Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File:                     NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier:          iidFpG3Ut78OkZ4gt6HJvH/YTjgFPQa8qxSABtU7txQ=
Subject key identifier:   59:6E:68:E5:F4:D8:67:8F:99:EF:A3:37:BB:C0:EC:97:DF:D1:01:2A
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer:       /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial:       019D27040C2D1EE97EFAA71A5A28A947B3EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number:          0525
Signing time:             Wed 25 Mar 2026 22:01:09 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:09 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:09 +0000
Files and hashes:         1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: rILj5aJ3sBmr8z1gWwUGo19QuLRLH7+mSj2gwWdcdL4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:0c:2d:1e:e9:7e:fa:a7:1a:5a:28:a9:47:b3:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
        Validity
            Not Before: Mar 25 22:01:09 2026 GMT
            Not After : Mar 26 22:01:09 2026 GMT
        Subject: CN=596e68e5f4d8678f99efa337bbc0ec97dfd1012a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:bf:bf:c8:ae:14:ba:5a:97:bb:c3:a6:42:7e:
                    8a:7f:4e:a5:bd:61:17:ba:67:db:04:d8:66:13:6f:
                    49:d4:2a:68:98:0f:78:4e:8a:56:24:9e:a6:c6:a2:
                    5a:fb:65:f8:40:97:60:01:f1:81:1f:ed:e9:d4:e4:
                    62:d0:81:ac:08:db:da:36:c2:fc:fc:b9:37:64:81:
                    28:86:59:7c:1f:0e:e7:18:4d:96:32:8f:cf:b4:26:
                    75:46:f9:9c:91:cc:96:d7:11:80:e6:9d:69:e2:97:
                    df:1b:c7:8d:05:46:ba:f7:15:97:96:dc:12:88:0c:
                    bc:38:69:a9:a8:d3:7e:b9:7e:5f:ef:c6:de:49:7c:
                    03:27:f2:24:3c:a2:34:82:38:f7:12:dd:b7:95:dc:
                    02:e1:56:8e:c0:3d:f3:1f:5a:51:01:95:9b:b5:da:
                    e6:10:40:bb:56:d3:72:e1:3d:63:76:a8:14:9f:04:
                    0e:1c:15:06:b1:76:4d:a0:fa:2a:4c:8c:df:23:72:
                    09:e0:8e:90:48:69:92:82:a8:53:26:99:6f:37:ff:
                    4b:9c:76:f7:71:42:e9:01:2d:a6:29:2d:76:78:5c:
                    0a:7a:43:8d:21:4a:ab:1e:c9:07:2e:28:76:a3:5c:
                    13:c0:24:b9:e7:5e:ba:16:3b:86:82:9e:41:76:46:
                    20:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:6E:68:E5:F4:D8:67:8F:99:EF:A3:37:BB:C0:EC:97:DF:D1:01:2A
            X509v3 Authority Key Identifier:
                keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:1a:15:67:f5:3a:ae:4e:f5:92:8f:15:18:48:36:2a:c6:bc:
         7a:0f:20:c6:af:e3:7a:6e:b7:50:3a:4f:fb:25:f6:0a:f8:c6:
         58:d1:9b:73:aa:5b:ad:0e:e3:96:11:f4:5c:1b:79:dd:a0:f6:
         21:2c:72:b8:0b:9e:76:bf:3d:16:f1:ba:51:de:dd:2d:73:90:
         c4:f0:21:7c:e8:71:48:7d:57:54:49:ff:45:03:49:5a:69:19:
         8b:1b:4e:07:37:96:a9:68:d7:26:2f:4a:2d:13:10:2f:59:a8:
         e3:e8:52:4c:88:24:9a:ba:ce:72:47:97:f6:d2:38:75:b9:9b:
         ff:fc:a6:a4:04:67:0f:38:c7:1b:1c:c0:e2:41:b8:3f:51:e0:
         65:f0:22:24:11:86:5f:7b:33:8b:f6:2b:d2:61:5c:18:17:f3:
         6b:9a:fe:bf:3c:05:71:ff:34:fc:d8:b4:08:dd:e2:dd:0d:49:
         ed:d5:c3:3f:be:64:23:a8:14:35:2f:d8:aa:d7:53:46:8d:a5:
         81:8c:40:15:ff:96:1f:96:01:83:ac:37:59:8f:d7:3a:5c:58:
         81:35:dc:2e:ea:c3:ea:67:ba:d6:db:a4:72:67:73:aa:e2:2b:
         5e:a5:e7:04:f5:3c:fe:b2:cc:76:dd:cb:74:ae:35:b2:80:9d:
         17:d6:6b:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBAwtHul++qcaWiipR7PvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjYwMzI1MjIwMTA5WhcNMjYwMzI2MjIwMTA5WjAzMTEwLwYDVQQD
Eyg1OTZlNjhlNWY0ZDg2NzhmOTllZmEzMzdiYmMwZWM5N2RmZDEwMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkr+/yK4UulqXu8OmQn6Kf06lvWEX
umfbBNhmE29J1CpomA94TopWJJ6mxqJa+2X4QJdgAfGBH+3p1ORi0IGsCNvaNsL8
/Lk3ZIEohll8Hw7nGE2WMo/PtCZ1RvmckcyW1xGA5p1p4pffG8eNBUa69xWXltwS
iAy8OGmpqNN+uX5f78beSXwDJ/IkPKI0gjj3Et23ldwC4VaOwD3zH1pRAZWbtdrm
EEC7VtNy4T1jdqgUnwQOHBUGsXZNoPoqTIzfI3IJ4I6QSGmSgqhTJplvN/9LnHb3
cULpAS2mKS12eFwKekONIUqrHskHLih2o1wTwCS55166FjuGgp5BdkYgnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFluaOX02GePme+jN7vA7Jff0QEqMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxxoVZ/U6
rk71ko8VGEg2Ksa8eg8gxq/jem63UDpP+yX2CvjGWNGbc6pbrQ7jlhH0XBt53aD2
ISxyuAuedr89FvG6Ud7dLXOQxPAhfOhxSH1XVEn/RQNJWmkZixtOBzeWqWjXJi9K
LRMQL1mo4+hSTIgkmrrOckeX9tI4dbmb//ympARnDzjHGxzA4kG4P1HgZfAiJBGG
X3szi/Yr0mFcGBfza5r+vzwFcf80/Ni0CN3i3Q1J7dXDP75kI6gUNS/YqtdTRo2l
gYxAFf+WH5YBg6w3WY/XOlxYgTXcLurD6me61tukcmdzquIrXqXnBPU8/rLMdt3L
dK41soCdF9Zr6Q==
-----END CERTIFICATE-----