Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
File:                     UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json)
Hash identifier:          PcB2HOdRw6Qcbrfb9ZJMPQcnnfiMxYCK7mWF4+sc9SQ=
Subject key identifier:   97:6A:39:53:60:62:B3:D2:03:8F:7C:BC:AE:24:62:DF:D7:56:4C:7E
Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D
Certificate issuer:       /CN=5061bdf7da55676d971882beee9021bc5fb3172d
Certificate serial:       019CAC474DE9761B5C49F8E4B6A77089D4AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
Manifest number:          0AFD
Signing time:             Mon 02 Mar 2026 02:01:20 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:20 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:20 +0000
Files and hashes:         1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: J8WGtjBidViFKE2jiB/yFMiqOQty0QeljubulrfD0Js=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 02:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:4d:e9:76:1b:5c:49:f8:e4:b6:a7:70:89:d4:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d
        Validity
            Not Before: Mar  2 02:01:20 2026 GMT
            Not After : Mar  3 02:01:20 2026 GMT
        Subject: CN=976a39536062b3d2038f7cbcae2462dfd7564c7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:41:eb:e3:db:e9:01:01:2b:65:2b:e2:3c:7d:
                    eb:9f:b8:da:30:8a:6a:11:a8:74:55:88:7b:c9:c2:
                    1a:50:64:6f:4f:d0:04:b0:5e:3a:5c:68:7c:34:d9:
                    b1:dc:d6:00:fb:eb:69:12:87:00:d5:fb:71:26:0f:
                    9f:90:dc:60:1e:7f:e3:d3:2a:ae:80:e1:51:61:00:
                    7a:e9:2c:c6:cc:ab:24:56:ab:c4:4d:ce:d6:b5:6b:
                    a7:24:30:bc:24:ef:33:56:cd:c7:40:57:3c:58:21:
                    58:63:f1:3a:76:85:78:1f:75:7d:04:6d:65:db:e1:
                    d0:ee:f1:95:59:30:89:26:0c:cf:cb:41:bd:df:2c:
                    76:ee:02:18:ff:08:2b:ac:7d:83:2c:1d:cc:58:b1:
                    6b:63:1f:70:71:cc:0e:5b:c1:3a:fc:94:2d:3f:3d:
                    c0:cd:96:47:7f:d3:68:a0:42:2b:a5:62:87:7d:ed:
                    bb:ab:57:02:5f:2f:fb:9a:5b:a9:ee:03:c0:a3:54:
                    d1:fe:83:03:e0:ec:15:8b:b9:ae:eb:56:f5:99:34:
                    3f:2a:fd:c9:91:42:e9:b0:c3:a7:28:f6:0f:51:9b:
                    5c:14:55:c6:99:97:63:84:96:87:3f:bb:6e:24:6c:
                    81:4f:52:71:7e:f1:62:13:14:83:31:91:98:20:fd:
                    3f:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:6A:39:53:60:62:B3:D2:03:8F:7C:BC:AE:24:62:DF:D7:56:4C:7E
            X509v3 Authority Key Identifier:
                keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:3e:82:4a:eb:57:a0:f0:81:76:16:bb:21:0e:ce:9b:92:4c:
         2b:4f:d4:cd:fe:4f:72:1b:c1:5f:d5:f8:4c:75:0b:d9:8b:e2:
         07:66:8e:e3:18:6c:19:8f:d0:ed:2a:82:80:52:50:7d:6f:85:
         73:d2:01:2c:98:b8:0a:d2:0f:fe:da:44:ec:ec:d0:93:9b:2f:
         c4:d2:09:3d:ea:29:47:43:36:dd:d2:3d:35:5e:58:d2:b6:78:
         e2:8b:84:b4:4c:7c:25:a2:2a:20:a6:1b:73:45:34:7f:c9:9c:
         e2:f1:cb:62:4b:d3:cb:67:df:bd:48:5c:f7:03:a1:85:ef:4c:
         d3:8d:82:ca:5f:eb:48:2c:7b:e8:57:4d:09:77:3c:98:74:b5:
         bb:11:d7:88:a8:06:15:3a:af:30:e8:78:b4:c9:01:0a:49:46:
         ea:10:f0:60:6a:73:ca:7c:ce:99:92:0d:87:17:0a:48:7e:45:
         32:85:28:3c:c5:6a:64:8d:59:a4:46:8f:df:8d:28:7e:96:fd:
         f7:87:d7:32:2d:89:8c:de:12:47:bd:7a:72:2b:8a:b5:36:ae:
         4e:29:b0:d4:e0:74:cf:86:d7:dd:e7:b8:bb:09:04:c4:d3:8d:
         7e:40:e9:6d:aa:01:40:8e:0a:f1:f4:b2:73:62:fc:8f:96:02:
         c3:21:e5:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR03pdhtcSfjktqdwidSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi
MzE3MmQwHhcNMjYwMzAyMDIwMTIwWhcNMjYwMzAzMDIwMTIwWjAzMTEwLwYDVQQD
Eyg5NzZhMzk1MzYwNjJiM2QyMDM4ZjdjYmNhZTI0NjJkZmQ3NTY0YzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0Hr49vpAQErZSviPH3rn7jaMIpq
Eah0VYh7ycIaUGRvT9AEsF46XGh8NNmx3NYA++tpEocA1ftxJg+fkNxgHn/j0yqu
gOFRYQB66SzGzKskVqvETc7WtWunJDC8JO8zVs3HQFc8WCFYY/E6doV4H3V9BG1l
2+HQ7vGVWTCJJgzPy0G93yx27gIY/wgrrH2DLB3MWLFrYx9wccwOW8E6/JQtPz3A
zZZHf9NooEIrpWKHfe27q1cCXy/7mlup7gPAo1TR/oMD4OwVi7mu61b1mTQ/Kv3J
kULpsMOnKPYPUZtcFFXGmZdjhJaHP7tuJGyBT1JxfvFiExSDMZGYIP0/IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdqOVNgYrPSA498vK4kYt/XVkx+MB8GA1UdIwQY
MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt
NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm
LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAez6CSutX
oPCBdha7IQ7Om5JMK0/Uzf5PchvBX9X4THUL2YviB2aO4xhsGY/Q7SqCgFJQfW+F
c9IBLJi4CtIP/tpE7OzQk5svxNIJPeopR0M23dI9NV5Y0rZ44ouEtEx8JaIqIKYb
c0U0f8mc4vHLYkvTy2ffvUhc9wOhhe9M042Cyl/rSCx76FdNCXc8mHS1uxHXiKgG
FTqvMOh4tMkBCklG6hDwYGpzynzOmZINhxcKSH5FMoUoPMVqZI1ZpEaP340ofpb9
94fXMi2JjN4SR716ciuKtTauTimw1OB0z4bX3ee4uwkExNONfkDpbaoBQI4K8fSy
c2L8j5YCwyHlYw==
-----END CERTIFICATE-----