Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File:                     NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier:          NswwMEJahGFolWz0MJpttZSMGyuhDIH8/EfeQul90Nk=
Subject key identifier:   35:8E:8A:A1:6C:7E:A7:93:0E:39:AB:4B:35:C8:79:49:B9:85:A5:49
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer:       /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial:       019757C84E9718740895FD52EAF194EB5B86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number:          0223
Signing time:             Tue 10 Jun 2025 03:00:34 +0000
Manifest this update:     Tue 10 Jun 2025 03:00:34 +0000
Manifest next update:     Wed 11 Jun 2025 03:00:34 +0000
Files and hashes:         1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: plbD/38Xkru7nAjYqEwXsLTjMTc6ny9N/BaQ/dVsbMc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:c8:4e:97:18:74:08:95:fd:52:ea:f1:94:eb:5b:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
        Validity
            Not Before: Jun 10 03:00:34 2025 GMT
            Not After : Jun 11 03:00:34 2025 GMT
        Subject: CN=358e8aa16c7ea7930e39ab4b35c87949b985a549
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:fb:00:04:a9:4d:c1:fd:e7:01:21:20:84:12:
                    5d:8b:39:46:e1:ae:51:ba:39:fb:95:ad:eb:59:a5:
                    19:ae:f7:1f:a4:ae:12:1b:ca:21:94:c1:59:22:7c:
                    cb:2e:20:b6:8f:b2:b1:9d:63:17:8f:75:d5:14:11:
                    0e:59:7d:b2:0a:ec:63:6c:d0:2b:ee:6b:5b:7e:6e:
                    1b:50:b5:bb:38:8c:ea:71:52:f1:5a:c0:0f:a8:c6:
                    95:5f:25:cf:a2:8c:96:b0:6e:7e:1e:42:c0:a2:61:
                    55:5f:20:07:c5:c4:4c:2f:8c:98:4b:59:60:48:91:
                    81:8d:c9:21:46:56:46:d4:a5:2e:23:d1:1f:75:d3:
                    72:1c:7c:84:cf:a2:a9:c5:5f:3c:74:37:08:de:f2:
                    0a:55:30:4b:48:38:9c:1b:1f:72:0a:86:dc:08:f1:
                    66:cb:01:ff:40:62:fa:6c:18:a9:dd:12:34:37:53:
                    20:e1:b3:1b:e0:0b:76:f0:9f:31:25:95:6a:40:fd:
                    51:9b:7c:ee:de:35:83:4d:63:65:d0:f5:85:34:9b:
                    91:3f:54:a5:dd:28:f6:79:74:9e:34:a4:f1:1c:38:
                    95:5b:26:81:13:48:3a:68:54:77:4c:b1:c2:9b:64:
                    d7:86:4f:66:91:9d:e6:48:44:3b:24:13:80:d8:f6:
                    d1:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:8E:8A:A1:6C:7E:A7:93:0E:39:AB:4B:35:C8:79:49:B9:85:A5:49
            X509v3 Authority Key Identifier:
                keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:b9:e0:74:96:24:da:f2:b1:b5:03:46:73:bb:52:60:f1:55:
         24:61:5f:8c:2d:25:60:f5:f3:28:84:25:26:9f:4e:fa:a1:c1:
         c6:d4:df:af:4b:b2:73:c0:64:2c:71:87:4b:5a:b6:6a:dd:36:
         b1:6a:aa:97:7a:27:47:19:2d:7d:e2:d8:f6:f4:f3:f9:75:3b:
         3b:d8:e3:64:7f:f3:79:b4:31:94:a8:ed:ea:5c:cc:51:d5:ae:
         21:61:d5:bd:1a:a6:cc:af:83:2a:f3:1c:d8:4f:75:07:68:4c:
         4d:25:56:48:36:01:4a:01:1c:84:8b:fd:49:7d:ea:0b:e0:49:
         db:e1:1e:28:5a:15:88:d5:89:37:26:74:df:80:ff:4e:46:ea:
         49:a1:38:f4:34:b0:90:82:11:20:6c:49:43:78:19:3a:e5:15:
         09:18:54:06:13:7f:ea:6f:60:4c:94:d2:53:ab:50:63:b8:b4:
         a8:bf:b1:bc:c2:10:b7:82:ab:48:59:7f:95:98:3b:08:08:86:
         e8:8a:7b:5f:bf:d0:ad:a5:f4:38:cc:9a:7d:05:16:7d:14:91:
         1d:e7:b5:e9:fc:74:ce:e6:4a:71:c9:f1:dd:cf:b6:0e:28:19:
         8d:d3:18:28:c2:c4:8e:42:01:61:1a:4e:e1:a0:4a:9c:57:1e:
         da:c1:64:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdXyE6XGHQIlf1S6vGU61uGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjUwNjEwMDMwMDM0WhcNMjUwNjExMDMwMDM0WjAzMTEwLwYDVQQD
EygzNThlOGFhMTZjN2VhNzkzMGUzOWFiNGIzNWM4Nzk0OWI5ODVhNTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/sABKlNwf3nASEghBJdizlG4a5R
ujn7la3rWaUZrvcfpK4SG8ohlMFZInzLLiC2j7KxnWMXj3XVFBEOWX2yCuxjbNAr
7mtbfm4bULW7OIzqcVLxWsAPqMaVXyXPooyWsG5+HkLAomFVXyAHxcRML4yYS1lg
SJGBjckhRlZG1KUuI9EfddNyHHyEz6KpxV88dDcI3vIKVTBLSDicGx9yCobcCPFm
ywH/QGL6bBip3RI0N1Mg4bMb4At28J8xJZVqQP1Rm3zu3jWDTWNl0PWFNJuRP1Sl
3Sj2eXSeNKTxHDiVWyaBE0g6aFR3TLHCm2TXhk9mkZ3mSEQ7JBOA2PbRYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWOiqFsfqeTDjmrSzXIeUm5haVJMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu7ngdJYk
2vKxtQNGc7tSYPFVJGFfjC0lYPXzKIQlJp9O+qHBxtTfr0uyc8BkLHGHS1q2at02
sWqql3onRxktfeLY9vTz+XU7O9jjZH/zebQxlKjt6lzMUdWuIWHVvRqmzK+DKvMc
2E91B2hMTSVWSDYBSgEchIv9SX3qC+BJ2+EeKFoViNWJNyZ034D/TkbqSaE49DSw
kIIRIGxJQ3gZOuUVCRhUBhN/6m9gTJTSU6tQY7i0qL+xvMIQt4KrSFl/lZg7CAiG
6Ip7X7/QraX0OMyafQUWfRSRHee16fx0zuZKccnx3c+2DigZjdMYKMLEjkIBYRpO
4aBKnFce2sFkeA==
-----END CERTIFICATE-----