Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
File:                     UgO7TxlYEfjXcjygGgsv-963Whs.mft (raw, json)
Hash identifier:          jp69SB3SoRdxNHxHaViM672aa6HHOsGcpmH6uvRVKdM=
Subject key identifier:   BD:2A:94:A5:43:01:A3:8E:8E:91:EB:1F:13:9B:F4:AD:D8:BA:48:54
Authority key identifier: 52:03:BB:4F:19:58:11:F8:D7:72:3C:A0:1A:0B:2F:FB:DE:B7:5A:1B
Certificate issuer:       /CN=5203bb4f195811f8d7723ca01a0b2ffbdeb75a1b
Certificate serial:       01988B7CA54BE65C8CC9028422C60A388990
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
Manifest number:          0258
Signing time:             Fri 08 Aug 2025 21:00:58 +0000
Manifest this update:     Fri 08 Aug 2025 21:00:58 +0000
Manifest next update:     Sat 09 Aug 2025 21:00:58 +0000
Files and hashes:         1: UgO7TxlYEfjXcjygGgsv-963Whs.crl (hash: O55P7eBSC6N5wXek2XVbKgqZ3wL74/2TruYkkV4fTow=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:7c:a5:4b:e6:5c:8c:c9:02:84:22:c6:0a:38:89:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5203bb4f195811f8d7723ca01a0b2ffbdeb75a1b
        Validity
            Not Before: Aug  8 21:00:58 2025 GMT
            Not After : Aug  9 21:00:58 2025 GMT
        Subject: CN=bd2a94a54301a38e8e91eb1f139bf4add8ba4854
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e0:8b:6e:18:e9:b6:24:e7:51:42:d6:d2:98:
                    c1:09:9a:74:e7:02:6a:5e:ca:e0:60:d8:6a:d9:53:
                    75:18:95:38:20:81:c8:2c:bc:f7:c0:a4:be:b5:52:
                    9a:10:ef:a4:04:fa:86:5d:07:4e:d4:90:52:91:a9:
                    e3:6e:9c:0e:a3:a5:05:e2:18:1d:2d:3a:2f:2d:70:
                    2d:5b:12:68:de:dd:78:ef:5c:5d:d0:58:a9:fb:99:
                    c4:f5:2c:15:fc:b8:0f:ee:7b:ba:64:47:25:51:84:
                    e0:20:31:fc:9c:1e:24:f7:7e:bf:6a:fc:77:aa:fa:
                    12:7b:7e:0c:e5:a7:84:64:57:2c:08:3a:d8:49:f3:
                    4b:b0:aa:2d:15:51:05:83:9b:f6:d6:14:6f:08:53:
                    0e:e9:2b:69:9d:b4:b9:a4:ca:b9:38:01:e4:b9:63:
                    03:d6:bf:1e:7d:90:ab:9a:c9:fb:09:9d:6b:1c:2d:
                    d4:c2:1d:5a:cb:61:aa:e5:7d:29:b7:39:0a:b2:f8:
                    9e:a9:ea:60:3e:88:2d:e8:cc:20:20:6e:1b:a8:50:
                    80:b0:89:ef:23:01:28:15:df:23:89:40:65:e2:fb:
                    73:5a:da:ba:02:7f:aa:cd:ca:b2:25:37:ef:8c:5d:
                    c3:c5:92:0c:4e:e0:c3:7c:13:c0:68:57:ef:37:91:
                    ca:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:2A:94:A5:43:01:A3:8E:8E:91:EB:1F:13:9B:F4:AD:D8:BA:48:54
            X509v3 Authority Key Identifier:
                keyid:52:03:BB:4F:19:58:11:F8:D7:72:3C:A0:1A:0B:2F:FB:DE:B7:5A:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:4d:ae:de:5e:81:65:ba:d9:2c:80:97:0f:86:8b:74:10:d9:
         60:75:4c:37:e1:3c:91:0a:cc:47:09:fb:6d:d0:9d:2f:b4:4d:
         f4:54:e8:c6:51:7f:6c:c6:d9:f5:c9:bd:b7:dd:7e:94:60:ad:
         c6:92:71:00:04:ce:5e:a8:f9:fb:12:74:91:1d:cf:ff:ec:72:
         1c:2c:b0:0a:c8:ff:d9:a3:ad:f5:60:45:b9:30:fe:fb:71:3e:
         be:dc:96:23:e7:ef:b7:b2:ac:95:97:3d:51:8b:50:08:e3:29:
         14:bb:fc:fd:fb:1a:12:b9:9d:74:20:de:0e:78:21:1e:be:10:
         1b:ef:d4:80:84:fe:63:ca:1e:da:34:3b:c4:8b:7d:cd:06:bc:
         1b:3a:92:5a:6c:1d:e7:11:b6:a5:12:1a:c0:e1:92:5f:23:c2:
         96:30:65:c0:94:e4:50:0b:e0:44:37:e3:2f:a9:25:cd:ee:0b:
         3a:4d:46:74:1a:7d:c0:ea:9d:81:3f:e0:ef:98:42:c0:e5:d6:
         07:8a:56:2d:9d:65:0b:b7:2f:56:97:50:78:f3:61:65:ae:11:
         c8:18:79:41:d3:58:90:c4:3c:ad:89:10:f1:1b:4e:9b:fe:f0:
         d4:f2:77:55:5a:af:6c:56:42:5b:4f:b0:3b:2e:bd:bd:f9:a5:
         c5:63:e7:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLfKVL5lyMyQKEIsYKOImQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDNiYjRmMTk1ODExZjhkNzcyM2NhMDFhMGIyZmZiZGVi
NzVhMWIwHhcNMjUwODA4MjEwMDU4WhcNMjUwODA5MjEwMDU4WjAzMTEwLwYDVQQD
EyhiZDJhOTRhNTQzMDFhMzhlOGU5MWViMWYxMzliZjRhZGQ4YmE0ODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+CLbhjptiTnUULW0pjBCZp05wJq
XsrgYNhq2VN1GJU4IIHILLz3wKS+tVKaEO+kBPqGXQdO1JBSkanjbpwOo6UF4hgd
LTovLXAtWxJo3t1471xd0Fip+5nE9SwV/LgP7nu6ZEclUYTgIDH8nB4k936/avx3
qvoSe34M5aeEZFcsCDrYSfNLsKotFVEFg5v21hRvCFMO6StpnbS5pMq5OAHkuWMD
1r8efZCrmsn7CZ1rHC3Uwh1ay2Gq5X0ptzkKsvieqepgPogt6MwgIG4bqFCAsInv
IwEoFd8jiUBl4vtzWtq6An+qzcqyJTfvjF3DxZIMTuDDfBPAaFfvN5HKcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0qlKVDAaOOjpHrHxOb9K3YukhUMB8GA1UdIwQY
MBaAFFIDu08ZWBH413I8oBoLL/vet1obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8wYTkyYTEtZTU5NC00MWVlLTg1NWMt
MmJhNmEwMjJkNGM5LzEvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8wYTkyYTEtZTU5NC00MWVlLTg1NWMtMmJhNmEwMjJkNGM5
LzEvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANk2u3l6B
ZbrZLICXD4aLdBDZYHVMN+E8kQrMRwn7bdCdL7RN9FToxlF/bMbZ9cm9t91+lGCt
xpJxAATOXqj5+xJ0kR3P/+xyHCywCsj/2aOt9WBFuTD++3E+vtyWI+fvt7KslZc9
UYtQCOMpFLv8/fsaErmddCDeDnghHr4QG+/UgIT+Y8oe2jQ7xIt9zQa8GzqSWmwd
5xG2pRIawOGSXyPCljBlwJTkUAvgRDfjL6klze4LOk1GdBp9wOqdgT/g75hCwOXW
B4pWLZ1lC7cvVpdQePNhZa4RyBh5QdNYkMQ8rYkQ8RtOm/7w1PJ3VVqvbFZCW0+w
Oy69vfmlxWPnPQ==
-----END CERTIFICATE-----