Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
File:                     UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json)
Hash identifier:          ww2NUCKkCy12UUPHVi8SrNxOKDdO3e2KQKbbg4g8ISU=
Subject key identifier:   FA:9E:FF:A7:FB:1E:EC:22:5F:69:B5:CB:F7:17:83:E5:DC:A7:36:7C
Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D
Certificate issuer:       /CN=5061bdf7da55676d971882beee9021bc5fb3172d
Certificate serial:       01989F3A4E603FE6F2E1867E2CC8DA0F8ACB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
Manifest number:          08E4
Signing time:             Tue 12 Aug 2025 17:00:55 +0000
Manifest this update:     Tue 12 Aug 2025 17:00:55 +0000
Manifest next update:     Wed 13 Aug 2025 17:00:55 +0000
Files and hashes:         1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: 4WDnAJg0Vgb3MrO78c26Fzo62F2RARVdDHFin9Nzd/o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 17:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9f:3a:4e:60:3f:e6:f2:e1:86:7e:2c:c8:da:0f:8a:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d
        Validity
            Not Before: Aug 12 17:00:55 2025 GMT
            Not After : Aug 13 17:00:55 2025 GMT
        Subject: CN=fa9effa7fb1eec225f69b5cbf71783e5dca7367c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:93:b5:04:04:bc:85:af:04:25:7e:29:12:8c:
                    ff:54:46:fd:15:ac:f1:07:26:bb:86:73:18:78:5c:
                    fd:ae:ee:c9:1f:a6:95:73:27:2f:c5:64:58:9e:43:
                    a2:02:b1:91:47:8e:b6:18:ec:4c:b5:72:ff:86:1c:
                    14:ec:59:c9:d4:40:32:0e:c9:d3:98:27:61:e8:c3:
                    b2:5f:13:6a:82:f1:fe:92:61:ea:a8:b5:f8:cb:b3:
                    ff:b7:4d:22:1c:6f:43:bc:60:dd:bb:2d:e9:e6:ff:
                    d4:b3:91:56:44:e0:98:d6:44:6d:31:b7:3c:5d:91:
                    1c:2c:aa:9f:a9:7a:e3:bf:d1:2f:63:24:b0:cd:23:
                    db:a1:38:4b:00:68:be:dc:0c:ea:43:7a:39:e0:a5:
                    67:0e:2b:b7:0e:19:67:20:6f:d4:3a:d9:fe:e1:9d:
                    d3:25:ac:b9:70:95:fd:22:08:2f:c5:ed:bb:33:1a:
                    ff:98:da:ac:ec:e6:f5:7b:bb:e1:57:c0:45:4d:ad:
                    11:5e:76:0e:f3:92:ee:01:89:0d:e7:19:77:42:d5:
                    97:ee:04:62:40:92:a7:9a:09:0d:a4:b4:60:71:22:
                    c8:31:24:7e:52:94:f7:09:d2:83:a3:78:f7:ef:f9:
                    8f:f9:d9:91:ec:c6:d1:ff:01:31:98:70:0b:a0:70:
                    00:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:9E:FF:A7:FB:1E:EC:22:5F:69:B5:CB:F7:17:83:E5:DC:A7:36:7C
            X509v3 Authority Key Identifier:
                keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:1f:9e:36:f3:3b:54:19:b8:a9:d8:1f:f8:c2:49:c9:5e:15:
         c1:aa:e7:4c:59:ad:8f:d0:16:b6:61:85:34:75:7d:cd:c7:82:
         e6:c8:c4:c8:d5:e7:3a:45:ff:7f:48:cb:8b:ec:b0:8c:c2:52:
         f3:27:2a:15:cf:07:40:33:25:83:38:09:39:53:02:7c:7f:28:
         99:31:75:c9:5e:8a:fe:97:e6:d5:04:dd:f3:ef:cd:57:2f:59:
         1b:36:70:3a:01:a0:c2:b3:2a:59:05:93:86:f7:ee:dd:a8:61:
         12:cf:66:16:dd:81:dc:01:a4:bc:a0:79:a8:60:ca:23:21:2c:
         3c:2e:ed:f1:68:c1:7e:17:46:f5:a8:8c:23:83:53:7b:b9:f4:
         94:f7:13:4a:42:ee:7f:c2:43:6a:67:44:74:25:4f:a1:46:a1:
         8a:68:65:90:34:4d:24:90:3e:16:4b:15:2b:40:8d:47:9b:f8:
         3b:e4:14:18:c6:11:db:1d:c8:71:5a:90:ed:fe:c2:cc:98:08:
         92:ee:34:26:8c:f0:32:5c:21:4c:22:5a:1e:a4:2a:b9:eb:b5:
         7d:44:7d:95:ad:b7:e4:78:96:c4:9e:69:80:91:0a:22:d1:23:
         19:0b:0a:66:77:6e:ff:3d:15:9a:37:be:c6:3d:d4:15:23:17:
         e6:ca:dc:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZifOk5gP+by4YZ+LMjaD4rLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi
MzE3MmQwHhcNMjUwODEyMTcwMDU1WhcNMjUwODEzMTcwMDU1WjAzMTEwLwYDVQQD
EyhmYTllZmZhN2ZiMWVlYzIyNWY2OWI1Y2JmNzE3ODNlNWRjYTczNjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJO1BAS8ha8EJX4pEoz/VEb9Fazx
Bya7hnMYeFz9ru7JH6aVcycvxWRYnkOiArGRR462GOxMtXL/hhwU7FnJ1EAyDsnT
mCdh6MOyXxNqgvH+kmHqqLX4y7P/t00iHG9DvGDduy3p5v/Us5FWROCY1kRtMbc8
XZEcLKqfqXrjv9EvYySwzSPboThLAGi+3AzqQ3o54KVnDiu3DhlnIG/UOtn+4Z3T
Jay5cJX9Iggvxe27Mxr/mNqs7Ob1e7vhV8BFTa0RXnYO85LuAYkN5xl3QtWX7gRi
QJKnmgkNpLRgcSLIMSR+UpT3CdKDo3j37/mP+dmR7MbR/wExmHALoHAAPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqe/6f7HuwiX2m1y/cXg+XcpzZ8MB8GA1UdIwQY
MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt
NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm
LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqh+eNvM7
VBm4qdgf+MJJyV4VwarnTFmtj9AWtmGFNHV9zceC5sjEyNXnOkX/f0jLi+ywjMJS
8ycqFc8HQDMlgzgJOVMCfH8omTF1yV6K/pfm1QTd8+/NVy9ZGzZwOgGgwrMqWQWT
hvfu3ahhEs9mFt2B3AGkvKB5qGDKIyEsPC7t8WjBfhdG9aiMI4NTe7n0lPcTSkLu
f8JDamdEdCVPoUahimhlkDRNJJA+FksVK0CNR5v4O+QUGMYR2x3IcVqQ7f7CzJgI
ku40JozwMlwhTCJaHqQqueu1fUR9la235HiWxJ5pgJEKItEjGQsKZndu/z0Vmje+
xj3UFSMX5srcjw==
-----END CERTIFICATE-----