Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
File:                     UgO7TxlYEfjXcjygGgsv-963Whs.mft (raw, json)
Hash identifier:          JToOLWOu/gbdotNCSDLiHDNBhgQsmMbQr+h1F1RUw4I=
Subject key identifier:   D6:7E:4F:47:1D:D0:40:11:4D:D9:53:F7:4E:18:36:DE:50:93:15:64
Authority key identifier: 52:03:BB:4F:19:58:11:F8:D7:72:3C:A0:1A:0B:2F:FB:DE:B7:5A:1B
Certificate issuer:       /CN=5203bb4f195811f8d7723ca01a0b2ffbdeb75a1b
Certificate serial:       0199221E88C15128D90DE5696E7BA6B3A502
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
Manifest number:          02A6
Signing time:             Sun 07 Sep 2025 03:00:50 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:50 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:50 +0000
Files and hashes:         1: UgO7TxlYEfjXcjygGgsv-963Whs.crl (hash: sePzPmmIdbURLJQEMnMFMgY7Y0ZvS2B4vNTC0uhZpds=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:88:c1:51:28:d9:0d:e5:69:6e:7b:a6:b3:a5:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5203bb4f195811f8d7723ca01a0b2ffbdeb75a1b
        Validity
            Not Before: Sep  7 03:00:50 2025 GMT
            Not After : Sep  8 03:00:50 2025 GMT
        Subject: CN=d67e4f471dd040114dd953f74e1836de50931564
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:67:27:8d:04:89:f8:d5:5d:c0:8c:23:63:51:
                    b3:bd:79:29:c9:fc:b0:22:41:92:cd:1f:c3:a2:d9:
                    3d:61:4e:2c:d8:40:58:55:cc:de:ac:65:3f:35:3e:
                    91:f0:5b:ae:9a:bd:49:0f:23:4c:12:6d:54:06:85:
                    77:24:81:46:c4:55:85:02:5a:b7:fe:19:82:42:f5:
                    91:25:e7:ca:f5:66:2d:31:6b:64:69:0b:6d:69:b4:
                    db:bb:a9:e3:6e:9f:a1:9f:49:39:e2:58:68:65:f5:
                    59:ae:39:28:45:41:1d:56:08:27:7b:7e:70:2d:a5:
                    e9:0b:20:39:6d:45:c7:f1:fb:59:1a:80:58:59:7a:
                    02:85:11:cd:a4:7c:13:2e:0d:b3:db:ce:bd:4e:01:
                    84:2b:59:06:2c:1a:08:9b:c3:8d:b3:d3:97:51:a6:
                    16:32:dc:70:fb:44:d7:db:e0:70:c6:18:6a:b3:4b:
                    01:df:c9:c1:6c:cf:cc:16:45:94:55:78:6d:51:d3:
                    59:bc:99:5b:a7:aa:77:c2:f0:c5:e4:0b:a9:51:73:
                    a7:8d:8d:76:34:7d:55:99:1a:82:fc:2b:14:de:8a:
                    10:34:00:6e:2e:75:6b:9b:f3:31:e4:e7:3a:6e:e6:
                    36:9a:33:3f:9a:24:5a:19:54:ab:f6:45:0c:70:60:
                    59:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:7E:4F:47:1D:D0:40:11:4D:D9:53:F7:4E:18:36:DE:50:93:15:64
            X509v3 Authority Key Identifier:
                keyid:52:03:BB:4F:19:58:11:F8:D7:72:3C:A0:1A:0B:2F:FB:DE:B7:5A:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e0:07:5c:99:44:02:91:75:70:87:e4:0b:74:de:6b:c5:90:98:
         2b:0f:15:89:78:20:a9:8a:6a:a2:7d:0c:7f:76:60:1b:1d:a8:
         f8:ca:ee:7f:b0:90:d9:ad:fb:4d:47:15:5c:fc:e1:e1:a7:2e:
         67:25:dc:e6:08:49:da:50:34:b8:6c:21:6c:c9:fb:79:53:57:
         bd:d8:45:c0:a9:82:8a:1a:9e:b3:1f:9e:2b:c8:e9:d8:85:14:
         04:40:19:7c:fd:28:51:0c:61:ac:4a:ee:ed:0b:87:ee:ca:06:
         50:e0:a0:7e:9f:0c:59:71:57:d2:09:32:90:52:7f:2c:0d:e1:
         4e:6e:0b:83:42:c5:7c:d0:2a:47:2d:39:86:bd:41:5a:e3:d3:
         4a:5b:fa:72:cf:99:cc:2b:a4:36:14:ba:94:ca:5f:b2:b3:27:
         fc:f0:ab:eb:c0:81:4a:12:87:3e:0f:f2:a9:e7:d3:a0:90:b1:
         70:5e:af:7e:76:1f:f5:7e:52:9a:d5:5c:bd:41:e2:89:10:09:
         b1:9c:9d:46:6f:51:0a:8d:c6:d8:c1:6d:2e:1f:f0:c8:b1:33:
         3b:78:5f:5d:16:c9:f1:b4:a0:94:e6:33:f7:88:70:9c:45:16:
         42:96:db:8e:1b:5f:bd:c5:fd:76:ce:03:22:f7:ab:86:22:c4:
         23:42:bc:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHojBUSjZDeVpbnums6UCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDNiYjRmMTk1ODExZjhkNzcyM2NhMDFhMGIyZmZiZGVi
NzVhMWIwHhcNMjUwOTA3MDMwMDUwWhcNMjUwOTA4MDMwMDUwWjAzMTEwLwYDVQQD
EyhkNjdlNGY0NzFkZDA0MDExNGRkOTUzZjc0ZTE4MzZkZTUwOTMxNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2cnjQSJ+NVdwIwjY1GzvXkpyfyw
IkGSzR/Dotk9YU4s2EBYVczerGU/NT6R8Fuumr1JDyNMEm1UBoV3JIFGxFWFAlq3
/hmCQvWRJefK9WYtMWtkaQttabTbu6njbp+hn0k54lhoZfVZrjkoRUEdVggne35w
LaXpCyA5bUXH8ftZGoBYWXoChRHNpHwTLg2z2869TgGEK1kGLBoIm8ONs9OXUaYW
Mtxw+0TX2+Bwxhhqs0sB38nBbM/MFkWUVXhtUdNZvJlbp6p3wvDF5AupUXOnjY12
NH1VmRqC/CsU3ooQNABuLnVrm/Mx5Oc6buY2mjM/miRaGVSr9kUMcGBZ1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZ+T0cd0EARTdlT904YNt5QkxVkMB8GA1UdIwQY
MBaAFFIDu08ZWBH413I8oBoLL/vet1obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8wYTkyYTEtZTU5NC00MWVlLTg1NWMt
MmJhNmEwMjJkNGM5LzEvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8wYTkyYTEtZTU5NC00MWVlLTg1NWMtMmJhNmEwMjJkNGM5
LzEvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4AdcmUQC
kXVwh+QLdN5rxZCYKw8ViXggqYpqon0Mf3ZgGx2o+Mruf7CQ2a37TUcVXPzh4acu
ZyXc5ghJ2lA0uGwhbMn7eVNXvdhFwKmCihqesx+eK8jp2IUUBEAZfP0oUQxhrEru
7QuH7soGUOCgfp8MWXFX0gkykFJ/LA3hTm4Lg0LFfNAqRy05hr1BWuPTSlv6cs+Z
zCukNhS6lMpfsrMn/PCr68CBShKHPg/yqefToJCxcF6vfnYf9X5SmtVcvUHiiRAJ
sZydRm9RCo3G2MFtLh/wyLEzO3hfXRbJ8bSglOYz94hwnEUWQpbbjhtfvcX9ds4D
IverhiLEI0K8vw==
-----END CERTIFICATE-----