Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft
File:                     ugpNIpkX1GVzikghtu7FvrJObuQ.mft (raw, json)
Hash identifier:          zM28L+DjbHVPYNgdDZvIsklu2Dnw0HaNY+/9JoRooQk=
Subject key identifier:   81:7D:9A:36:D0:C3:A8:04:B9:B7:C2:0B:63:8F:C3:A8:BD:70:8E:B3
Authority key identifier: BA:0A:4D:22:99:17:D4:65:73:8A:48:21:B6:EE:C5:BE:B2:4E:6E:E4
Certificate issuer:       /CN=ba0a4d229917d465738a4821b6eec5beb24e6ee4
Certificate serial:       0197C9F062C751BAA04B6967C57BE62AFBB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft
Manifest number:          73
Signing time:             Wed 02 Jul 2025 07:01:03 +0000
Manifest this update:     Wed 02 Jul 2025 07:01:03 +0000
Manifest next update:     Thu 03 Jul 2025 07:01:03 +0000
Files and hashes:         1: ugpNIpkX1GVzikghtu7FvrJObuQ.crl (hash: xdVSyu8Vn+y1R1TcIKEUNPh+b9DsY8HjNn5ZrcU93ik=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 07:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:f0:62:c7:51:ba:a0:4b:69:67:c5:7b:e6:2a:fb:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba0a4d229917d465738a4821b6eec5beb24e6ee4
        Validity
            Not Before: Jul  2 07:01:03 2025 GMT
            Not After : Jul  3 07:01:03 2025 GMT
        Subject: CN=817d9a36d0c3a804b9b7c20b638fc3a8bd708eb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d2:3e:27:74:3b:58:d7:8a:26:18:44:b3:4c:
                    0e:72:71:41:13:f6:6c:16:58:1e:2c:a5:86:2c:d5:
                    0b:08:62:6e:60:18:f4:7f:da:c4:78:7f:86:a9:5f:
                    ac:db:ad:14:2d:65:15:43:24:f4:11:4e:8a:af:65:
                    ae:e4:73:30:c7:4a:f6:a0:d1:6f:cc:a7:cd:d5:0a:
                    63:2c:fd:97:7a:07:4f:8c:da:91:7f:80:78:b8:94:
                    06:77:ee:9f:81:82:a6:24:64:4b:ce:e7:d8:5c:77:
                    4e:bc:a3:a7:ad:cb:96:b4:78:c4:db:0b:c3:84:67:
                    7b:ea:ad:70:2f:0c:ff:a5:21:7a:1d:2f:fe:57:ab:
                    9e:0d:a1:f5:86:a7:e3:94:b0:ca:f8:58:a7:db:1b:
                    10:46:59:08:49:3e:30:b0:50:4d:98:a8:49:d7:d2:
                    8a:5c:55:d9:43:2c:c4:b6:32:56:9a:4a:fa:9a:9d:
                    b0:47:f9:e3:32:06:57:5a:40:6a:22:92:23:56:c2:
                    4a:09:68:f2:f0:d5:87:b0:d7:4e:2e:fe:9c:71:e4:
                    c3:1d:f3:66:50:55:71:e4:c2:38:96:6f:e1:17:21:
                    6e:98:0a:52:3e:5a:80:7e:37:ab:4b:20:95:58:2a:
                    ab:11:87:e7:7c:e1:e7:b7:47:4a:c4:41:1b:37:30:
                    ab:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:7D:9A:36:D0:C3:A8:04:B9:B7:C2:0B:63:8F:C3:A8:BD:70:8E:B3
            X509v3 Authority Key Identifier:
                keyid:BA:0A:4D:22:99:17:D4:65:73:8A:48:21:B6:EE:C5:BE:B2:4E:6E:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:f3:5c:6a:84:3c:29:a8:08:27:f1:06:7b:dc:2f:05:21:e9:
         c6:31:dc:97:33:44:32:de:bb:bf:e2:bf:e5:60:a7:8f:62:83:
         bf:c9:73:14:cb:37:2c:62:f0:be:14:50:87:b6:04:b6:ec:50:
         51:00:83:74:3c:4b:f1:12:26:18:54:73:e3:a2:d9:3f:24:6e:
         2e:9c:f9:30:ee:3e:e8:34:82:f5:4e:b5:68:4b:60:80:45:16:
         d3:aa:21:7d:42:dc:ba:d8:47:f2:f0:41:e0:c0:ee:39:2c:c2:
         dc:28:77:9c:90:d3:21:71:c0:0c:70:70:1b:19:9b:68:6c:74:
         3a:b2:9a:b6:97:26:af:b9:17:2c:2c:ab:99:81:fd:34:7c:33:
         15:35:b0:ea:9a:a1:cf:d6:ae:e3:64:44:81:1c:7a:8b:a2:3f:
         8a:95:65:ae:6d:0e:50:70:9c:98:70:fe:55:bf:d9:07:3d:92:
         56:dd:d9:39:35:cd:f0:d2:8e:0e:ab:42:92:6b:46:66:10:fb:
         07:5c:88:40:b1:85:81:bc:fe:c9:dc:de:74:12:e5:94:68:73:
         ef:e6:d8:14:3e:ca:fc:bf:5b:50:e1:21:21:c7:8c:84:2a:50:
         4c:f2:83:90:90:dd:0e:04:97:8a:55:cf:b0:07:51:3e:48:90:
         ee:df:a2:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJ8GLHUbqgS2lnxXvmKvuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGE0ZDIyOTkxN2Q0NjU3MzhhNDgyMWI2ZWVjNWJlYjI0
ZTZlZTQwHhcNMjUwNzAyMDcwMTAzWhcNMjUwNzAzMDcwMTAzWjAzMTEwLwYDVQQD
Eyg4MTdkOWEzNmQwYzNhODA0YjliN2MyMGI2MzhmYzNhOGJkNzA4ZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtI+J3Q7WNeKJhhEs0wOcnFBE/Zs
FlgeLKWGLNULCGJuYBj0f9rEeH+GqV+s260ULWUVQyT0EU6Kr2Wu5HMwx0r2oNFv
zKfN1QpjLP2XegdPjNqRf4B4uJQGd+6fgYKmJGRLzufYXHdOvKOnrcuWtHjE2wvD
hGd76q1wLwz/pSF6HS/+V6ueDaH1hqfjlLDK+Fin2xsQRlkIST4wsFBNmKhJ19KK
XFXZQyzEtjJWmkr6mp2wR/njMgZXWkBqIpIjVsJKCWjy8NWHsNdOLv6cceTDHfNm
UFVx5MI4lm/hFyFumApSPlqAfjerSyCVWCqrEYfnfOHnt0dKxEEbNzCrNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIF9mjbQw6gEubfCC2OPw6i9cI6zMB8GA1UdIwQY
MBaAFLoKTSKZF9Rlc4pIIbbuxb6yTm7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS83ODE1ZDYtZDVhZC00ZjYwLThhNmQt
MDU3YWQ5MzMxZmE4LzEvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS83ODE1ZDYtZDVhZC00ZjYwLThhNmQtMDU3YWQ5MzMxZmE4
LzEvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFvNcaoQ8
KagIJ/EGe9wvBSHpxjHclzNEMt67v+K/5WCnj2KDv8lzFMs3LGLwvhRQh7YEtuxQ
UQCDdDxL8RImGFRz46LZPyRuLpz5MO4+6DSC9U61aEtggEUW06ohfULcuthH8vBB
4MDuOSzC3Ch3nJDTIXHADHBwGxmbaGx0OrKatpcmr7kXLCyrmYH9NHwzFTWw6pqh
z9au42REgRx6i6I/ipVlrm0OUHCcmHD+Vb/ZBz2SVt3ZOTXN8NKODqtCkmtGZhD7
B1yIQLGFgbz+ydzedBLllGhz7+bYFD7K/L9bUOEhIceMhCpQTPKDkJDdDgSXilXP
sAdRPkiQ7t+iUQ==
-----END CERTIFICATE-----