Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
File:                     UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json)
Hash identifier:          XmixlAQF/ip7dB7UGdFyE1zR7rOPUB9+VwT2AO8M8tg=
Subject key identifier:   ED:29:86:66:8A:A5:99:D0:72:A0:1B:36:AB:12:02:2D:62:78:84:44
Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D
Certificate issuer:       /CN=5061bdf7da55676d971882beee9021bc5fb3172d
Certificate serial:       019D375339370A1B8FC5A0552B5D557393FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
Manifest number:          0B45
Signing time:             Sun 29 Mar 2026 02:01:34 +0000
Manifest this update:     Sun 29 Mar 2026 02:01:34 +0000
Manifest next update:     Mon 30 Mar 2026 02:01:34 +0000
Files and hashes:         1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: at/1KzLQ4I/ageIUS1jXjY+WGXUP8cxcBCCfykS2owo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:53:39:37:0a:1b:8f:c5:a0:55:2b:5d:55:73:93:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d
        Validity
            Not Before: Mar 29 02:01:34 2026 GMT
            Not After : Mar 30 02:01:34 2026 GMT
        Subject: CN=ed2986668aa599d072a01b36ab12022d62788444
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:31:03:1f:a6:25:86:3c:fc:76:bd:f3:08:4e:
                    cb:ed:ca:e5:47:94:d8:42:8e:51:dd:95:bd:23:59:
                    89:27:b8:b1:dd:cd:58:c4:9c:a9:ce:06:22:27:c3:
                    ce:e0:4b:bf:58:95:a8:28:55:74:e4:72:0a:34:1e:
                    cf:27:eb:9e:02:a2:2b:10:cf:3d:86:da:b9:25:2e:
                    1e:b5:47:c6:b1:8c:44:c7:7d:79:f8:aa:cf:fe:cd:
                    dd:f4:59:83:a7:a3:0a:a6:a3:1b:39:82:17:30:79:
                    ab:fe:03:88:68:7b:36:64:3d:03:e3:0b:79:05:02:
                    24:db:9a:95:4a:89:52:52:20:d3:ff:e7:90:01:54:
                    da:0b:f2:3c:c3:e7:60:17:05:e9:18:fd:c8:73:43:
                    52:3f:50:89:8c:2a:f8:b0:23:bb:d0:8c:fb:18:b8:
                    33:a3:62:7f:13:a6:80:99:d7:1a:7a:d4:41:f9:94:
                    81:0e:8c:00:74:56:2d:5b:2d:4a:52:91:92:f0:6c:
                    52:66:b8:b3:61:85:03:83:9f:c2:8c:7d:74:07:8b:
                    f2:b2:76:1f:df:42:04:b2:5a:55:e0:3d:e6:5b:e2:
                    e1:32:b8:8d:59:11:c7:a3:35:1f:df:b4:5a:8b:83:
                    b5:15:92:61:40:95:02:7f:44:1a:92:84:ee:fc:50:
                    f3:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:29:86:66:8A:A5:99:D0:72:A0:1B:36:AB:12:02:2D:62:78:84:44
            X509v3 Authority Key Identifier:
                keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:88:97:ce:d6:d2:21:15:87:6c:f6:33:0f:d9:ea:cf:f6:32:
         64:5d:fc:a0:bd:41:50:a8:9b:23:e7:64:db:dd:d3:76:6c:36:
         4e:c6:bb:07:78:f0:7b:ee:36:3b:4e:7c:db:dd:bd:1b:ad:74:
         1d:10:9c:9a:b4:ef:75:61:35:f9:6a:4e:61:7e:dc:0d:42:c7:
         eb:e6:af:66:aa:f9:2b:34:9c:44:9c:34:d6:5c:a5:a3:f5:3d:
         67:2a:6c:f8:19:0d:54:68:3c:6f:9f:f7:bf:27:ed:c1:c0:26:
         e2:09:bc:a1:4e:fb:74:e5:bb:4b:53:2b:14:1f:f2:6d:a1:3a:
         fa:9a:fb:a8:88:52:0b:39:38:b5:d3:2e:e3:41:3e:01:6f:81:
         6b:97:0d:f2:6e:98:f7:2e:d7:3b:02:29:9b:23:92:66:05:d2:
         e0:8e:4f:d6:15:cc:59:1c:27:06:40:4c:32:f9:07:a5:c4:a1:
         6d:e2:bd:8d:6b:32:ba:7a:9d:4e:34:a3:ad:86:9e:f2:53:8d:
         bd:d2:81:f8:f4:70:0d:cc:20:09:85:6f:2d:ee:f9:5d:fe:1a:
         04:a1:c4:f9:c7:83:90:61:7a:d9:9b:0e:2a:5c:7f:24:d5:89:
         13:7a:50:ed:5b:95:e2:71:26:58:e8:82:26:38:03:4f:e7:30:
         f3:61:4e:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Uzk3ChuPxaBVK11Vc5P6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi
MzE3MmQwHhcNMjYwMzI5MDIwMTM0WhcNMjYwMzMwMDIwMTM0WjAzMTEwLwYDVQQD
EyhlZDI5ODY2NjhhYTU5OWQwNzJhMDFiMzZhYjEyMDIyZDYyNzg4NDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DEDH6Ylhjz8dr3zCE7L7crlR5TY
Qo5R3ZW9I1mJJ7ix3c1YxJypzgYiJ8PO4Eu/WJWoKFV05HIKNB7PJ+ueAqIrEM89
htq5JS4etUfGsYxEx315+KrP/s3d9FmDp6MKpqMbOYIXMHmr/gOIaHs2ZD0D4wt5
BQIk25qVSolSUiDT/+eQAVTaC/I8w+dgFwXpGP3Ic0NSP1CJjCr4sCO70Iz7GLgz
o2J/E6aAmdcaetRB+ZSBDowAdFYtWy1KUpGS8GxSZrizYYUDg5/CjH10B4vysnYf
30IEslpV4D3mW+LhMriNWRHHozUf37Rai4O1FZJhQJUCf0QakoTu/FDzKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO0phmaKpZnQcqAbNqsSAi1ieIREMB8GA1UdIwQY
MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt
NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm
LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAoiXztbS
IRWHbPYzD9nqz/YyZF38oL1BUKibI+dk293Tdmw2Tsa7B3jwe+42O0582929G610
HRCcmrTvdWE1+WpOYX7cDULH6+avZqr5KzScRJw01lylo/U9Zyps+BkNVGg8b5/3
vyftwcAm4gm8oU77dOW7S1MrFB/ybaE6+pr7qIhSCzk4tdMu40E+AW+Ba5cN8m6Y
9y7XOwIpmyOSZgXS4I5P1hXMWRwnBkBMMvkHpcShbeK9jWsyunqdTjSjrYae8lON
vdKB+PRwDcwgCYVvLe75Xf4aBKHE+ceDkGF62ZsOKlx/JNWJE3pQ7VuV4nEmWOiC
JjgDT+cw82FOPA==
-----END CERTIFICATE-----