Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File:                     NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier:          m+llc34UNxX3WwqBVqJ2mts9S1aMkL4AkImDpm2Z8Mo=
Subject key identifier:   1E:BC:C9:90:E8:27:CB:72:D6:2C:AF:5E:8D:31:35:C6:50:D8:36:0F
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer:       /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial:       0197654D4B83EB65DF5C5E0E92B6A7F022A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number:          022A
Signing time:             Thu 12 Jun 2025 18:00:53 +0000
Manifest this update:     Thu 12 Jun 2025 18:00:53 +0000
Manifest next update:     Fri 13 Jun 2025 18:00:53 +0000
Files and hashes:         1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: B26mvMVJFwFCgrIIBxvvdzWbJK4AjL0cCENQcf3it6Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 18:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:4d:4b:83:eb:65:df:5c:5e:0e:92:b6:a7:f0:22:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
        Validity
            Not Before: Jun 12 18:00:53 2025 GMT
            Not After : Jun 13 18:00:53 2025 GMT
        Subject: CN=1ebcc990e827cb72d62caf5e8d3135c650d8360f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:2a:91:50:21:32:e2:41:68:1c:9e:80:d7:a0:
                    e0:dc:2b:95:55:67:fd:c2:6a:65:5e:17:b3:d4:dd:
                    46:3c:0e:7b:42:2c:dd:76:7e:f0:71:61:ff:98:cb:
                    da:05:f3:7e:98:de:18:af:f1:bc:6d:b3:ed:cf:ab:
                    10:eb:5e:93:d9:ba:c3:a8:53:b0:43:f5:14:18:87:
                    75:60:4b:c8:a1:09:db:62:db:af:b5:8f:39:4b:89:
                    04:fd:be:4e:a5:fb:a8:a6:c3:38:6e:b2:38:7a:61:
                    9b:9f:30:21:d1:fc:a3:e1:ee:99:e1:37:aa:1c:2c:
                    a7:7d:1c:e8:e7:26:85:5b:c0:3f:78:85:1b:1d:d9:
                    a2:9c:f2:5f:fc:95:ff:92:21:73:0b:b0:a3:5c:90:
                    e1:06:ef:16:46:5c:ea:30:54:4f:14:8d:c3:22:92:
                    d1:cf:97:32:7c:68:17:d8:37:26:bc:ea:21:57:98:
                    92:1b:0d:64:46:a4:68:59:e8:6f:58:c8:74:4c:1f:
                    9d:89:e4:01:3a:4d:2b:70:79:8a:f8:c4:5e:97:c0:
                    be:d5:59:28:0a:fd:d1:81:d3:43:40:bc:06:a5:d0:
                    47:1b:09:55:4c:b8:60:37:c8:0f:53:0b:d5:b3:36:
                    23:68:b3:75:53:bc:2e:b6:64:2f:81:04:a1:e2:00:
                    0e:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:BC:C9:90:E8:27:CB:72:D6:2C:AF:5E:8D:31:35:C6:50:D8:36:0F
            X509v3 Authority Key Identifier:
                keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:4c:c0:de:63:3a:7f:9b:04:a7:81:d7:9b:f5:9d:a3:cb:a0:
         6f:70:bb:ca:c6:3d:20:89:30:ba:8b:3b:11:37:1c:f4:5d:c4:
         8f:08:7e:54:e6:1a:66:d6:8c:0f:16:e5:ae:e8:05:29:51:65:
         1b:6c:14:e5:1b:35:76:b2:c5:a2:fc:c2:83:1b:2c:71:70:a8:
         1d:37:ef:a1:44:d8:ad:17:87:9e:ec:5f:12:80:77:d4:0f:82:
         60:f4:e7:4c:0c:1e:3e:e0:15:4c:cf:fb:9d:cc:e6:2e:82:53:
         3e:e6:6c:4b:42:ad:54:8e:32:dd:37:b4:db:c2:d5:d7:f5:ce:
         49:e8:00:b8:2c:4b:70:61:ba:98:b1:51:9a:8a:99:91:db:ab:
         1a:ca:e5:e4:0a:30:bd:ab:0d:e4:69:8f:68:bd:33:df:aa:d7:
         3d:44:45:f8:07:b8:de:12:e8:b2:42:f3:9c:f2:ed:ff:a4:04:
         82:a1:14:6c:d8:cb:cd:2c:72:d1:26:09:05:a3:2e:e0:71:af:
         05:0d:8d:10:6c:35:44:39:f6:04:32:88:6d:2a:2e:89:81:e0:
         ac:ad:2d:79:57:45:ff:d6:8a:56:7c:37:80:74:a7:bb:0f:fd:
         ed:88:a8:12:72:dc:92:fe:66:20:29:a6:27:4e:b4:83:ac:5a:
         0e:9e:de:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlTUuD62XfXF4Okran8CKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjUwNjEyMTgwMDUzWhcNMjUwNjEzMTgwMDUzWjAzMTEwLwYDVQQD
EygxZWJjYzk5MGU4MjdjYjcyZDYyY2FmNWU4ZDMxMzVjNjUwZDgzNjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiqRUCEy4kFoHJ6A16Dg3CuVVWf9
wmplXhez1N1GPA57Qizddn7wcWH/mMvaBfN+mN4Yr/G8bbPtz6sQ616T2brDqFOw
Q/UUGId1YEvIoQnbYtuvtY85S4kE/b5OpfuopsM4brI4emGbnzAh0fyj4e6Z4Teq
HCynfRzo5yaFW8A/eIUbHdminPJf/JX/kiFzC7CjXJDhBu8WRlzqMFRPFI3DIpLR
z5cyfGgX2DcmvOohV5iSGw1kRqRoWehvWMh0TB+dieQBOk0rcHmK+MRel8C+1Vko
Cv3RgdNDQLwGpdBHGwlVTLhgN8gPUwvVszYjaLN1U7wutmQvgQSh4gAOhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB68yZDoJ8ty1iyvXo0xNcZQ2DYPMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABUzA3mM6
f5sEp4HXm/Wdo8ugb3C7ysY9IIkwuos7ETcc9F3Ejwh+VOYaZtaMDxblrugFKVFl
G2wU5Rs1drLFovzCgxsscXCoHTfvoUTYrReHnuxfEoB31A+CYPTnTAwePuAVTM/7
nczmLoJTPuZsS0KtVI4y3Te028LV1/XOSegAuCxLcGG6mLFRmoqZkdurGsrl5Aow
vasN5GmPaL0z36rXPURF+Ae43hLoskLznPLt/6QEgqEUbNjLzSxy0SYJBaMu4HGv
BQ2NEGw1RDn2BDKIbSouiYHgrK0teVdF/9aKVnw3gHSnuw/97YioEnLckv5mICmm
J060g6xaDp7emw==
-----END CERTIFICATE-----
Generated at Fri Jun 13 04:02:43 2025 by rpki-client