Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
File:                     UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json)
Hash identifier:          0Rk3p5UHYfuE3KpptvBryLhNXaQudDmn1GJlamYRK4Y=
Subject key identifier:   58:E7:52:29:5A:56:89:7C:C6:1D:EC:11:31:57:E5:63:F6:52:4D:7C
Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D
Certificate issuer:       /CN=5061bdf7da55676d971882beee9021bc5fb3172d
Certificate serial:       018F882427A12C5719EAEAB28C0713CFBE4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
Manifest number:          042F
Signing time:             Fri 17 May 2024 20:00:21 +0000
Manifest this update:     Fri 17 May 2024 20:00:21 +0000
Manifest next update:     Sat 18 May 2024 20:00:21 +0000
Files and hashes:         1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: PO47uz99dxWqKenoXW5M6d6ET4MRVlYEyxVGlbzvBNI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:24:27:a1:2c:57:19:ea:ea:b2:8c:07:13:cf:be:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d
        Validity
            Not Before: May 17 20:00:21 2024 GMT
            Not After : May 18 20:00:21 2024 GMT
        Subject: CN=58e752295a56897cc61dec113157e563f6524d7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f4:71:54:5a:1a:aa:7e:c6:c1:bb:3f:b1:b0:
                    f5:32:1d:4c:a9:59:ba:a1:24:e6:92:97:24:d4:7e:
                    00:cd:65:3d:06:f5:52:d3:1f:7f:ba:66:17:36:df:
                    36:89:1d:66:58:9d:2a:be:07:94:08:7d:c3:e0:4f:
                    27:91:fd:f6:fc:c4:90:4b:83:54:4e:ad:86:94:aa:
                    b2:98:41:03:8e:5f:14:4a:7e:e4:51:9c:82:3d:ce:
                    ca:ec:87:43:cc:26:b2:03:86:51:98:a6:d5:6e:7d:
                    d6:ea:6b:d6:7f:2b:73:2e:22:3d:7c:14:88:44:8b:
                    70:da:1c:09:41:0f:42:2e:fa:fd:a0:46:f2:fc:b3:
                    26:b8:3e:21:6f:4b:e0:43:87:83:90:06:2a:10:44:
                    6c:f5:be:a4:03:02:08:0d:eb:e0:1a:af:db:bb:90:
                    90:6f:e2:fc:17:bb:25:63:e5:d2:80:9d:97:a4:cd:
                    6b:67:2e:fd:c2:6d:20:94:13:4b:6f:41:a9:14:16:
                    d1:94:fe:d4:b5:66:69:ad:cd:2b:60:5f:90:d4:b9:
                    56:55:0d:cf:21:7a:cc:bb:3d:5b:a3:f5:b8:6f:97:
                    2b:ea:27:f4:d2:3e:97:a7:b8:cb:f2:9f:23:18:1e:
                    58:95:58:f4:a1:e5:0f:38:bd:80:0e:27:e8:1d:6b:
                    e2:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:E7:52:29:5A:56:89:7C:C6:1D:EC:11:31:57:E5:63:F6:52:4D:7C
            X509v3 Authority Key Identifier:
                keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:ec:41:35:3b:fc:87:4f:ee:1f:62:fa:84:c6:c9:0e:77:2e:
         b1:dd:30:67:a5:fe:83:cc:4a:0d:a8:7f:5c:b3:8e:c2:8e:2a:
         4f:2b:c2:f7:cf:71:42:47:b7:bc:76:2f:df:58:eb:88:f0:6e:
         3c:81:d6:fe:6b:7b:f9:60:c6:72:fa:81:cb:59:bb:e3:96:07:
         61:bb:ab:d6:31:de:68:38:41:60:ad:3c:94:f5:29:ee:50:e3:
         e9:ca:4e:0d:72:e4:f0:2d:62:19:94:e3:b3:4b:cf:e6:c5:83:
         5e:f7:6d:8b:09:26:ed:64:e4:0c:f6:08:8b:0b:0c:ba:14:80:
         d2:1b:b1:88:cf:6b:f1:c8:40:7e:d0:a9:63:50:e8:ff:c2:ef:
         9a:59:9d:df:b4:d7:f8:28:c0:5a:92:32:77:b9:b9:c6:0b:3c:
         22:a1:ea:6a:ec:58:24:37:5f:58:16:b9:32:5e:47:a9:5c:d3:
         93:6f:5a:bf:b0:73:9b:19:9c:bb:69:f7:a1:bf:62:ea:ef:17:
         a2:ad:16:ff:e0:eb:e2:cc:ac:94:32:50:13:f9:6d:05:43:6b:
         e4:e5:b3:9f:88:dc:06:d0:75:49:54:1e:56:dd:50:6d:d1:9d:
         1c:e4:9e:13:5e:80:68:dc:fe:85:d9:17:a3:60:7f:00:89:f3:
         4e:24:ff:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IJCehLFcZ6uqyjAcTz75LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi
MzE3MmQwHhcNMjQwNTE3MjAwMDIxWhcNMjQwNTE4MjAwMDIxWjAzMTEwLwYDVQQD
Eyg1OGU3NTIyOTVhNTY4OTdjYzYxZGVjMTEzMTU3ZTU2M2Y2NTI0ZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvRxVFoaqn7Gwbs/sbD1Mh1MqVm6
oSTmkpck1H4AzWU9BvVS0x9/umYXNt82iR1mWJ0qvgeUCH3D4E8nkf32/MSQS4NU
Tq2GlKqymEEDjl8USn7kUZyCPc7K7IdDzCayA4ZRmKbVbn3W6mvWfytzLiI9fBSI
RItw2hwJQQ9CLvr9oEby/LMmuD4hb0vgQ4eDkAYqEERs9b6kAwIIDevgGq/bu5CQ
b+L8F7slY+XSgJ2XpM1rZy79wm0glBNLb0GpFBbRlP7UtWZprc0rYF+Q1LlWVQ3P
IXrMuz1bo/W4b5cr6if00j6Xp7jL8p8jGB5YlVj0oeUPOL2ADifoHWvixQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjnUilaVol8xh3sETFX5WP2Uk18MB8GA1UdIwQY
MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt
NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm
LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmuxBNTv8
h0/uH2L6hMbJDncusd0wZ6X+g8xKDah/XLOOwo4qTyvC989xQke3vHYv31jriPBu
PIHW/mt7+WDGcvqBy1m745YHYbur1jHeaDhBYK08lPUp7lDj6cpODXLk8C1iGZTj
s0vP5sWDXvdtiwkm7WTkDPYIiwsMuhSA0huxiM9r8chAftCpY1Do/8Lvmlmd37TX
+CjAWpIyd7m5xgs8IqHqauxYJDdfWBa5Ml5HqVzTk29av7Bzmxmcu2n3ob9i6u8X
oq0W/+Dr4syslDJQE/ltBUNr5OWzn4jcBtB1SVQeVt1QbdGdHOSeE16AaNz+hdkX
o2B/AInzTiT/sw==
-----END CERTIFICATE-----