Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File:                     NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier:          D4jCECwas/6t7mgYXvced028iG4rnGfPnXWEt36rom0=
Subject key identifier:   93:38:48:CA:37:58:0E:31:F4:BC:E5:CD:82:64:BC:F7:5D:CF:EE:B0
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer:       /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial:       01976EF55451FFB4F249891F9C05253B26E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number:          022F
Signing time:             Sat 14 Jun 2025 15:01:01 +0000
Manifest this update:     Sat 14 Jun 2025 15:01:01 +0000
Manifest next update:     Sun 15 Jun 2025 15:01:01 +0000
Files and hashes:         1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: /zV+84iWlo58hVVKAr7HpHjjubsAFn2zvAX1M6cjOhg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:f5:54:51:ff:b4:f2:49:89:1f:9c:05:25:3b:26:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
        Validity
            Not Before: Jun 14 15:01:01 2025 GMT
            Not After : Jun 15 15:01:01 2025 GMT
        Subject: CN=933848ca37580e31f4bce5cd8264bcf75dcfeeb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:21:b3:ed:5d:9d:22:e7:ec:42:07:92:99:d8:
                    fd:2c:b4:61:4f:d3:6e:c3:21:d3:b9:96:a5:7c:86:
                    21:f4:9b:86:46:44:73:74:e8:a7:20:98:6c:56:48:
                    54:56:ca:cd:a0:0a:bd:ea:6e:bf:62:6a:55:58:d8:
                    15:ce:a9:b7:b7:ac:a0:f0:2c:4e:80:63:b8:6c:e7:
                    40:31:e1:a9:3b:c6:10:6c:b4:ed:7c:d6:0c:43:81:
                    e9:24:26:f5:88:6c:9c:41:62:39:44:34:26:af:f2:
                    a2:5f:bd:33:77:65:75:97:c6:f7:98:54:73:1f:36:
                    a0:1a:e0:9e:61:a5:cc:61:39:76:3d:6f:af:43:bb:
                    63:a3:74:44:d6:1f:5e:c1:24:b0:73:4c:64:5c:26:
                    2e:04:23:bb:dc:df:05:7d:e4:4a:42:0a:eb:dc:e8:
                    2b:dd:39:36:ae:9c:a8:8c:1c:4f:7d:c6:2d:ca:33:
                    2a:34:af:d6:87:0f:bd:1b:4e:26:7e:87:35:78:b5:
                    b6:bd:38:ed:04:39:03:d3:c3:f5:8f:e5:2c:3b:b2:
                    94:b6:94:d2:ac:e7:e5:a8:2a:ae:3c:2e:b0:33:fe:
                    2f:02:c0:bd:12:7e:09:aa:01:c7:08:c3:e3:7b:4b:
                    0d:25:d1:05:5b:9f:a6:6f:84:fb:cf:a5:8f:bb:88:
                    4e:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:38:48:CA:37:58:0E:31:F4:BC:E5:CD:82:64:BC:F7:5D:CF:EE:B0
            X509v3 Authority Key Identifier:
                keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:4c:88:ff:8f:05:ad:2d:26:3b:7e:c8:24:a6:7d:a4:58:1d:
         60:8b:30:cc:95:68:ab:b5:9e:8c:7f:48:60:82:f9:46:a9:b0:
         9b:63:4e:8f:da:f7:ef:7b:fd:f4:49:f3:d3:53:29:d4:00:e1:
         a0:33:ce:c4:b5:cc:38:c1:39:48:cc:78:93:d3:4d:e1:9a:8b:
         f1:0e:66:61:64:6a:33:22:d7:f0:4b:75:b1:ed:42:3f:3f:25:
         b4:3d:2d:ff:a1:08:48:d7:6e:46:ea:d8:9c:18:fe:86:b3:f9:
         da:06:2b:0c:08:fb:3c:1d:fc:37:85:5d:f2:09:05:05:9a:6a:
         4e:8f:f3:70:8d:88:07:ab:07:01:ae:fd:c8:28:68:49:d7:f3:
         94:6f:1d:87:e1:08:b2:9e:58:3c:12:fc:f4:8c:4b:94:c6:a2:
         6c:f7:18:f7:35:cd:23:63:72:0d:42:bf:8a:1c:05:a3:99:5b:
         13:9f:a2:28:e8:a2:27:b1:3a:b7:41:df:a7:14:1b:ca:72:41:
         d4:90:5b:ed:61:66:2b:f3:87:40:a4:fd:aa:90:c3:b8:70:c5:
         90:4d:fa:3f:5b:0a:86:09:3d:2c:74:cc:76:50:c0:1c:00:b9:
         50:e3:db:99:9d:ea:70:a3:5c:d7:33:44:68:0d:74:2b:32:03:
         23:be:30:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdu9VRR/7TySYkfnAUlOyblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjUwNjE0MTUwMTAxWhcNMjUwNjE1MTUwMTAxWjAzMTEwLwYDVQQD
Eyg5MzM4NDhjYTM3NTgwZTMxZjRiY2U1Y2Q4MjY0YmNmNzVkY2ZlZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCGz7V2dIufsQgeSmdj9LLRhT9Nu
wyHTuZalfIYh9JuGRkRzdOinIJhsVkhUVsrNoAq96m6/YmpVWNgVzqm3t6yg8CxO
gGO4bOdAMeGpO8YQbLTtfNYMQ4HpJCb1iGycQWI5RDQmr/KiX70zd2V1l8b3mFRz
HzagGuCeYaXMYTl2PW+vQ7tjo3RE1h9ewSSwc0xkXCYuBCO73N8FfeRKQgrr3Ogr
3Tk2rpyojBxPfcYtyjMqNK/Whw+9G04mfoc1eLW2vTjtBDkD08P1j+UsO7KUtpTS
rOflqCquPC6wM/4vAsC9En4JqgHHCMPje0sNJdEFW5+mb4T7z6WPu4hO5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJM4SMo3WA4x9LzlzYJkvPddz+6wMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhEyI/48F
rS0mO37IJKZ9pFgdYIswzJVoq7WejH9IYIL5Rqmwm2NOj9r373v99Enz01Mp1ADh
oDPOxLXMOME5SMx4k9NN4ZqL8Q5mYWRqMyLX8Et1se1CPz8ltD0t/6EISNduRurY
nBj+hrP52gYrDAj7PB38N4Vd8gkFBZpqTo/zcI2IB6sHAa79yChoSdfzlG8dh+EI
sp5YPBL89IxLlMaibPcY9zXNI2NyDUK/ihwFo5lbE5+iKOiiJ7E6t0HfpxQbynJB
1JBb7WFmK/OHQKT9qpDDuHDFkE36P1sKhgk9LHTMdlDAHAC5UOPbmZ3qcKNc1zNE
aA10KzIDI74w/g==
-----END CERTIFICATE-----