Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File:                     NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier:          CgXjePFMh5c2TTV5qdH121mxPD7XWMe/XOllgM7liLY=
Subject key identifier:   B0:53:DC:99:19:37:36:31:EB:B3:14:4D:5E:6F:E0:87:74:2A:84:A7
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer:       /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial:       01976B1841AB6679BE8FE457054B92D8157E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number:          022D
Signing time:             Fri 13 Jun 2025 21:00:41 +0000
Manifest this update:     Fri 13 Jun 2025 21:00:41 +0000
Manifest next update:     Sat 14 Jun 2025 21:00:41 +0000
Files and hashes:         1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: Hijh5NYbkHWokpNOzsoCVkoeBiCJK+w7xNrHiQ6RnRw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 18:59:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:18:41:ab:66:79:be:8f:e4:57:05:4b:92:d8:15:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
        Validity
            Not Before: Jun 13 21:00:41 2025 GMT
            Not After : Jun 14 21:00:41 2025 GMT
        Subject: CN=b053dc9919373631ebb3144d5e6fe087742a84a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:92:db:30:90:80:68:df:a0:55:8e:a0:f2:77:
                    fd:23:fb:4a:08:e5:bd:0f:bd:55:8d:5b:49:6a:8b:
                    70:a4:3a:22:18:f8:d2:95:26:aa:11:a2:d0:64:3e:
                    b3:6c:c0:ff:cb:d7:63:14:24:2a:76:89:25:40:72:
                    ed:c3:ed:5a:c5:de:f5:0d:91:9d:4f:50:f4:14:54:
                    97:aa:1e:f8:2f:b4:fb:09:9f:b2:0a:08:fd:fa:86:
                    c9:a5:b0:50:e3:e8:9b:80:02:bb:34:e8:14:51:f3:
                    e2:74:7d:49:de:83:07:10:d3:00:8e:66:e0:3d:c2:
                    f2:f0:25:6f:cb:e0:84:40:8d:0a:d8:8c:63:48:9f:
                    fe:38:b6:86:d9:01:7a:be:d0:12:2b:e8:de:a8:53:
                    1b:40:ce:47:6e:f9:57:16:fe:2b:2c:dd:7b:dd:51:
                    af:71:3e:32:e7:c0:a0:65:e8:5c:55:bf:82:6f:b3:
                    b5:76:c7:df:f8:73:e6:4e:5e:4d:26:3a:57:93:be:
                    26:af:8b:d8:c0:88:6e:95:83:ec:f2:de:03:67:e3:
                    2d:79:78:9a:aa:93:7b:66:1c:6c:51:e5:d4:84:db:
                    78:b1:c6:3f:5f:76:66:72:40:61:c1:35:86:10:9e:
                    85:3a:a1:7f:02:7e:55:88:27:e2:2f:2d:6d:fc:e6:
                    75:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:53:DC:99:19:37:36:31:EB:B3:14:4D:5E:6F:E0:87:74:2A:84:A7
            X509v3 Authority Key Identifier:
                keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:f3:d3:20:a3:ca:80:eb:1a:d5:c6:bd:0f:76:8b:e9:73:7b:
         5d:1d:78:84:7b:e3:89:2e:a3:c4:89:35:61:82:e4:a8:58:8e:
         1a:b8:51:e1:c1:84:fe:e6:8f:5c:75:d0:c8:ef:84:5a:a0:8a:
         a7:aa:4c:83:a7:56:b6:b7:a0:a0:14:01:4a:28:94:08:15:08:
         78:9b:c9:85:49:87:f4:f6:e4:f3:f1:73:1e:3b:c9:54:23:67:
         82:f2:66:b1:cc:2b:c4:0d:c0:6c:20:61:89:b5:d5:48:63:c5:
         83:43:36:c0:1a:a1:49:1b:41:40:24:ca:23:bf:8c:c1:93:34:
         00:1f:cd:8b:4d:7d:d8:e4:7a:cb:24:cc:74:f8:5b:43:5f:b6:
         83:b3:c7:97:a4:35:ea:d4:72:03:2b:62:9a:e0:92:0b:e1:a6:
         4b:45:20:99:17:a1:b4:0c:31:f4:80:ac:6b:ec:9b:f1:4d:45:
         ae:17:e9:2f:8b:b9:1b:d7:ce:b2:46:42:ba:1a:c2:8a:88:c5:
         ed:33:e3:37:e6:2b:d9:72:2b:6c:b0:05:13:dc:8a:d8:1f:7a:
         4a:a4:f7:40:39:3c:b9:c4:ca:c6:f7:ae:2b:2d:83:cf:61:71:
         15:71:5e:02:b7:d5:00:4f:81:2e:cf:00:5d:c7:81:85:8b:81:
         f1:14:63:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrGEGrZnm+j+RXBUuS2BV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjUwNjEzMjEwMDQxWhcNMjUwNjE0MjEwMDQxWjAzMTEwLwYDVQQD
EyhiMDUzZGM5OTE5MzczNjMxZWJiMzE0NGQ1ZTZmZTA4Nzc0MmE4NGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZLbMJCAaN+gVY6g8nf9I/tKCOW9
D71VjVtJaotwpDoiGPjSlSaqEaLQZD6zbMD/y9djFCQqdoklQHLtw+1axd71DZGd
T1D0FFSXqh74L7T7CZ+yCgj9+obJpbBQ4+ibgAK7NOgUUfPidH1J3oMHENMAjmbg
PcLy8CVvy+CEQI0K2IxjSJ/+OLaG2QF6vtASK+jeqFMbQM5HbvlXFv4rLN173VGv
cT4y58CgZehcVb+Cb7O1dsff+HPmTl5NJjpXk74mr4vYwIhulYPs8t4DZ+MteXia
qpN7ZhxsUeXUhNt4scY/X3ZmckBhwTWGEJ6FOqF/An5ViCfiLy1t/OZ1PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLBT3JkZNzYx67MUTV5v4Id0KoSnMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjPPTIKPK
gOsa1ca9D3aL6XN7XR14hHvjiS6jxIk1YYLkqFiOGrhR4cGE/uaPXHXQyO+EWqCK
p6pMg6dWtregoBQBSiiUCBUIeJvJhUmH9Pbk8/FzHjvJVCNngvJmscwrxA3AbCBh
ibXVSGPFg0M2wBqhSRtBQCTKI7+MwZM0AB/Ni0192OR6yyTMdPhbQ1+2g7PHl6Q1
6tRyAytimuCSC+GmS0UgmRehtAwx9ICsa+yb8U1FrhfpL4u5G9fOskZCuhrCiojF
7TPjN+Yr2XIrbLAFE9yK2B96SqT3QDk8ucTKxveuKy2Dz2FxFXFeArfVAE+BLs8A
XceBhYuB8RRjRg==
-----END CERTIFICATE-----