Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.mft
File:                     ubrpYJaypQez1LDCdLwv9Ynp-aI.mft (raw, json)
Hash identifier:          fYmDGOk1hdAh/DnL+YTAJoT6BKY7GHHoJuwZIMpqDo0=
Subject key identifier:   44:DB:1E:85:74:80:8E:6D:F0:DA:46:5B:60:FC:21:BB:90:86:26:BF
Authority key identifier: B9:BA:E9:60:96:B2:A5:07:B3:D4:B0:C2:74:BC:2F:F5:89:E9:F9:A2
Certificate issuer:       /CN=b9bae96096b2a507b3d4b0c274bc2ff589e9f9a2
Certificate serial:       019921E7B28C2089823CB88B7D1934931A42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ubrpYJaypQez1LDCdLwv9Ynp-aI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.mft
Manifest number:          77
Signing time:             Sun 07 Sep 2025 02:00:56 +0000
Manifest this update:     Sun 07 Sep 2025 02:00:56 +0000
Manifest next update:     Mon 08 Sep 2025 02:00:56 +0000
Files and hashes:         1: ubrpYJaypQez1LDCdLwv9Ynp-aI.crl (hash: KXWyjY0qltt9ab19cK6YWwzLKg6eEG7eBbqQQzVRfZM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ubrpYJaypQez1LDCdLwv9Ynp-aI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:e7:b2:8c:20:89:82:3c:b8:8b:7d:19:34:93:1a:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9bae96096b2a507b3d4b0c274bc2ff589e9f9a2
        Validity
            Not Before: Sep  7 02:00:56 2025 GMT
            Not After : Sep  8 02:00:56 2025 GMT
        Subject: CN=44db1e8574808e6df0da465b60fc21bb908626bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:1e:0d:b0:43:f3:3f:9c:4e:d6:bb:99:ff:4d:
                    ad:c2:8e:36:f0:4e:9d:c8:0d:02:17:d8:79:d2:77:
                    eb:e1:e6:bc:a5:2d:d8:68:cf:9d:9d:4f:34:4e:73:
                    b9:2e:cd:0e:f5:92:ca:99:20:46:7d:5b:bf:84:f8:
                    de:55:84:be:53:0c:b3:10:e1:18:04:82:2e:4c:6e:
                    78:cd:3d:c8:65:93:b2:d8:ba:71:d7:1d:ee:d6:05:
                    3f:33:f9:0e:1b:ca:7b:77:1a:f5:26:ee:06:f6:2b:
                    de:20:9b:b9:99:28:85:95:b2:dd:48:b7:57:83:4b:
                    be:4f:c8:9d:3f:7d:25:5c:3f:ec:47:f5:73:1f:48:
                    38:79:4a:8f:97:96:c3:9c:ee:2d:b0:eb:46:83:8b:
                    32:c7:7a:c4:1e:4c:ad:03:2e:99:06:09:c1:8c:84:
                    20:13:10:e0:4e:61:39:2a:93:9c:47:77:09:09:a9:
                    29:2d:4c:7b:46:77:c3:d5:59:5a:c1:b6:4b:e6:f0:
                    c5:29:24:40:38:b9:7c:b6:63:57:5e:7f:8e:c9:d4:
                    6c:7e:ea:37:5d:e8:7f:f9:27:69:e1:3a:21:79:91:
                    12:eb:60:17:60:57:52:e9:69:cd:e7:44:3c:4d:cc:
                    6d:06:56:0a:ef:49:e9:0d:7d:95:17:9a:d8:04:35:
                    32:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:DB:1E:85:74:80:8E:6D:F0:DA:46:5B:60:FC:21:BB:90:86:26:BF
            X509v3 Authority Key Identifier:
                keyid:B9:BA:E9:60:96:B2:A5:07:B3:D4:B0:C2:74:BC:2F:F5:89:E9:F9:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubrpYJaypQez1LDCdLwv9Ynp-aI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:a1:8b:5a:a7:bc:8f:c9:ef:ef:d3:bf:11:35:0b:92:31:e0:
         23:a1:74:e5:42:c5:35:d0:1a:c2:c3:94:ca:ff:a6:48:9f:c9:
         8f:fb:17:aa:4a:2d:bc:a9:d4:92:7c:cc:2f:8a:e7:7b:be:0c:
         40:0f:95:79:5a:67:82:9b:55:93:c2:f3:29:b8:22:75:57:7c:
         9a:c5:b6:31:a4:f0:4a:1b:85:97:b0:b4:c1:db:fd:98:1f:3e:
         4d:96:cc:81:d9:14:a0:fd:86:c8:30:e6:68:34:09:b9:a9:de:
         4a:fc:93:3c:fc:f5:2c:0c:1d:3c:77:27:25:b9:53:12:02:3d:
         f9:e3:a9:f0:ff:c2:74:57:33:f6:1d:c1:0e:19:88:0e:94:a2:
         d6:5a:35:e8:69:92:b1:58:32:48:02:1b:14:e9:cc:c0:55:13:
         d7:85:5f:20:da:4e:8a:5d:72:f1:52:06:fc:c9:38:54:59:84:
         bc:1b:5b:42:46:3d:f4:83:f1:6c:7a:44:07:43:a3:ed:bf:b6:
         88:e0:62:d6:b0:fd:0d:50:fe:3a:55:be:31:cf:d6:19:19:7c:
         40:99:f8:73:68:0c:d6:e6:cd:a9:da:83:8e:e1:ca:ac:96:25:
         ba:68:f1:38:35:22:90:b2:bf:ad:dc:8a:f8:59:d2:97:aa:1f:
         ee:de:48:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkh57KMIImCPLiLfRk0kxpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YmFlOTYwOTZiMmE1MDdiM2Q0YjBjMjc0YmMyZmY1ODll
OWY5YTIwHhcNMjUwOTA3MDIwMDU2WhcNMjUwOTA4MDIwMDU2WjAzMTEwLwYDVQQD
Eyg0NGRiMWU4NTc0ODA4ZTZkZjBkYTQ2NWI2MGZjMjFiYjkwODYyNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4h4NsEPzP5xO1ruZ/02two428E6d
yA0CF9h50nfr4ea8pS3YaM+dnU80TnO5Ls0O9ZLKmSBGfVu/hPjeVYS+UwyzEOEY
BIIuTG54zT3IZZOy2Lpx1x3u1gU/M/kOG8p7dxr1Ju4G9iveIJu5mSiFlbLdSLdX
g0u+T8idP30lXD/sR/VzH0g4eUqPl5bDnO4tsOtGg4syx3rEHkytAy6ZBgnBjIQg
ExDgTmE5KpOcR3cJCakpLUx7RnfD1VlawbZL5vDFKSRAOLl8tmNXXn+OydRsfuo3
Xeh/+Sdp4ToheZES62AXYFdS6WnN50Q8TcxtBlYK70npDX2VF5rYBDUy3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFETbHoV0gI5t8NpGW2D8IbuQhia/MB8GA1UdIwQY
MBaAFLm66WCWsqUHs9SwwnS8L/WJ6fmiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJycFlKYXlwUWV6MUxEQ2RMd3Y5WW5wLWFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zNGU3NTktYzllMy00NWJhLTg4MWIt
MDg3Mzg2NWU0NDMyLzEvdWJycFlKYXlwUWV6MUxEQ2RMd3Y5WW5wLWFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zNGU3NTktYzllMy00NWJhLTg4MWItMDg3Mzg2NWU0NDMy
LzEvdWJycFlKYXlwUWV6MUxEQ2RMd3Y5WW5wLWFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzaGLWqe8
j8nv79O/ETULkjHgI6F05ULFNdAawsOUyv+mSJ/Jj/sXqkotvKnUknzML4rne74M
QA+VeVpngptVk8LzKbgidVd8msW2MaTwShuFl7C0wdv9mB8+TZbMgdkUoP2GyDDm
aDQJuaneSvyTPPz1LAwdPHcnJblTEgI9+eOp8P/CdFcz9h3BDhmIDpSi1lo16GmS
sVgySAIbFOnMwFUT14VfINpOil1y8VIG/Mk4VFmEvBtbQkY99IPxbHpEB0Oj7b+2
iOBi1rD9DVD+OlW+Mc/WGRl8QJn4c2gM1ubNqdqDjuHKrJYlumjxODUikLK/rdyK
+FnSl6of7t5ISQ==
-----END CERTIFICATE-----