Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
File:                     UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json)
Hash identifier:          YN/swezfE62NpPcUIXZtCmL7dTlHTz0zGMEBrQiCiiY=
Subject key identifier:   43:FA:51:21:9C:BC:B0:62:38:6C:CC:7B:58:04:44:F1:CE:44:C7:71
Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D
Certificate issuer:       /CN=5061bdf7da55676d971882beee9021bc5fb3172d
Certificate serial:       0197B77C3979412AAA34C20C302895250E73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
Manifest number:          086C
Signing time:             Sat 28 Jun 2025 17:01:01 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:01 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:01 +0000
Files and hashes:         1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: k4nAoUa58vT+DZVARuk1tpPgsaFXoLW3FmCEWnveveY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:39:79:41:2a:aa:34:c2:0c:30:28:95:25:0e:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d
        Validity
            Not Before: Jun 28 17:01:01 2025 GMT
            Not After : Jun 29 17:01:01 2025 GMT
        Subject: CN=43fa51219cbcb062386ccc7b580444f1ce44c771
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:97:e5:ba:39:72:53:5a:3d:c8:80:7d:77:ae:
                    c5:63:d0:00:b2:9a:a4:1b:8a:fa:a5:6d:2c:e8:d7:
                    b4:60:cc:d1:6b:5b:ab:84:1b:c7:20:8c:ba:42:39:
                    94:53:c4:ad:33:2d:7d:5c:90:f0:a8:ba:60:5a:2f:
                    a5:77:2d:1a:40:a8:30:34:d8:a5:74:67:db:59:ba:
                    b7:d2:f2:c6:69:9f:2e:79:bf:46:8d:25:bc:d6:73:
                    1f:4b:bb:8a:d0:7f:29:1f:dd:12:ac:d8:5d:e9:c0:
                    40:f7:c6:51:3b:48:7c:2b:40:cb:8a:ae:e3:56:52:
                    9d:fe:13:9e:73:42:1b:06:36:91:ce:25:ad:77:b2:
                    69:b1:f7:fd:65:97:14:ec:aa:fa:75:da:d4:7e:8c:
                    d1:55:38:5c:ad:bf:64:59:69:46:f2:34:83:26:de:
                    f8:48:8a:e0:d2:b0:e4:12:d1:ba:cb:34:0f:58:ec:
                    aa:0d:0f:e5:ec:c3:2d:dc:de:b8:e2:85:90:6f:df:
                    c6:d5:db:37:f2:60:cf:8f:5c:cc:11:ac:a6:94:c6:
                    3d:67:64:20:1b:ee:48:bf:90:d4:d1:e6:36:76:20:
                    51:ab:a7:b8:9a:e5:ed:7b:39:50:4d:d3:9d:df:c1:
                    d1:8c:4d:bf:2e:dc:94:22:a7:a4:22:bf:92:89:f7:
                    6f:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:FA:51:21:9C:BC:B0:62:38:6C:CC:7B:58:04:44:F1:CE:44:C7:71
            X509v3 Authority Key Identifier:
                keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:d7:d6:d9:82:8e:e5:15:70:cf:e4:2c:28:97:af:66:79:54:
         32:e0:9f:7a:e5:37:3e:c6:f3:25:ed:77:4f:f7:3d:f2:01:2d:
         d3:be:63:f6:2b:3c:ee:ef:65:98:fb:41:03:d3:ef:16:32:fa:
         66:f6:a2:9d:be:c3:81:d9:4a:1a:e7:f1:d1:e3:74:8b:af:81:
         03:20:85:ff:63:fc:81:9f:f2:65:de:db:86:b8:41:c2:bc:f1:
         d9:9c:5c:d8:8d:fe:f7:74:2f:b8:b9:51:57:0a:97:60:0f:1d:
         aa:ac:ba:60:2b:49:93:49:55:1b:a4:2b:5f:07:3f:35:b3:b1:
         a2:88:df:fc:13:99:98:06:d6:58:04:14:4b:da:1c:ba:6e:b6:
         0f:f9:86:95:09:cf:b1:7d:f3:d2:3f:88:8f:fd:55:36:06:79:
         44:94:14:cf:67:80:b5:04:a9:92:80:00:03:ec:3c:d3:ee:71:
         67:2d:d2:68:bd:25:bf:f8:6f:20:25:85:86:4a:5f:43:4e:54:
         ba:d0:02:f2:9d:34:6b:c3:68:60:a2:90:80:88:1c:2e:3e:e7:
         4b:3b:ed:97:4d:2d:c3:ce:d7:b3:62:37:08:a4:74:f1:19:73:
         40:15:e7:12:ad:7f:75:3f:f1:02:c0:4f:b9:d8:42:f9:cc:a0:
         bb:dd:ab:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fDl5QSqqNMIMMCiVJQ5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi
MzE3MmQwHhcNMjUwNjI4MTcwMTAxWhcNMjUwNjI5MTcwMTAxWjAzMTEwLwYDVQQD
Eyg0M2ZhNTEyMTljYmNiMDYyMzg2Y2NjN2I1ODA0NDRmMWNlNDRjNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZflujlyU1o9yIB9d67FY9AAspqk
G4r6pW0s6Ne0YMzRa1urhBvHIIy6QjmUU8StMy19XJDwqLpgWi+ldy0aQKgwNNil
dGfbWbq30vLGaZ8ueb9GjSW81nMfS7uK0H8pH90SrNhd6cBA98ZRO0h8K0DLiq7j
VlKd/hOec0IbBjaRziWtd7Jpsff9ZZcU7Kr6ddrUfozRVThcrb9kWWlG8jSDJt74
SIrg0rDkEtG6yzQPWOyqDQ/l7MMt3N644oWQb9/G1ds38mDPj1zMEaymlMY9Z2Qg
G+5Iv5DU0eY2diBRq6e4muXtezlQTdOd38HRjE2/LtyUIqekIr+SifdvmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEP6USGcvLBiOGzMe1gERPHORMdxMB8GA1UdIwQY
MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt
NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm
LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAddfW2YKO
5RVwz+QsKJevZnlUMuCfeuU3PsbzJe13T/c98gEt075j9is87u9lmPtBA9PvFjL6
Zvainb7DgdlKGufx0eN0i6+BAyCF/2P8gZ/yZd7bhrhBwrzx2Zxc2I3+93QvuLlR
VwqXYA8dqqy6YCtJk0lVG6QrXwc/NbOxoojf/BOZmAbWWAQUS9ocum62D/mGlQnP
sX3z0j+Ij/1VNgZ5RJQUz2eAtQSpkoAAA+w80+5xZy3SaL0lv/hvICWFhkpfQ05U
utAC8p00a8NoYKKQgIgcLj7nSzvtl00tw87Xs2I3CKR08RlzQBXnEq1/dT/xAsBP
udhC+cygu92roQ==
-----END CERTIFICATE-----