Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
File:                     LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft (raw, json)
Hash identifier:          ZGwT8ewPE+W47QplocWTnXtleayL+YHpJLUWtk09Rrg=
Subject key identifier:   A9:EA:E7:D1:7A:52:83:A4:B1:8B:52:57:2B:5F:CC:03:E1:B0:2F:F6
Authority key identifier: 2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43
Certificate issuer:       /CN=2c9822008d9cc7012d6030429b28d858dbbaca43
Certificate serial:       019873E3F136E7991EC7B95D2C214C3E2A8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
Manifest number:          0D77
Signing time:             Mon 04 Aug 2025 07:02:54 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:54 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:54 +0000
Files and hashes:         1: LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl (hash: odBwBsc/Txqvv+2te7pwBVTKgczczB+Onh5AVYpeYyg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:f1:36:e7:99:1e:c7:b9:5d:2c:21:4c:3e:2a:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c9822008d9cc7012d6030429b28d858dbbaca43
        Validity
            Not Before: Aug  4 07:02:54 2025 GMT
            Not After : Aug  5 07:02:54 2025 GMT
        Subject: CN=a9eae7d17a5283a4b18b52572b5fcc03e1b02ff6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:b0:b4:73:0f:70:dd:43:06:20:d1:ca:19:0b:
                    c5:0e:56:e0:2d:c0:e3:51:f6:82:54:5b:f5:96:52:
                    99:c3:04:0d:c6:71:ff:54:8d:d5:56:76:7b:9e:c8:
                    4d:85:77:73:9c:65:fa:36:9e:eb:67:67:de:d8:ea:
                    0e:d8:64:c1:d6:60:25:35:ee:c7:e1:b1:ec:8c:8d:
                    35:1f:7b:80:57:f0:bd:af:19:d4:0c:12:ec:69:80:
                    ca:3d:31:ba:db:1a:cf:97:18:26:65:c2:83:87:c2:
                    05:75:09:60:1f:b1:2e:a1:ff:d0:6f:20:31:41:e1:
                    3e:c1:a8:32:b4:af:b0:1e:ee:3b:df:0c:ee:ae:41:
                    e7:9f:94:8f:2d:39:de:5f:55:17:9b:75:36:df:7b:
                    6a:72:8d:76:ea:32:de:48:d4:49:cf:df:a2:1c:57:
                    3a:a7:8a:82:c4:28:ee:44:30:60:d4:00:89:8a:f6:
                    9e:81:de:19:6c:ab:a5:7c:82:c5:08:d4:82:d4:a4:
                    9d:a7:56:22:f6:82:fb:a5:fa:de:8a:a8:cd:d5:3b:
                    57:04:0e:6a:5c:f5:82:b2:b3:21:7b:55:8d:df:76:
                    7b:42:c8:8d:d5:3b:0c:0e:36:b4:1c:06:39:bd:e2:
                    b2:6f:3c:9e:b1:42:f7:be:34:a9:09:81:46:9d:38:
                    0a:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:EA:E7:D1:7A:52:83:A4:B1:8B:52:57:2B:5F:CC:03:E1:B0:2F:F6
            X509v3 Authority Key Identifier:
                keyid:2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:17:31:fe:8d:f5:7a:66:7b:ae:2a:30:53:6e:14:16:d3:e3:
         20:7e:87:68:62:f8:e6:d8:47:ef:df:ff:1b:b6:d4:7c:f7:30:
         c1:59:57:4a:f7:c7:58:51:75:5f:81:98:cc:cc:8d:c2:a6:45:
         1b:d1:a0:c5:85:81:1c:e8:24:50:30:29:10:0e:cf:02:b3:cc:
         1e:0c:91:b6:4d:e5:1a:5d:aa:a4:88:ec:ba:61:d7:27:5a:7d:
         15:82:88:44:ef:73:5c:33:f7:10:45:39:81:26:dd:4d:21:95:
         15:1c:18:d5:6c:0d:d5:e4:94:3b:38:c0:5e:90:e5:38:ee:da:
         a5:11:01:c5:9c:a6:be:51:74:65:5a:02:c2:62:e4:96:00:41:
         f4:23:fb:82:a7:16:9b:e0:fe:fc:09:95:2c:1d:59:b9:2c:b9:
         16:3c:ad:2f:b9:52:af:76:81:03:9e:63:5e:da:ad:89:34:da:
         a9:cf:bb:7a:56:76:dd:8f:ac:97:99:5e:eb:8b:56:10:d6:dd:
         a3:05:b1:f8:17:f8:77:0c:31:65:02:43:88:38:f0:ab:8a:7d:
         fc:41:62:68:ec:92:3f:5e:f1:ac:a6:e2:fe:76:b0:d8:54:e8:
         02:2a:8a:7a:2e:a8:01:a4:7a:e4:77:36:ce:c8:af:75:62:71:
         6f:74:be:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4/E255kex7ldLCFMPiqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTgyMjAwOGQ5Y2M3MDEyZDYwMzA0MjliMjhkODU4ZGJi
YWNhNDMwHhcNMjUwODA0MDcwMjU0WhcNMjUwODA1MDcwMjU0WjAzMTEwLwYDVQQD
EyhhOWVhZTdkMTdhNTI4M2E0YjE4YjUyNTcyYjVmY2MwM2UxYjAyZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLC0cw9w3UMGINHKGQvFDlbgLcDj
UfaCVFv1llKZwwQNxnH/VI3VVnZ7nshNhXdznGX6Np7rZ2fe2OoO2GTB1mAlNe7H
4bHsjI01H3uAV/C9rxnUDBLsaYDKPTG62xrPlxgmZcKDh8IFdQlgH7Euof/QbyAx
QeE+wagytK+wHu473wzurkHnn5SPLTneX1UXm3U233tqco126jLeSNRJz9+iHFc6
p4qCxCjuRDBg1ACJivaegd4ZbKulfILFCNSC1KSdp1Yi9oL7pfreiqjN1TtXBA5q
XPWCsrMhe1WN33Z7QsiN1TsMDja0HAY5veKybzyesUL3vjSpCYFGnTgK4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKnq59F6UoOksYtSVytfzAPhsC/2MB8GA1UdIwQY
MBaAFCyYIgCNnMcBLWAwQpso2FjbuspDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYt
NDFjYTJkM2FhZTcxLzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYtNDFjYTJkM2FhZTcx
LzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaBcx/o31
emZ7riowU24UFtPjIH6HaGL45thH79//G7bUfPcwwVlXSvfHWFF1X4GYzMyNwqZF
G9GgxYWBHOgkUDApEA7PArPMHgyRtk3lGl2qpIjsumHXJ1p9FYKIRO9zXDP3EEU5
gSbdTSGVFRwY1WwN1eSUOzjAXpDlOO7apREBxZymvlF0ZVoCwmLklgBB9CP7gqcW
m+D+/AmVLB1ZuSy5FjytL7lSr3aBA55jXtqtiTTaqc+7elZ23Y+sl5le64tWENbd
owWx+Bf4dwwxZQJDiDjwq4p9/EFiaOySP17xrKbi/naw2FToAiqKei6oAaR65Hc2
zsivdWJxb3S+uw==
-----END CERTIFICATE-----