Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
File:                     UgX1htgmO7BtZAUPj0hMFOgDxLI.mft (raw, json)
Hash identifier:          /Qyzh6uSodIAMCZsAM9g4GJ6P1w/t06Mmhtx/7/YWOE=
Subject key identifier:   AE:11:88:85:2D:5F:F4:4D:98:85:51:28:D3:3E:64:E3:64:E3:55:B7
Authority key identifier: 52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2
Certificate issuer:       /CN=5205f586d8263bb06d64050f8f484c14e803c4b2
Certificate serial:       01976772A3CD59B35D3D09C488CECBA4A03C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
Manifest number:          0BCA
Signing time:             Fri 13 Jun 2025 04:00:55 +0000
Manifest this update:     Fri 13 Jun 2025 04:00:55 +0000
Manifest next update:     Sat 14 Jun 2025 04:00:55 +0000
Files and hashes:         1: UgX1htgmO7BtZAUPj0hMFOgDxLI.crl (hash: OqA35Csodbm5UtGsVeH4yayEpNgu2J8s5LY/Z/fHCNI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 04:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:72:a3:cd:59:b3:5d:3d:09:c4:88:ce:cb:a4:a0:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5205f586d8263bb06d64050f8f484c14e803c4b2
        Validity
            Not Before: Jun 13 04:00:55 2025 GMT
            Not After : Jun 14 04:00:55 2025 GMT
        Subject: CN=ae1188852d5ff44d98855128d33e64e364e355b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:98:fa:f7:ba:6a:f4:9d:c2:58:63:f8:1d:49:
                    8f:56:d6:7e:b2:71:22:6e:6c:9a:02:0f:d4:7d:37:
                    b9:c1:47:e5:e0:c2:f6:7f:c7:cb:7d:be:1e:2d:80:
                    65:84:f3:bf:d2:51:58:c9:a1:fd:2b:f5:a4:db:62:
                    a3:0d:4a:f8:84:77:12:5f:ed:ca:b4:e6:e7:da:1d:
                    2b:e5:9b:a9:62:b5:10:be:4b:d4:59:af:70:1f:50:
                    68:3b:d8:87:9f:94:72:1a:1e:25:cd:d6:e2:b2:3a:
                    06:ee:69:17:c4:41:1e:33:45:bd:be:d4:0b:cd:e2:
                    c2:f7:b6:2c:8a:66:63:5b:3d:a7:c7:d7:44:eb:de:
                    97:2f:23:d4:41:b0:0c:6b:4b:b5:d9:39:61:8d:d8:
                    e1:82:0c:ee:19:db:91:83:9c:fa:24:38:a8:cc:59:
                    5a:01:33:c1:34:49:8f:e9:9a:3a:61:99:64:59:3b:
                    2d:70:14:83:6c:3a:77:0e:2e:84:b5:bc:9c:c6:82:
                    70:cb:1b:7c:de:ae:94:8a:fe:0f:a3:cf:1c:c9:eb:
                    84:c8:4c:76:75:ac:4a:09:52:4b:b5:c9:c8:2c:2b:
                    e0:be:64:61:32:0b:e8:d7:9b:96:20:7d:c8:6c:b0:
                    bb:c9:62:50:41:a1:8e:b9:c2:01:d5:a6:41:48:58:
                    e6:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:11:88:85:2D:5F:F4:4D:98:85:51:28:D3:3E:64:E3:64:E3:55:B7
            X509v3 Authority Key Identifier:
                keyid:52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:f7:ff:d3:a5:03:45:0b:b0:7a:59:ac:50:db:17:ac:53:49:
         2a:b0:ab:a1:fe:6e:4d:a7:c6:f0:d4:b1:44:a1:e3:e9:70:e4:
         19:80:71:fb:4d:9f:5c:da:2d:75:bd:21:c4:f9:f5:93:14:6c:
         6e:51:77:5a:ae:05:57:6f:97:26:d8:81:10:11:fd:34:a8:57:
         13:7c:d2:27:f7:bb:2d:3c:ed:f9:01:ba:3c:ad:28:32:72:f3:
         ed:99:ff:6b:6d:91:da:15:c8:71:fb:a4:4b:d7:59:8a:e8:0f:
         62:4f:74:05:a0:d3:ed:56:72:56:a4:70:a1:71:cb:66:b2:7a:
         3a:07:45:ae:e5:75:87:cf:12:12:3b:bf:51:84:d6:0e:7a:0f:
         a8:c8:4c:15:ea:2d:55:5e:88:8c:ba:45:09:55:1e:06:24:90:
         fc:b4:76:a2:9a:9d:ca:f3:79:c6:56:27:25:ef:dc:67:d4:50:
         06:7a:a5:21:4a:ee:2a:b4:97:ec:db:6b:ee:e1:26:08:8b:55:
         10:dc:86:f4:e1:d4:a5:ab:59:bb:ad:34:b3:26:82:21:49:ff:
         97:6d:63:38:1f:05:b1:4d:84:db:06:a2:14:6b:78:f2:32:03:
         d5:9a:ea:d0:20:c1:19:73:f6:c1:28:93:c2:78:dd:4a:36:5c:
         14:87:1b:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdncqPNWbNdPQnEiM7LpKA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDVmNTg2ZDgyNjNiYjA2ZDY0MDUwZjhmNDg0YzE0ZTgw
M2M0YjIwHhcNMjUwNjEzMDQwMDU1WhcNMjUwNjE0MDQwMDU1WjAzMTEwLwYDVQQD
EyhhZTExODg4NTJkNWZmNDRkOTg4NTUxMjhkMzNlNjRlMzY0ZTM1NWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZj697pq9J3CWGP4HUmPVtZ+snEi
bmyaAg/UfTe5wUfl4ML2f8fLfb4eLYBlhPO/0lFYyaH9K/Wk22KjDUr4hHcSX+3K
tObn2h0r5ZupYrUQvkvUWa9wH1BoO9iHn5RyGh4lzdbisjoG7mkXxEEeM0W9vtQL
zeLC97YsimZjWz2nx9dE696XLyPUQbAMa0u12TlhjdjhggzuGduRg5z6JDiozFla
ATPBNEmP6Zo6YZlkWTstcBSDbDp3Di6EtbycxoJwyxt83q6Uiv4Po88cyeuEyEx2
daxKCVJLtcnILCvgvmRhMgvo15uWIH3IbLC7yWJQQaGOucIB1aZBSFjm/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK4RiIUtX/RNmIVRKNM+ZONk41W3MB8GA1UdIwQY
MBaAFFIF9YbYJjuwbWQFD49ITBToA8SyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMt
MGYyNTczZWNhMmU0LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMtMGYyNTczZWNhMmU0
LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuPf/06UD
RQuwelmsUNsXrFNJKrCrof5uTafG8NSxRKHj6XDkGYBx+02fXNotdb0hxPn1kxRs
blF3Wq4FV2+XJtiBEBH9NKhXE3zSJ/e7LTzt+QG6PK0oMnLz7Zn/a22R2hXIcfuk
S9dZiugPYk90BaDT7VZyVqRwoXHLZrJ6OgdFruV1h88SEju/UYTWDnoPqMhMFeot
VV6IjLpFCVUeBiSQ/LR2opqdyvN5xlYnJe/cZ9RQBnqlIUruKrSX7Ntr7uEmCItV
ENyG9OHUpatZu600syaCIUn/l21jOB8FsU2E2waiFGt48jID1Zrq0CDBGXP2wSiT
wnjdSjZcFIcbag==
-----END CERTIFICATE-----
Generated at Fri Jun 13 13:02:05 2025 by rpki-client