Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
File:                     UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json)
Hash identifier:          GJGFdZ1SFxoH//WCUK6QOvQcm4ny7NV+pX51BMUH8wQ=
Subject key identifier:   AB:46:BA:38:4E:58:8C:E4:30:99:5C:F9:24:1E:32:BD:2C:B1:3D:EF
Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D
Certificate issuer:       /CN=5061bdf7da55676d971882beee9021bc5fb3172d
Certificate serial:       0196808F99340095B4D3E65E7FB91A794FFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
Manifest number:          07CB
Signing time:             Tue 29 Apr 2025 08:00:16 +0000
Manifest this update:     Tue 29 Apr 2025 08:00:16 +0000
Manifest next update:     Wed 30 Apr 2025 08:00:16 +0000
Files and hashes:         1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: xWEpnAWR/ZNAdDH/qD90cqtWR+93srd1eygaR4Ac4hw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 08:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:8f:99:34:00:95:b4:d3:e6:5e:7f:b9:1a:79:4f:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d
        Validity
            Not Before: Apr 29 08:00:16 2025 GMT
            Not After : Apr 30 08:00:16 2025 GMT
        Subject: CN=ab46ba384e588ce430995cf9241e32bd2cb13def
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:81:0a:f7:a1:5f:6f:b2:a3:2b:4b:47:b7:b4:
                    a3:75:f0:80:39:e8:cf:dd:3a:50:0e:18:12:38:c3:
                    bb:17:ea:4c:d0:e5:5f:ea:dd:05:06:b1:65:68:3a:
                    ba:47:da:2f:82:39:3a:e6:7f:a0:21:bd:b3:23:62:
                    67:1f:46:60:73:4b:df:e3:fc:78:50:8d:e6:fb:49:
                    2f:52:5f:bd:a2:6c:20:69:de:28:25:25:f5:c7:a8:
                    21:d0:2c:70:69:86:08:c1:7a:2c:dc:52:f6:01:94:
                    83:ae:cf:e3:88:6d:48:1b:34:38:c1:18:11:65:74:
                    72:5b:2c:9e:32:21:65:87:2a:b8:e9:3b:0d:fa:be:
                    f4:44:4a:4a:76:06:e3:c1:04:78:e6:99:7b:de:a2:
                    08:6a:10:98:bb:f7:46:bd:ef:f1:c2:7a:6a:43:68:
                    fa:03:03:37:d3:a9:9a:8f:5c:06:7f:57:8f:96:88:
                    bd:dc:94:8d:cd:29:1a:2b:fd:a6:ba:f8:08:b6:47:
                    cd:91:7a:29:9f:4e:46:56:38:d3:dc:d1:21:6c:c8:
                    7d:23:67:90:53:be:82:39:b2:3f:fd:23:fb:33:ac:
                    bf:9d:79:ea:9b:cc:1f:30:6a:01:90:b0:51:1c:0d:
                    f2:62:0d:99:da:07:e9:55:92:bd:d9:96:b1:38:0f:
                    b2:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:46:BA:38:4E:58:8C:E4:30:99:5C:F9:24:1E:32:BD:2C:B1:3D:EF
            X509v3 Authority Key Identifier:
                keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:f8:21:bc:08:6f:2f:01:55:d8:ee:88:04:6c:50:d9:b8:5a:
         95:e0:63:c7:c9:82:a8:81:88:78:ed:89:2c:3f:ec:d8:b5:5d:
         1d:79:f6:9a:ca:c3:95:d9:45:13:0a:02:11:ce:a9:3f:d6:3e:
         9f:bb:50:18:6b:56:87:93:72:87:2f:1c:bc:d6:21:b0:20:cb:
         57:00:5d:bb:79:7f:d9:64:cc:9c:70:1a:a7:d1:a5:36:7f:42:
         3d:07:11:96:af:86:5d:fe:5d:2e:94:78:91:55:07:f4:4f:9e:
         fd:7e:a6:5a:c0:c4:57:61:69:70:3b:1b:2b:6d:11:c8:7b:6c:
         d5:76:b3:6c:55:30:09:10:13:a7:1c:76:0e:a5:24:91:3b:c8:
         ac:89:bd:9b:8a:fc:9b:03:3a:28:05:ea:99:07:5e:bd:0e:92:
         1d:07:64:32:18:1b:fd:88:3f:d2:30:5a:c1:1a:ab:0a:f5:0c:
         49:fa:7a:8a:fc:d4:63:f5:90:da:e7:02:1e:4b:f7:76:22:05:
         8f:85:7a:22:bb:d5:7c:61:66:a5:ed:35:77:3d:e6:0d:64:3e:
         ca:bf:8f:f0:84:06:c9:9b:37:b0:f3:41:b0:26:af:a9:f5:be:
         44:c2:ce:13:e7:5a:bd:8b:1d:ab:12:5a:ce:97:db:58:be:c0:
         42:4e:ad:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAj5k0AJW00+Zef7kaeU/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi
MzE3MmQwHhcNMjUwNDI5MDgwMDE2WhcNMjUwNDMwMDgwMDE2WjAzMTEwLwYDVQQD
EyhhYjQ2YmEzODRlNTg4Y2U0MzA5OTVjZjkyNDFlMzJiZDJjYjEzZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoEK96Ffb7KjK0tHt7SjdfCAOejP
3TpQDhgSOMO7F+pM0OVf6t0FBrFlaDq6R9ovgjk65n+gIb2zI2JnH0Zgc0vf4/x4
UI3m+0kvUl+9omwgad4oJSX1x6gh0CxwaYYIwXos3FL2AZSDrs/jiG1IGzQ4wRgR
ZXRyWyyeMiFlhyq46TsN+r70REpKdgbjwQR45pl73qIIahCYu/dGve/xwnpqQ2j6
AwM306maj1wGf1ePloi93JSNzSkaK/2muvgItkfNkXopn05GVjjT3NEhbMh9I2eQ
U76CObI//SP7M6y/nXnqm8wfMGoBkLBRHA3yYg2Z2gfpVZK92ZaxOA+yDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKtGujhOWIzkMJlc+SQeMr0ssT3vMB8GA1UdIwQY
MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt
NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm
LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkfghvAhv
LwFV2O6IBGxQ2bhaleBjx8mCqIGIeO2JLD/s2LVdHXn2msrDldlFEwoCEc6pP9Y+
n7tQGGtWh5Nyhy8cvNYhsCDLVwBdu3l/2WTMnHAap9GlNn9CPQcRlq+GXf5dLpR4
kVUH9E+e/X6mWsDEV2FpcDsbK20RyHts1XazbFUwCRATpxx2DqUkkTvIrIm9m4r8
mwM6KAXqmQdevQ6SHQdkMhgb/Yg/0jBawRqrCvUMSfp6ivzUY/WQ2ucCHkv3diIF
j4V6IrvVfGFmpe01dz3mDWQ+yr+P8IQGyZs3sPNBsCavqfW+RMLOE+davYsdqxJa
zpfbWL7AQk6txw==
-----END CERTIFICATE-----