Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
File:                     UgX1htgmO7BtZAUPj0hMFOgDxLI.mft (raw, json)
Hash identifier:          jt+sqARlrexZIpGhlm2J4xP/mjHnAUSvsTjUA32XmvQ=
Subject key identifier:   68:1B:0C:0D:FE:63:D2:37:5A:97:73:20:71:A5:8D:2C:25:BF:6C:19
Authority key identifier: 52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2
Certificate issuer:       /CN=5205f586d8263bb06d64050f8f484c14e803c4b2
Certificate serial:       019757FFC401FDD468347EA66FD4D94013D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
Manifest number:          0BC2
Signing time:             Tue 10 Jun 2025 04:01:08 +0000
Manifest this update:     Tue 10 Jun 2025 04:01:08 +0000
Manifest next update:     Wed 11 Jun 2025 04:01:08 +0000
Files and hashes:         1: UgX1htgmO7BtZAUPj0hMFOgDxLI.crl (hash: Q12eeU2Hk8SakCW1kK7zyHvwSQhz9TcouWgvzWSCBIw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 04:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:ff:c4:01:fd:d4:68:34:7e:a6:6f:d4:d9:40:13:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5205f586d8263bb06d64050f8f484c14e803c4b2
        Validity
            Not Before: Jun 10 04:01:08 2025 GMT
            Not After : Jun 11 04:01:08 2025 GMT
        Subject: CN=681b0c0dfe63d2375a97732071a58d2c25bf6c19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:30:9d:0d:3a:3c:25:f0:13:ff:30:63:fe:a5:
                    61:db:a9:63:08:25:57:37:c0:ff:4d:8f:b2:5b:88:
                    82:5c:1f:b2:cd:da:35:11:74:5a:46:49:6c:ca:2c:
                    f0:d2:27:26:f2:b2:f3:d9:50:97:c1:e2:3c:0d:f8:
                    67:4b:a5:3e:49:5d:74:bd:c3:22:87:23:7d:52:60:
                    47:84:24:55:90:c7:90:68:47:92:e3:33:d4:a4:1a:
                    ee:25:07:fd:11:4a:11:30:d9:79:f7:88:54:f2:9f:
                    b5:c7:f3:ba:71:ba:97:93:78:cb:d2:c7:a6:91:f5:
                    b7:64:f5:39:ab:2e:45:bf:74:41:f9:05:18:09:a8:
                    ea:92:37:b7:95:fc:7e:e5:be:fa:4f:68:0d:6e:ec:
                    ef:49:36:a8:e4:b7:86:dc:f3:b9:d6:9a:44:1b:fa:
                    e0:1d:02:be:a1:3f:2e:8a:08:c6:5c:44:dd:62:34:
                    32:32:e6:70:29:47:9d:0a:fc:c7:00:92:ba:c2:20:
                    ba:db:5b:66:e3:1f:c2:c2:19:76:50:68:17:61:6a:
                    ca:dc:20:45:7f:44:58:48:55:64:f2:f4:8f:a8:16:
                    3e:2e:dc:3c:e6:23:32:88:78:6e:42:ad:0c:c6:da:
                    ae:1d:e2:89:1a:38:0d:84:cd:ba:f8:42:15:46:0c:
                    8a:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:1B:0C:0D:FE:63:D2:37:5A:97:73:20:71:A5:8D:2C:25:BF:6C:19
            X509v3 Authority Key Identifier:
                keyid:52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:93:26:be:fe:24:ba:68:51:3b:ff:93:63:03:52:52:f2:a5:
         2e:26:fe:fb:f3:0d:09:90:84:85:6b:e3:80:e9:d1:be:07:23:
         62:62:1f:a7:f0:3e:9d:f3:55:3d:ef:0f:46:8e:fb:37:e4:97:
         47:b7:7d:e9:4f:b1:22:66:a7:58:56:66:80:ec:37:4b:10:27:
         db:eb:14:de:8c:db:e9:37:9a:c3:34:69:b3:eb:fe:f3:2b:be:
         64:61:24:81:6b:b5:97:d5:50:95:e7:5b:ef:75:74:2c:8a:7c:
         e0:94:0f:45:cd:74:63:f6:35:6f:59:1f:af:31:07:1c:11:d4:
         38:7a:d4:62:2e:41:16:95:15:80:c3:53:e0:da:18:12:62:ca:
         17:05:5e:58:b9:ba:f8:61:bb:36:6f:15:4d:64:9b:ed:af:e5:
         a7:00:0b:72:ea:29:ef:f1:b3:1c:e9:07:33:a8:39:d8:c7:0e:
         25:24:b1:b9:b8:f6:1e:14:42:41:9a:bb:a6:cc:2d:75:d4:1f:
         e1:d2:10:4e:c9:e4:39:3c:12:dc:06:ee:ec:d5:ae:46:d9:4e:
         f1:a8:54:37:f0:9c:f8:8c:e4:68:ad:34:07:05:80:2f:be:20:
         ef:c6:48:be:80:ea:84:eb:c8:31:df:a0:20:7b:fe:3f:4e:0d:
         13:71:a1:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdX/8QB/dRoNH6mb9TZQBPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDVmNTg2ZDgyNjNiYjA2ZDY0MDUwZjhmNDg0YzE0ZTgw
M2M0YjIwHhcNMjUwNjEwMDQwMTA4WhcNMjUwNjExMDQwMTA4WjAzMTEwLwYDVQQD
Eyg2ODFiMGMwZGZlNjNkMjM3NWE5NzczMjA3MWE1OGQyYzI1YmY2YzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zCdDTo8JfAT/zBj/qVh26ljCCVX
N8D/TY+yW4iCXB+yzdo1EXRaRklsyizw0icm8rLz2VCXweI8DfhnS6U+SV10vcMi
hyN9UmBHhCRVkMeQaEeS4zPUpBruJQf9EUoRMNl594hU8p+1x/O6cbqXk3jL0sem
kfW3ZPU5qy5Fv3RB+QUYCajqkje3lfx+5b76T2gNbuzvSTao5LeG3PO51ppEG/rg
HQK+oT8uigjGXETdYjQyMuZwKUedCvzHAJK6wiC621tm4x/Cwhl2UGgXYWrK3CBF
f0RYSFVk8vSPqBY+Ltw85iMyiHhuQq0MxtquHeKJGjgNhM26+EIVRgyKLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGgbDA3+Y9I3WpdzIHGljSwlv2wZMB8GA1UdIwQY
MBaAFFIF9YbYJjuwbWQFD49ITBToA8SyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMt
MGYyNTczZWNhMmU0LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMtMGYyNTczZWNhMmU0
LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVpMmvv4k
umhRO/+TYwNSUvKlLib++/MNCZCEhWvjgOnRvgcjYmIfp/A+nfNVPe8PRo77N+SX
R7d96U+xImanWFZmgOw3SxAn2+sU3ozb6TeawzRps+v+8yu+ZGEkgWu1l9VQledb
73V0LIp84JQPRc10Y/Y1b1kfrzEHHBHUOHrUYi5BFpUVgMNT4NoYEmLKFwVeWLm6
+GG7Nm8VTWSb7a/lpwALcuop7/GzHOkHM6g52McOJSSxubj2HhRCQZq7pswtddQf
4dIQTsnkOTwS3Abu7NWuRtlO8ahUN/Cc+IzkaK00BwWAL74g78ZIvoDqhOvIMd+g
IHv+P04NE3Ghkg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 12:59:28 2025 by rpki-client