Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File:                     NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier:          GTyq/zreZoWiCwiXzVUQPKm8YOszoplP3QfPcwOeWHI=
Subject key identifier:   00:D9:27:C9:C1:CA:3E:5B:C1:08:78:6B:6E:FD:70:74:5E:76:4E:1C
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer:       /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial:       019921B1DF40128D2DECE85F9840BB370EF4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number:          0310
Signing time:             Sun 07 Sep 2025 01:02:09 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:09 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:09 +0000
Files and hashes:         1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: pXuRRKFWXsiwdtHoP7SAwwczuHhFemSjhoAwPpVjd3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:df:40:12:8d:2d:ec:e8:5f:98:40:bb:37:0e:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
        Validity
            Not Before: Sep  7 01:02:09 2025 GMT
            Not After : Sep  8 01:02:09 2025 GMT
        Subject: CN=00d927c9c1ca3e5bc108786b6efd70745e764e1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:3c:b4:e6:3c:3a:f8:38:23:50:9c:21:cd:d3:
                    c4:0e:bf:23:0c:00:68:ea:d9:92:c0:f6:b8:da:b1:
                    7e:3b:c2:dd:3c:59:c4:30:9f:50:6e:4e:6c:12:06:
                    a4:24:b3:51:3c:be:40:96:a4:8a:c5:6a:13:55:3f:
                    e3:76:38:dd:b8:8f:7d:7a:5b:30:dd:b3:1f:8d:39:
                    31:ac:ce:ce:0a:0a:fb:40:33:cf:f5:13:da:97:ce:
                    26:06:09:cd:c6:4d:0c:45:c3:ee:e2:74:24:79:fd:
                    ac:21:0a:01:ac:13:d5:4f:f1:52:d5:28:0b:a1:d0:
                    bf:c2:47:6f:0b:25:87:07:45:e1:cf:d4:08:43:a5:
                    db:25:5f:45:f4:a1:69:1a:74:fb:7e:17:81:07:02:
                    e3:61:a7:83:2c:65:a4:7e:6d:47:32:92:d7:b6:dd:
                    45:a9:ce:49:bf:7c:b6:90:8e:b1:ef:48:f7:16:29:
                    2a:e2:98:25:5b:aa:0f:b0:49:5d:ef:3b:34:18:74:
                    bf:74:31:66:64:37:da:3d:a6:69:78:0b:e8:fb:67:
                    7b:ef:1a:f5:cc:85:bf:ee:c4:84:e6:27:f3:fb:74:
                    e9:72:2d:ad:2d:a3:83:df:a4:6e:7c:1a:3a:e6:f0:
                    f1:15:05:82:ce:a3:dc:af:97:53:b5:bb:b1:1b:12:
                    b5:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:D9:27:C9:C1:CA:3E:5B:C1:08:78:6B:6E:FD:70:74:5E:76:4E:1C
            X509v3 Authority Key Identifier:
                keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:78:e2:97:b6:65:33:a7:47:ba:de:a1:bf:f7:b6:8e:a9:e8:
         97:4b:d8:3e:f8:f7:d8:a7:5c:ec:14:02:57:cf:2a:0e:0b:2b:
         df:e9:60:94:e1:8b:e2:87:3a:ac:c5:ec:83:b6:9d:7e:61:68:
         60:42:e5:16:31:18:86:80:04:07:9c:7e:a1:a6:57:21:44:65:
         83:44:19:28:f7:a3:81:06:4b:bb:48:fb:73:64:19:60:8e:5f:
         54:c9:56:a8:e1:2c:86:1b:0b:24:2d:df:ce:4b:50:39:5b:72:
         2a:82:4d:d8:17:3b:6f:88:2f:85:22:5a:39:85:b2:d4:26:df:
         a6:31:88:ad:d3:5b:23:87:83:28:3d:05:81:5f:a4:1f:bb:21:
         2e:6d:d6:b1:bc:97:5b:6e:b8:18:3b:31:c5:70:22:82:2c:39:
         21:23:b0:55:c4:c5:54:05:d2:29:72:25:d7:e2:c5:d5:7c:4a:
         bf:d7:26:30:a8:f4:f9:40:d0:43:c7:72:a0:4a:31:ed:80:da:
         3e:2b:62:13:61:76:15:ca:dd:7a:8f:f1:20:89:a0:79:c2:40:
         77:0b:8c:53:cd:50:1a:0f:08:05:67:f1:77:6a:82:0a:af:61:
         bd:c4:77:1f:ea:a0:19:6f:7f:3e:79:b3:c2:8d:71:a9:bb:35:
         f5:3e:29:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsd9AEo0t7OhfmEC7Nw70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjUwOTA3MDEwMjA5WhcNMjUwOTA4MDEwMjA5WjAzMTEwLwYDVQQD
EygwMGQ5MjdjOWMxY2EzZTViYzEwODc4NmI2ZWZkNzA3NDVlNzY0ZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTy05jw6+DgjUJwhzdPEDr8jDABo
6tmSwPa42rF+O8LdPFnEMJ9Qbk5sEgakJLNRPL5AlqSKxWoTVT/jdjjduI99elsw
3bMfjTkxrM7OCgr7QDPP9RPal84mBgnNxk0MRcPu4nQkef2sIQoBrBPVT/FS1SgL
odC/wkdvCyWHB0Xhz9QIQ6XbJV9F9KFpGnT7fheBBwLjYaeDLGWkfm1HMpLXtt1F
qc5Jv3y2kI6x70j3Fikq4pglW6oPsEld7zs0GHS/dDFmZDfaPaZpeAvo+2d77xr1
zIW/7sSE5ifz+3Tpci2tLaOD36RufBo65vDxFQWCzqPcr5dTtbuxGxK10wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFADZJ8nByj5bwQh4a279cHRedk4cMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhXjil7Zl
M6dHut6hv/e2jqnol0vYPvj32Kdc7BQCV88qDgsr3+lglOGL4oc6rMXsg7adfmFo
YELlFjEYhoAEB5x+oaZXIURlg0QZKPejgQZLu0j7c2QZYI5fVMlWqOEshhsLJC3f
zktQOVtyKoJN2Bc7b4gvhSJaOYWy1CbfpjGIrdNbI4eDKD0FgV+kH7shLm3WsbyX
W264GDsxxXAigiw5ISOwVcTFVAXSKXIl1+LF1XxKv9cmMKj0+UDQQ8dyoEox7YDa
PitiE2F2Fcrdeo/xIImgecJAdwuMU81QGg8IBWfxd2qCCq9hvcR3H+qgGW9/Pnmz
wo1xqbs19T4plQ==
-----END CERTIFICATE-----