Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
File:                     UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json)
Hash identifier:          wftWGAOhERfI8Ssm8w7HdI5Tzme3DEiA5gRv5FhAIMY=
Subject key identifier:   89:86:2A:98:BB:44:12:13:56:47:5D:9A:A6:85:1B:17:B0:FD:FB:39
Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D
Certificate issuer:       /CN=5061bdf7da55676d971882beee9021bc5fb3172d
Certificate serial:       019A7293BC48170AFFD059CDACCBBB36C5C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
Manifest number:          09D6
Signing time:             Tue 11 Nov 2025 11:01:15 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:15 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:15 +0000
Files and hashes:         1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: ajg4TZq76lsbNqEN5Ue0l3Xb+trZBwEmIT4jCVlB29w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:bc:48:17:0a:ff:d0:59:cd:ac:cb:bb:36:c5:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d
        Validity
            Not Before: Nov 11 11:01:15 2025 GMT
            Not After : Nov 12 11:01:15 2025 GMT
        Subject: CN=89862a98bb44121356475d9aa6851b17b0fdfb39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:85:10:a6:d6:98:9b:49:0b:60:8d:8c:bd:8a:
                    1a:44:d9:f6:fb:54:d3:5d:a6:8f:16:de:ce:44:81:
                    25:42:3f:29:48:ab:b8:7c:0c:e0:71:3a:6a:06:93:
                    e2:d5:b3:3a:7a:b5:e1:6f:66:06:9e:2b:b3:c9:76:
                    be:24:d9:03:a0:a4:40:7f:2a:6d:73:4f:32:08:dc:
                    29:5b:18:ad:eb:07:bd:8f:e0:d5:12:2d:7d:11:e8:
                    1f:f1:d9:8e:7a:5e:8b:04:3e:50:f4:0f:08:70:32:
                    5b:0c:b7:f1:7f:fa:d3:5d:39:ad:aa:21:80:78:ef:
                    39:9e:65:8a:94:7b:ff:5f:9d:d2:85:bb:fe:89:95:
                    75:93:89:38:f1:e3:7c:ea:0e:32:33:4c:7b:a0:9b:
                    a4:f6:46:25:d0:a2:30:32:4f:00:6d:5e:57:04:d3:
                    4b:29:38:f5:ed:24:fa:f6:d7:66:fe:0d:8b:e1:0a:
                    5b:80:71:35:7c:a1:a9:dc:1a:85:b0:ab:74:d6:63:
                    84:34:01:55:6b:69:c8:34:26:b5:ea:db:64:47:45:
                    99:df:64:56:ad:d3:36:7b:c9:16:e5:51:5e:e0:47:
                    0a:06:a2:f9:6f:5c:e5:e4:e3:a6:98:aa:2d:d9:fd:
                    5e:e9:bb:ef:41:fd:83:f8:de:03:e5:7f:1d:2b:9a:
                    c1:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:86:2A:98:BB:44:12:13:56:47:5D:9A:A6:85:1B:17:B0:FD:FB:39
            X509v3 Authority Key Identifier:
                keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:e2:51:05:d2:12:7e:1a:67:aa:b5:1f:5f:4a:1d:18:ac:27:
         8a:cb:56:e9:1b:29:f2:76:4a:dd:a5:b3:f8:26:5b:a8:76:64:
         93:db:e9:f2:97:b2:b2:45:b2:15:45:5b:5e:f5:a3:a9:66:1e:
         d4:26:c4:17:ae:e3:07:a4:17:13:d3:d4:61:0d:2e:05:18:5c:
         fe:cc:2c:0d:7b:fa:b3:4e:b1:38:9e:36:e0:d4:41:76:aa:87:
         80:52:b2:71:3b:a8:a6:5d:76:4a:38:4f:98:85:99:de:0a:f5:
         39:21:13:cb:ac:fd:29:c4:48:c5:31:1a:2c:ec:34:d9:1d:8c:
         66:36:6d:88:24:06:08:12:5d:51:8a:eb:e3:e2:fb:c9:46:73:
         e5:99:f4:95:aa:ab:76:62:82:f2:ad:22:a8:9e:80:e0:89:89:
         d0:7a:88:32:4b:cc:9c:94:0e:7c:26:69:15:0b:8f:a8:0e:c5:
         76:62:66:61:7b:25:69:09:45:b4:ff:3f:20:9c:f1:a2:9a:ba:
         63:70:30:06:8d:87:46:ce:e6:fa:d6:56:eb:26:dd:df:0d:30:
         ea:55:ef:11:ee:eb:df:a2:26:34:b9:ab:2a:51:82:d6:cd:48:
         72:a9:d3:1e:2a:1e:be:25:6c:4c:05:ba:1f:6f:f4:8a:a7:9a:
         40:c6:26:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk7xIFwr/0FnNrMu7NsXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi
MzE3MmQwHhcNMjUxMTExMTEwMTE1WhcNMjUxMTEyMTEwMTE1WjAzMTEwLwYDVQQD
Eyg4OTg2MmE5OGJiNDQxMjEzNTY0NzVkOWFhNjg1MWIxN2IwZmRmYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7oUQptaYm0kLYI2MvYoaRNn2+1TT
XaaPFt7ORIElQj8pSKu4fAzgcTpqBpPi1bM6erXhb2YGniuzyXa+JNkDoKRAfypt
c08yCNwpWxit6we9j+DVEi19Eegf8dmOel6LBD5Q9A8IcDJbDLfxf/rTXTmtqiGA
eO85nmWKlHv/X53Shbv+iZV1k4k48eN86g4yM0x7oJuk9kYl0KIwMk8AbV5XBNNL
KTj17ST69tdm/g2L4QpbgHE1fKGp3BqFsKt01mOENAFVa2nINCa16ttkR0WZ32RW
rdM2e8kW5VFe4EcKBqL5b1zl5OOmmKot2f1e6bvvQf2D+N4D5X8dK5rBQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFImGKpi7RBITVkddmqaFGxew/fs5MB8GA1UdIwQY
MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt
NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm
LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXuJRBdIS
fhpnqrUfX0odGKwnistW6Rsp8nZK3aWz+CZbqHZkk9vp8peyskWyFUVbXvWjqWYe
1CbEF67jB6QXE9PUYQ0uBRhc/swsDXv6s06xOJ424NRBdqqHgFKycTuopl12SjhP
mIWZ3gr1OSETy6z9KcRIxTEaLOw02R2MZjZtiCQGCBJdUYrr4+L7yUZz5Zn0laqr
dmKC8q0iqJ6A4ImJ0HqIMkvMnJQOfCZpFQuPqA7FdmJmYXslaQlFtP8/IJzxopq6
Y3AwBo2HRs7m+tZW6ybd3w0w6lXvEe7r36ImNLmrKlGC1s1IcqnTHioeviVsTAW6
H2/0iqeaQMYmPg==
-----END CERTIFICATE-----