Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
File:                     LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft (raw, json)
Hash identifier:          XBqiugqygmJTOsDmPdkEwvhF4CbbUc61xgV4hHLfVow=
Subject key identifier:   70:81:C7:1F:6B:0A:CB:EC:87:B4:FA:35:15:5A:E9:F9:BC:FB:22:FC
Authority key identifier: 2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43
Certificate issuer:       /CN=2c9822008d9cc7012d6030429b28d858dbbaca43
Certificate serial:       019677FAA9D481D686F56242D4D177AA5B41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
Manifest number:          0C70
Signing time:             Sun 27 Apr 2025 16:00:38 +0000
Manifest this update:     Sun 27 Apr 2025 16:00:38 +0000
Manifest next update:     Mon 28 Apr 2025 16:00:38 +0000
Files and hashes:         1: LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl (hash: t0TIVClqL9I92QEZGySk3OAVFEAh6QTpB8z+0NBq3tg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fa:a9:d4:81:d6:86:f5:62:42:d4:d1:77:aa:5b:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c9822008d9cc7012d6030429b28d858dbbaca43
        Validity
            Not Before: Apr 27 16:00:38 2025 GMT
            Not After : Apr 28 16:00:38 2025 GMT
        Subject: CN=7081c71f6b0acbec87b4fa35155ae9f9bcfb22fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:c0:eb:40:66:d7:51:28:1c:d0:ae:f7:98:81:
                    38:13:7b:20:04:d0:52:18:aa:51:23:ca:2a:dd:0f:
                    c9:5e:fc:f2:2c:2f:75:a8:04:4f:c4:1a:e3:e8:82:
                    41:66:f1:98:59:6a:5a:0c:f5:79:2b:ea:d8:e2:ca:
                    e3:b6:e9:25:74:51:1f:0b:fd:d5:05:ea:4b:5f:4b:
                    ca:a1:ed:52:cd:7e:1a:8b:71:5e:9c:53:c4:8a:63:
                    77:3e:b1:c4:66:32:9f:4f:3c:06:a6:7d:3a:c3:91:
                    5c:67:ac:fc:d7:46:1c:43:70:dd:76:d0:e1:fe:f0:
                    98:ab:48:69:35:fc:ed:c6:a9:b3:9d:c0:a8:eb:25:
                    28:b5:f1:a5:7f:c7:28:0f:4e:72:a4:9e:59:e4:4a:
                    da:be:2b:ef:e6:26:b3:bc:ec:92:70:21:2a:32:0c:
                    bc:63:fa:c2:4c:9d:ed:92:27:c3:f6:6b:7f:7f:9b:
                    54:9b:4c:d2:20:f9:ce:2f:a2:e4:97:86:69:1a:90:
                    72:f3:ee:3b:cf:33:d6:9e:00:47:1c:b5:0c:a5:6b:
                    1f:0e:7f:50:0f:7b:27:68:82:2c:d7:d8:8a:c6:75:
                    0c:26:a7:06:7f:e2:6a:49:a6:e6:56:d7:2c:11:3c:
                    13:3f:2d:9e:c4:c9:66:58:81:f7:24:b1:fe:03:33:
                    e6:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:81:C7:1F:6B:0A:CB:EC:87:B4:FA:35:15:5A:E9:F9:BC:FB:22:FC
            X509v3 Authority Key Identifier:
                keyid:2C:98:22:00:8D:9C:C7:01:2D:60:30:42:9B:28:D8:58:DB:BA:CA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJgiAI2cxwEtYDBCmyjYWNu6ykM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/50ac12-fd93-4939-a2ef-41ca2d3aae71/1/LJgiAI2cxwEtYDBCmyjYWNu6ykM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:e8:9b:29:df:50:6f:bb:3d:2c:33:35:eb:dc:c0:54:5d:3e:
         c7:fc:bf:dc:70:95:f2:ee:9b:aa:69:00:2f:ef:67:19:80:21:
         3b:5c:a4:19:fa:5b:ef:f7:bd:7f:8c:5a:82:e1:4e:1d:71:43:
         70:96:b0:c6:a9:33:6e:55:d3:c8:e7:4a:cb:05:16:4a:09:84:
         ef:b3:a3:bc:61:22:dc:4a:d4:34:db:38:74:f0:ee:54:92:a2:
         d9:39:03:30:39:a8:7f:14:e5:ca:31:7e:d7:f2:7c:42:32:1b:
         20:2a:1e:c9:11:4d:e4:34:3e:56:a8:d1:33:65:63:72:63:54:
         4a:4e:6b:61:77:8f:2c:8c:12:80:a7:9b:4c:7d:e0:8f:ef:8d:
         f7:aa:6b:61:a1:7f:6e:5a:e0:65:3f:5c:51:8a:7b:00:26:c8:
         55:05:fe:08:a4:dc:4e:15:7b:44:a7:53:d2:0f:65:dd:5a:70:
         4e:3d:8d:9c:77:df:bf:f6:4c:d8:dc:5d:84:a3:71:59:a6:d4:
         b4:9c:a9:74:27:4f:22:1e:21:a6:38:ea:10:81:4e:94:5a:87:
         4a:e8:32:c2:8a:a2:a4:e8:f5:ea:39:bb:d7:a3:96:7e:17:a3:
         eb:07:7b:e1:6f:7c:a9:bf:00:4e:0d:7c:bc:e7:13:6c:d2:a7:
         47:ce:7e:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+qnUgdaG9WJC1NF3qltBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTgyMjAwOGQ5Y2M3MDEyZDYwMzA0MjliMjhkODU4ZGJi
YWNhNDMwHhcNMjUwNDI3MTYwMDM4WhcNMjUwNDI4MTYwMDM4WjAzMTEwLwYDVQQD
Eyg3MDgxYzcxZjZiMGFjYmVjODdiNGZhMzUxNTVhZTlmOWJjZmIyMmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8DrQGbXUSgc0K73mIE4E3sgBNBS
GKpRI8oq3Q/JXvzyLC91qARPxBrj6IJBZvGYWWpaDPV5K+rY4srjtukldFEfC/3V
BepLX0vKoe1SzX4ai3FenFPEimN3PrHEZjKfTzwGpn06w5FcZ6z810YcQ3DddtDh
/vCYq0hpNfztxqmzncCo6yUotfGlf8coD05ypJ5Z5Eravivv5iazvOyScCEqMgy8
Y/rCTJ3tkifD9mt/f5tUm0zSIPnOL6Lkl4ZpGpBy8+47zzPWngBHHLUMpWsfDn9Q
D3snaIIs19iKxnUMJqcGf+JqSabmVtcsETwTPy2exMlmWIH3JLH+AzPmbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHCBxx9rCsvsh7T6NRVa6fm8+yL8MB8GA1UdIwQY
MBaAFCyYIgCNnMcBLWAwQpso2FjbuspDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYt
NDFjYTJkM2FhZTcxLzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81MGFjMTItZmQ5My00OTM5LWEyZWYtNDFjYTJkM2FhZTcx
LzEvTEpnaUFJMmN4d0V0WURCQ215allXTnU2eWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALuibKd9Q
b7s9LDM169zAVF0+x/y/3HCV8u6bqmkAL+9nGYAhO1ykGfpb7/e9f4xaguFOHXFD
cJawxqkzblXTyOdKywUWSgmE77OjvGEi3ErUNNs4dPDuVJKi2TkDMDmofxTlyjF+
1/J8QjIbICoeyRFN5DQ+VqjRM2VjcmNUSk5rYXePLIwSgKebTH3gj++N96prYaF/
blrgZT9cUYp7ACbIVQX+CKTcThV7RKdT0g9l3VpwTj2NnHffv/ZM2NxdhKNxWabU
tJypdCdPIh4hpjjqEIFOlFqHSugywoqipOj16jm716OWfhej6wd74W98qb8ATg18
vOcTbNKnR85+/A==
-----END CERTIFICATE-----