Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
File:                     LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft (raw, json)
Hash identifier:          KGW8v5ug6soAqPrwOPibsyVr2kSEB2Gvg1VcmHTjxjU=
Subject key identifier:   2C:9E:1D:34:13:67:2F:BE:47:4D:E4:E7:C7:71:30:C2:EE:E9:85:E3
Authority key identifier: 2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9
Certificate issuer:       /CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
Certificate serial:       0198D660E1B2FE6029EBAB6D9967C3B83E7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
Manifest number:          0AC3
Signing time:             Sat 23 Aug 2025 10:02:10 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:10 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:10 +0000
Files and hashes:         1: LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl (hash: co1b0f8An1EnUdwCT2nUvyHZATWXsMSi3zKGim0HDCE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:e1:b2:fe:60:29:eb:ab:6d:99:67:c3:b8:3e:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
        Validity
            Not Before: Aug 23 10:02:10 2025 GMT
            Not After : Aug 24 10:02:10 2025 GMT
        Subject: CN=2c9e1d3413672fbe474de4e7c77130c2eee985e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:12:c0:d1:86:6b:2d:42:68:d9:00:9e:44:a9:
                    30:f8:00:9f:89:cd:6e:2a:b0:d0:4b:a0:70:f8:ab:
                    d8:a8:9f:1d:32:c6:60:5f:81:95:aa:99:53:4e:40:
                    aa:12:01:14:4c:7b:d1:b8:71:00:28:a6:3c:c3:37:
                    5f:71:f9:18:ff:35:22:6f:b7:d5:1c:52:e2:11:76:
                    85:49:cd:6e:3b:33:ab:25:67:7e:0b:cb:45:7a:6a:
                    97:97:6a:4b:c6:96:50:4b:d4:f2:ed:39:8f:cf:21:
                    9d:75:9d:ac:8d:4c:37:98:7f:7b:73:5a:12:ff:be:
                    b5:1f:17:18:0f:ca:c4:00:7e:fa:68:84:5c:af:8b:
                    30:82:50:91:61:17:30:1a:b6:7b:08:1d:af:93:2d:
                    20:3f:e6:6b:8b:1e:f2:e5:87:a4:5b:d3:92:84:2e:
                    04:8b:08:e5:3a:a5:37:1d:f8:1b:fb:64:d8:4b:f9:
                    14:56:8d:c9:0c:95:ba:5a:4a:ef:7f:8d:8f:50:76:
                    f4:97:6e:c2:d4:7d:af:ea:b0:45:8b:b6:90:5e:f3:
                    ca:39:72:a6:aa:eb:88:ab:f3:a0:c4:79:f8:01:21:
                    d9:75:8c:8b:1e:b2:f2:35:e3:f4:1e:17:c6:99:bc:
                    94:2e:7a:f4:7b:f1:a6:79:82:2c:86:cb:bd:e3:a7:
                    87:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:9E:1D:34:13:67:2F:BE:47:4D:E4:E7:C7:71:30:C2:EE:E9:85:E3
            X509v3 Authority Key Identifier:
                keyid:2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:6e:73:63:08:de:78:e9:a1:c4:ac:fb:99:92:95:86:6f:b7:
         a0:19:85:c2:ce:d7:b2:61:bb:23:74:59:47:5c:28:9e:eb:17:
         72:aa:30:1e:48:71:a7:98:1c:3c:a7:85:14:8f:a5:33:0b:e6:
         4c:9f:ad:c2:56:35:c7:24:2c:2d:bd:4b:77:a6:69:d5:63:d6:
         f8:7a:5a:c5:5d:27:5d:2f:60:d1:a7:86:ff:77:c5:83:d8:c0:
         a6:c9:13:49:79:2f:e8:79:a9:ed:64:b9:7f:4b:e2:35:3d:70:
         84:db:a7:d7:3b:48:b5:5c:cd:7d:bf:fc:d8:53:af:d1:c2:2b:
         3c:1f:7b:68:1a:3c:b2:82:1c:e5:c5:e7:82:97:ea:d1:ef:b1:
         99:22:27:99:bc:f8:d2:d9:b8:f4:b7:a9:ce:a2:5f:a1:80:27:
         9c:57:cf:8d:21:0a:7b:22:bc:24:50:b4:f9:d8:27:32:51:1c:
         c1:ee:b8:72:c6:aa:0e:7a:15:33:8b:56:18:1c:ca:9d:f5:20:
         98:42:85:6a:e7:7c:c2:48:40:fb:ae:62:0e:4d:c4:8c:ba:84:
         b4:09:db:13:ec:75:69:af:d3:8c:7e:93:2c:5d:22:d4:8f:3b:
         d8:f4:b0:55:d8:c5:44:e5:39:1f:41:03:26:d3:a2:e2:44:b5:
         17:16:66:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYOGy/mAp66ttmWfDuD57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzE2MzEyYWQyYjIxYWE5YTA0ODExZjYyYWQwMzZiZjY4
ODg1ZDkwHhcNMjUwODIzMTAwMjEwWhcNMjUwODI0MTAwMjEwWjAzMTEwLwYDVQQD
EygyYzllMWQzNDEzNjcyZmJlNDc0ZGU0ZTdjNzcxMzBjMmVlZTk4NWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRLA0YZrLUJo2QCeRKkw+ACfic1u
KrDQS6Bw+KvYqJ8dMsZgX4GVqplTTkCqEgEUTHvRuHEAKKY8wzdfcfkY/zUib7fV
HFLiEXaFSc1uOzOrJWd+C8tFemqXl2pLxpZQS9Ty7TmPzyGddZ2sjUw3mH97c1oS
/761HxcYD8rEAH76aIRcr4swglCRYRcwGrZ7CB2vky0gP+Zrix7y5YekW9OShC4E
iwjlOqU3Hfgb+2TYS/kUVo3JDJW6Wkrvf42PUHb0l27C1H2v6rBFi7aQXvPKOXKm
quuIq/OgxHn4ASHZdYyLHrLyNeP0HhfGmbyULnr0e/GmeYIshsu946eHTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCyeHTQTZy++R03k58dxMMLu6YXjMB8GA1UdIwQY
MBaAFC4xYxKtKyGqmgSBH2KtA2v2iIXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQt
M2I0NzY2NmQxMzY1LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQtM2I0NzY2NmQxMzY1
LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWm5zYwje
eOmhxKz7mZKVhm+3oBmFws7XsmG7I3RZR1wonusXcqowHkhxp5gcPKeFFI+lMwvm
TJ+twlY1xyQsLb1Ld6Zp1WPW+HpaxV0nXS9g0aeG/3fFg9jApskTSXkv6Hmp7WS5
f0viNT1whNun1ztItVzNfb/82FOv0cIrPB97aBo8soIc5cXngpfq0e+xmSInmbz4
0tm49LepzqJfoYAnnFfPjSEKeyK8JFC0+dgnMlEcwe64csaqDnoVM4tWGBzKnfUg
mEKFaud8wkhA+65iDk3EjLqEtAnbE+x1aa/TjH6TLF0i1I872PSwVdjFROU5H0ED
JtOi4kS1FxZm+A==
-----END CERTIFICATE-----