Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
File:                     uglQnQRuXLar5boZqxurpUPTffg.mft (raw, json)
Hash identifier:          vgJO6qb+rVE0MSfhwt2p1jcFzUjOPSn8SwtTYUVFsNw=
Subject key identifier:   44:9D:46:56:1E:67:12:A0:6E:73:B8:15:00:72:B2:92:BC:C4:C2:A3
Authority key identifier: BA:09:50:9D:04:6E:5C:B6:AB:E5:BA:19:AB:1B:AB:A5:43:D3:7D:F8
Certificate issuer:       /CN=ba09509d046e5cb6abe5ba19ab1baba543d37df8
Certificate serial:       019A71B77BB3093A349E782F651614DA33FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
Manifest number:          0AA4
Signing time:             Tue 11 Nov 2025 07:00:41 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:41 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:41 +0000
Files and hashes:         1: uglQnQRuXLar5boZqxurpUPTffg.crl (hash: v0ZV60ot/8WaoxZ3SUQE4L/OvX9pOc4GaMa2ARQA/98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:7b:b3:09:3a:34:9e:78:2f:65:16:14:da:33:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba09509d046e5cb6abe5ba19ab1baba543d37df8
        Validity
            Not Before: Nov 11 07:00:41 2025 GMT
            Not After : Nov 12 07:00:41 2025 GMT
        Subject: CN=449d46561e6712a06e73b8150072b292bcc4c2a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e5:3e:41:23:63:c4:18:a0:ea:94:6a:19:20:
                    53:ef:b3:40:72:56:8d:dd:46:0e:43:d9:73:16:79:
                    a3:58:f1:2f:c7:c4:9e:d9:e1:24:b0:65:8e:ab:f9:
                    70:35:8d:1e:7b:d0:00:41:a6:8b:84:e6:f3:1f:58:
                    4f:b2:68:fe:49:de:f8:65:6b:be:46:c4:24:0d:20:
                    e2:7f:a1:d4:0e:9b:49:3f:93:a1:27:5d:e1:1c:c6:
                    d6:16:6d:6a:cc:27:05:9e:d4:e7:3f:ab:82:b1:e4:
                    5b:c2:45:d0:83:8f:39:a8:ff:a8:d5:54:23:73:91:
                    22:63:77:bc:9c:f3:c2:9a:62:ff:10:22:ee:da:ca:
                    07:0a:72:4e:a3:e1:34:cf:bf:66:06:67:46:8e:1c:
                    1e:f6:b3:00:0c:0a:ee:4d:e7:3a:75:dc:53:9f:6c:
                    92:ef:d4:e2:59:33:2e:c1:2e:35:8b:f7:55:67:3f:
                    93:1c:37:27:44:41:8a:b4:87:c9:52:23:e1:03:2c:
                    0d:40:1e:4b:8b:22:74:a8:42:4c:c7:95:4a:9b:e8:
                    69:68:7d:1f:87:24:bd:38:96:03:82:23:08:4d:1f:
                    31:d8:7e:a5:78:2a:8f:e8:13:00:5a:97:22:76:66:
                    53:2c:69:59:e1:4e:03:77:23:24:ef:e8:8a:a1:c2:
                    fb:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:9D:46:56:1E:67:12:A0:6E:73:B8:15:00:72:B2:92:BC:C4:C2:A3
            X509v3 Authority Key Identifier:
                keyid:BA:09:50:9D:04:6E:5C:B6:AB:E5:BA:19:AB:1B:AB:A5:43:D3:7D:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:40:eb:bf:48:fb:25:74:3e:ca:cf:29:32:12:db:ae:7e:4a:
         05:ed:70:d7:a7:a2:7e:ae:4a:b3:d4:de:d1:24:66:a2:48:0f:
         1d:f3:78:c9:2e:99:61:ba:52:0e:9d:56:fa:ad:e7:17:2b:a9:
         4e:01:92:21:98:9c:09:61:5b:98:4d:d4:b8:61:39:4a:e2:7d:
         41:d8:97:cc:7e:12:2a:d3:b2:db:3b:ee:0b:4f:8e:6a:9a:12:
         95:8a:e5:53:6c:74:eb:d2:5c:2b:7c:39:5d:1c:b8:31:64:2b:
         54:b2:74:41:2f:0b:3f:a0:fa:6f:71:5d:b1:1c:72:8b:b2:ad:
         f0:67:d0:33:8b:b0:be:d7:1c:54:72:87:55:d7:07:ba:3c:07:
         d6:f0:43:bf:eb:f7:a5:20:fc:32:1e:de:f7:e4:61:2d:bf:13:
         b6:7d:0f:96:0a:2e:da:1c:0f:3a:6d:bf:ae:0a:95:98:11:c9:
         36:bb:e2:7a:14:d5:4a:9d:f3:cb:42:7b:0d:57:9b:e2:68:50:
         9c:4c:57:3d:5c:be:76:39:43:39:16:dd:4c:34:3c:a4:03:9b:
         27:89:1b:fd:0d:3e:7b:4f:14:36:13:e0:15:a6:a9:d1:a5:c2:
         80:bc:db:c4:b2:6e:da:ec:9a:b4:8c:aa:87:98:83:ac:a6:f2:
         c3:12:7a:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3uzCTo0nngvZRYU2jP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMDk1MDlkMDQ2ZTVjYjZhYmU1YmExOWFiMWJhYmE1NDNk
MzdkZjgwHhcNMjUxMTExMDcwMDQxWhcNMjUxMTEyMDcwMDQxWjAzMTEwLwYDVQQD
Eyg0NDlkNDY1NjFlNjcxMmEwNmU3M2I4MTUwMDcyYjI5MmJjYzRjMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+U+QSNjxBig6pRqGSBT77NAclaN
3UYOQ9lzFnmjWPEvx8Se2eEksGWOq/lwNY0ee9AAQaaLhObzH1hPsmj+Sd74ZWu+
RsQkDSDif6HUDptJP5OhJ13hHMbWFm1qzCcFntTnP6uCseRbwkXQg485qP+o1VQj
c5EiY3e8nPPCmmL/ECLu2soHCnJOo+E0z79mBmdGjhwe9rMADAruTec6ddxTn2yS
79TiWTMuwS41i/dVZz+THDcnREGKtIfJUiPhAywNQB5LiyJ0qEJMx5VKm+hpaH0f
hyS9OJYDgiMITR8x2H6leCqP6BMAWpcidmZTLGlZ4U4DdyMk7+iKocL7uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFESdRlYeZxKgbnO4FQByspK8xMKjMB8GA1UdIwQY
MBaAFLoJUJ0Ebly2q+W6Gasbq6VD0334MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC85MmRmYTYtNThmNS00ZmJmLWFmZTQt
ZDdlNDIyMDBhNDllLzEvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC85MmRmYTYtNThmNS00ZmJmLWFmZTQtZDdlNDIyMDBhNDll
LzEvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXEDrv0j7
JXQ+ys8pMhLbrn5KBe1w16eifq5Ks9Te0SRmokgPHfN4yS6ZYbpSDp1W+q3nFyup
TgGSIZicCWFbmE3UuGE5SuJ9QdiXzH4SKtOy2zvuC0+OapoSlYrlU2x069JcK3w5
XRy4MWQrVLJ0QS8LP6D6b3FdsRxyi7Kt8GfQM4uwvtccVHKHVdcHujwH1vBDv+v3
pSD8Mh7e9+RhLb8Ttn0Plgou2hwPOm2/rgqVmBHJNrviehTVSp3zy0J7DVeb4mhQ
nExXPVy+djlDORbdTDQ8pAObJ4kb/Q0+e08UNhPgFaap0aXCgLzbxLJu2uyatIyq
h5iDrKbywxJ6EQ==
-----END CERTIFICATE-----