Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
File:                     UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json)
Hash identifier:          3ryzF9FzpJJwGWluBi/fItZhJBFBxO2scIMYt2s5kOA=
Subject key identifier:   3A:26:DB:95:E9:54:43:C9:CA:4F:E3:91:E5:FC:65:6B:88:FA:08:9A
Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D
Certificate issuer:       /CN=5061bdf7da55676d971882beee9021bc5fb3172d
Certificate serial:       01965613D17664E233645EDDA1A244B810AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
Manifest number:          07B5
Signing time:             Mon 21 Apr 2025 02:01:01 +0000
Manifest this update:     Mon 21 Apr 2025 02:01:01 +0000
Manifest next update:     Tue 22 Apr 2025 02:01:01 +0000
Files and hashes:         1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: km+8uUpda4r7B45czWZ6BT6YlkHo14aAln3J0aC5V68=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:13:d1:76:64:e2:33:64:5e:dd:a1:a2:44:b8:10:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d
        Validity
            Not Before: Apr 21 02:01:01 2025 GMT
            Not After : Apr 22 02:01:01 2025 GMT
        Subject: CN=3a26db95e95443c9ca4fe391e5fc656b88fa089a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:c9:f1:95:4c:f2:8b:5e:20:85:fc:18:37:96:
                    fd:55:56:07:6a:95:ea:27:d3:81:26:9b:d6:8e:40:
                    f5:da:99:62:84:9c:ce:e9:31:61:d6:d5:ce:5b:f9:
                    00:da:a7:60:d6:1e:02:5d:5f:24:97:c6:d2:ef:a3:
                    7b:13:d2:59:c9:8f:e2:33:0e:87:ec:cf:73:ba:c2:
                    3f:7f:78:08:37:3c:9d:e1:ad:8c:cc:a3:61:e2:ba:
                    94:46:5c:63:47:84:bb:1c:68:01:53:8c:58:e1:5e:
                    11:67:1f:5b:ef:d2:52:3c:b3:9c:f1:61:76:7d:c1:
                    28:66:d3:b2:b5:ec:6c:0c:8e:82:21:74:33:44:6f:
                    c6:9b:96:8e:b0:a6:0b:44:c8:ce:94:5e:44:6b:5b:
                    ba:59:8d:25:62:9a:6f:fb:2a:3f:b9:a1:2d:39:ea:
                    bb:da:1c:fc:03:bb:b6:55:f0:b7:92:32:d8:1c:0f:
                    9b:f7:ee:7c:40:05:2c:b7:83:75:59:df:2d:d0:9c:
                    db:88:89:0c:84:cf:48:fe:6d:cd:23:1d:cb:47:8f:
                    7f:ea:b1:05:d8:77:2c:c0:e4:8d:45:8a:63:a4:32:
                    c3:e8:ee:49:7b:65:a3:e8:f6:98:74:44:60:1e:32:
                    61:d4:c6:cb:97:12:24:23:ab:a8:8e:af:b1:98:91:
                    29:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:26:DB:95:E9:54:43:C9:CA:4F:E3:91:E5:FC:65:6B:88:FA:08:9A
            X509v3 Authority Key Identifier:
                keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:b5:cf:dc:7e:3d:cd:a4:2c:ea:77:87:aa:d5:b7:25:83:d1:
         68:03:d1:a8:f6:55:6f:91:9d:a1:43:98:3d:e4:f1:44:a0:1f:
         08:46:79:c8:38:f0:a0:7b:1a:a9:11:3a:0f:20:e7:3c:0c:2f:
         4a:ac:33:15:39:ad:a0:40:18:d6:6b:53:9c:e5:07:35:ce:46:
         a3:5e:39:89:8e:b1:64:dd:10:44:9f:fd:6a:fb:40:b2:4c:1f:
         d2:1e:c2:4b:f0:c6:e9:a6:da:85:a3:aa:f0:af:95:d5:85:92:
         a9:f8:da:20:d9:98:31:dc:d4:23:8e:70:b3:23:ab:67:0e:15:
         7a:28:09:ac:46:6a:73:75:cb:6c:92:f5:1b:18:8e:64:37:36:
         df:de:0d:41:6d:49:9a:6b:5c:59:a1:38:ed:ff:81:9d:2d:9d:
         2e:61:36:32:62:dc:55:33:4e:96:cf:3f:a8:19:08:3a:2c:42:
         7d:25:43:eb:05:49:da:a9:38:c4:c5:32:ff:1f:c2:20:62:81:
         4a:38:09:29:58:97:6a:eb:44:57:60:05:be:30:6f:96:ed:c4:
         1d:9a:57:e1:29:6d:87:4a:0b:2a:84:75:d4:be:4b:78:f6:55:
         8d:75:48:86:06:b6:77:21:d7:84:34:91:25:b2:cb:55:f9:b6:
         b2:31:65:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWE9F2ZOIzZF7doaJEuBCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi
MzE3MmQwHhcNMjUwNDIxMDIwMTAxWhcNMjUwNDIyMDIwMTAxWjAzMTEwLwYDVQQD
EygzYTI2ZGI5NWU5NTQ0M2M5Y2E0ZmUzOTFlNWZjNjU2Yjg4ZmEwODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsnxlUzyi14ghfwYN5b9VVYHapXq
J9OBJpvWjkD12plihJzO6TFh1tXOW/kA2qdg1h4CXV8kl8bS76N7E9JZyY/iMw6H
7M9zusI/f3gINzyd4a2MzKNh4rqURlxjR4S7HGgBU4xY4V4RZx9b79JSPLOc8WF2
fcEoZtOytexsDI6CIXQzRG/Gm5aOsKYLRMjOlF5Ea1u6WY0lYppv+yo/uaEtOeq7
2hz8A7u2VfC3kjLYHA+b9+58QAUst4N1Wd8t0JzbiIkMhM9I/m3NIx3LR49/6rEF
2HcswOSNRYpjpDLD6O5Je2Wj6PaYdERgHjJh1MbLlxIkI6uojq+xmJEpMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDom25XpVEPJyk/jkeX8ZWuI+giaMB8GA1UdIwQY
MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt
NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm
LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr7XP3H49
zaQs6neHqtW3JYPRaAPRqPZVb5GdoUOYPeTxRKAfCEZ5yDjwoHsaqRE6DyDnPAwv
SqwzFTmtoEAY1mtTnOUHNc5Go145iY6xZN0QRJ/9avtAskwf0h7CS/DG6abahaOq
8K+V1YWSqfjaINmYMdzUI45wsyOrZw4VeigJrEZqc3XLbJL1GxiOZDc2394NQW1J
mmtcWaE47f+BnS2dLmE2MmLcVTNOls8/qBkIOixCfSVD6wVJ2qk4xMUy/x/CIGKB
SjgJKViXautEV2AFvjBvlu3EHZpX4Slth0oLKoR11L5LePZVjXVIhga2dyHXhDSR
JbLLVfm2sjFl7A==
-----END CERTIFICATE-----