Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft
File:                     UfsmDqHIG4GxkdCujcNkESHp65Y.mft (raw, json)
Hash identifier:          YxJVxhjZwsTgU/mQxga+fg5XDtzSK3rI+aPVp2fCTYk=
Subject key identifier:   5F:1A:6E:BD:CC:C1:E6:58:E1:E3:BF:B0:FA:AC:8C:FA:37:5C:29:7B
Authority key identifier: 51:FB:26:0E:A1:C8:1B:81:B1:91:D0:AE:8D:C3:64:11:21:E9:EB:96
Certificate issuer:       /CN=51fb260ea1c81b81b191d0ae8dc3641121e9eb96
Certificate serial:       01988BB3C6624E9E96004D5792C288C64B42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UfsmDqHIG4GxkdCujcNkESHp65Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft
Manifest number:          05C5
Signing time:             Fri 08 Aug 2025 22:01:11 +0000
Manifest this update:     Fri 08 Aug 2025 22:01:11 +0000
Manifest next update:     Sat 09 Aug 2025 22:01:11 +0000
Files and hashes:         1: UfsmDqHIG4GxkdCujcNkESHp65Y.crl (hash: gb6Rh078vnxSeHGyJrXSrMwet5MRZ+9hsvP8fACesEg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UfsmDqHIG4GxkdCujcNkESHp65Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:b3:c6:62:4e:9e:96:00:4d:57:92:c2:88:c6:4b:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51fb260ea1c81b81b191d0ae8dc3641121e9eb96
        Validity
            Not Before: Aug  8 22:01:11 2025 GMT
            Not After : Aug  9 22:01:11 2025 GMT
        Subject: CN=5f1a6ebdccc1e658e1e3bfb0faac8cfa375c297b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:d6:26:cb:41:bc:71:6e:fe:23:6e:02:f1:42:
                    9f:0e:77:60:c4:9f:fc:28:d5:b5:b7:4e:a9:49:2b:
                    6b:c3:6a:16:3f:be:73:9e:02:b0:c5:28:6e:c2:e6:
                    5e:f0:e3:75:a6:94:76:a1:a4:56:47:48:34:1b:f7:
                    52:45:ee:02:23:90:b3:3d:c6:78:7f:0d:43:ee:64:
                    b6:3c:c2:a7:ce:99:04:1f:1e:cd:51:a7:ac:a1:a3:
                    f9:31:f0:78:2a:04:0f:92:da:04:42:37:c0:a2:98:
                    9d:5b:63:6c:74:9a:42:6a:7a:8e:a0:8c:ba:e0:74:
                    1d:41:77:1b:4c:c1:00:fe:e6:6a:f2:5c:4b:5a:7c:
                    9c:e8:f4:ba:6b:a9:aa:bf:1c:61:8a:1a:4b:2e:1d:
                    9a:48:77:19:12:47:05:28:ec:5b:61:d2:9a:bb:69:
                    bd:6a:ab:ed:13:2c:e9:0d:2b:c6:2e:fe:23:a1:5c:
                    f3:3b:a7:67:0f:e9:6d:85:48:b9:de:60:30:70:64:
                    b4:1d:09:7c:a3:c1:c6:70:27:d3:61:69:81:bc:6b:
                    f3:f9:32:4b:fa:92:0b:e9:21:b5:a0:4a:ef:d6:d4:
                    c4:46:4e:a5:26:fc:34:da:7c:ba:9a:bb:1b:65:64:
                    bc:f8:76:18:f6:65:36:87:72:c8:43:a1:2d:27:a5:
                    32:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:1A:6E:BD:CC:C1:E6:58:E1:E3:BF:B0:FA:AC:8C:FA:37:5C:29:7B
            X509v3 Authority Key Identifier:
                keyid:51:FB:26:0E:A1:C8:1B:81:B1:91:D0:AE:8D:C3:64:11:21:E9:EB:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UfsmDqHIG4GxkdCujcNkESHp65Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:61:94:6b:99:52:41:af:09:e9:5e:1b:a0:3f:e4:95:01:04:
         be:45:d3:49:ad:df:63:ed:ab:d0:86:99:de:07:23:e8:f2:1b:
         61:94:69:07:6b:da:4f:04:bb:3c:d6:1c:93:8f:eb:e7:78:f2:
         5d:f2:ce:90:e7:d3:68:1e:9c:d5:b2:fe:50:1b:f2:1d:d3:62:
         3a:46:3c:00:f4:97:03:5a:86:ae:f2:cd:b8:69:66:16:06:09:
         49:00:d9:5d:8a:d2:9f:d2:7f:a8:f9:5c:cf:5a:11:ae:58:83:
         2f:cd:6d:fd:97:22:f6:f9:b6:8a:ba:7a:3d:64:38:61:2a:d9:
         60:5e:d5:b1:11:a6:f3:7b:c1:e6:cb:c1:67:38:25:41:48:c9:
         08:09:10:00:6a:7f:27:18:65:91:68:ff:0b:89:ef:c6:2e:53:
         81:a6:a2:a9:ae:e6:6a:60:e4:d3:ce:19:6d:1a:aa:ec:4a:5c:
         85:b6:3d:ce:4f:09:9a:33:b8:5b:58:1e:02:22:8d:05:ba:41:
         0c:2b:6c:80:f9:17:14:f5:f7:f5:c2:78:ee:3c:31:4a:82:42:
         96:b1:ed:d3:1f:9c:40:d8:96:21:33:da:12:d4:25:15:7f:78:
         26:4b:4e:4c:e9:aa:34:5f:c4:00:25:96:6a:02:4d:c5:f0:57:
         38:77:7f:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLs8ZiTp6WAE1XksKIxktCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZmIyNjBlYTFjODFiODFiMTkxZDBhZThkYzM2NDExMjFl
OWViOTYwHhcNMjUwODA4MjIwMTExWhcNMjUwODA5MjIwMTExWjAzMTEwLwYDVQQD
Eyg1ZjFhNmViZGNjYzFlNjU4ZTFlM2JmYjBmYWFjOGNmYTM3NWMyOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotYmy0G8cW7+I24C8UKfDndgxJ/8
KNW1t06pSStrw2oWP75zngKwxShuwuZe8ON1ppR2oaRWR0g0G/dSRe4CI5CzPcZ4
fw1D7mS2PMKnzpkEHx7NUaesoaP5MfB4KgQPktoEQjfAopidW2NsdJpCanqOoIy6
4HQdQXcbTMEA/uZq8lxLWnyc6PS6a6mqvxxhihpLLh2aSHcZEkcFKOxbYdKau2m9
aqvtEyzpDSvGLv4joVzzO6dnD+lthUi53mAwcGS0HQl8o8HGcCfTYWmBvGvz+TJL
+pIL6SG1oErv1tTERk6lJvw02ny6mrsbZWS8+HYY9mU2h3LIQ6EtJ6Uy5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8abr3MweZY4eO/sPqsjPo3XCl7MB8GA1UdIwQY
MBaAFFH7Jg6hyBuBsZHQro3DZBEh6euWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWZzbURxSElHNEd4a2RDdWpjTmtFU0hwNjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80ZjVlN2ItMTRlNy00NGJjLThkNWQt
ZDI5NTc0NTNiODQ0LzEvVWZzbURxSElHNEd4a2RDdWpjTmtFU0hwNjVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80ZjVlN2ItMTRlNy00NGJjLThkNWQtZDI5NTc0NTNiODQ0
LzEvVWZzbURxSElHNEd4a2RDdWpjTmtFU0hwNjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ2GUa5lS
Qa8J6V4boD/klQEEvkXTSa3fY+2r0IaZ3gcj6PIbYZRpB2vaTwS7PNYck4/r53jy
XfLOkOfTaB6c1bL+UBvyHdNiOkY8APSXA1qGrvLNuGlmFgYJSQDZXYrSn9J/qPlc
z1oRrliDL81t/Zci9vm2irp6PWQ4YSrZYF7VsRGm83vB5svBZzglQUjJCAkQAGp/
JxhlkWj/C4nvxi5Tgaaiqa7mamDk084ZbRqq7EpchbY9zk8JmjO4W1geAiKNBbpB
DCtsgPkXFPX39cJ47jwxSoJClrHt0x+cQNiWITPaEtQlFX94JktOTOmqNF/EACWW
agJNxfBXOHd/ow==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:51:38 2025 by rpki-client