Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
File:                     UgO7TxlYEfjXcjygGgsv-963Whs.mft (raw, json)
Hash identifier:          W6LWtBnh40ZrTGoCOFn18s7MUyLpvMz8doprasoOEuc=
Subject key identifier:   F6:3F:A3:4D:A9:BD:AC:09:85:52:27:99:3E:01:1D:46:7B:2B:79:96
Authority key identifier: 52:03:BB:4F:19:58:11:F8:D7:72:3C:A0:1A:0B:2F:FB:DE:B7:5A:1B
Certificate issuer:       /CN=5203bb4f195811f8d7723ca01a0b2ffbdeb75a1b
Certificate serial:       019764037FA2EAD411F4FFEB92042E92F3A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
Manifest number:          01BF
Signing time:             Thu 12 Jun 2025 12:00:40 +0000
Manifest this update:     Thu 12 Jun 2025 12:00:40 +0000
Manifest next update:     Fri 13 Jun 2025 12:00:40 +0000
Files and hashes:         1: UgO7TxlYEfjXcjygGgsv-963Whs.crl (hash: 3oONLWsg3lf7zFTOLi6FDpc31hRZ4aSbGNTsP4m4STw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:03:7f:a2:ea:d4:11:f4:ff:eb:92:04:2e:92:f3:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5203bb4f195811f8d7723ca01a0b2ffbdeb75a1b
        Validity
            Not Before: Jun 12 12:00:40 2025 GMT
            Not After : Jun 13 12:00:40 2025 GMT
        Subject: CN=f63fa34da9bdac09855227993e011d467b2b7996
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:ce:13:b9:ad:ac:9e:16:4e:a9:85:2c:32:3e:
                    a2:63:9e:dc:5c:23:a5:64:02:42:5b:34:dd:c2:f3:
                    58:e3:e1:f4:f9:15:ab:61:73:bd:b6:40:4b:51:81:
                    b1:f1:1d:11:87:3b:d8:b8:9c:9d:e8:a9:f1:17:0a:
                    d8:dc:68:df:8f:eb:97:fb:8e:26:c3:61:62:35:c1:
                    43:e5:7a:74:6d:8a:6b:ce:c3:6d:3d:9b:80:69:94:
                    43:54:f5:57:58:e8:f6:4d:53:87:25:ee:f1:3f:3c:
                    03:43:1e:85:aa:14:0e:3c:26:d7:9f:28:82:08:76:
                    99:89:b0:bc:03:9e:04:ab:86:a1:f8:72:2b:b5:8c:
                    5b:20:18:5a:d9:a0:3e:7f:2c:b4:0d:91:7f:ef:e4:
                    4a:3d:bf:06:ff:51:34:f8:84:86:64:36:0f:54:91:
                    77:bc:08:6c:22:4b:9c:5c:55:aa:47:82:9d:70:75:
                    c9:27:b6:a1:d9:72:f7:cb:db:a0:94:d5:eb:9a:21:
                    d7:f1:e9:a0:c3:04:c2:79:85:5b:e5:11:df:a6:75:
                    1d:ad:f5:ed:a7:42:5c:d0:5e:9f:5c:bb:42:97:09:
                    db:8c:aa:cc:44:ac:3b:2c:4c:c6:4b:e0:9b:ac:1e:
                    7f:63:70:d4:a3:95:ae:dc:a6:74:07:32:44:c7:60:
                    1d:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:3F:A3:4D:A9:BD:AC:09:85:52:27:99:3E:01:1D:46:7B:2B:79:96
            X509v3 Authority Key Identifier:
                keyid:52:03:BB:4F:19:58:11:F8:D7:72:3C:A0:1A:0B:2F:FB:DE:B7:5A:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:86:4c:a3:e9:55:c3:3d:3d:42:23:da:1a:a9:b1:08:85:b6:
         5d:46:e4:43:12:24:4f:ad:3d:e7:b4:ad:04:ab:47:e6:a6:38:
         79:90:26:07:da:25:4e:ce:42:9f:55:ff:d2:09:ae:3e:51:1d:
         23:16:d5:25:82:04:08:da:9b:82:d3:83:59:71:92:66:b1:73:
         0c:0f:c8:12:dc:e3:5e:43:9c:18:fd:36:67:41:9d:89:58:b6:
         cd:88:04:4e:f6:b0:4e:54:38:6a:da:be:26:79:49:d4:71:cc:
         f6:e2:01:de:03:43:4b:21:04:94:07:93:ec:1d:2d:e5:2b:9a:
         72:9a:58:4b:6c:e7:f5:58:34:4a:78:42:e8:30:03:e9:e6:6c:
         f2:bd:c4:34:4f:13:79:bc:16:3f:f8:9e:df:32:87:47:40:78:
         77:5c:2e:36:7a:86:6f:a5:02:7c:2f:9b:08:3f:19:7e:b6:35:
         4d:89:3c:94:54:4a:9c:37:8a:7b:60:d9:58:98:b3:ae:e3:76:
         70:64:c5:66:32:d0:1b:d7:50:94:02:44:af:d4:2f:3f:6c:30:
         5a:36:7d:fd:40:5f:6f:88:7b:36:7b:87:77:fc:9b:76:ee:2e:
         6f:0c:ff:78:92:cd:77:a2:55:cb:7d:7c:cd:18:56:9c:5c:b2:
         c6:71:ee:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkA3+i6tQR9P/rkgQukvOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDNiYjRmMTk1ODExZjhkNzcyM2NhMDFhMGIyZmZiZGVi
NzVhMWIwHhcNMjUwNjEyMTIwMDQwWhcNMjUwNjEzMTIwMDQwWjAzMTEwLwYDVQQD
EyhmNjNmYTM0ZGE5YmRhYzA5ODU1MjI3OTkzZTAxMWQ0NjdiMmI3OTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmc4Tua2snhZOqYUsMj6iY57cXCOl
ZAJCWzTdwvNY4+H0+RWrYXO9tkBLUYGx8R0RhzvYuJyd6KnxFwrY3Gjfj+uX+44m
w2FiNcFD5Xp0bYprzsNtPZuAaZRDVPVXWOj2TVOHJe7xPzwDQx6FqhQOPCbXnyiC
CHaZibC8A54Eq4ah+HIrtYxbIBha2aA+fyy0DZF/7+RKPb8G/1E0+ISGZDYPVJF3
vAhsIkucXFWqR4KdcHXJJ7ah2XL3y9uglNXrmiHX8emgwwTCeYVb5RHfpnUdrfXt
p0Jc0F6fXLtClwnbjKrMRKw7LEzGS+CbrB5/Y3DUo5Wu3KZ0BzJEx2Ad+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPY/o02pvawJhVInmT4BHUZ7K3mWMB8GA1UdIwQY
MBaAFFIDu08ZWBH413I8oBoLL/vet1obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8wYTkyYTEtZTU5NC00MWVlLTg1NWMt
MmJhNmEwMjJkNGM5LzEvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8wYTkyYTEtZTU5NC00MWVlLTg1NWMtMmJhNmEwMjJkNGM5
LzEvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG4ZMo+lV
wz09QiPaGqmxCIW2XUbkQxIkT60957StBKtH5qY4eZAmB9olTs5Cn1X/0gmuPlEd
IxbVJYIECNqbgtODWXGSZrFzDA/IEtzjXkOcGP02Z0GdiVi2zYgETvawTlQ4atq+
JnlJ1HHM9uIB3gNDSyEElAeT7B0t5SuacppYS2zn9Vg0SnhC6DAD6eZs8r3ENE8T
ebwWP/ie3zKHR0B4d1wuNnqGb6UCfC+bCD8ZfrY1TYk8lFRKnDeKe2DZWJizruN2
cGTFZjLQG9dQlAJEr9QvP2wwWjZ9/UBfb4h7NnuHd/ybdu4ubwz/eJLNd6JVy318
zRhWnFyyxnHu7A==
-----END CERTIFICATE-----