Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File:                     NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier:          igqhf/d03I/wwFhd53h/l9x1gaJn0aRQk5srcfQyIfg=
Subject key identifier:   D0:DD:EC:0F:72:9D:5F:18:36:4B:18:60:6E:A9:CA:50:4F:62:D4:C4
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer:       /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial:       019365C5000A1A7CD101CBCCD754A2E8FD5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number:          18
Signing time:             Tue 26 Nov 2024 00:00:29 +0000
Manifest this update:     Tue 26 Nov 2024 00:00:29 +0000
Manifest next update:     Wed 27 Nov 2024 00:00:29 +0000
Files and hashes:         1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: nJvNlvRR9Lh5ICKJrhRYWYcGR6oMzRstU0MNKHAEGXM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 23:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:65:c5:00:0a:1a:7c:d1:01:cb:cc:d7:54:a2:e8:fd:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
        Validity
            Not Before: Nov 26 00:00:29 2024 GMT
            Not After : Nov 27 00:00:29 2024 GMT
        Subject: CN=d0ddec0f729d5f18364b18606ea9ca504f62d4c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:0c:8c:10:b8:d2:c1:fc:41:0f:1d:36:f4:61:
                    00:5b:54:6f:ae:1d:1b:7b:5d:77:0c:6f:2a:ac:c0:
                    31:18:d6:1c:ec:22:fa:d3:91:d1:36:0b:c5:a8:06:
                    6d:07:7d:0b:7e:5e:6a:68:20:24:5f:c4:0f:c3:d1:
                    fb:d4:8d:ec:30:77:54:97:8b:ce:ec:2c:19:39:86:
                    ae:f5:59:5d:ac:f7:ab:08:b2:b6:d0:ec:64:b5:27:
                    3f:15:3f:2e:d2:19:07:9a:b6:b0:aa:72:26:e5:c2:
                    0d:05:cc:b0:d8:22:ec:5e:0a:b8:7c:28:18:fe:5c:
                    83:57:a6:25:21:78:3b:3d:7f:8a:f4:e3:33:fc:23:
                    99:df:01:9e:d1:d2:f4:6e:42:fe:62:72:02:8f:5b:
                    85:9e:b4:84:7b:b6:f5:17:cd:18:4f:2d:a3:7c:b3:
                    5c:51:2d:72:03:a8:9f:42:49:4e:5b:11:f2:45:84:
                    07:bd:54:29:b7:28:28:fd:7d:85:44:c1:cc:b6:90:
                    4b:92:b9:6b:53:4c:16:ca:36:24:a8:2f:b5:f8:b9:
                    ec:b3:81:ad:6d:09:06:36:63:dd:ca:48:b5:38:0a:
                    58:d3:3d:e1:ff:a8:f2:3c:d6:9d:05:3f:25:2f:91:
                    df:b7:da:ca:87:3a:e8:da:f4:7c:e9:f4:b0:e6:2b:
                    e9:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:DD:EC:0F:72:9D:5F:18:36:4B:18:60:6E:A9:CA:50:4F:62:D4:C4
            X509v3 Authority Key Identifier:
                keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d8:b3:8b:98:07:5a:eb:cb:4a:f5:f3:aa:93:9a:6b:65:db:45:
         72:0f:4c:11:41:d8:11:d7:76:96:2c:f9:53:c5:3e:24:9c:58:
         de:5c:7a:a0:bd:f2:0f:1a:c8:45:13:72:0b:1e:e6:31:a8:4a:
         80:21:73:b1:7b:ff:fe:e3:4f:57:ec:ae:cf:48:d6:b4:bb:92:
         e4:cb:56:7b:50:7b:c2:56:bf:d1:56:c4:5b:86:fa:01:bc:1d:
         24:4c:96:3f:6f:5b:2c:30:19:b7:1a:c3:31:53:f8:83:4b:e4:
         32:6a:ff:45:54:38:85:69:49:4c:ea:99:90:b4:d6:ea:86:51:
         37:69:e0:cf:54:c7:04:c0:84:88:aa:cc:7c:3a:2b:23:30:4d:
         21:f2:18:68:2c:69:65:4b:73:b5:21:70:e1:a3:1d:72:11:97:
         19:08:4e:01:0a:74:dd:40:3c:43:a9:98:5a:7c:f6:a3:24:66:
         79:02:16:0c:df:11:f1:8a:36:b6:0b:3d:65:25:04:1f:78:41:
         9a:70:b1:3b:9c:cf:7d:99:9b:54:cf:af:1f:e1:5d:c3:3f:19:
         6f:bc:cf:35:b9:1f:ec:14:8c:51:f3:8c:67:ca:ae:f8:11:bf:
         3f:54:18:80:d0:dc:a9:27:fd:c0:d9:fa:94:17:31:36:12:80:
         15:5f:14:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNlxQAKGnzRAcvM11Si6P1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjQxMTI2MDAwMDI5WhcNMjQxMTI3MDAwMDI5WjAzMTEwLwYDVQQD
EyhkMGRkZWMwZjcyOWQ1ZjE4MzY0YjE4NjA2ZWE5Y2E1MDRmNjJkNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQyMELjSwfxBDx029GEAW1Rvrh0b
e113DG8qrMAxGNYc7CL605HRNgvFqAZtB30Lfl5qaCAkX8QPw9H71I3sMHdUl4vO
7CwZOYau9VldrPerCLK20OxktSc/FT8u0hkHmrawqnIm5cINBcyw2CLsXgq4fCgY
/lyDV6YlIXg7PX+K9OMz/COZ3wGe0dL0bkL+YnICj1uFnrSEe7b1F80YTy2jfLNc
US1yA6ifQklOWxHyRYQHvVQptygo/X2FRMHMtpBLkrlrU0wWyjYkqC+1+Lnss4Gt
bQkGNmPdyki1OApY0z3h/6jyPNadBT8lL5Hft9rKhzro2vR86fSw5ivpLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDd7A9ynV8YNksYYG6pylBPYtTEMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2LOLmAda
68tK9fOqk5prZdtFcg9MEUHYEdd2liz5U8U+JJxY3lx6oL3yDxrIRRNyCx7mMahK
gCFzsXv//uNPV+yuz0jWtLuS5MtWe1B7wla/0VbEW4b6AbwdJEyWP29bLDAZtxrD
MVP4g0vkMmr/RVQ4hWlJTOqZkLTW6oZRN2ngz1THBMCEiKrMfDorIzBNIfIYaCxp
ZUtztSFw4aMdchGXGQhOAQp03UA8Q6mYWnz2oyRmeQIWDN8R8Yo2tgs9ZSUEH3hB
mnCxO5zPfZmbVM+vH+Fdwz8Zb7zPNbkf7BSMUfOMZ8qu+BG/P1QYgNDcqSf9wNn6
lBcxNhKAFV8UEA==
-----END CERTIFICATE-----