:
         2e:bd:da:b9:6f:5b:d2:10:4b:eb:1c:19:f3:5d:e6:c5:52:94:
         05:90:cb:04:af:3d:3c:05:94:8d:a4:54:75:a3:c5:64:18:1c:
         eb:28:5c:2e:02:73:38:54:c5:f2:b8:07:94:59:08:a9:ec:99:
         f4:9d:01:b4:74:70:79:64:1b:7e:ff:c1:9f:9f:f1:b6:6c:60:
         ce:c1:21:60:c7:cb:84:84:45:9a:77:52:f1:a0:4b:89:40:48:
         d8:8a:2d:2b:7d:11:b2:ce:1b:7f:1f:d9:d7:fd:ba:78:4c:cc:
         59:3d:fe:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd25VYF+X+Qa4w7Az8HDhclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTgyMjAwOGQ5Y2M3MDEyZDYwMzA0MjliMjhkODU4ZGJi
YWNhNDMwHhcNMjUwNjE2MDQwMDMwWhcNMjUwNjE3MDQwMDMwWjAzMTEwLwYDVQQD
Eyg5NzliOTI3MzU1MGVlNjE4ZTdhY2YwYzM3MmM5ODUzODZhOGUxZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGT8y8HfiIP885bxuxgaD2kGilAa
oBxGnsQukUn9plAf2u+J8WN/B6FjFL3aZUGTsLKh97vkt6fI15y9uWW9CrBktrSh
S1rNAH5EANqVjP715WG+M7/zYYSFG0j1cblBB7cb7u1IFz8gpJiNiqje5pYonxQR
8TmhDP0ewp7xMX6GXFG0TviRAxLhEAw2e2WqIerOViF/9Xth2ydoICAG5AVOofSS
xqGS2e7jdQ5bsf6HTpPOq5lBxwPLDiq0qQEgcLsCr48DifD7UqG4ErB/dOj19qT2
o3Scm6fqEr9VaB1erpDvLYYepdRZ3bvBlkfW/WWiJn812PRSd7CVxrB8MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJebknNVDuYY56zww3LJhThqjh3ZMB8GA1UdIwQY
MBaAFCyYIgCNnMcBLWAwQpso2FjbuspDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYt
NDFjYTJkM2FhZTcxLzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYtNDFjYTJkM2FhZTcx
LzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiiIDdnUB
K1GKooPNTSnJe1nokF5D9WQZG2TICigQunYvhzoreNMgCgQP7c259PWbNoDiWxDe
aDbiLCWVxZtbvVjCpl2eqrTThuz9ce7/opj9hXMri9p599/rQGbPVoM7w12i6M96
ofruReUONh07n2kOheFvcTwnOq33VU+sN/TehtQMRQqaGAowb+OVMQKkLr3auW9b
0hBL6xwZ813mxVKUBZDLBK89PAWUjaRUdaPFZBgc6yhcLgJzOFTF8rgHlFkIqeyZ
9J0BtHRweWQbfv/Bn5/xtmxgzsEhYMfLhIRFmndS8aBLiUBI2IotK30Rss4bfx/Z
1/26eEzMWT3+Zw==
-----END CERTIFICATE-----