Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File:                     NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier:          6NIk9zv8eHVWEznIn3jl+5j9N0zmCznVyEOL2G6HpRo=
Subject key identifier:   81:05:D3:99:C4:C1:BB:42:6A:29:2A:AF:2C:B2:0F:EA:A1:35:E6:DB
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer:       /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial:       0199FBEC0EAA4B324B9978600CBC5CBD5C3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number:          0381
Signing time:             Sun 19 Oct 2025 10:02:55 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:55 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:55 +0000
Files and hashes:         1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: zHrJ6XG00tkvSWBRtfQojy9wBQp29YdWbqET9eVAMdc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:0e:aa:4b:32:4b:99:78:60:0c:bc:5c:bd:5c:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
        Validity
            Not Before: Oct 19 10:02:55 2025 GMT
            Not After : Oct 20 10:02:55 2025 GMT
        Subject: CN=8105d399c4c1bb426a292aaf2cb20feaa135e6db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:46:96:08:5f:18:7e:3f:93:1a:3a:e5:5f:0c:
                    1c:f4:9c:71:c0:cb:2a:e8:38:6e:93:26:cf:4f:67:
                    a2:66:6d:5c:a5:a5:06:b0:ff:f0:cb:76:ea:c8:3d:
                    0a:63:51:14:ba:40:cf:9b:b8:fb:52:a0:5e:51:f3:
                    1b:d5:90:22:76:70:1f:77:88:03:45:27:9c:ff:81:
                    c1:b0:be:d7:e8:32:63:37:65:91:3a:a3:f5:1f:74:
                    b2:d0:c1:ab:bc:c8:cb:7f:5e:5a:df:3d:c7:a0:88:
                    5b:98:7d:ab:10:5d:f8:d3:25:61:82:89:c8:ce:c9:
                    48:84:28:f0:19:0e:43:4e:d5:ee:53:06:e2:88:41:
                    95:55:63:60:42:48:59:4e:ea:02:73:6a:a7:c3:fd:
                    c1:f6:bb:f4:c6:7d:e7:87:39:36:a4:6d:63:ee:25:
                    cd:26:fd:06:41:8e:2a:ac:1b:e4:d2:42:ed:da:6c:
                    3e:1a:46:02:91:1f:e3:89:9e:9a:d0:be:47:30:ce:
                    91:83:64:69:ff:03:89:8d:4c:29:43:ab:ac:b5:22:
                    c1:7f:88:c6:36:1f:38:fb:4b:7a:6f:40:05:61:d0:
                    82:3f:00:08:32:bb:85:14:21:70:17:b1:6b:e6:75:
                    25:27:c3:fd:25:41:87:af:fa:41:8a:3e:c7:39:10:
                    fe:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:05:D3:99:C4:C1:BB:42:6A:29:2A:AF:2C:B2:0F:EA:A1:35:E6:DB
            X509v3 Authority Key Identifier:
                keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:7d:8a:14:be:ff:4b:6b:c2:20:e5:d4:ff:a2:8d:74:f1:9e:
         e9:93:b2:a7:a9:58:ac:07:27:38:92:44:35:d3:b5:84:81:0b:
         4b:d4:7c:2e:c5:22:ad:75:20:9c:6e:c4:3b:f8:fb:eb:1e:91:
         b1:eb:6d:2d:cb:29:63:13:b0:1a:22:a4:25:92:23:8c:50:26:
         25:d2:76:85:7d:c8:e3:bb:bc:be:74:50:fa:de:b7:22:36:55:
         19:38:a6:bc:4c:5e:17:b2:a4:4a:6b:08:2b:34:7d:c6:d3:15:
         bc:9c:47:30:57:8a:f8:93:38:3d:7d:88:00:68:cc:a5:97:c9:
         80:a3:10:02:c4:44:09:64:ec:26:4a:d6:db:72:25:e5:64:e0:
         97:7e:7a:ab:04:7a:19:39:a0:eb:0a:7d:a1:14:c1:b8:88:b6:
         64:16:7e:6a:c2:b7:ce:6d:62:d7:a8:d0:d0:a0:29:c3:a0:25:
         7f:ac:f6:a3:e2:52:23:8e:6e:29:c0:39:a0:28:2c:6d:be:2b:
         c1:98:14:e8:9e:05:f0:a5:f6:cc:ff:2b:6f:14:a5:69:e0:90:
         84:46:4f:a5:bb:76:8b:2a:c5:db:e6:60:11:c0:3a:f7:85:bc:
         64:98:68:19:da:8e:74:21:0a:1d:42:5f:0a:15:c8:64:76:3f:
         16:3f:a7:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77A6qSzJLmXhgDLxcvVw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjUxMDE5MTAwMjU1WhcNMjUxMDIwMTAwMjU1WjAzMTEwLwYDVQQD
Eyg4MTA1ZDM5OWM0YzFiYjQyNmEyOTJhYWYyY2IyMGZlYWExMzVlNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkaWCF8Yfj+TGjrlXwwc9JxxwMsq
6DhukybPT2eiZm1cpaUGsP/wy3bqyD0KY1EUukDPm7j7UqBeUfMb1ZAidnAfd4gD
RSec/4HBsL7X6DJjN2WROqP1H3Sy0MGrvMjLf15a3z3HoIhbmH2rEF340yVhgonI
zslIhCjwGQ5DTtXuUwbiiEGVVWNgQkhZTuoCc2qnw/3B9rv0xn3nhzk2pG1j7iXN
Jv0GQY4qrBvk0kLt2mw+GkYCkR/jiZ6a0L5HMM6Rg2Rp/wOJjUwpQ6ustSLBf4jG
Nh84+0t6b0AFYdCCPwAIMruFFCFwF7Fr5nUlJ8P9JUGHr/pBij7HORD+iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIEF05nEwbtCaikqryyyD+qhNebbMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg32KFL7/
S2vCIOXU/6KNdPGe6ZOyp6lYrAcnOJJENdO1hIELS9R8LsUirXUgnG7EO/j76x6R
settLcspYxOwGiKkJZIjjFAmJdJ2hX3I47u8vnRQ+t63IjZVGTimvExeF7KkSmsI
KzR9xtMVvJxHMFeK+JM4PX2IAGjMpZfJgKMQAsRECWTsJkrW23Il5WTgl356qwR6
GTmg6wp9oRTBuIi2ZBZ+asK3zm1i16jQ0KApw6Alf6z2o+JSI45uKcA5oCgsbb4r
wZgU6J4F8KX2zP8rbxSlaeCQhEZPpbt2iyrF2+ZgEcA694W8ZJhoGdqOdCEKHUJf
ChXIZHY/Fj+nMA==
-----END CERTIFICATE-----