Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
File:                     LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft (raw, json)
Hash identifier:          uDnLEvptJ+RHvng/lzYXd8L+CDcXiob8fftzy9PK0xY=
Subject key identifier:   D2:1B:4D:47:8C:74:4E:A0:C6:C0:88:A9:8D:9E:DB:90:1A:C2:6F:8A
Authority key identifier: 2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43
Certificate issuer:       /CN=2c9822008d9cc7012d6030429b28d858dbbaca43
Certificate serial:       019DA48B39C4F1D20F1EEB3692C6AEC6547E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
Manifest number:          1027
Signing time:             Sun 19 Apr 2026 07:01:20 +0000
Manifest this update:     Sun 19 Apr 2026 07:01:20 +0000
Manifest next update:     Mon 20 Apr 2026 07:01:20 +0000
Files and hashes:         1: LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl (hash: vSvRZnDzBKMl8Dm+xpLrW619W3Xe8ioBbaAxSjfET60=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8b:39:c4:f1:d2:0f:1e:eb:36:92:c6:ae:c6:54:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c9822008d9cc7012d6030429b28d858dbbaca43
        Validity
            Not Before: Apr 19 07:01:20 2026 GMT
            Not After : Apr 20 07:01:20 2026 GMT
        Subject: CN=d21b4d478c744ea0c6c088a98d9edb901ac26f8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:97:0a:20:f2:4d:7a:da:8c:58:91:27:1b:8b:
                    85:13:e1:06:85:8f:55:13:9d:69:a0:47:08:91:64:
                    6b:cc:36:4b:bc:31:96:8a:79:39:80:19:a7:5f:3c:
                    06:1d:22:52:e1:91:ee:31:78:4e:dc:4f:9d:4b:b8:
                    ed:35:83:67:e5:8f:97:aa:ca:19:31:9b:8d:44:bf:
                    50:88:c7:d4:fb:ac:62:3a:e3:9d:09:02:8c:17:d5:
                    c8:6a:a4:00:00:08:f7:ab:a3:e6:b0:76:20:df:ca:
                    57:a2:cb:b8:3c:45:c3:2a:c0:7f:14:75:cc:85:df:
                    4d:a4:17:ff:8c:90:b7:89:ff:5b:0d:41:cc:98:10:
                    1d:8b:50:01:21:fa:ab:77:1f:61:21:d9:7f:fb:31:
                    08:b1:7b:99:39:6d:dd:fe:0c:e1:00:9e:7f:96:7d:
                    e8:97:b3:57:92:2e:f3:1a:1b:7d:7e:2f:15:2c:00:
                    d0:5c:a5:64:db:3a:c1:05:bd:34:17:35:3c:6f:cb:
                    43:e5:0f:7a:29:94:92:71:8c:b4:73:ab:e1:ed:86:
                    50:1a:d9:01:9e:12:a9:4d:90:62:6c:d8:78:45:a4:
                    06:91:cf:21:91:23:b4:e2:b4:da:70:46:7c:16:ff:
                    27:0e:22:57:7c:0a:e8:18:1f:54:07:9c:6a:93:40:
                    3d:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:1B:4D:47:8C:74:4E:A0:C6:C0:88:A9:8D:9E:DB:90:1A:C2:6F:8A
            X509v3 Authority Key Identifier:
                keyid:2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:e3:0d:4e:7d:cb:6d:38:e8:fe:b7:b9:f4:94:33:3c:c1:41:
         d2:18:e9:dd:43:14:64:92:36:99:4d:38:1c:7b:1d:be:d4:81:
         19:dd:6a:66:19:17:46:ea:d3:b2:a6:26:d4:16:17:a4:35:e6:
         b2:d9:54:d0:6a:2c:d1:6c:72:50:68:c3:70:ca:eb:1f:e3:f3:
         69:89:4e:50:a5:41:f6:4c:cc:33:e2:b1:c6:e2:7c:f5:fb:69:
         db:b7:e3:70:be:1d:2b:4e:91:fe:1b:ba:13:01:39:c8:20:58:
         10:f0:a6:4f:9b:56:e2:62:1b:fe:e1:c8:9b:3f:2f:98:b4:35:
         2e:d3:4a:8b:0a:de:86:3a:42:3a:36:0a:80:73:4b:a7:18:82:
         e2:91:ec:05:9f:2c:4a:16:f7:33:a7:d5:d2:57:ba:bd:9b:3f:
         91:7f:c7:8a:60:b4:d2:bf:b8:f5:a4:19:8b:0a:60:42:4d:06:
         ac:e2:c7:ab:88:d8:62:d6:69:5b:63:0a:d1:45:fa:f3:5d:f0:
         b4:79:fe:08:4a:98:ab:61:3f:7d:3d:ca:47:74:f7:7d:c9:e3:
         36:03:f5:fc:87:b4:05:0f:f7:bf:50:b0:5b:3b:f5:8f:44:d5:
         3c:be:e7:c6:75:77:54:c7:fa:1f:c1:cd:62:4f:c2:f9:b5:ba:
         84:90:0b:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kiznE8dIPHus2ksauxlR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTgyMjAwOGQ5Y2M3MDEyZDYwMzA0MjliMjhkODU4ZGJi
YWNhNDMwHhcNMjYwNDE5MDcwMTIwWhcNMjYwNDIwMDcwMTIwWjAzMTEwLwYDVQQD
EyhkMjFiNGQ0NzhjNzQ0ZWEwYzZjMDg4YTk4ZDllZGI5MDFhYzI2ZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3pcKIPJNetqMWJEnG4uFE+EGhY9V
E51poEcIkWRrzDZLvDGWink5gBmnXzwGHSJS4ZHuMXhO3E+dS7jtNYNn5Y+XqsoZ
MZuNRL9QiMfU+6xiOuOdCQKMF9XIaqQAAAj3q6PmsHYg38pXosu4PEXDKsB/FHXM
hd9NpBf/jJC3if9bDUHMmBAdi1ABIfqrdx9hIdl/+zEIsXuZOW3d/gzhAJ5/ln3o
l7NXki7zGht9fi8VLADQXKVk2zrBBb00FzU8b8tD5Q96KZSScYy0c6vh7YZQGtkB
nhKpTZBibNh4RaQGkc8hkSO04rTacEZ8Fv8nDiJXfAroGB9UB5xqk0A9mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIbTUeMdE6gxsCIqY2e25Aawm+KMB8GA1UdIwQY
MBaAFCyYIgCNnMcBLWAwQpso2FjbuspDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYt
NDFjYTJkM2FhZTcxLzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYtNDFjYTJkM2FhZTcx
LzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP+MNTn3L
bTjo/re59JQzPMFB0hjp3UMUZJI2mU04HHsdvtSBGd1qZhkXRurTsqYm1BYXpDXm
stlU0Gos0WxyUGjDcMrrH+PzaYlOUKVB9kzMM+KxxuJ89ftp27fjcL4dK06R/hu6
EwE5yCBYEPCmT5tW4mIb/uHImz8vmLQ1LtNKiwrehjpCOjYKgHNLpxiC4pHsBZ8s
Shb3M6fV0le6vZs/kX/HimC00r+49aQZiwpgQk0GrOLHq4jYYtZpW2MK0UX6813w
tHn+CEqYq2E/fT3KR3T3fcnjNgP1/Ie0BQ/3v1CwWzv1j0TVPL7nxnV3VMf6H8HN
Yk/C+bW6hJALkA==
-----END CERTIFICATE-----