Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
File:                     UgO7TxlYEfjXcjygGgsv-963Whs.mft (raw, json)
Hash identifier:          Lkr8sAcxvz9lTL9FAA4YPwvjTlygDWR+AyZH5aaUkOs=
Subject key identifier:   10:EB:58:71:18:95:90:AA:64:09:FC:2B:FB:C0:28:89:1E:BF:23:9A
Authority key identifier: 52:03:BB:4F:19:58:11:F8:D7:72:3C:A0:1A:0B:2F:FB:DE:B7:5A:1B
Certificate issuer:       /CN=5203bb4f195811f8d7723ca01a0b2ffbdeb75a1b
Certificate serial:       01975E38DBC2AD90F87885F6BE4FE9173972
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
Manifest number:          01BC
Signing time:             Wed 11 Jun 2025 09:01:13 +0000
Manifest this update:     Wed 11 Jun 2025 09:01:13 +0000
Manifest next update:     Thu 12 Jun 2025 09:01:13 +0000
Files and hashes:         1: UgO7TxlYEfjXcjygGgsv-963Whs.crl (hash: AMII17lvaanY9nZeeiI4zkZ5zzhdAUTVl15zE7wj8r4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:38:db:c2:ad:90:f8:78:85:f6:be:4f:e9:17:39:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5203bb4f195811f8d7723ca01a0b2ffbdeb75a1b
        Validity
            Not Before: Jun 11 09:01:13 2025 GMT
            Not After : Jun 12 09:01:13 2025 GMT
        Subject: CN=10eb5871189590aa6409fc2bfbc028891ebf239a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:15:ae:1a:26:24:6b:94:2f:29:94:36:a3:12:
                    de:43:39:1a:82:99:48:03:77:d9:5e:95:9e:fe:6f:
                    88:a1:ad:33:6e:96:f1:80:27:ec:63:98:02:44:c7:
                    8d:4f:d0:e4:cb:10:a8:9d:a5:0a:51:26:51:c0:b2:
                    db:c6:9f:96:af:2c:b1:04:93:61:54:de:7c:9d:02:
                    54:7a:dd:56:14:21:87:39:6c:22:cc:ae:54:40:71:
                    38:85:67:ff:17:a9:d5:aa:94:45:27:11:26:b2:4a:
                    d6:27:59:cf:08:ca:92:21:e1:c7:fe:ba:86:8c:12:
                    aa:45:42:46:5c:18:20:60:78:e5:e4:41:b1:e7:04:
                    10:68:a4:45:e9:29:94:f1:d3:6f:66:5e:5d:2b:1d:
                    b9:43:8c:ee:61:2a:c3:a0:7b:15:37:9a:95:a3:0d:
                    94:1e:0d:5c:04:1e:0a:a4:2d:56:ac:73:bb:e9:52:
                    25:42:f5:98:97:0d:85:30:5d:8f:7e:b1:29:9f:42:
                    ce:14:62:2d:ce:34:7a:f8:08:b3:1a:ff:b2:21:ab:
                    6e:40:4d:26:f5:c2:60:16:ad:e6:de:08:00:2a:eb:
                    95:28:c4:c4:bb:1a:ce:bf:37:b7:56:d8:f8:1f:80:
                    7f:13:5a:55:4d:e3:be:89:87:a1:bc:45:08:44:55:
                    b1:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:EB:58:71:18:95:90:AA:64:09:FC:2B:FB:C0:28:89:1E:BF:23:9A
            X509v3 Authority Key Identifier:
                keyid:52:03:BB:4F:19:58:11:F8:D7:72:3C:A0:1A:0B:2F:FB:DE:B7:5A:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:7a:33:22:d7:fe:42:7b:ad:06:87:4c:63:a0:fd:77:cb:3f:
         65:25:ac:00:d0:b7:e4:a9:87:4f:8e:cf:38:0f:9a:c7:17:e2:
         87:2d:d1:25:ac:d4:68:e6:99:63:c0:4d:aa:87:2d:be:15:ca:
         87:cd:1d:e9:6e:07:40:aa:6c:1b:b0:8c:aa:53:43:a6:e7:90:
         eb:88:41:86:3a:02:29:4b:a0:3d:42:20:9d:7f:18:c1:56:cb:
         37:56:71:ae:88:c5:e5:ce:b6:21:ca:ab:b4:3d:03:1d:2d:9e:
         a2:3c:97:d5:b5:ef:e8:f7:58:8e:0c:c4:ef:92:f8:0b:91:4d:
         52:fc:cd:19:90:5a:07:fd:af:b8:2d:04:bc:38:96:93:6d:d4:
         14:31:c7:74:5d:f8:1d:01:67:73:e7:c8:bc:22:95:f6:e7:3c:
         60:3f:e9:f4:d9:fa:7f:fa:e0:01:ed:33:1e:e2:25:83:61:78:
         5a:13:c9:1e:21:41:3a:6b:15:6a:c2:4a:60:14:f6:04:07:cb:
         84:af:0d:cc:17:00:70:e3:73:9d:02:a0:19:33:d9:68:19:1f:
         a7:b6:35:67:ce:7c:03:06:78:23:83:86:ae:a6:22:df:27:15:
         7c:2d:25:a8:a2:19:1e:84:67:15:ac:8a:d7:b3:a6:e9:77:47:
         bc:57:77:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdeONvCrZD4eIX2vk/pFzlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDNiYjRmMTk1ODExZjhkNzcyM2NhMDFhMGIyZmZiZGVi
NzVhMWIwHhcNMjUwNjExMDkwMTEzWhcNMjUwNjEyMDkwMTEzWjAzMTEwLwYDVQQD
EygxMGViNTg3MTE4OTU5MGFhNjQwOWZjMmJmYmMwMjg4OTFlYmYyMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBWuGiYka5QvKZQ2oxLeQzkagplI
A3fZXpWe/m+Ioa0zbpbxgCfsY5gCRMeNT9DkyxConaUKUSZRwLLbxp+WryyxBJNh
VN58nQJUet1WFCGHOWwizK5UQHE4hWf/F6nVqpRFJxEmskrWJ1nPCMqSIeHH/rqG
jBKqRUJGXBggYHjl5EGx5wQQaKRF6SmU8dNvZl5dKx25Q4zuYSrDoHsVN5qVow2U
Hg1cBB4KpC1WrHO76VIlQvWYlw2FMF2PfrEpn0LOFGItzjR6+AizGv+yIatuQE0m
9cJgFq3m3ggAKuuVKMTEuxrOvze3Vtj4H4B/E1pVTeO+iYehvEUIRFWxTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBDrWHEYlZCqZAn8K/vAKIkevyOaMB8GA1UdIwQY
MBaAFFIDu08ZWBH413I8oBoLL/vet1obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8wYTkyYTEtZTU5NC00MWVlLTg1NWMt
MmJhNmEwMjJkNGM5LzEvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8wYTkyYTEtZTU5NC00MWVlLTg1NWMtMmJhNmEwMjJkNGM5
LzEvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK3ozItf+
QnutBodMY6D9d8s/ZSWsANC35KmHT47POA+axxfihy3RJazUaOaZY8BNqoctvhXK
h80d6W4HQKpsG7CMqlNDpueQ64hBhjoCKUugPUIgnX8YwVbLN1ZxrojF5c62Icqr
tD0DHS2eojyX1bXv6PdYjgzE75L4C5FNUvzNGZBaB/2vuC0EvDiWk23UFDHHdF34
HQFnc+fIvCKV9uc8YD/p9Nn6f/rgAe0zHuIlg2F4WhPJHiFBOmsVasJKYBT2BAfL
hK8NzBcAcONznQKgGTPZaBkfp7Y1Z858AwZ4I4OGrqYi3ycVfC0lqKIZHoRnFayK
17Om6XdHvFd3AQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:15:03 2025 by rpki-client