Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
File:                     uglQnQRuXLar5boZqxurpUPTffg.mft (raw, json)
Hash identifier:          Mot3CbjymLqqjdhWH6I2opNUVlTVD0uxesnubboF8GA=
Subject key identifier:   7E:BD:49:70:F8:1C:99:D9:30:83:29:16:3E:A1:0D:5B:DD:5E:40:62
Authority key identifier: BA:09:50:9D:04:6E:5C:B6:AB:E5:BA:19:AB:1B:AB:A5:43:D3:7D:F8
Certificate issuer:       /CN=ba09509d046e5cb6abe5ba19ab1baba543d37df8
Certificate serial:       0199FBEA7F1ECE215FA9897E79FBDA504385
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
Manifest number:          0A67
Signing time:             Sun 19 Oct 2025 10:01:13 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:13 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:13 +0000
Files and hashes:         1: uglQnQRuXLar5boZqxurpUPTffg.crl (hash: JJb/NvSIU7Ea+Klm6aflU6QxSFvQuUGcuNzF6vCFhg4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:7f:1e:ce:21:5f:a9:89:7e:79:fb:da:50:43:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba09509d046e5cb6abe5ba19ab1baba543d37df8
        Validity
            Not Before: Oct 19 10:01:13 2025 GMT
            Not After : Oct 20 10:01:13 2025 GMT
        Subject: CN=7ebd4970f81c99d9308329163ea10d5bdd5e4062
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:02:0b:bc:2d:ee:20:14:28:d9:30:24:15:53:
                    a2:4e:90:61:2a:cf:21:27:6b:57:d5:0a:bf:fc:f0:
                    4c:76:07:fc:e6:5e:fa:f9:0c:eb:52:e3:bc:12:43:
                    7e:8a:46:73:0d:0b:c5:c5:8d:8c:6d:99:1e:a8:24:
                    5b:cc:90:ca:9e:bd:17:0f:36:0b:71:01:27:56:13:
                    8a:20:82:94:ba:3c:19:e1:25:60:0e:91:56:a8:5c:
                    4c:56:7e:95:99:c1:0e:3d:2d:f3:6a:f4:36:d8:d5:
                    22:c0:83:c1:0b:da:65:8c:04:da:a4:10:70:1d:36:
                    81:73:59:d8:e6:ec:fb:2c:ae:05:37:d9:66:e1:a5:
                    74:49:9e:6b:32:89:d7:6e:01:85:a7:8d:7a:49:30:
                    92:d3:9a:82:c6:02:f9:c8:e3:a2:3a:ba:b6:62:c1:
                    9d:b0:39:3a:48:45:59:89:59:09:d3:40:c2:7e:42:
                    67:5b:d1:24:f1:4c:bf:43:8b:af:34:25:0e:85:5b:
                    06:85:e5:11:ba:b9:70:4c:b3:84:43:33:1b:d3:8d:
                    a8:8b:e9:2c:a0:fb:49:d5:e5:c0:40:8c:4d:1c:32:
                    26:d0:0c:63:a7:20:0c:58:be:cb:63:f1:f2:7b:3a:
                    f3:67:06:02:ab:14:9c:48:ec:f8:42:c7:55:a3:bd:
                    b3:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:BD:49:70:F8:1C:99:D9:30:83:29:16:3E:A1:0D:5B:DD:5E:40:62
            X509v3 Authority Key Identifier:
                keyid:BA:09:50:9D:04:6E:5C:B6:AB:E5:BA:19:AB:1B:AB:A5:43:D3:7D:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:60:c4:7b:3a:7b:61:cd:60:a3:b4:fd:48:40:b8:1a:b1:9b:
         5d:2b:af:1b:92:00:6e:cb:f9:65:1a:0c:b1:c4:0e:2b:57:0f:
         99:aa:d1:71:e3:d0:ec:c5:98:2f:25:de:fb:38:ed:f0:df:0d:
         ad:22:24:66:0a:70:be:8e:1d:fc:72:db:ec:78:ae:50:61:38:
         e6:cf:5e:2a:0c:e0:c5:dd:b4:d6:26:61:40:78:d8:6c:9b:c7:
         06:2f:fe:e1:a0:57:f4:a9:29:0e:fb:22:9d:f1:dc:54:6f:18:
         b0:9a:49:0e:77:11:64:82:99:e9:1b:6b:58:96:38:21:01:1b:
         75:81:be:69:57:ab:d4:5b:83:6c:e4:48:cb:8c:7c:b1:5a:d8:
         1c:32:5f:33:be:9e:c9:5e:1d:7b:fb:cb:61:8c:76:bd:ae:d4:
         d8:b3:40:65:dd:08:96:14:57:82:d5:cf:fe:36:5d:af:36:a6:
         b4:dd:84:14:a5:31:ee:b6:22:65:74:6a:93:c8:44:5d:be:30:
         3f:01:03:22:73:a6:f7:5a:f3:90:f7:71:ee:90:1c:97:9a:45:
         4a:32:b2:24:41:15:26:21:a8:9d:ea:47:53:34:1d:11:00:a1:
         10:69:5a:40:63:91:d7:ba:f4:4a:48:78:41:99:6a:d3:cf:c3:
         3b:96:60:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76n8eziFfqYl+efvaUEOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMDk1MDlkMDQ2ZTVjYjZhYmU1YmExOWFiMWJhYmE1NDNk
MzdkZjgwHhcNMjUxMDE5MTAwMTEzWhcNMjUxMDIwMTAwMTEzWjAzMTEwLwYDVQQD
Eyg3ZWJkNDk3MGY4MWM5OWQ5MzA4MzI5MTYzZWExMGQ1YmRkNWU0MDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngILvC3uIBQo2TAkFVOiTpBhKs8h
J2tX1Qq//PBMdgf85l76+QzrUuO8EkN+ikZzDQvFxY2MbZkeqCRbzJDKnr0XDzYL
cQEnVhOKIIKUujwZ4SVgDpFWqFxMVn6VmcEOPS3zavQ22NUiwIPBC9pljATapBBw
HTaBc1nY5uz7LK4FN9lm4aV0SZ5rMonXbgGFp416STCS05qCxgL5yOOiOrq2YsGd
sDk6SEVZiVkJ00DCfkJnW9Ek8Uy/Q4uvNCUOhVsGheURurlwTLOEQzMb042oi+ks
oPtJ1eXAQIxNHDIm0AxjpyAMWL7LY/HyezrzZwYCqxScSOz4QsdVo72zVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH69SXD4HJnZMIMpFj6hDVvdXkBiMB8GA1UdIwQY
MBaAFLoJUJ0Ebly2q+W6Gasbq6VD0334MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC85MmRmYTYtNThmNS00ZmJmLWFmZTQt
ZDdlNDIyMDBhNDllLzEvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC85MmRmYTYtNThmNS00ZmJmLWFmZTQtZDdlNDIyMDBhNDll
LzEvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG2DEezp7
Yc1go7T9SEC4GrGbXSuvG5IAbsv5ZRoMscQOK1cPmarRcePQ7MWYLyXe+zjt8N8N
rSIkZgpwvo4d/HLb7HiuUGE45s9eKgzgxd201iZhQHjYbJvHBi/+4aBX9KkpDvsi
nfHcVG8YsJpJDncRZIKZ6RtrWJY4IQEbdYG+aVer1FuDbORIy4x8sVrYHDJfM76e
yV4de/vLYYx2va7U2LNAZd0IlhRXgtXP/jZdrzamtN2EFKUx7rYiZXRqk8hEXb4w
PwEDInOm91rzkPdx7pAcl5pFSjKyJEEVJiGonepHUzQdEQChEGlaQGOR17r0Skh4
QZlq08/DO5ZgIQ==
-----END CERTIFICATE-----