Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
File:                     UgX1htgmO7BtZAUPj0hMFOgDxLI.mft (raw, json)
Hash identifier:          NegrdXDiPMP/G2Fc21Be2Qlt/bmfoyzCEuI0ab/63TQ=
Subject key identifier:   E7:23:CA:0F:E5:2F:B3:10:54:FA:DD:08:94:80:68:72:03:54:1D:2A
Authority key identifier: 52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2
Certificate issuer:       /CN=5205f586d8263bb06d64050f8f484c14e803c4b2
Certificate serial:       019763956148364C277EABF2661516269ADE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
Manifest number:          0BC8
Signing time:             Thu 12 Jun 2025 10:00:23 +0000
Manifest this update:     Thu 12 Jun 2025 10:00:23 +0000
Manifest next update:     Fri 13 Jun 2025 10:00:23 +0000
Files and hashes:         1: UgX1htgmO7BtZAUPj0hMFOgDxLI.crl (hash: CY5y7xx4Ecpq2PgjMcWDuc7jvv9Kv/o4ZaT6H2t6zNk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:95:61:48:36:4c:27:7e:ab:f2:66:15:16:26:9a:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5205f586d8263bb06d64050f8f484c14e803c4b2
        Validity
            Not Before: Jun 12 10:00:23 2025 GMT
            Not After : Jun 13 10:00:23 2025 GMT
        Subject: CN=e723ca0fe52fb31054fadd089480687203541d2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:66:6d:6b:f0:2f:42:d9:be:76:4a:4b:79:a9:
                    d9:e2:8e:0b:bf:d5:33:98:87:a6:5a:61:8a:a8:17:
                    d4:bd:cb:b2:39:4f:20:8b:e6:6e:6a:50:a8:a2:06:
                    28:17:f2:e5:59:12:4f:f9:7f:3d:57:10:e7:ed:3b:
                    38:3b:79:97:74:d3:b6:09:c4:c2:96:d3:fa:c0:77:
                    cc:0f:22:cf:77:c7:4a:6d:8a:c5:8c:6c:5b:b9:e1:
                    c2:48:9a:1d:97:26:37:92:b9:95:4c:7f:da:db:92:
                    ff:8b:46:13:e8:96:e5:f9:79:99:dd:f8:61:41:4f:
                    f2:8e:57:ed:c2:cc:f1:05:60:22:14:cf:f8:e4:f3:
                    0f:3d:d6:fe:e6:75:c7:a1:3b:47:09:90:07:04:ea:
                    ff:ea:f9:bf:60:ef:ae:2e:22:39:03:57:86:4b:91:
                    7c:10:c9:e2:eb:ba:b0:ed:c1:8f:d5:62:62:8a:ee:
                    5a:e6:21:4c:ed:ac:d7:ae:f3:2b:ec:84:df:02:ea:
                    d1:b0:4e:b0:e0:08:17:7c:da:3c:1e:8d:aa:f8:a1:
                    04:af:f9:35:0d:65:17:1a:48:ae:56:99:fb:7e:d9:
                    54:64:3c:cb:92:67:83:a8:9e:94:19:27:77:b0:b4:
                    7c:17:07:9c:05:91:07:e0:ff:c7:f9:5a:10:12:b3:
                    56:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:23:CA:0F:E5:2F:B3:10:54:FA:DD:08:94:80:68:72:03:54:1D:2A
            X509v3 Authority Key Identifier:
                keyid:52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:8f:b4:39:ae:94:57:9d:e2:8a:34:5b:e3:1f:49:5e:db:03:
         a3:82:bc:24:4e:50:35:79:c9:75:a9:18:8f:4a:e2:f6:7d:6e:
         2d:04:df:be:c3:6e:d0:79:ad:5d:d5:01:99:e8:ad:22:e8:e0:
         97:49:8a:60:41:1f:dd:55:c2:b2:b2:9f:6e:8d:08:05:e1:35:
         c4:9f:52:f7:1d:98:c2:45:f2:f2:10:eb:c8:d2:2e:ed:5d:71:
         2d:2e:67:bc:4d:32:55:f0:ab:b4:35:dc:31:7b:3c:23:9a:1d:
         9d:1e:9b:4e:b3:73:63:5d:1d:2e:7d:a6:9f:f9:3b:a3:e5:05:
         0f:a7:72:8a:4e:2c:17:bb:fd:44:48:77:0c:30:c9:85:67:77:
         48:84:fd:87:87:43:6c:1e:f9:ef:68:4b:ff:6f:2f:cc:21:6a:
         de:82:77:8f:69:a8:45:db:d5:1d:ec:6f:56:66:1f:5b:22:bf:
         98:57:29:9a:13:c5:3f:e0:da:44:12:95:b2:c9:9d:2b:cf:84:
         12:23:7b:cd:b0:13:db:fd:4a:29:2d:06:09:6d:cb:c3:7a:61:
         58:1e:1e:10:09:99:a6:12:b6:4d:b9:f2:cb:31:67:af:b4:76:
         d9:26:6d:70:5f:dd:cb:20:8f:27:d7:83:98:5e:75:df:8e:f4:
         3a:7f:53:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjlWFINkwnfqvyZhUWJpreMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDVmNTg2ZDgyNjNiYjA2ZDY0MDUwZjhmNDg0YzE0ZTgw
M2M0YjIwHhcNMjUwNjEyMTAwMDIzWhcNMjUwNjEzMTAwMDIzWjAzMTEwLwYDVQQD
EyhlNzIzY2EwZmU1MmZiMzEwNTRmYWRkMDg5NDgwNjg3MjAzNTQxZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2Zta/AvQtm+dkpLeanZ4o4Lv9Uz
mIemWmGKqBfUvcuyOU8gi+ZualCoogYoF/LlWRJP+X89VxDn7Ts4O3mXdNO2CcTC
ltP6wHfMDyLPd8dKbYrFjGxbueHCSJodlyY3krmVTH/a25L/i0YT6Jbl+XmZ3fhh
QU/yjlftwszxBWAiFM/45PMPPdb+5nXHoTtHCZAHBOr/6vm/YO+uLiI5A1eGS5F8
EMni67qw7cGP1WJiiu5a5iFM7azXrvMr7ITfAurRsE6w4AgXfNo8Ho2q+KEEr/k1
DWUXGkiuVpn7ftlUZDzLkmeDqJ6UGSd3sLR8FwecBZEH4P/H+VoQErNW1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOcjyg/lL7MQVPrdCJSAaHIDVB0qMB8GA1UdIwQY
MBaAFFIF9YbYJjuwbWQFD49ITBToA8SyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMt
MGYyNTczZWNhMmU0LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMtMGYyNTczZWNhMmU0
LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANY+0Oa6U
V53iijRb4x9JXtsDo4K8JE5QNXnJdakYj0ri9n1uLQTfvsNu0HmtXdUBmeitIujg
l0mKYEEf3VXCsrKfbo0IBeE1xJ9S9x2YwkXy8hDryNIu7V1xLS5nvE0yVfCrtDXc
MXs8I5odnR6bTrNzY10dLn2mn/k7o+UFD6dyik4sF7v9REh3DDDJhWd3SIT9h4dD
bB7572hL/28vzCFq3oJ3j2moRdvVHexvVmYfWyK/mFcpmhPFP+DaRBKVssmdK8+E
EiN7zbAT2/1KKS0GCW3Lw3phWB4eEAmZphK2TbnyyzFnr7R22SZtcF/dyyCPJ9eD
mF513470On9TuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 13:47:37 2025 by rpki-client