Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
File:                     UgX1htgmO7BtZAUPj0hMFOgDxLI.mft (raw, json)
Hash identifier:          M6gA1MgqkayU9oDb8SYMdMvYbifQ+DyZdikbHg2SMAo=
Subject key identifier:   73:78:A6:C7:34:75:13:0D:13:6D:9D:52:81:88:A0:31:31:76:06:6D
Authority key identifier: 52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2
Certificate issuer:       /CN=5205f586d8263bb06d64050f8f484c14e803c4b2
Certificate serial:       01975DCAE4D50E2B608E24223A68A7D7918D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
Manifest number:          0BC5
Signing time:             Wed 11 Jun 2025 07:01:07 +0000
Manifest this update:     Wed 11 Jun 2025 07:01:07 +0000
Manifest next update:     Thu 12 Jun 2025 07:01:07 +0000
Files and hashes:         1: UgX1htgmO7BtZAUPj0hMFOgDxLI.crl (hash: t8LpfSrGERCTEIGc7L4kdYKb3dE42/TZ+r7uxT6uHYE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 07:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:ca:e4:d5:0e:2b:60:8e:24:22:3a:68:a7:d7:91:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5205f586d8263bb06d64050f8f484c14e803c4b2
        Validity
            Not Before: Jun 11 07:01:07 2025 GMT
            Not After : Jun 12 07:01:07 2025 GMT
        Subject: CN=7378a6c73475130d136d9d528188a0313176066d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:6b:ec:39:aa:2a:63:8d:fa:de:91:48:bf:98:
                    ae:6d:9e:f5:93:34:b4:99:a3:a6:be:e0:18:41:51:
                    95:6a:f6:24:62:1f:c0:91:80:58:c7:13:b7:22:fc:
                    70:86:e0:ae:8e:91:12:18:37:41:91:f4:ea:5a:9b:
                    cd:da:5f:a4:b7:8c:b9:72:69:e5:37:5b:d2:5b:54:
                    2b:4f:4b:93:3d:71:a2:cb:dc:09:56:23:77:27:22:
                    9c:c6:7d:50:c8:ff:c2:50:9b:95:8a:bf:ad:8a:d9:
                    9d:48:3d:24:e5:08:66:60:62:36:d1:96:e2:53:5f:
                    58:a2:20:0e:40:f4:83:4f:8f:89:d4:3f:94:0e:53:
                    8e:22:a5:64:1a:df:7b:a5:d4:8c:cf:3a:63:97:df:
                    da:e4:c8:e8:30:f5:ea:b8:79:1b:a6:45:6b:f0:6d:
                    94:d0:8c:f0:4a:29:eb:88:d5:9c:88:b8:e5:f7:aa:
                    89:8e:b6:0c:72:91:8d:13:85:c2:36:cc:06:91:ef:
                    ca:d5:1a:cb:17:c8:ea:e0:e9:3a:4d:fb:b1:49:21:
                    68:04:c0:d3:79:59:a0:a7:14:94:f7:ca:9c:9a:b0:
                    af:bf:67:14:03:e2:2b:0c:4c:67:c7:0b:76:7a:67:
                    61:94:e6:ce:fa:5d:13:0b:f4:ca:9d:52:03:d5:4a:
                    b7:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:78:A6:C7:34:75:13:0D:13:6D:9D:52:81:88:A0:31:31:76:06:6D
            X509v3 Authority Key Identifier:
                keyid:52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:b1:6d:7a:dd:d8:75:2d:b9:55:e4:5d:e1:e1:43:2f:ee:03:
         e9:5b:71:f1:a5:87:e7:76:2e:2e:c2:07:8e:19:dc:74:6a:c3:
         29:d1:92:68:3a:fc:29:16:d5:2f:65:29:60:bf:11:6b:bd:2c:
         d5:0a:38:ab:7f:fd:6d:b9:af:d9:06:1b:ef:83:d1:45:4d:e3:
         66:2c:fa:de:08:ca:c7:fc:eb:09:80:04:a3:ac:91:09:4b:3d:
         16:e7:84:6b:e6:6d:f6:2c:7a:8f:13:65:31:cb:8a:06:8a:09:
         48:fc:70:8d:9e:74:63:b2:f9:f4:c6:64:40:dd:32:fe:39:f8:
         cc:62:97:b0:f2:e9:98:4c:35:8c:d7:65:5e:f3:c9:98:91:85:
         24:50:7c:e5:74:2f:f1:8b:94:7d:d9:ea:89:a9:42:5f:cb:44:
         f0:f4:85:90:96:46:ec:74:fd:b3:f7:1b:47:ef:6b:97:0c:d9:
         73:b3:d9:14:6b:3a:b5:aa:49:b7:5b:bf:59:27:98:e4:4a:35:
         8d:17:e0:4a:78:64:03:09:cd:80:b1:df:bb:e5:e2:74:cb:3c:
         d2:82:d0:17:10:7c:ac:c1:e6:a8:b2:83:d9:62:fe:78:8f:58:
         5e:a9:a4:dc:88:1e:d9:97:1f:56:62:a6:9f:1d:09:44:e7:3a:
         c5:4e:85:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddyuTVDitgjiQiOmin15GNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDVmNTg2ZDgyNjNiYjA2ZDY0MDUwZjhmNDg0YzE0ZTgw
M2M0YjIwHhcNMjUwNjExMDcwMTA3WhcNMjUwNjEyMDcwMTA3WjAzMTEwLwYDVQQD
Eyg3Mzc4YTZjNzM0NzUxMzBkMTM2ZDlkNTI4MTg4YTAzMTMxNzYwNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWvsOaoqY4363pFIv5iubZ71kzS0
maOmvuAYQVGVavYkYh/AkYBYxxO3IvxwhuCujpESGDdBkfTqWpvN2l+kt4y5cmnl
N1vSW1QrT0uTPXGiy9wJViN3JyKcxn1QyP/CUJuVir+titmdSD0k5QhmYGI20Zbi
U19YoiAOQPSDT4+J1D+UDlOOIqVkGt97pdSMzzpjl9/a5MjoMPXquHkbpkVr8G2U
0IzwSinriNWciLjl96qJjrYMcpGNE4XCNswGke/K1RrLF8jq4Ok6TfuxSSFoBMDT
eVmgpxSU98qcmrCvv2cUA+IrDExnxwt2emdhlObO+l0TC/TKnVID1Uq3+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHN4psc0dRMNE22dUoGIoDExdgZtMB8GA1UdIwQY
MBaAFFIF9YbYJjuwbWQFD49ITBToA8SyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMt
MGYyNTczZWNhMmU0LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMtMGYyNTczZWNhMmU0
LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWLFtet3Y
dS25VeRd4eFDL+4D6Vtx8aWH53YuLsIHjhncdGrDKdGSaDr8KRbVL2UpYL8Ra70s
1Qo4q3/9bbmv2QYb74PRRU3jZiz63gjKx/zrCYAEo6yRCUs9FueEa+Zt9ix6jxNl
McuKBooJSPxwjZ50Y7L59MZkQN0y/jn4zGKXsPLpmEw1jNdlXvPJmJGFJFB85XQv
8YuUfdnqialCX8tE8PSFkJZG7HT9s/cbR+9rlwzZc7PZFGs6tapJt1u/WSeY5Eo1
jRfgSnhkAwnNgLHfu+XidMs80oLQFxB8rMHmqLKD2WL+eI9YXqmk3Ige2ZcfVmKm
nx0JROc6xU6Fug==
-----END CERTIFICATE-----
Generated at Wed Jun 11 13:40:12 2025 by rpki-client