Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
File:                     LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft (raw, json)
Hash identifier:          wocfWwIeCvg2mCA0gvk3DNRsYW2VhGqzBmpVx+H/iAE=
Subject key identifier:   F7:61:6A:9F:B9:71:A7:45:FD:E8:AC:A0:C1:5B:46:97:14:4F:6D:1B
Authority key identifier: 2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43
Certificate issuer:       /CN=2c9822008d9cc7012d6030429b28d858dbbaca43
Certificate serial:       019CAD595DF07C3CFD1AEDD916523B579E14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
Manifest number:          0FA7
Signing time:             Mon 02 Mar 2026 07:00:40 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:40 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:40 +0000
Files and hashes:         1: LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl (hash: tZF6Ibq8qm8woDW4KySinLyXuPZ/sR42bGiRT9Gs5/k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:5d:f0:7c:3c:fd:1a:ed:d9:16:52:3b:57:9e:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c9822008d9cc7012d6030429b28d858dbbaca43
        Validity
            Not Before: Mar  2 07:00:40 2026 GMT
            Not After : Mar  3 07:00:40 2026 GMT
        Subject: CN=f7616a9fb971a745fde8aca0c15b4697144f6d1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:83:0c:e0:ef:1c:dd:90:f0:1b:09:b3:74:10:
                    80:e0:70:14:35:be:c9:71:4d:17:c4:95:d2:e0:cb:
                    93:b1:1e:22:f5:64:d0:63:a4:bc:9f:f2:5e:c0:0b:
                    4e:64:d9:65:9f:94:2e:20:37:dd:f9:ef:d2:11:d4:
                    b2:ac:65:e8:ed:00:7f:e4:df:08:b4:5a:bb:98:16:
                    1b:fd:cd:a5:f3:0a:aa:aa:77:32:42:a9:0d:b4:b4:
                    f8:b8:5e:94:bc:ec:53:0c:c0:85:26:b6:c2:23:68:
                    94:e7:4c:c8:11:84:96:27:78:c1:c9:e0:14:5a:f9:
                    fd:da:66:b3:da:09:f7:2f:b1:c5:4d:51:71:32:00:
                    6a:02:fa:0f:09:41:2d:ab:d6:ee:3e:d2:ce:0c:f9:
                    f9:80:35:3a:5a:b3:87:21:a1:dc:5a:5c:a9:b8:e8:
                    36:84:00:e0:6c:11:45:5b:4c:22:4b:bf:3b:5a:ae:
                    96:97:d7:18:da:19:8d:df:28:5f:5f:0d:cb:c9:57:
                    59:fd:28:42:c7:3d:09:0c:6d:e4:01:4c:c5:8b:0a:
                    96:95:36:50:97:d2:a5:a7:28:36:dd:7b:5a:bc:f7:
                    83:78:5f:7d:2b:38:42:0a:63:fa:c9:17:34:1a:95:
                    47:e4:e9:67:f1:c3:9d:9a:f8:f5:31:78:84:fa:17:
                    b0:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:61:6A:9F:B9:71:A7:45:FD:E8:AC:A0:C1:5B:46:97:14:4F:6D:1B
            X509v3 Authority Key Identifier:
                keyid:2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:01:95:41:05:d6:f0:ba:55:66:34:f2:24:60:a5:03:b1:c3:
         65:59:fd:c4:94:93:1f:66:27:3d:cc:13:21:53:51:aa:42:02:
         cf:27:eb:70:5b:06:7c:86:f2:77:a1:c6:15:df:1d:61:41:9d:
         91:6a:0d:dd:db:51:be:a0:7e:2c:18:cc:15:dc:67:45:43:ba:
         e8:2c:ac:69:59:0d:d0:ce:bb:a5:51:63:5d:3d:ee:55:fe:89:
         31:0a:7d:4f:f0:62:2a:e5:0c:21:98:56:77:fa:b0:5b:90:84:
         e1:64:fc:0a:66:83:fe:48:ef:0e:71:cf:df:29:16:90:64:12:
         80:1a:50:33:c3:88:c8:a9:fb:6a:ef:b9:db:0f:72:9d:37:5b:
         25:2d:90:e7:17:3d:c3:46:1c:b9:5b:03:fc:e7:58:6f:0d:9f:
         c7:94:61:e6:84:3b:3b:94:2a:e5:1a:d6:a5:27:03:a4:a1:81:
         49:a6:1a:5b:73:7a:4a:c4:13:ae:01:c8:cc:da:4f:53:50:b6:
         91:22:01:31:32:58:e2:21:6a:e7:a1:12:4b:84:af:1e:00:5e:
         07:b0:8f:e8:a0:18:b6:36:ac:81:40:1c:d0:b6:35:34:28:d1:
         8b:33:4a:10:67:63:c5:f5:66:9e:ee:bc:18:fb:3b:ad:db:d5:
         4a:09:af:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWV3wfDz9Gu3ZFlI7V54UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTgyMjAwOGQ5Y2M3MDEyZDYwMzA0MjliMjhkODU4ZGJi
YWNhNDMwHhcNMjYwMzAyMDcwMDQwWhcNMjYwMzAzMDcwMDQwWjAzMTEwLwYDVQQD
EyhmNzYxNmE5ZmI5NzFhNzQ1ZmRlOGFjYTBjMTViNDY5NzE0NGY2ZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4MM4O8c3ZDwGwmzdBCA4HAUNb7J
cU0XxJXS4MuTsR4i9WTQY6S8n/JewAtOZNlln5QuIDfd+e/SEdSyrGXo7QB/5N8I
tFq7mBYb/c2l8wqqqncyQqkNtLT4uF6UvOxTDMCFJrbCI2iU50zIEYSWJ3jByeAU
Wvn92maz2gn3L7HFTVFxMgBqAvoPCUEtq9buPtLODPn5gDU6WrOHIaHcWlypuOg2
hADgbBFFW0wiS787Wq6Wl9cY2hmN3yhfXw3LyVdZ/ShCxz0JDG3kAUzFiwqWlTZQ
l9Klpyg23XtavPeDeF99KzhCCmP6yRc0GpVH5Oln8cOdmvj1MXiE+hewMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPdhap+5cadF/eisoMFbRpcUT20bMB8GA1UdIwQY
MBaAFCyYIgCNnMcBLWAwQpso2FjbuspDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYt
NDFjYTJkM2FhZTcxLzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYtNDFjYTJkM2FhZTcx
LzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApQGVQQXW
8LpVZjTyJGClA7HDZVn9xJSTH2YnPcwTIVNRqkICzyfrcFsGfIbyd6HGFd8dYUGd
kWoN3dtRvqB+LBjMFdxnRUO66CysaVkN0M67pVFjXT3uVf6JMQp9T/BiKuUMIZhW
d/qwW5CE4WT8CmaD/kjvDnHP3ykWkGQSgBpQM8OIyKn7au+52w9ynTdbJS2Q5xc9
w0YcuVsD/OdYbw2fx5Rh5oQ7O5Qq5RrWpScDpKGBSaYaW3N6SsQTrgHIzNpPU1C2
kSIBMTJY4iFq56ESS4SvHgBeB7CP6KAYtjasgUAc0LY1NCjRizNKEGdjxfVmnu68
GPs7rdvVSgmvKQ==
-----END CERTIFICATE-----