Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
File:                     UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json)
Hash identifier:          BHrkkKKQiUgALfSm9elanQFTKNE1mXk3GZnmER/pnsk=
Subject key identifier:   9C:B2:8D:9E:2A:D3:B0:F1:EB:B1:5E:35:3D:2A:F3:23:D5:D1:58:31
Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D
Certificate issuer:       /CN=5061bdf7da55676d971882beee9021bc5fb3172d
Certificate serial:       0199FCC6A9006150C911C3C89C9619E8A4ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
Manifest number:          0999
Signing time:             Sun 19 Oct 2025 14:01:41 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:41 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:41 +0000
Files and hashes:         1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: uRFN83wi7w7kSxr3A5jcPz1TgaOdpivWSx45Dk1HdCM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:a9:00:61:50:c9:11:c3:c8:9c:96:19:e8:a4:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d
        Validity
            Not Before: Oct 19 14:01:41 2025 GMT
            Not After : Oct 20 14:01:41 2025 GMT
        Subject: CN=9cb28d9e2ad3b0f1ebb15e353d2af323d5d15831
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:42:63:8f:65:23:1f:0e:b8:88:65:99:2c:63:
                    73:b0:94:74:d4:95:48:ab:b0:16:14:79:81:d8:fb:
                    cb:0a:01:48:5e:c4:47:8c:fd:e9:9a:56:90:a3:eb:
                    58:ac:07:d0:e0:2d:06:23:09:04:f5:68:6f:1d:a3:
                    d3:1e:9c:ad:0b:84:f7:aa:15:73:d6:ba:74:62:08:
                    ba:29:00:f1:4e:59:4b:07:2d:4a:46:06:42:14:ad:
                    6d:69:30:ee:79:e4:e5:be:2f:f3:fa:16:61:a2:a3:
                    56:ba:8c:8d:4f:f9:d1:39:de:d6:72:cb:ae:83:22:
                    50:d4:9a:0a:15:e6:a1:64:08:a6:6c:15:8f:ca:b7:
                    79:f2:58:24:44:ce:4f:19:a8:f3:5f:cc:02:8f:17:
                    24:da:22:40:3f:74:99:99:d0:cd:10:32:b3:56:b5:
                    c8:74:2e:ca:5a:4d:49:7e:24:c2:39:5a:28:74:1d:
                    81:56:98:62:d5:c1:db:36:5f:0a:b9:8c:cf:23:ee:
                    1d:c3:76:33:58:a3:96:8d:5d:d9:5f:c3:19:f3:4f:
                    96:2e:f5:4a:fa:3d:f5:ef:13:02:f8:f2:f3:c8:c3:
                    47:bd:a8:95:0a:3e:96:7a:6b:80:32:11:e3:a6:c4:
                    84:d8:8d:3c:0d:47:21:7c:7d:af:c1:47:be:20:2f:
                    fb:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:B2:8D:9E:2A:D3:B0:F1:EB:B1:5E:35:3D:2A:F3:23:D5:D1:58:31
            X509v3 Authority Key Identifier:
                keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:0a:4b:7e:67:30:13:b4:a3:ee:3a:47:7c:1f:5d:9d:d9:8a:
         d4:97:b4:a5:ec:19:49:80:f2:25:2a:cb:6e:1f:a0:8e:c8:34:
         c3:b2:92:57:1f:50:e0:45:e9:03:a3:8c:a5:63:b4:32:b7:e1:
         a7:44:6a:2d:94:df:4b:5c:09:f9:0e:d2:0d:d7:e9:b6:f2:67:
         db:16:f7:ef:9b:cc:f0:98:91:b5:1d:fd:4e:7d:36:54:8a:d1:
         aa:b4:ce:c8:e6:0d:89:ee:96:c9:16:85:ba:a7:16:86:34:73:
         64:ea:d2:1f:bf:ec:1b:dd:ea:32:81:72:7c:46:89:34:27:bc:
         66:7e:1e:f6:7a:5c:80:26:8e:21:cc:fe:b4:3a:92:47:b2:47:
         71:fb:f8:4e:97:8c:5d:e6:9d:0d:00:54:40:6d:e4:52:81:ff:
         25:14:74:f5:1c:c2:09:7b:d4:71:a3:35:30:53:74:46:5b:31:
         c8:20:2f:e9:c5:42:12:be:5b:ed:bb:16:21:60:71:a9:e8:3f:
         f5:0a:5b:7f:e2:50:d1:d1:26:25:5d:0c:d9:82:27:38:a1:46:
         7e:c5:3a:53:03:86:0c:ad:ac:31:10:2c:53:2e:eb:01:92:e6:
         e3:df:ee:ad:40:ee:34:79:6d:01:5e:5e:3d:37:6e:50:2a:35:
         93:cb:0e:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xqkAYVDJEcPInJYZ6KTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi
MzE3MmQwHhcNMjUxMDE5MTQwMTQxWhcNMjUxMDIwMTQwMTQxWjAzMTEwLwYDVQQD
Eyg5Y2IyOGQ5ZTJhZDNiMGYxZWJiMTVlMzUzZDJhZjMyM2Q1ZDE1ODMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0Jjj2UjHw64iGWZLGNzsJR01JVI
q7AWFHmB2PvLCgFIXsRHjP3pmlaQo+tYrAfQ4C0GIwkE9WhvHaPTHpytC4T3qhVz
1rp0Ygi6KQDxTllLBy1KRgZCFK1taTDueeTlvi/z+hZhoqNWuoyNT/nROd7Wcsuu
gyJQ1JoKFeahZAimbBWPyrd58lgkRM5PGajzX8wCjxck2iJAP3SZmdDNEDKzVrXI
dC7KWk1JfiTCOVoodB2BVphi1cHbNl8KuYzPI+4dw3YzWKOWjV3ZX8MZ80+WLvVK
+j317xMC+PLzyMNHvaiVCj6WemuAMhHjpsSE2I08DUchfH2vwUe+IC/7yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJyyjZ4q07Dx67FeNT0q8yPV0VgxMB8GA1UdIwQY
MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt
NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm
LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACApLfmcw
E7Sj7jpHfB9dndmK1Je0pewZSYDyJSrLbh+gjsg0w7KSVx9Q4EXpA6OMpWO0Mrfh
p0RqLZTfS1wJ+Q7SDdfptvJn2xb375vM8JiRtR39Tn02VIrRqrTOyOYNie6WyRaF
uqcWhjRzZOrSH7/sG93qMoFyfEaJNCe8Zn4e9npcgCaOIcz+tDqSR7JHcfv4TpeM
XeadDQBUQG3kUoH/JRR09RzCCXvUcaM1MFN0RlsxyCAv6cVCEr5b7bsWIWBxqeg/
9Qpbf+JQ0dEmJV0M2YInOKFGfsU6UwOGDK2sMRAsUy7rAZLm49/urUDuNHltAV5e
PTduUCo1k8sOfA==
-----END CERTIFICATE-----