Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File:                     NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier:          du7YnNwN/RkAKyfhHfHvCt3/nH3SuK2h62S0O/Kp5tc=
Subject key identifier:   83:80:78:38:67:E5:19:8E:26:3E:64:A5:62:F4:B5:5E:81:1F:6B:19
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer:       /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial:       0197B88FEF42D85868C0D70DCA9F5C144501
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number:          0255
Signing time:             Sat 28 Jun 2025 22:02:09 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:09 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:09 +0000
Files and hashes:         1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: f5z6FyaCLe6Zb2PWn5xPeRNIZP1d0kql8fnvfGI0XhU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:ef:42:d8:58:68:c0:d7:0d:ca:9f:5c:14:45:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
        Validity
            Not Before: Jun 28 22:02:09 2025 GMT
            Not After : Jun 29 22:02:09 2025 GMT
        Subject: CN=8380783867e5198e263e64a562f4b55e811f6b19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:69:40:67:60:b6:8a:f0:0f:9e:56:00:30:6f:
                    c1:4c:57:e1:38:9f:df:b5:2b:ce:92:32:9f:cd:7f:
                    9d:e0:bd:71:95:16:77:c0:fc:f7:a6:37:c1:99:b1:
                    a0:dd:15:7f:89:a1:be:f6:b2:dc:c7:26:b3:c3:43:
                    62:bc:49:d4:d9:53:bc:fb:bc:71:c4:17:f0:fe:34:
                    3e:67:85:cb:4c:79:62:82:84:18:77:a3:d6:8d:7c:
                    a7:27:f6:b2:74:d0:62:f8:b4:7a:08:9f:04:ff:0e:
                    6e:58:9b:73:e3:56:b5:52:67:6b:2a:4c:7e:b4:85:
                    c2:cd:99:ee:c3:9b:3d:e2:a9:94:de:56:e8:53:0d:
                    5b:2b:55:42:6a:ee:3f:a8:da:0e:01:ae:f1:5a:4a:
                    e5:78:46:e2:e7:f2:30:d2:ac:d4:25:a8:77:c8:d7:
                    3a:fe:9c:26:24:11:ec:be:18:78:77:05:fe:87:63:
                    0b:75:0f:62:47:35:43:e7:75:fd:91:8b:87:29:24:
                    d9:aa:b9:b2:a3:ca:2e:35:b0:66:3f:c0:4a:8a:ae:
                    6b:fd:cb:ea:d7:27:b0:c3:e0:f4:8e:41:c6:30:b8:
                    8c:5b:0d:e0:d9:b0:e4:4b:f7:46:07:17:21:df:72:
                    06:33:0b:aa:f2:ea:a2:27:65:fd:05:b4:e2:26:2b:
                    b2:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:80:78:38:67:E5:19:8E:26:3E:64:A5:62:F4:B5:5E:81:1F:6B:19
            X509v3 Authority Key Identifier:
                keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:5b:20:e8:1c:50:73:c7:48:b2:13:93:42:85:b7:4b:9c:46:
         98:dc:8b:89:07:f5:cc:6f:46:a3:73:8e:ed:01:46:b8:ed:0e:
         ea:52:10:57:23:b8:f7:87:25:77:a1:6b:94:2d:19:00:c3:95:
         75:1b:33:38:80:1e:9d:da:06:b6:16:38:b9:c5:ec:f1:bb:61:
         be:cc:6b:f9:c8:9c:da:b3:ed:06:ba:eb:96:f7:e9:2b:3f:b2:
         6e:b1:b0:83:44:e6:da:1a:b1:24:c8:28:79:6b:ea:84:f3:1d:
         a5:60:55:6d:c7:ae:81:72:72:3b:7d:2b:7b:ed:7c:26:18:57:
         6a:e5:0b:e4:a2:75:63:84:f3:3e:24:b7:bf:1d:d5:77:1e:b6:
         2b:3a:57:87:c6:8c:ed:25:cf:65:32:41:e7:d1:0d:3f:58:3e:
         8a:42:ba:91:a4:2f:8d:e0:78:6e:f4:2f:81:15:b1:01:79:30:
         34:79:5d:72:0f:72:d7:81:ef:1a:16:2e:c7:d8:31:94:4a:1c:
         80:5b:ce:97:b4:4b:35:0d:df:d2:67:33:56:cd:43:f0:e8:1c:
         08:3e:8b:3e:35:70:58:ad:bd:fc:c4:88:32:a4:78:16:21:d9:
         17:92:82:8b:80:45:16:08:af:29:87:70:f3:e0:9a:d5:04:9f:
         19:72:6e:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j+9C2FhowNcNyp9cFEUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjUwNjI4MjIwMjA5WhcNMjUwNjI5MjIwMjA5WjAzMTEwLwYDVQQD
Eyg4MzgwNzgzODY3ZTUxOThlMjYzZTY0YTU2MmY0YjU1ZTgxMWY2YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2lAZ2C2ivAPnlYAMG/BTFfhOJ/f
tSvOkjKfzX+d4L1xlRZ3wPz3pjfBmbGg3RV/iaG+9rLcxyazw0NivEnU2VO8+7xx
xBfw/jQ+Z4XLTHligoQYd6PWjXynJ/aydNBi+LR6CJ8E/w5uWJtz41a1UmdrKkx+
tIXCzZnuw5s94qmU3lboUw1bK1VCau4/qNoOAa7xWkrleEbi5/Iw0qzUJah3yNc6
/pwmJBHsvhh4dwX+h2MLdQ9iRzVD53X9kYuHKSTZqrmyo8ouNbBmP8BKiq5r/cvq
1yeww+D0jkHGMLiMWw3g2bDkS/dGBxch33IGMwuq8uqiJ2X9BbTiJiuy4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIOAeDhn5RmOJj5kpWL0tV6BH2sZMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGlsg6BxQ
c8dIshOTQoW3S5xGmNyLiQf1zG9Go3OO7QFGuO0O6lIQVyO494cld6FrlC0ZAMOV
dRszOIAendoGthY4ucXs8bthvsxr+cic2rPtBrrrlvfpKz+ybrGwg0Tm2hqxJMgo
eWvqhPMdpWBVbceugXJyO30re+18JhhXauUL5KJ1Y4TzPiS3vx3Vdx62KzpXh8aM
7SXPZTJB59ENP1g+ikK6kaQvjeB4bvQvgRWxAXkwNHldcg9y14HvGhYux9gxlEoc
gFvOl7RLNQ3f0mczVs1D8OgcCD6LPjVwWK29/MSIMqR4FiHZF5KCi4BFFgivKYdw
8+Ca1QSfGXJuMw==
-----END CERTIFICATE-----