Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
File:                     UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json)
Hash identifier:          TRe90aRRVUSWQpDLlKHK4P2kevFVusMT531NSExTKKs=
Subject key identifier:   5B:35:08:10:07:75:EC:C6:E2:4B:C2:71:2F:4E:63:CA:99:A2:F7:21
Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D
Certificate issuer:       /CN=5061bdf7da55676d971882beee9021bc5fb3172d
Certificate serial:       01975121F33B19D4F18F8569E19E891DAB59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
Manifest number:          0837
Signing time:             Sun 08 Jun 2025 20:01:08 +0000
Manifest this update:     Sun 08 Jun 2025 20:01:08 +0000
Manifest next update:     Mon 09 Jun 2025 20:01:08 +0000
Files and hashes:         1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: fgMNENggvV/FW1oPurcAsljE1uzrLirDsmNeaoXQ6Pc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 20:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:21:f3:3b:19:d4:f1:8f:85:69:e1:9e:89:1d:ab:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d
        Validity
            Not Before: Jun  8 20:01:08 2025 GMT
            Not After : Jun  9 20:01:08 2025 GMT
        Subject: CN=5b3508100775ecc6e24bc2712f4e63ca99a2f721
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:8e:29:21:d0:f2:03:c5:a1:9d:86:69:be:11:
                    cd:67:da:53:1c:d3:f8:71:cc:04:8e:75:0d:0e:a8:
                    d1:4e:e9:c8:32:c4:db:2e:5b:b2:95:24:d5:c1:89:
                    de:b9:ff:d4:57:4f:c8:f0:e5:50:f5:b1:e5:a9:cc:
                    46:40:05:48:3f:f0:18:e4:20:10:4d:49:24:ee:35:
                    d6:ae:9a:b0:54:7b:40:50:29:15:e8:22:e0:74:23:
                    b7:4e:b8:58:ee:49:99:83:3d:bc:b6:79:2a:27:45:
                    c2:d8:b6:39:a2:ae:ac:d6:c0:dd:f8:d4:d3:fd:fa:
                    c6:05:28:a1:61:1f:3d:fc:c3:89:83:f5:56:d2:4f:
                    d9:05:ce:26:72:98:88:93:6e:42:7a:73:ff:01:08:
                    4f:1c:c1:38:9b:8a:62:cb:fa:da:5b:56:53:fc:f3:
                    1d:a3:61:34:cc:02:11:4b:f9:33:9e:ef:87:f7:a9:
                    35:54:ea:29:8d:03:4e:34:89:e4:f2:b6:45:76:34:
                    ff:af:10:58:25:a3:72:ea:5b:52:9a:0f:93:5d:cc:
                    f4:46:a9:c2:fb:7a:7f:80:5e:c6:e6:f1:9b:4f:85:
                    81:b4:a6:90:18:f8:4d:4e:29:e0:f0:ae:6c:77:4d:
                    26:e7:da:bf:11:85:31:21:8c:c3:91:27:4b:a3:95:
                    ee:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:35:08:10:07:75:EC:C6:E2:4B:C2:71:2F:4E:63:CA:99:A2:F7:21
            X509v3 Authority Key Identifier:
                keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:d3:c2:b1:14:ce:a3:5d:d7:8a:fc:95:4b:4e:cb:b0:b5:ec:
         94:4a:b5:64:fe:0d:ad:81:11:2c:de:4b:8d:c9:6d:66:ef:eb:
         f5:b0:5a:1c:28:15:9b:ff:f0:9f:40:96:5d:a5:87:ac:bf:08:
         3e:eb:fc:68:85:24:c4:a7:05:be:37:5d:18:da:9d:45:2f:19:
         7a:9f:e1:e2:6b:92:86:4d:48:1c:26:fc:53:c5:f2:43:e3:25:
         a1:23:b9:80:a5:88:50:2c:6a:8c:2d:3d:87:ce:37:83:69:88:
         b2:c3:ae:cc:54:22:44:c4:2e:ef:65:d6:da:ed:a0:9c:45:24:
         cb:d9:2f:bd:ab:06:53:b1:70:6b:b6:03:eb:fd:1d:92:ff:b7:
         3a:dc:f7:dd:df:4b:d5:aa:17:dd:0d:3c:0e:18:c9:83:2a:f3:
         78:35:f0:3c:c1:56:6d:af:d7:c1:31:42:ad:d1:a7:6d:00:33:
         55:ce:51:de:45:39:b3:94:68:2e:d5:ab:2b:fe:d4:9a:4b:26:
         09:cc:84:71:d2:ab:e8:04:c2:0d:04:6f:18:69:c5:40:cd:e0:
         61:36:18:b2:66:30:f7:15:60:12:88:b6:c5:31:47:bb:83:03:
         96:e7:46:b0:8e:41:9e:14:62:83:e2:b9:0f:86:24:74:b4:17:
         ec:3c:b3:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRIfM7GdTxj4Vp4Z6JHatZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi
MzE3MmQwHhcNMjUwNjA4MjAwMTA4WhcNMjUwNjA5MjAwMTA4WjAzMTEwLwYDVQQD
Eyg1YjM1MDgxMDA3NzVlY2M2ZTI0YmMyNzEyZjRlNjNjYTk5YTJmNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuo4pIdDyA8WhnYZpvhHNZ9pTHNP4
ccwEjnUNDqjRTunIMsTbLluylSTVwYneuf/UV0/I8OVQ9bHlqcxGQAVIP/AY5CAQ
TUkk7jXWrpqwVHtAUCkV6CLgdCO3TrhY7kmZgz28tnkqJ0XC2LY5oq6s1sDd+NTT
/frGBSihYR89/MOJg/VW0k/ZBc4mcpiIk25CenP/AQhPHME4m4piy/raW1ZT/PMd
o2E0zAIRS/kznu+H96k1VOopjQNONInk8rZFdjT/rxBYJaNy6ltSmg+TXcz0RqnC
+3p/gF7G5vGbT4WBtKaQGPhNTing8K5sd00m59q/EYUxIYzDkSdLo5XuDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFs1CBAHdezG4kvCcS9OY8qZovchMB8GA1UdIwQY
MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt
NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm
LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT9PCsRTO
o13XivyVS07LsLXslEq1ZP4NrYERLN5LjcltZu/r9bBaHCgVm//wn0CWXaWHrL8I
Puv8aIUkxKcFvjddGNqdRS8Zep/h4muShk1IHCb8U8XyQ+MloSO5gKWIUCxqjC09
h843g2mIssOuzFQiRMQu72XW2u2gnEUky9kvvasGU7Fwa7YD6/0dkv+3Otz33d9L
1aoX3Q08DhjJgyrzeDXwPMFWba/XwTFCrdGnbQAzVc5R3kU5s5RoLtWrK/7Umksm
CcyEcdKr6ATCDQRvGGnFQM3gYTYYsmYw9xVgEoi2xTFHu4MDludGsI5BnhRig+K5
D4YkdLQX7DyzQg==
-----END CERTIFICATE-----