Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft
File:                     ugpNIpkX1GVzikghtu7FvrJObuQ.mft (raw, json)
Hash identifier:          LdjGBSLJWXQQCFKCedL4t/2wzWKicfoHH5TuidlL6rU=
Subject key identifier:   F6:D2:01:EA:98:E6:69:98:7C:42:CC:B0:F8:63:25:DF:7E:35:74:F0
Authority key identifier: BA:0A:4D:22:99:17:D4:65:73:8A:48:21:B6:EE:C5:BE:B2:4E:6E:E4
Certificate issuer:       /CN=ba0a4d229917d465738a4821b6eec5beb24e6ee4
Certificate serial:       0198D65F7ACA84CF0E05A72C7BD01905D43A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft
Manifest number:          FE
Signing time:             Sat 23 Aug 2025 10:00:38 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:38 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:38 +0000
Files and hashes:         1: ugpNIpkX1GVzikghtu7FvrJObuQ.crl (hash: n8CqGPzmaC0ghR0lAdRaV39FOsCzzF+tti9rvBQuLb8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:7a:ca:84:cf:0e:05:a7:2c:7b:d0:19:05:d4:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba0a4d229917d465738a4821b6eec5beb24e6ee4
        Validity
            Not Before: Aug 23 10:00:38 2025 GMT
            Not After : Aug 24 10:00:38 2025 GMT
        Subject: CN=f6d201ea98e669987c42ccb0f86325df7e3574f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:98:50:78:2e:97:91:5d:d2:60:55:0c:39:d7:
                    04:be:be:cd:95:75:f1:43:b7:29:79:b9:56:96:17:
                    df:4c:a5:6e:d5:be:e0:1b:79:b9:e4:7c:33:6c:93:
                    72:dd:bb:88:9e:9b:10:6d:20:70:ee:a8:47:51:0f:
                    b7:51:11:91:1f:bf:56:f3:da:e9:1b:70:62:43:68:
                    c1:ac:50:5b:f0:bb:44:45:12:0b:f7:e3:22:49:5c:
                    0b:8b:6d:ad:33:71:02:97:a1:1b:b1:d5:f7:72:68:
                    6b:0c:85:70:56:af:c4:bd:4a:2d:e9:c9:cd:51:4c:
                    50:51:90:dc:f1:a1:8a:f3:ea:41:ba:4e:ac:e8:3d:
                    7a:cf:50:bf:ea:39:35:df:48:33:65:63:11:5d:de:
                    06:73:64:56:cd:de:6e:61:a4:60:13:24:ca:fc:bf:
                    d8:5d:df:74:f6:19:67:5e:7e:c4:0a:b2:30:a8:21:
                    1c:cd:d3:67:a3:8d:35:d8:7e:4e:87:85:0d:78:0b:
                    8e:c9:16:71:e4:3a:1d:6d:d6:62:5a:5e:1d:30:d1:
                    3d:19:36:a8:67:b8:5a:fd:95:da:e7:d6:c1:8a:79:
                    7c:57:71:d3:8a:cf:e6:a9:e2:16:e1:a6:a5:63:2b:
                    91:07:b0:96:0e:1f:91:87:de:42:a3:77:56:e6:67:
                    b4:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:D2:01:EA:98:E6:69:98:7C:42:CC:B0:F8:63:25:DF:7E:35:74:F0
            X509v3 Authority Key Identifier:
                keyid:BA:0A:4D:22:99:17:D4:65:73:8A:48:21:B6:EE:C5:BE:B2:4E:6E:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:c5:7b:6a:b2:56:f6:22:63:65:47:d1:fd:b0:01:88:43:cc:
         63:2f:ed:fe:d6:8d:3d:eb:a8:e0:f3:3d:d7:17:57:fa:cd:4b:
         05:f9:fc:d9:e3:f0:79:91:22:f8:e6:82:25:03:04:5e:c2:8c:
         7d:33:6c:ed:38:f4:86:5d:26:20:f1:84:fc:26:38:e0:2e:bd:
         75:ee:79:1b:5a:7f:57:57:fd:f7:3d:09:a9:25:ff:f5:e5:10:
         20:bf:13:50:fd:a9:94:eb:ef:a5:36:bb:b8:aa:f5:f6:ee:9e:
         6a:92:16:a7:18:01:a9:5e:b3:7e:9a:7f:60:92:f2:b6:74:b8:
         fe:85:b8:68:c5:3b:4c:cc:0a:c6:57:e8:de:ef:81:05:7a:49:
         98:0a:c9:4f:90:51:c2:7d:d4:a1:3d:e1:f3:55:62:a2:01:98:
         95:39:aa:af:c0:ac:d1:2d:e0:e0:7e:ca:1b:75:98:80:fe:ac:
         52:f5:d4:1d:55:e4:35:27:be:bd:5b:cf:b8:99:5b:03:be:40:
         ca:a8:c6:eb:64:67:ea:a0:37:f2:be:01:09:af:24:2e:e8:34:
         d0:a8:eb:78:b5:a8:db:d7:19:4f:cd:c3:5e:6a:50:a1:6f:6a:
         59:3c:d2:40:68:a3:29:b5:5f:03:d1:7b:96:c7:88:99:d2:c7:
         c7:19:b0:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX3rKhM8OBacse9AZBdQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGE0ZDIyOTkxN2Q0NjU3MzhhNDgyMWI2ZWVjNWJlYjI0
ZTZlZTQwHhcNMjUwODIzMTAwMDM4WhcNMjUwODI0MTAwMDM4WjAzMTEwLwYDVQQD
EyhmNmQyMDFlYTk4ZTY2OTk4N2M0MmNjYjBmODYzMjVkZjdlMzU3NGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJhQeC6XkV3SYFUMOdcEvr7NlXXx
Q7cpeblWlhffTKVu1b7gG3m55HwzbJNy3buInpsQbSBw7qhHUQ+3URGRH79W89rp
G3BiQ2jBrFBb8LtERRIL9+MiSVwLi22tM3ECl6EbsdX3cmhrDIVwVq/EvUot6cnN
UUxQUZDc8aGK8+pBuk6s6D16z1C/6jk130gzZWMRXd4Gc2RWzd5uYaRgEyTK/L/Y
Xd909hlnXn7ECrIwqCEczdNno4012H5Oh4UNeAuOyRZx5DodbdZiWl4dMNE9GTao
Z7ha/ZXa59bBinl8V3HTis/mqeIW4aalYyuRB7CWDh+Rh95Co3dW5me0fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPbSAeqY5mmYfELMsPhjJd9+NXTwMB8GA1UdIwQY
MBaAFLoKTSKZF9Rlc4pIIbbuxb6yTm7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS83ODE1ZDYtZDVhZC00ZjYwLThhNmQt
MDU3YWQ5MzMxZmE4LzEvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS83ODE1ZDYtZDVhZC00ZjYwLThhNmQtMDU3YWQ5MzMxZmE4
LzEvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl8V7arJW
9iJjZUfR/bABiEPMYy/t/taNPeuo4PM91xdX+s1LBfn82ePweZEi+OaCJQMEXsKM
fTNs7Tj0hl0mIPGE/CY44C69de55G1p/V1f99z0JqSX/9eUQIL8TUP2plOvvpTa7
uKr19u6eapIWpxgBqV6zfpp/YJLytnS4/oW4aMU7TMwKxlfo3u+BBXpJmArJT5BR
wn3UoT3h81ViogGYlTmqr8Cs0S3g4H7KG3WYgP6sUvXUHVXkNSe+vVvPuJlbA75A
yqjG62Rn6qA38r4BCa8kLug00KjreLWo29cZT83DXmpQoW9qWTzSQGijKbVfA9F7
lseImdLHxxmwYg==
-----END CERTIFICATE-----