Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
File:                     UgX1htgmO7BtZAUPj0hMFOgDxLI.mft (raw, json)
Hash identifier:          jqHL1LPjTyTe8rljYsD/oJkszye91gH5fyFKXXXKdVg=
Subject key identifier:   A5:AD:94:5A:7D:70:38:FD:0C:A8:D5:42:79:CC:66:03:6A:6E:FE:B0
Authority key identifier: 52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2
Certificate issuer:       /CN=5205f586d8263bb06d64050f8f484c14e803c4b2
Certificate serial:       01976D3D3DF4DEDFE02EFFBDEB5A2AD015E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
Manifest number:          0BCD
Signing time:             Sat 14 Jun 2025 07:00:19 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:19 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:19 +0000
Files and hashes:         1: UgX1htgmO7BtZAUPj0hMFOgDxLI.crl (hash: XdQApTJoRpy01oWTUCzISIPz6WcCTixFTDNsNHuvP58=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:3d:f4:de:df:e0:2e:ff:bd:eb:5a:2a:d0:15:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5205f586d8263bb06d64050f8f484c14e803c4b2
        Validity
            Not Before: Jun 14 07:00:19 2025 GMT
            Not After : Jun 15 07:00:19 2025 GMT
        Subject: CN=a5ad945a7d7038fd0ca8d54279cc66036a6efeb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:83:c3:b2:63:25:b3:3a:98:af:8b:c9:a3:d2:
                    d4:97:ec:80:94:17:67:c0:32:52:59:f9:f9:12:25:
                    ea:49:d3:df:7b:3f:58:96:32:8c:ec:b3:f0:6a:6b:
                    9d:ce:6c:6a:2f:f7:61:c0:d6:48:87:a0:e1:09:a3:
                    34:a0:10:ee:88:22:6a:13:b6:58:5e:e6:4a:fa:14:
                    b0:e3:10:9a:10:07:b6:d6:96:28:7f:bf:94:fe:f0:
                    a5:42:01:b0:55:38:ce:55:a9:c5:d0:6e:0e:f5:ef:
                    56:2f:38:6b:e1:5b:f1:73:c8:75:6b:b0:9e:76:3f:
                    71:6c:36:79:37:5a:4f:6c:39:50:08:6b:b6:86:cb:
                    35:7c:37:5b:77:84:9b:8c:57:9d:a2:5a:54:2f:b4:
                    73:ef:f9:dd:df:99:90:ca:21:16:6c:ac:05:92:d3:
                    78:67:a0:1f:12:73:f1:c3:aa:d9:8c:e0:ce:99:cc:
                    73:ac:fa:95:f6:a1:94:9f:0d:3b:72:7e:4e:41:56:
                    bb:89:d0:6d:ff:2b:0d:63:e1:c2:4b:e3:f1:5e:8a:
                    4a:f7:50:e0:c8:df:ac:01:2c:7d:44:9b:a9:27:1f:
                    10:67:87:c8:24:db:31:2f:81:76:f1:8a:77:0c:88:
                    6e:0b:3b:a0:a5:e5:ad:00:2b:88:94:ba:6b:3d:26:
                    b9:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:AD:94:5A:7D:70:38:FD:0C:A8:D5:42:79:CC:66:03:6A:6E:FE:B0
            X509v3 Authority Key Identifier:
                keyid:52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:2f:ae:88:f9:ed:16:e4:1c:e2:f7:d1:9f:d0:42:55:fb:b2:
         71:76:42:64:f6:b6:bc:4b:f6:6c:d1:0c:79:78:5c:d2:54:8d:
         74:cf:22:90:86:8b:84:2f:34:1a:3b:6e:90:fc:74:15:64:df:
         53:3e:b5:d8:ad:7d:41:6c:8a:fc:df:f7:62:2a:89:a2:17:5e:
         54:f6:65:db:1f:d5:f8:98:ab:c0:95:0a:85:c7:75:76:e8:7a:
         2d:cf:54:8e:9a:32:51:11:c8:95:fe:91:08:eb:4a:30:ce:4a:
         5b:f3:86:d8:40:78:1d:23:a1:46:fe:aa:0c:e6:9b:59:74:5a:
         2c:ac:92:30:ab:9f:75:40:dc:0f:d9:a0:3b:10:ea:ad:54:4c:
         c9:1d:8e:b1:50:88:14:0c:d3:d6:ea:fc:42:56:a7:e6:34:a0:
         e9:0f:75:58:d7:47:58:d5:ab:81:54:97:56:9e:6f:b3:d1:2f:
         35:6e:65:b5:08:39:f0:92:c0:b8:19:37:85:e4:ff:2f:35:03:
         9d:ef:da:e4:91:83:a7:4f:2d:7d:1f:2f:2b:8c:92:45:74:7b:
         1c:26:6c:c3:45:e9:44:6e:06:a1:cd:a1:f5:16:73:ec:02:02:
         af:36:76:81:8c:73:52:8c:6b:78:b0:3b:50:82:bb:29:8d:ed:
         f0:e2:34:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPT303t/gLv+961oq0BXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDVmNTg2ZDgyNjNiYjA2ZDY0MDUwZjhmNDg0YzE0ZTgw
M2M0YjIwHhcNMjUwNjE0MDcwMDE5WhcNMjUwNjE1MDcwMDE5WjAzMTEwLwYDVQQD
EyhhNWFkOTQ1YTdkNzAzOGZkMGNhOGQ1NDI3OWNjNjYwMzZhNmVmZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34PDsmMlszqYr4vJo9LUl+yAlBdn
wDJSWfn5EiXqSdPfez9YljKM7LPwamudzmxqL/dhwNZIh6DhCaM0oBDuiCJqE7ZY
XuZK+hSw4xCaEAe21pYof7+U/vClQgGwVTjOVanF0G4O9e9WLzhr4Vvxc8h1a7Ce
dj9xbDZ5N1pPbDlQCGu2hss1fDdbd4SbjFedolpUL7Rz7/nd35mQyiEWbKwFktN4
Z6AfEnPxw6rZjODOmcxzrPqV9qGUnw07cn5OQVa7idBt/ysNY+HCS+PxXopK91Dg
yN+sASx9RJupJx8QZ4fIJNsxL4F28Yp3DIhuCzugpeWtACuIlLprPSa5iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWtlFp9cDj9DKjVQnnMZgNqbv6wMB8GA1UdIwQY
MBaAFFIF9YbYJjuwbWQFD49ITBToA8SyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMt
MGYyNTczZWNhMmU0LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMtMGYyNTczZWNhMmU0
LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfy+uiPnt
FuQc4vfRn9BCVfuycXZCZPa2vEv2bNEMeXhc0lSNdM8ikIaLhC80GjtukPx0FWTf
Uz612K19QWyK/N/3YiqJohdeVPZl2x/V+JirwJUKhcd1duh6Lc9UjpoyURHIlf6R
COtKMM5KW/OG2EB4HSOhRv6qDOabWXRaLKySMKufdUDcD9mgOxDqrVRMyR2OsVCI
FAzT1ur8Qlan5jSg6Q91WNdHWNWrgVSXVp5vs9EvNW5ltQg58JLAuBk3heT/LzUD
ne/a5JGDp08tfR8vK4ySRXR7HCZsw0XpRG4Goc2h9RZz7AICrzZ2gYxzUoxreLA7
UIK7KY3t8OI0rg==
-----END CERTIFICATE-----