Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File:                     NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier:          z7EfIE3TPh+2gqt7G+7rMGtoyzw36Lihgi8GpZzkAa8=
Subject key identifier:   8C:19:60:64:1E:2E:D9:4A:E2:E5:D8:39:18:60:8C:C3:43:DB:10:8A
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer:       /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial:       01976170AEB272C1756D9E77BA077EE20293
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number:          0228
Signing time:             Thu 12 Jun 2025 00:01:04 +0000
Manifest this update:     Thu 12 Jun 2025 00:01:04 +0000
Manifest next update:     Fri 13 Jun 2025 00:01:04 +0000
Files and hashes:         1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: x3GN8wAVKSZ+aLMWORm2Z43dkmXhfYD0Ajyj5O5Ani8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:26:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:70:ae:b2:72:c1:75:6d:9e:77:ba:07:7e:e2:02:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
        Validity
            Not Before: Jun 12 00:01:04 2025 GMT
            Not After : Jun 13 00:01:04 2025 GMT
        Subject: CN=8c1960641e2ed94ae2e5d83918608cc343db108a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:23:31:4c:c6:bb:09:e1:f4:1d:8f:b6:95:0f:
                    f6:cd:88:b4:c1:91:d7:d2:9c:85:2b:63:a3:d7:8c:
                    71:18:d7:da:d8:33:80:5b:32:df:a4:88:01:b7:59:
                    9c:1c:b1:d5:4c:70:0c:96:1c:27:ed:72:8c:bd:d0:
                    ba:52:15:6b:ce:18:4a:ea:46:bc:43:59:e7:a8:38:
                    bb:a9:e5:9d:ae:09:bd:55:d4:1a:2d:99:32:6a:26:
                    df:fc:67:e3:84:a6:76:cd:d4:1f:e8:45:6f:6f:54:
                    e1:11:f9:d2:f2:d3:6f:e3:c6:a7:fb:0b:9f:f6:c4:
                    e0:67:05:5d:f0:55:f5:44:95:9c:9b:52:14:50:ed:
                    e9:98:6f:9b:6c:e3:cc:19:7e:df:41:0c:20:2c:32:
                    da:40:98:b2:09:45:68:4d:89:88:3c:d3:29:ad:e0:
                    cc:74:d3:f2:ec:70:94:b7:31:3c:6e:cb:5c:0a:6b:
                    ce:77:a7:75:a8:3e:70:d7:f4:b1:2c:87:c4:67:ed:
                    81:ce:ba:e2:26:6a:4c:4b:a7:bc:0d:9f:61:86:7b:
                    c7:78:fb:74:1a:70:63:51:36:0a:74:6b:55:83:fb:
                    20:b1:e7:d7:31:ea:e0:2f:0f:ee:85:bb:c7:c1:4c:
                    05:65:16:07:3a:7a:d1:70:ca:73:fa:f8:03:62:9d:
                    7c:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:19:60:64:1E:2E:D9:4A:E2:E5:D8:39:18:60:8C:C3:43:DB:10:8A
            X509v3 Authority Key Identifier:
                keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:4f:9e:12:09:41:37:b2:7f:5f:73:2d:4e:a2:68:f8:b1:86:
         0a:0b:84:cc:9e:53:46:05:e5:35:db:38:60:3b:34:9e:31:00:
         1f:c9:35:2a:eb:8a:65:45:8e:d5:f6:6d:b8:dd:36:57:7d:d7:
         d2:54:0c:c9:29:a3:09:5b:41:07:06:13:25:93:3a:86:9d:7f:
         1f:06:60:b4:c1:af:6a:e5:38:5c:b3:79:96:5e:5d:ff:09:05:
         51:f4:26:e0:7a:0e:15:fc:4b:c6:5a:95:0f:61:3a:1c:6d:65:
         e5:7e:bc:cf:43:96:32:d8:8d:75:91:d4:79:d3:ce:94:18:50:
         c8:a2:25:0b:8e:b5:a5:a5:40:2c:30:56:a6:a0:3d:c2:4e:74:
         66:5c:b2:63:99:19:d1:c5:78:05:31:87:94:17:e2:57:61:ef:
         ee:91:5a:d4:94:c0:2f:1d:cc:66:8a:4c:93:a8:6f:32:3b:24:
         c5:5b:35:b5:d5:af:68:42:91:f9:8c:0b:49:b3:5e:a5:bb:a9:
         63:d2:f7:db:5e:87:2f:3c:14:f7:c8:7a:41:01:84:63:55:92:
         49:c0:4e:90:19:68:ba:a1:2b:d6:71:b5:f2:c0:15:10:c5:52:
         15:77:10:ac:78:7f:b5:2b:46:87:47:72:99:fa:fb:38:b2:d9:
         be:1b:bf:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhcK6ycsF1bZ53ugd+4gKTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjUwNjEyMDAwMTA0WhcNMjUwNjEzMDAwMTA0WjAzMTEwLwYDVQQD
Eyg4YzE5NjA2NDFlMmVkOTRhZTJlNWQ4MzkxODYwOGNjMzQzZGIxMDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7iMxTMa7CeH0HY+2lQ/2zYi0wZHX
0pyFK2Oj14xxGNfa2DOAWzLfpIgBt1mcHLHVTHAMlhwn7XKMvdC6UhVrzhhK6ka8
Q1nnqDi7qeWdrgm9VdQaLZkyaibf/GfjhKZ2zdQf6EVvb1ThEfnS8tNv48an+wuf
9sTgZwVd8FX1RJWcm1IUUO3pmG+bbOPMGX7fQQwgLDLaQJiyCUVoTYmIPNMpreDM
dNPy7HCUtzE8bstcCmvOd6d1qD5w1/SxLIfEZ+2BzrriJmpMS6e8DZ9hhnvHePt0
GnBjUTYKdGtVg/sgsefXMergLw/uhbvHwUwFZRYHOnrRcMpz+vgDYp18bwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwZYGQeLtlK4uXYORhgjMND2xCKMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACE+eEglB
N7J/X3MtTqJo+LGGCguEzJ5TRgXlNds4YDs0njEAH8k1KuuKZUWO1fZtuN02V33X
0lQMySmjCVtBBwYTJZM6hp1/HwZgtMGvauU4XLN5ll5d/wkFUfQm4HoOFfxLxlqV
D2E6HG1l5X68z0OWMtiNdZHUedPOlBhQyKIlC461paVALDBWpqA9wk50ZlyyY5kZ
0cV4BTGHlBfiV2Hv7pFa1JTALx3MZopMk6hvMjskxVs1tdWvaEKR+YwLSbNepbup
Y9L3216HLzwU98h6QQGEY1WSScBOkBlouqEr1nG18sAVEMVSFXcQrHh/tStGh0dy
mfr7OLLZvhu/iQ==
-----END CERTIFICATE-----