Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
File:                     UgX1htgmO7BtZAUPj0hMFOgDxLI.mft (raw, json)
Hash identifier:          MHF4nD+xo0mIF+5kxZCyisxCWAUPVPE8neZmQV4Nj9o=
Subject key identifier:   E8:21:11:F6:63:60:7A:1D:0C:E8:13:1F:AB:AB:05:4E:E3:95:FC:EB
Authority key identifier: 52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2
Certificate issuer:       /CN=5205f586d8263bb06d64050f8f484c14e803c4b2
Certificate serial:       01976F2B9E93FA3C5A091AA2CF2E3D7F8285
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
Manifest number:          0BCE
Signing time:             Sat 14 Jun 2025 16:00:18 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:18 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:18 +0000
Files and hashes:         1: UgX1htgmO7BtZAUPj0hMFOgDxLI.crl (hash: pr5nDVa/tXFEpK5eY9b0dKnAvS2e7MYEm9GAN5PoExs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2b:9e:93:fa:3c:5a:09:1a:a2:cf:2e:3d:7f:82:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5205f586d8263bb06d64050f8f484c14e803c4b2
        Validity
            Not Before: Jun 14 16:00:18 2025 GMT
            Not After : Jun 15 16:00:18 2025 GMT
        Subject: CN=e82111f663607a1d0ce8131fabab054ee395fceb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:d4:72:df:18:dc:5c:58:f1:9a:15:f2:59:fd:
                    fe:de:d0:1d:55:4a:fb:c5:4d:16:a3:06:ca:f6:10:
                    95:73:3e:11:45:88:a8:e0:20:fe:56:0a:25:c4:c3:
                    90:80:6d:12:6c:84:b3:bd:62:b2:ac:f0:27:8a:75:
                    15:d8:57:96:0e:84:93:22:9b:1c:83:da:dd:9f:88:
                    aa:e7:1c:53:4b:42:92:b9:50:ae:64:19:8a:ce:05:
                    6e:a0:52:43:13:1e:82:d5:a4:a8:57:ce:6e:d2:79:
                    92:bc:4f:cf:c9:3a:8d:6b:c8:f7:a1:85:27:d5:8d:
                    93:d7:5e:8a:90:81:59:ff:9d:2c:68:89:f0:1e:c1:
                    71:d5:18:49:f3:77:18:14:36:65:89:8a:5d:da:84:
                    d8:e8:1f:9e:fa:79:69:ac:60:d5:dc:bb:12:a8:62:
                    49:d4:5b:52:c9:f0:23:01:67:a2:17:9b:18:f0:c3:
                    37:64:c4:51:b6:60:ee:d7:1e:0c:01:d1:e3:68:b1:
                    ec:98:18:0b:60:0e:82:5b:42:c0:93:68:5d:50:8f:
                    ff:f5:97:94:66:29:57:0d:05:da:f8:60:08:b2:62:
                    e5:38:34:3d:f2:8c:b9:00:b6:12:d5:de:09:d8:ca:
                    88:90:00:ce:0a:0a:b5:65:cd:fd:02:04:df:2b:d2:
                    78:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:21:11:F6:63:60:7A:1D:0C:E8:13:1F:AB:AB:05:4E:E3:95:FC:EB
            X509v3 Authority Key Identifier:
                keyid:52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:c6:6c:86:b5:ba:fc:e8:a0:d0:23:87:c8:4b:40:20:05:41:
         73:06:31:4a:7f:5d:99:a4:78:7c:1e:57:e4:ef:c0:be:77:0a:
         04:7e:b8:d3:30:35:c1:98:23:8c:4c:4c:7d:f1:0f:30:0e:d8:
         29:dd:f0:d8:ee:47:03:58:a8:54:d8:3e:7b:86:88:71:9f:a7:
         a3:01:d3:45:be:6a:67:39:51:cd:9c:ba:15:17:a8:8c:09:1d:
         96:cb:b5:26:15:a7:6b:f5:a6:79:9c:7f:19:9d:db:57:fd:77:
         5a:9d:4e:d0:d1:8e:39:7f:ad:1a:b9:2c:d0:4b:1c:78:99:7f:
         e3:a6:a8:55:54:da:a7:75:35:17:1a:cc:fd:57:cc:fa:60:0b:
         3b:ea:0f:3c:33:c9:ad:29:df:97:bf:f9:f1:1b:00:bc:0b:c2:
         ce:33:8b:3b:21:00:92:92:22:18:96:aa:ad:b4:a8:d1:76:18:
         53:ab:52:fc:09:39:26:12:41:3b:79:67:b2:e4:e8:26:4b:c8:
         04:e6:95:b2:95:d2:77:94:f8:c9:72:c2:1e:50:c2:a9:ee:05:
         1a:8f:ce:b8:f8:e9:f2:23:1d:4c:85:64:1d:3b:59:68:99:5e:
         7e:e1:b5:f2:dc:f3:9b:e6:7c:09:32:56:a5:dd:21:7d:9c:01:
         94:4b:77:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvK56T+jxaCRqizy49f4KFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDVmNTg2ZDgyNjNiYjA2ZDY0MDUwZjhmNDg0YzE0ZTgw
M2M0YjIwHhcNMjUwNjE0MTYwMDE4WhcNMjUwNjE1MTYwMDE4WjAzMTEwLwYDVQQD
EyhlODIxMTFmNjYzNjA3YTFkMGNlODEzMWZhYmFiMDU0ZWUzOTVmY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNRy3xjcXFjxmhXyWf3+3tAdVUr7
xU0WowbK9hCVcz4RRYio4CD+VgolxMOQgG0SbISzvWKyrPAninUV2FeWDoSTIpsc
g9rdn4iq5xxTS0KSuVCuZBmKzgVuoFJDEx6C1aSoV85u0nmSvE/PyTqNa8j3oYUn
1Y2T116KkIFZ/50saInwHsFx1RhJ83cYFDZliYpd2oTY6B+e+nlprGDV3LsSqGJJ
1FtSyfAjAWeiF5sY8MM3ZMRRtmDu1x4MAdHjaLHsmBgLYA6CW0LAk2hdUI//9ZeU
ZilXDQXa+GAIsmLlODQ98oy5ALYS1d4J2MqIkADOCgq1Zc39AgTfK9J4xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOghEfZjYHodDOgTH6urBU7jlfzrMB8GA1UdIwQY
MBaAFFIF9YbYJjuwbWQFD49ITBToA8SyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMt
MGYyNTczZWNhMmU0LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMtMGYyNTczZWNhMmU0
LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa8ZshrW6
/Oig0COHyEtAIAVBcwYxSn9dmaR4fB5X5O/AvncKBH640zA1wZgjjExMffEPMA7Y
Kd3w2O5HA1ioVNg+e4aIcZ+nowHTRb5qZzlRzZy6FReojAkdlsu1JhWna/WmeZx/
GZ3bV/13Wp1O0NGOOX+tGrks0EsceJl/46aoVVTap3U1FxrM/VfM+mALO+oPPDPJ
rSnfl7/58RsAvAvCzjOLOyEAkpIiGJaqrbSo0XYYU6tS/Ak5JhJBO3lnsuToJkvI
BOaVspXSd5T4yXLCHlDCqe4FGo/OuPjp8iMdTIVkHTtZaJlefuG18tzzm+Z8CTJW
pd0hfZwBlEt3Tg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:00:26 2025 by rpki-client