Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
File:                     UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json)
Hash identifier:          zrFXraY09uZAPOJlDCV/i09v6b6uWwnkdTvOYkd/0v4=
Subject key identifier:   60:EF:CF:9F:E2:C6:E8:5D:BA:DA:D3:BC:8E:E6:90:7A:A3:1A:8D:86
Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D
Certificate issuer:       /CN=5061bdf7da55676d971882beee9021bc5fb3172d
Certificate serial:       019368C6119667FA0786ED1BF79AF42838E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
Manifest number:          0631
Signing time:             Tue 26 Nov 2024 14:00:31 +0000
Manifest this update:     Tue 26 Nov 2024 14:00:31 +0000
Manifest next update:     Wed 27 Nov 2024 14:00:31 +0000
Files and hashes:         1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: HSr2ERyVkQOM5Cu4NGwGLO+BjVeBQ8fYHu/fXWr/8kk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:68:c6:11:96:67:fa:07:86:ed:1b:f7:9a:f4:28:38:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d
        Validity
            Not Before: Nov 26 14:00:31 2024 GMT
            Not After : Nov 27 14:00:31 2024 GMT
        Subject: CN=60efcf9fe2c6e85dbadad3bc8ee6907aa31a8d86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:98:f4:e6:2d:61:b6:30:d5:88:4e:e4:e4:7f:
                    af:2a:9f:a1:2b:b8:0e:da:3b:dd:13:d9:8e:66:ea:
                    94:0e:99:8a:d4:cc:9d:d4:8d:81:48:97:0b:bd:e9:
                    8b:f5:1e:43:54:60:5c:d4:db:2c:3d:ef:5f:46:32:
                    5c:ee:47:a9:0c:3f:c0:73:ae:f7:fe:9c:e7:43:1a:
                    d4:65:96:31:08:fc:38:4f:01:f5:25:83:40:83:56:
                    5b:d4:e5:a0:93:d1:41:3e:f4:29:64:2a:4b:3f:9f:
                    8b:ce:0f:94:ee:68:af:eb:f3:52:47:bd:55:d1:15:
                    2d:a8:25:00:be:d9:98:88:e1:96:26:b5:53:8d:06:
                    d3:6d:7a:90:4c:78:93:ae:bb:31:5c:f3:07:b1:a8:
                    b2:32:14:a2:10:11:b2:78:97:f9:39:bd:86:8c:61:
                    be:e0:da:bf:30:e6:04:74:c8:2e:33:4f:a1:4d:f0:
                    dc:c3:b8:49:9a:5f:59:9b:c7:d6:f6:49:36:c7:ed:
                    da:a3:38:5b:17:9d:88:9d:89:35:9b:5d:e8:f6:58:
                    ce:9d:58:f8:fb:e2:03:5a:d3:00:b5:70:b2:00:10:
                    37:31:0f:57:56:32:e9:b7:9e:e4:09:9a:4d:5f:16:
                    3f:7a:7f:de:3a:fc:08:3e:e1:69:54:bd:bd:eb:b5:
                    a6:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:EF:CF:9F:E2:C6:E8:5D:BA:DA:D3:BC:8E:E6:90:7A:A3:1A:8D:86
            X509v3 Authority Key Identifier:
                keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:16:26:69:1d:00:a0:6e:90:ac:e6:18:fe:b6:78:79:ee:de:
         31:9f:fb:5c:d3:bd:9e:de:6a:c1:8c:d3:36:25:f9:e5:3d:b7:
         fb:e8:c6:b8:54:77:40:e6:07:6a:ad:23:5d:35:b4:e5:0f:cf:
         23:4b:0a:74:55:cf:80:9e:d9:85:61:a2:a5:7d:3d:8a:8e:4b:
         62:6d:01:1f:23:9e:48:53:22:1a:2a:ca:65:a3:6a:b7:1d:38:
         7e:46:93:18:dc:db:00:72:91:30:23:19:af:01:1f:17:86:5e:
         f2:bc:77:80:79:9e:88:c8:74:f9:df:4a:ce:3f:2a:4a:fa:7f:
         bf:da:05:41:19:ab:8b:fd:6b:46:1e:61:ec:38:1e:e9:8c:f8:
         15:af:d2:24:77:c6:53:31:33:fb:d4:55:7b:62:21:3b:7e:d3:
         69:41:5d:0d:1c:e8:03:54:38:c5:05:63:c2:7f:b9:30:82:23:
         6d:5a:c5:21:09:76:9d:28:1a:f7:e4:3b:b8:f9:d2:d6:b3:63:
         4e:4a:02:a6:87:cf:5a:f2:5e:0d:bf:1c:52:9d:b2:ff:17:1f:
         7a:d7:61:75:3b:71:3a:4e:01:39:86:94:bf:36:46:af:61:66:
         f4:6f:3d:8d:17:2c:b4:88:a9:7d:2f:79:48:10:a4:0d:b6:e6:
         fe:eb:c5:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNoxhGWZ/oHhu0b95r0KDjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi
MzE3MmQwHhcNMjQxMTI2MTQwMDMxWhcNMjQxMTI3MTQwMDMxWjAzMTEwLwYDVQQD
Eyg2MGVmY2Y5ZmUyYzZlODVkYmFkYWQzYmM4ZWU2OTA3YWEzMWE4ZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZj05i1htjDViE7k5H+vKp+hK7gO
2jvdE9mOZuqUDpmK1Myd1I2BSJcLvemL9R5DVGBc1NssPe9fRjJc7kepDD/Ac673
/pznQxrUZZYxCPw4TwH1JYNAg1Zb1OWgk9FBPvQpZCpLP5+Lzg+U7miv6/NSR71V
0RUtqCUAvtmYiOGWJrVTjQbTbXqQTHiTrrsxXPMHsaiyMhSiEBGyeJf5Ob2GjGG+
4Nq/MOYEdMguM0+hTfDcw7hJml9Zm8fW9kk2x+3aozhbF52InYk1m13o9ljOnVj4
++IDWtMAtXCyABA3MQ9XVjLpt57kCZpNXxY/en/eOvwIPuFpVL2967Wm9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDvz5/ixuhdutrTvI7mkHqjGo2GMB8GA1UdIwQY
MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt
NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm
LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqBYmaR0A
oG6QrOYY/rZ4ee7eMZ/7XNO9nt5qwYzTNiX55T23++jGuFR3QOYHaq0jXTW05Q/P
I0sKdFXPgJ7ZhWGipX09io5LYm0BHyOeSFMiGirKZaNqtx04fkaTGNzbAHKRMCMZ
rwEfF4Ze8rx3gHmeiMh0+d9Kzj8qSvp/v9oFQRmri/1rRh5h7Dge6Yz4Fa/SJHfG
UzEz+9RVe2IhO37TaUFdDRzoA1Q4xQVjwn+5MIIjbVrFIQl2nSga9+Q7uPnS1rNj
TkoCpofPWvJeDb8cUp2y/xcfetdhdTtxOk4BOYaUvzZGr2Fm9G89jRcstIipfS95
SBCkDbbm/uvFzg==
-----END CERTIFICATE-----