Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
File:                     uglQnQRuXLar5boZqxurpUPTffg.mft (raw, json)
Hash identifier:          f+SGO/DP9vnw9+Kc5LdgbecjyQ+Mx3BiqFjWWMkqiJc=
Subject key identifier:   71:D6:18:BD:6D:F2:D3:F7:C7:F5:A3:25:92:04:E5:5B:18:51:E9:69
Authority key identifier: BA:09:50:9D:04:6E:5C:B6:AB:E5:BA:19:AB:1B:AB:A5:43:D3:7D:F8
Certificate issuer:       /CN=ba09509d046e5cb6abe5ba19ab1baba543d37df8
Certificate serial:       0197B6A075A3C47F35B9F414759331A0C209
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
Manifest number:          093A
Signing time:             Sat 28 Jun 2025 13:00:58 +0000
Manifest this update:     Sat 28 Jun 2025 13:00:58 +0000
Manifest next update:     Sun 29 Jun 2025 13:00:58 +0000
Files and hashes:         1: uglQnQRuXLar5boZqxurpUPTffg.crl (hash: M9VWsYv3kWvAHSFd+xgvtsOYDGEOreF7JNUmm20ClpE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:75:a3:c4:7f:35:b9:f4:14:75:93:31:a0:c2:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba09509d046e5cb6abe5ba19ab1baba543d37df8
        Validity
            Not Before: Jun 28 13:00:58 2025 GMT
            Not After : Jun 29 13:00:58 2025 GMT
        Subject: CN=71d618bd6df2d3f7c7f5a3259204e55b1851e969
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:92:53:2d:31:a2:1b:cf:ff:95:50:74:2b:0a:
                    3f:72:61:bb:4f:4e:f2:c4:aa:ae:86:70:38:0f:91:
                    d7:e7:51:e6:34:90:1f:71:97:cf:f3:d1:a9:55:b5:
                    5b:24:22:54:63:26:b0:34:96:04:eb:1b:88:31:b1:
                    7c:e5:ba:4d:26:69:72:8f:4d:df:7e:08:b4:76:0d:
                    7e:a4:bb:5a:95:3d:52:33:47:b7:f7:02:59:ee:43:
                    a1:01:09:c6:7a:fe:55:7a:b8:bb:e6:2a:a9:8f:9c:
                    34:22:4d:50:b9:1e:c7:60:1e:ca:ea:c2:50:8e:4d:
                    b7:1e:c5:f6:e6:94:fa:45:9d:90:14:b3:49:a1:75:
                    3f:2d:83:55:a4:44:07:05:c0:b7:37:49:84:62:f5:
                    ce:1f:33:36:9a:3a:c4:44:a3:5e:79:cb:7f:1c:c1:
                    bc:b5:5f:9d:83:a0:56:de:88:8f:8d:c3:a1:1f:58:
                    c1:cc:f9:ee:04:ac:7d:38:55:21:b6:8e:3f:0e:0d:
                    29:91:51:04:2e:f9:b4:f2:d8:6f:78:f5:0b:b1:b4:
                    db:69:44:c9:32:ce:02:64:86:42:73:8f:e7:c3:a6:
                    78:52:d4:41:2f:40:6d:a2:c6:c5:98:8b:79:90:fe:
                    a2:0b:52:d6:5f:c1:e3:b0:af:56:7a:7e:6d:5d:8a:
                    56:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:D6:18:BD:6D:F2:D3:F7:C7:F5:A3:25:92:04:E5:5B:18:51:E9:69
            X509v3 Authority Key Identifier:
                keyid:BA:09:50:9D:04:6E:5C:B6:AB:E5:BA:19:AB:1B:AB:A5:43:D3:7D:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:e0:dd:8c:ce:c2:bd:98:94:d1:25:ef:b6:a6:7e:db:52:63:
         b9:e8:d4:8c:b5:fc:af:ad:95:0e:98:f2:4b:3d:b1:52:e2:32:
         e5:34:8b:a6:6d:88:a2:de:bb:bc:c0:3d:a6:64:61:f2:dc:e8:
         2e:96:13:59:ea:17:26:07:38:c6:2d:2c:b1:47:53:16:60:29:
         49:64:3c:4c:de:58:f1:18:86:60:7d:d6:7c:3a:10:9e:d7:c6:
         98:d4:0c:3a:83:d1:32:99:46:f4:35:56:3d:c9:2e:8d:b3:68:
         03:d6:f0:0c:68:8d:48:b8:08:b4:ad:fc:c6:ac:20:c4:64:d1:
         80:ac:7f:54:6e:41:c8:27:54:58:06:bf:4d:02:5d:bf:fe:37:
         f4:95:1a:10:51:80:90:67:e5:69:63:f1:45:c7:58:61:99:a4:
         f3:b6:23:fa:ba:18:4b:c3:d4:cc:79:40:2d:45:ce:72:e0:2b:
         52:56:3d:42:b4:a6:2c:04:56:45:9b:18:fc:67:da:c3:3b:f1:
         1b:d8:29:76:b8:2e:1a:76:dc:67:1d:7a:47:bf:c0:1d:72:f1:
         f3:18:cf:5c:a0:7e:fd:7e:81:24:5a:32:f6:98:16:97:06:c9:
         02:74:48:29:23:d3:fa:d6:c1:c1:18:0c:36:dd:be:a3:41:00:
         9c:44:09:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oHWjxH81ufQUdZMxoMIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMDk1MDlkMDQ2ZTVjYjZhYmU1YmExOWFiMWJhYmE1NDNk
MzdkZjgwHhcNMjUwNjI4MTMwMDU4WhcNMjUwNjI5MTMwMDU4WjAzMTEwLwYDVQQD
Eyg3MWQ2MThiZDZkZjJkM2Y3YzdmNWEzMjU5MjA0ZTU1YjE4NTFlOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJJTLTGiG8//lVB0Kwo/cmG7T07y
xKquhnA4D5HX51HmNJAfcZfP89GpVbVbJCJUYyawNJYE6xuIMbF85bpNJmlyj03f
fgi0dg1+pLtalT1SM0e39wJZ7kOhAQnGev5Veri75iqpj5w0Ik1QuR7HYB7K6sJQ
jk23HsX25pT6RZ2QFLNJoXU/LYNVpEQHBcC3N0mEYvXOHzM2mjrERKNeect/HMG8
tV+dg6BW3oiPjcOhH1jBzPnuBKx9OFUhto4/Dg0pkVEELvm08thvePULsbTbaUTJ
Ms4CZIZCc4/nw6Z4UtRBL0BtosbFmIt5kP6iC1LWX8HjsK9Wen5tXYpW2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHWGL1t8tP3x/WjJZIE5VsYUelpMB8GA1UdIwQY
MBaAFLoJUJ0Ebly2q+W6Gasbq6VD0334MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC85MmRmYTYtNThmNS00ZmJmLWFmZTQt
ZDdlNDIyMDBhNDllLzEvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC85MmRmYTYtNThmNS00ZmJmLWFmZTQtZDdlNDIyMDBhNDll
LzEvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABuDdjM7C
vZiU0SXvtqZ+21JjuejUjLX8r62VDpjySz2xUuIy5TSLpm2Iot67vMA9pmRh8tzo
LpYTWeoXJgc4xi0ssUdTFmApSWQ8TN5Y8RiGYH3WfDoQntfGmNQMOoPRMplG9DVW
PckujbNoA9bwDGiNSLgItK38xqwgxGTRgKx/VG5ByCdUWAa/TQJdv/439JUaEFGA
kGflaWPxRcdYYZmk87Yj+roYS8PUzHlALUXOcuArUlY9QrSmLARWRZsY/Gfawzvx
G9gpdrguGnbcZx16R7/AHXLx8xjPXKB+/X6BJFoy9pgWlwbJAnRIKSPT+tbBwRgM
Nt2+o0EAnEQJsg==
-----END CERTIFICATE-----