Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File:                     NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier:          0b53BVY2ukQF5a5+d3ghHN7fbCIcYbE99+rSaG9aQSY=
Subject key identifier:   DA:50:F1:59:C4:90:8B:55:7C:06:BC:DE:11:BC:7E:1B:E0:82:45:D6
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer:       /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial:       019D3865BE0D5034360560286231848F1A3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number:          052E
Signing time:             Sun 29 Mar 2026 07:01:24 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:24 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:24 +0000
Files and hashes:         1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: C0AJ3nZqHYxULDw1SgOxks1Y1cFs6tPapaBU2h/l5KE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:be:0d:50:34:36:05:60:28:62:31:84:8f:1a:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
        Validity
            Not Before: Mar 29 07:01:24 2026 GMT
            Not After : Mar 30 07:01:24 2026 GMT
        Subject: CN=da50f159c4908b557c06bcde11bc7e1be08245d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:fc:f6:39:c0:be:22:b1:18:0a:22:8c:60:b2:
                    27:90:75:6e:a5:64:09:b9:b8:44:37:ff:a7:35:21:
                    7d:74:03:79:f9:19:6e:d4:69:00:e0:f6:f2:05:77:
                    f9:f9:1b:54:46:39:5d:0c:a1:be:cf:0b:fc:94:2d:
                    ec:25:31:77:a0:a0:6f:59:81:6d:67:44:21:fe:b4:
                    9a:8e:67:7f:a2:eb:66:11:f8:d1:87:8d:1c:f5:3b:
                    c9:04:80:24:8c:0a:cb:7d:37:26:80:b7:f5:b7:38:
                    36:37:1d:26:1e:77:3c:79:0d:51:0d:15:82:a0:16:
                    b3:a1:6d:aa:4d:ab:24:6f:df:ef:dd:0c:b7:55:2f:
                    02:60:02:3a:e6:b1:cc:6f:bc:8f:7e:68:f0:ed:c2:
                    e2:f8:1f:7c:8c:29:19:0f:79:17:bc:97:47:ae:6a:
                    4f:f3:3e:9a:eb:b4:ca:8a:95:fc:6a:87:c8:90:ef:
                    49:e8:69:d3:e8:a1:aa:79:7f:d4:0c:3b:f0:79:e9:
                    2b:d7:5d:07:7e:1b:d6:2b:83:b7:b3:4e:d0:39:f3:
                    ea:ee:ad:3a:11:bb:58:b6:8b:00:b9:7f:e6:97:23:
                    b2:b6:dc:bb:33:66:b3:5c:11:5d:c8:a9:e9:3f:a4:
                    45:c3:5b:a8:2a:ae:f0:25:86:d4:40:f0:a6:e1:cf:
                    55:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:50:F1:59:C4:90:8B:55:7C:06:BC:DE:11:BC:7E:1B:E0:82:45:D6
            X509v3 Authority Key Identifier:
                keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d4:30:5c:38:14:80:12:f6:89:8a:5e:b9:2a:0a:8a:be:7c:6c:
         78:5b:21:0f:be:8e:35:7d:66:46:d9:03:93:67:2a:08:b0:eb:
         54:0c:ef:ec:e4:9c:e9:11:14:1c:b7:f4:1a:4d:d8:cf:44:0d:
         f5:12:c4:c8:66:96:6f:af:95:f2:4a:6b:92:2c:b4:7e:f6:34:
         0e:92:e4:77:4d:8d:ea:2a:fd:c9:18:ed:b8:d7:71:a6:87:35:
         17:cd:1b:f2:0d:d0:c4:77:45:60:5d:75:2f:de:1d:db:0e:6d:
         a5:ee:95:a7:e8:9c:7c:20:8e:a1:99:08:cf:8e:e2:09:3e:1a:
         5f:72:2f:e1:db:ef:de:03:20:6d:08:f9:ea:1a:57:4d:52:ac:
         9a:c6:52:10:98:b8:95:2a:ea:a7:29:e9:be:2f:c2:99:5d:30:
         44:60:b5:f3:a5:bf:e8:e1:f9:f0:f0:d8:5c:9e:b1:46:23:ad:
         ac:44:f6:cf:3f:28:e9:11:d8:44:34:78:49:1f:ae:cc:63:e7:
         fa:f4:bf:8c:02:f7:20:50:7d:fd:69:11:dc:7e:30:67:b5:8d:
         c4:06:c6:e7:11:3a:cd:3c:ab:a8:a6:2c:e9:b6:a6:6b:04:f1:
         64:aa:fd:25:1b:15:c6:7a:51:8c:c6:81:51:72:9a:18:17:d6:
         c5:48:d2:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zb4NUDQ2BWAoYjGEjxo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjYwMzI5MDcwMTI0WhcNMjYwMzMwMDcwMTI0WjAzMTEwLwYDVQQD
EyhkYTUwZjE1OWM0OTA4YjU1N2MwNmJjZGUxMWJjN2UxYmUwODI0NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fz2OcC+IrEYCiKMYLInkHVupWQJ
ubhEN/+nNSF9dAN5+Rlu1GkA4PbyBXf5+RtURjldDKG+zwv8lC3sJTF3oKBvWYFt
Z0Qh/rSajmd/outmEfjRh40c9TvJBIAkjArLfTcmgLf1tzg2Nx0mHnc8eQ1RDRWC
oBazoW2qTaskb9/v3Qy3VS8CYAI65rHMb7yPfmjw7cLi+B98jCkZD3kXvJdHrmpP
8z6a67TKipX8aofIkO9J6GnT6KGqeX/UDDvweekr110HfhvWK4O3s07QOfPq7q06
EbtYtosAuX/mlyOytty7M2azXBFdyKnpP6RFw1uoKq7wJYbUQPCm4c9VpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpQ8VnEkItVfAa83hG8fhvggkXWMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1DBcOBSA
EvaJil65KgqKvnxseFshD76ONX1mRtkDk2cqCLDrVAzv7OSc6REUHLf0Gk3Yz0QN
9RLEyGaWb6+V8kprkiy0fvY0DpLkd02N6ir9yRjtuNdxpoc1F80b8g3QxHdFYF11
L94d2w5tpe6Vp+icfCCOoZkIz47iCT4aX3Iv4dvv3gMgbQj56hpXTVKsmsZSEJi4
lSrqpynpvi/CmV0wRGC186W/6OH58PDYXJ6xRiOtrET2zz8o6RHYRDR4SR+uzGPn
+vS/jAL3IFB9/WkR3H4wZ7WNxAbG5xE6zTyrqKYs6bamawTxZKr9JRsVxnpRjMaB
UXKaGBfWxUjSBw==
-----END CERTIFICATE-----