Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft
File:                     ugpNIpkX1GVzikghtu7FvrJObuQ.mft (raw, json)
Hash identifier:          dKeHZozl6ByH2lGsl8xHfK7uhr/f9hGwVKJng6J1foI=
Subject key identifier:   80:BF:BB:35:F5:E9:7B:D4:0E:DF:CE:A6:F7:F6:7A:03:4A:D6:F5:22
Authority key identifier: BA:0A:4D:22:99:17:D4:65:73:8A:48:21:B6:EE:C5:BE:B2:4E:6E:E4
Certificate issuer:       /CN=ba0a4d229917d465738a4821b6eec5beb24e6ee4
Certificate serial:       0199FDD9452D5378889BA805ED78CDA58441
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft
Manifest number:          0197
Signing time:             Sun 19 Oct 2025 19:01:38 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:38 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:38 +0000
Files and hashes:         1: ugpNIpkX1GVzikghtu7FvrJObuQ.crl (hash: vVVg33xYPtoExkYZgrbbVyi69kmBXA6aMSKSytY7a6A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:45:2d:53:78:88:9b:a8:05:ed:78:cd:a5:84:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba0a4d229917d465738a4821b6eec5beb24e6ee4
        Validity
            Not Before: Oct 19 19:01:38 2025 GMT
            Not After : Oct 20 19:01:38 2025 GMT
        Subject: CN=80bfbb35f5e97bd40edfcea6f7f67a034ad6f522
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:c0:d1:a3:ff:d7:24:89:6b:7f:26:98:5e:cf:
                    4a:83:26:d5:d8:c7:0d:df:2d:2a:ad:0d:66:2e:a6:
                    d6:4a:33:ce:59:7f:e1:2b:ed:bd:49:d5:6f:e5:a8:
                    51:f4:d1:76:4a:10:25:4a:68:81:6e:04:93:cf:2e:
                    ec:b1:23:25:8e:6c:70:bf:d7:15:58:15:7c:95:f6:
                    a0:ec:77:00:84:c9:03:ae:59:7a:ca:40:6a:78:a7:
                    28:86:a3:21:c0:13:26:cf:39:a0:ef:a9:1a:99:76:
                    8c:52:05:c3:ac:17:26:0f:a1:5d:8a:3c:54:38:8b:
                    11:be:72:67:3e:a5:35:64:d3:e2:c0:dd:5e:f9:fb:
                    d7:36:dd:7d:12:9b:0b:a0:dc:9d:41:b5:81:24:e3:
                    48:41:f1:d8:3a:74:54:35:cd:ec:33:b1:86:1d:f3:
                    bd:94:af:61:92:26:92:e0:fa:41:9a:73:4e:d7:f0:
                    0d:e6:bd:71:fe:98:51:a5:20:92:28:5e:e3:77:f8:
                    23:43:50:9d:ca:80:1e:21:7a:0a:42:45:bf:21:61:
                    13:a6:b4:3c:44:1f:71:86:88:fe:3a:d6:e3:27:67:
                    9c:d9:bb:f3:dc:19:1a:ce:44:34:39:e2:e0:97:15:
                    c2:97:31:e9:0a:41:c0:82:7d:91:22:f8:83:53:55:
                    c6:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:BF:BB:35:F5:E9:7B:D4:0E:DF:CE:A6:F7:F6:7A:03:4A:D6:F5:22
            X509v3 Authority Key Identifier:
                keyid:BA:0A:4D:22:99:17:D4:65:73:8A:48:21:B6:EE:C5:BE:B2:4E:6E:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:6d:00:b3:b3:84:22:23:1d:38:dd:17:86:29:72:bb:4f:c4:
         ac:e1:11:31:9f:c6:d3:7b:4c:f0:f5:90:be:ee:52:37:0f:85:
         c9:45:ba:2d:ea:82:7e:6b:0b:69:c3:62:cb:74:9b:be:e7:a0:
         63:63:25:98:94:b1:a3:3d:fb:55:f4:95:ec:1d:e0:c4:84:e7:
         e9:b7:5c:fa:64:99:7c:c2:91:2b:21:b0:2e:eb:aa:f2:3a:b9:
         cd:1c:d3:fd:7a:93:30:24:c9:3b:f9:f1:88:c9:3d:31:22:06:
         9f:9c:e3:a8:45:f9:7b:d1:f6:6e:58:04:99:90:8a:22:7c:3b:
         f5:f1:43:17:89:16:55:3e:53:ba:e3:4e:0b:e9:9f:0e:4b:e3:
         33:89:34:ed:16:e8:09:22:b1:e5:41:65:33:5b:1b:d5:34:6b:
         a7:f8:e4:63:70:fd:73:71:03:3e:28:6b:ba:e3:5c:cb:d3:62:
         ce:a7:dc:e6:7d:d7:eb:05:b2:3c:7b:0d:36:7d:0d:d3:9e:94:
         c1:39:0c:b7:60:40:5f:97:54:5d:34:be:7c:34:ce:09:b5:be:
         e3:0e:20:85:aa:2c:52:53:6f:04:f4:d5:7e:1a:92:23:1d:e2:
         b6:24:66:9e:b0:5e:a0:dc:1e:91:90:f2:d1:b5:8b:d3:69:2f:
         04:e0:7f:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92UUtU3iIm6gF7XjNpYRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGE0ZDIyOTkxN2Q0NjU3MzhhNDgyMWI2ZWVjNWJlYjI0
ZTZlZTQwHhcNMjUxMDE5MTkwMTM4WhcNMjUxMDIwMTkwMTM4WjAzMTEwLwYDVQQD
Eyg4MGJmYmIzNWY1ZTk3YmQ0MGVkZmNlYTZmN2Y2N2EwMzRhZDZmNTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cDRo//XJIlrfyaYXs9KgybV2McN
3y0qrQ1mLqbWSjPOWX/hK+29SdVv5ahR9NF2ShAlSmiBbgSTzy7ssSMljmxwv9cV
WBV8lfag7HcAhMkDrll6ykBqeKcohqMhwBMmzzmg76kamXaMUgXDrBcmD6FdijxU
OIsRvnJnPqU1ZNPiwN1e+fvXNt19EpsLoNydQbWBJONIQfHYOnRUNc3sM7GGHfO9
lK9hkiaS4PpBmnNO1/AN5r1x/phRpSCSKF7jd/gjQ1CdyoAeIXoKQkW/IWETprQ8
RB9xhoj+OtbjJ2ec2bvz3BkazkQ0OeLglxXClzHpCkHAgn2RIviDU1XG+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIC/uzX16XvUDt/Opvf2egNK1vUiMB8GA1UdIwQY
MBaAFLoKTSKZF9Rlc4pIIbbuxb6yTm7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS83ODE1ZDYtZDVhZC00ZjYwLThhNmQt
MDU3YWQ5MzMxZmE4LzEvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS83ODE1ZDYtZDVhZC00ZjYwLThhNmQtMDU3YWQ5MzMxZmE4
LzEvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEG0As7OE
IiMdON0Xhilyu0/ErOERMZ/G03tM8PWQvu5SNw+FyUW6LeqCfmsLacNiy3Sbvueg
Y2MlmJSxoz37VfSV7B3gxITn6bdc+mSZfMKRKyGwLuuq8jq5zRzT/XqTMCTJO/nx
iMk9MSIGn5zjqEX5e9H2blgEmZCKInw79fFDF4kWVT5TuuNOC+mfDkvjM4k07Rbo
CSKx5UFlM1sb1TRrp/jkY3D9c3EDPihruuNcy9Nizqfc5n3X6wWyPHsNNn0N056U
wTkMt2BAX5dUXTS+fDTOCbW+4w4ghaosUlNvBPTVfhqSIx3itiRmnrBeoNwekZDy
0bWL02kvBOB/vg==
-----END CERTIFICATE-----