Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
File:                     UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json)
Hash identifier:          6wnO9Mo469jqiSFnNVhWymx4KZWO7HmeXgrnv8FvpEw=
Subject key identifier:   6A:8F:8A:43:95:69:2A:7C:52:E4:20:F5:CA:30:95:BE:C3:2D:AE:21
Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D
Certificate issuer:       /CN=5061bdf7da55676d971882beee9021bc5fb3172d
Certificate serial:       019A51BEE2299EC6616E083D1DD837B8EC66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
Manifest number:          09C5
Signing time:             Wed 05 Nov 2025 02:00:55 +0000
Manifest this update:     Wed 05 Nov 2025 02:00:55 +0000
Manifest next update:     Thu 06 Nov 2025 02:00:55 +0000
Files and hashes:         1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: B0gRGwPosTt3ikvbxsv1vc1DoiE7ky5OktBviQx1KZw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 02:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:be:e2:29:9e:c6:61:6e:08:3d:1d:d8:37:b8:ec:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d
        Validity
            Not Before: Nov  5 02:00:55 2025 GMT
            Not After : Nov  6 02:00:55 2025 GMT
        Subject: CN=6a8f8a4395692a7c52e420f5ca3095bec32dae21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:4f:e7:65:ad:dc:be:45:08:eb:8f:4f:f1:6a:
                    ad:16:51:ba:57:b7:4a:c6:c6:28:92:e2:7c:7a:eb:
                    6f:fb:23:d2:16:dd:54:72:4a:b8:ed:dc:be:12:67:
                    03:c0:ae:d1:46:a4:e0:28:40:6c:09:fd:e9:ba:64:
                    64:7c:99:34:36:d6:c4:3b:79:fa:3f:da:af:ac:5e:
                    6f:27:b3:63:d3:ab:e4:d7:9d:b8:bd:7b:5e:a0:9f:
                    bc:75:31:de:a2:23:16:91:a9:1d:22:d4:a3:88:c2:
                    1c:06:e6:91:c6:c3:16:66:c2:4b:98:a3:ec:b6:77:
                    c3:eb:cf:0e:bc:d2:dd:d4:c8:1d:2b:d1:19:3f:31:
                    b7:77:30:97:47:55:b9:15:82:3b:4d:d6:5e:99:cd:
                    d9:37:df:84:63:7d:43:e3:d9:6b:7a:9e:2d:3c:92:
                    57:9b:4a:4e:0c:3f:31:ca:e5:ae:3d:20:10:05:4c:
                    cd:9c:02:e4:e6:1a:0b:0e:02:99:06:6e:7a:99:95:
                    e9:40:44:04:c5:8e:78:a9:8e:65:bc:c8:fb:1d:19:
                    c4:6d:be:04:9e:dd:af:e7:10:d7:37:c5:68:cd:f1:
                    46:79:48:32:fd:b2:6e:7a:62:f3:1a:a7:a2:4d:7e:
                    b5:f9:4a:b9:54:80:bb:f8:1a:9c:e1:a7:62:1c:92:
                    1a:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:8F:8A:43:95:69:2A:7C:52:E4:20:F5:CA:30:95:BE:C3:2D:AE:21
            X509v3 Authority Key Identifier:
                keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:3a:1d:a6:48:28:b0:23:19:8b:74:d6:11:e4:ac:8c:0d:18:
         f3:ca:76:c2:e4:e5:bc:fa:6d:ba:8e:53:8c:35:31:d2:89:db:
         a4:f9:d6:4c:45:ec:a1:65:a6:ef:f5:59:03:66:27:2b:96:5e:
         a1:63:58:5f:cc:b6:ad:1f:15:e0:fc:48:42:9f:3f:80:6a:ed:
         ac:84:48:3f:70:4b:78:ac:51:eb:55:69:31:fb:22:1f:d3:a6:
         ec:32:3c:8b:38:2a:9d:04:f3:39:31:44:91:95:d0:14:58:e3:
         8d:da:98:1e:3a:6e:f4:77:65:d2:23:ff:70:ab:27:85:d8:44:
         01:e3:3f:ca:25:2d:83:4a:a0:aa:09:29:34:c7:f8:0a:fc:3e:
         41:c9:4a:ba:99:45:3b:52:a7:cc:e4:ce:b2:3a:5a:bd:cb:4a:
         86:18:60:f4:17:1d:09:89:5d:ce:a8:7d:3f:d4:38:63:d1:4c:
         48:a7:16:6d:40:fe:8a:d0:bc:63:61:f2:a2:ca:17:bd:5d:17:
         f1:a6:16:b9:fa:ac:4f:77:7d:54:23:fb:bc:9d:3d:d0:b3:77:
         8d:b5:18:7e:fc:fd:eb:ac:a0:81:4e:69:a4:87:b3:63:32:42:
         0e:0e:40:b7:86:51:00:74:49:96:7d:59:52:c8:10:f0:82:f9:
         7a:a1:77:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRvuIpnsZhbgg9Hdg3uOxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi
MzE3MmQwHhcNMjUxMTA1MDIwMDU1WhcNMjUxMTA2MDIwMDU1WjAzMTEwLwYDVQQD
Eyg2YThmOGE0Mzk1NjkyYTdjNTJlNDIwZjVjYTMwOTViZWMzMmRhZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyE/nZa3cvkUI649P8WqtFlG6V7dK
xsYokuJ8eutv+yPSFt1Uckq47dy+EmcDwK7RRqTgKEBsCf3pumRkfJk0NtbEO3n6
P9qvrF5vJ7Nj06vk1524vXteoJ+8dTHeoiMWkakdItSjiMIcBuaRxsMWZsJLmKPs
tnfD688OvNLd1MgdK9EZPzG3dzCXR1W5FYI7TdZemc3ZN9+EY31D49lrep4tPJJX
m0pODD8xyuWuPSAQBUzNnALk5hoLDgKZBm56mZXpQEQExY54qY5lvMj7HRnEbb4E
nt2v5xDXN8VozfFGeUgy/bJuemLzGqeiTX61+Uq5VIC7+Bqc4adiHJIa9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGqPikOVaSp8UuQg9cowlb7DLa4hMB8GA1UdIwQY
MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt
NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm
LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsDodpkgo
sCMZi3TWEeSsjA0Y88p2wuTlvPptuo5TjDUx0onbpPnWTEXsoWWm7/VZA2YnK5Ze
oWNYX8y2rR8V4PxIQp8/gGrtrIRIP3BLeKxR61VpMfsiH9Om7DI8izgqnQTzOTFE
kZXQFFjjjdqYHjpu9Hdl0iP/cKsnhdhEAeM/yiUtg0qgqgkpNMf4Cvw+QclKuplF
O1KnzOTOsjpavctKhhhg9BcdCYldzqh9P9Q4Y9FMSKcWbUD+itC8Y2HyosoXvV0X
8aYWufqsT3d9VCP7vJ090LN3jbUYfvz966yggU5ppIezYzJCDg5At4ZRAHRJln1Z
UsgQ8IL5eqF3Cw==
-----END CERTIFICATE-----