Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
File:                     UgX1htgmO7BtZAUPj0hMFOgDxLI.mft (raw, json)
Hash identifier:          xjzVvUKwBnE9e8ePplWei8psmEBemra9+GmmmYaKsT8=
Subject key identifier:   40:1C:66:BA:64:9D:E4:93:4C:5F:96:CB:23:1A:D7:73:F8:3D:01:B1
Authority key identifier: 52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2
Certificate issuer:       /CN=5205f586d8263bb06d64050f8f484c14e803c4b2
Certificate serial:       019765843E5D65A538FD4A6521AFB6EC96ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
Manifest number:          0BC9
Signing time:             Thu 12 Jun 2025 19:00:54 +0000
Manifest this update:     Thu 12 Jun 2025 19:00:54 +0000
Manifest next update:     Fri 13 Jun 2025 19:00:54 +0000
Files and hashes:         1: UgX1htgmO7BtZAUPj0hMFOgDxLI.crl (hash: t7v8qivBqZSy/vuFkfgyvF8DHmOTJ057gwg34jc5PhU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:84:3e:5d:65:a5:38:fd:4a:65:21:af:b6:ec:96:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5205f586d8263bb06d64050f8f484c14e803c4b2
        Validity
            Not Before: Jun 12 19:00:54 2025 GMT
            Not After : Jun 13 19:00:54 2025 GMT
        Subject: CN=401c66ba649de4934c5f96cb231ad773f83d01b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:4c:7f:86:a4:57:9d:7d:bf:81:5c:bd:0d:f8:
                    b2:2d:9b:f8:41:a1:9b:c4:d8:cc:ed:f2:64:0b:27:
                    a2:08:7f:25:e9:bb:1a:e5:a6:1d:18:55:9f:32:53:
                    6f:a9:95:fc:6c:8c:1c:9e:33:ee:b9:8e:a1:e5:9e:
                    05:83:05:44:b5:0f:59:a2:5f:6a:da:a4:01:cd:16:
                    01:18:d6:ac:3c:3f:ca:91:fe:db:be:8a:9c:2a:7a:
                    dc:64:46:f7:41:ab:3f:bc:68:05:d9:d9:a3:a7:71:
                    9c:ee:69:8c:76:a5:9c:52:7c:5d:80:78:47:12:b0:
                    56:37:86:e9:b2:6b:37:97:36:81:23:ce:f7:f1:b3:
                    d1:21:32:80:f2:60:f4:94:53:26:f1:1a:4c:f1:ee:
                    74:58:aa:70:8a:8e:94:ee:69:32:71:b9:8d:04:1b:
                    87:0c:f2:c1:64:f1:0f:a3:03:e8:22:67:39:eb:d3:
                    26:2b:8c:f3:6f:60:06:80:cb:98:f0:94:7e:b9:0b:
                    5e:78:86:ba:a6:39:ed:42:b5:04:07:68:5f:eb:0e:
                    6e:15:fc:27:46:af:2d:03:40:f9:f5:ba:1a:0c:14:
                    36:35:a2:da:18:64:87:7d:63:cb:fa:1a:7f:62:fd:
                    5a:a3:bf:e2:43:c2:9e:70:08:44:57:c9:98:40:80:
                    77:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:1C:66:BA:64:9D:E4:93:4C:5F:96:CB:23:1A:D7:73:F8:3D:01:B1
            X509v3 Authority Key Identifier:
                keyid:52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:d7:0e:ba:44:5b:f6:35:07:89:c7:aa:20:2f:6c:7d:13:04:
         26:6d:ef:18:ca:35:94:f8:4a:3b:07:08:57:1d:1e:8a:72:e4:
         6c:d4:9a:b3:63:06:21:46:1f:91:58:d5:d6:1e:61:79:cb:48:
         f7:70:fa:da:3e:0b:04:dc:f9:ba:be:5c:44:e7:e3:e2:c0:e4:
         09:40:e9:a6:0d:df:71:14:cf:45:3e:96:b6:6f:3f:22:b8:18:
         37:42:b5:c8:71:71:4a:75:38:64:fc:f4:a0:88:87:4c:b4:ec:
         92:43:64:08:e4:b8:b7:0a:e7:95:1a:28:71:8f:46:09:0b:2e:
         7b:a4:6a:3e:3e:44:11:f2:1a:15:39:ea:0b:31:99:af:c5:00:
         dd:bf:fb:1f:eb:a5:85:2a:ce:eb:08:8c:39:1d:f5:23:23:9f:
         5b:36:1f:bb:8b:38:e5:1c:64:0b:04:a8:c1:46:c8:11:7c:65:
         58:40:d9:ce:94:a8:2d:d6:25:66:8b:25:25:2a:d7:ed:3a:9b:
         64:5e:af:4e:29:da:46:2f:63:a0:47:04:9e:65:ad:63:c7:76:
         7a:13:10:16:c0:ce:d8:ab:75:65:1e:b4:e4:af:1d:4f:22:0c:
         19:b5:19:09:ea:74:f0:05:ac:fb:a8:77:50:ed:17:c6:11:4a:
         ea:6b:d5:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlhD5dZaU4/UplIa+27JbtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDVmNTg2ZDgyNjNiYjA2ZDY0MDUwZjhmNDg0YzE0ZTgw
M2M0YjIwHhcNMjUwNjEyMTkwMDU0WhcNMjUwNjEzMTkwMDU0WjAzMTEwLwYDVQQD
Eyg0MDFjNjZiYTY0OWRlNDkzNGM1Zjk2Y2IyMzFhZDc3M2Y4M2QwMWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70x/hqRXnX2/gVy9DfiyLZv4QaGb
xNjM7fJkCyeiCH8l6bsa5aYdGFWfMlNvqZX8bIwcnjPuuY6h5Z4FgwVEtQ9Zol9q
2qQBzRYBGNasPD/Kkf7bvoqcKnrcZEb3Qas/vGgF2dmjp3Gc7mmMdqWcUnxdgHhH
ErBWN4bpsms3lzaBI8738bPRITKA8mD0lFMm8RpM8e50WKpwio6U7mkycbmNBBuH
DPLBZPEPowPoImc569MmK4zzb2AGgMuY8JR+uQteeIa6pjntQrUEB2hf6w5uFfwn
Rq8tA0D59boaDBQ2NaLaGGSHfWPL+hp/Yv1ao7/iQ8KecAhEV8mYQIB3wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEAcZrpkneSTTF+WyyMa13P4PQGxMB8GA1UdIwQY
MBaAFFIF9YbYJjuwbWQFD49ITBToA8SyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMt
MGYyNTczZWNhMmU0LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMtMGYyNTczZWNhMmU0
LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe9cOukRb
9jUHiceqIC9sfRMEJm3vGMo1lPhKOwcIVx0einLkbNSas2MGIUYfkVjV1h5hectI
93D62j4LBNz5ur5cROfj4sDkCUDppg3fcRTPRT6Wtm8/IrgYN0K1yHFxSnU4ZPz0
oIiHTLTskkNkCOS4twrnlRoocY9GCQsue6RqPj5EEfIaFTnqCzGZr8UA3b/7H+ul
hSrO6wiMOR31IyOfWzYfu4s45RxkCwSowUbIEXxlWEDZzpSoLdYlZoslJSrX7Tqb
ZF6vTinaRi9joEcEnmWtY8d2ehMQFsDO2Kt1ZR605K8dTyIMGbUZCep08AWs+6h3
UO0XxhFK6mvVwA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 23:05:28 2025 by rpki-client