Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File:                     NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier:          A2q9QbZwu/BhiKpaGVBa2StxUyDfUTwsxvhMUebU5tE=
Subject key identifier:   24:6D:C6:C9:99:C0:3A:77:3B:35:DE:34:5E:FA:3A:92:18:E2:19:DA
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer:       /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial:       0194BB975CA9062D6011E4302DDB1479842D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number:          C9
Signing time:             Fri 31 Jan 2025 09:00:46 +0000
Manifest this update:     Fri 31 Jan 2025 09:00:46 +0000
Manifest next update:     Sat 01 Feb 2025 09:00:46 +0000
Files and hashes:         1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: 6VidmwabroNAUuaBbvbEcRpMD8H3aUXAPsg2nMj6Ygo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 09:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:97:5c:a9:06:2d:60:11:e4:30:2d:db:14:79:84:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
        Validity
            Not Before: Jan 31 09:00:46 2025 GMT
            Not After : Feb  1 09:00:46 2025 GMT
        Subject: CN=246dc6c999c03a773b35de345efa3a9218e219da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:56:69:99:4b:15:ac:43:c7:a9:75:b7:ba:55:
                    47:bf:1f:c6:68:6b:c3:ff:44:41:47:f9:0e:2f:e5:
                    5c:f7:2a:fb:df:d4:04:98:e5:e5:87:96:c9:91:12:
                    30:51:4e:e3:45:9c:20:05:ef:d2:ad:28:a4:30:67:
                    fb:8c:d9:75:05:8f:98:03:58:bc:1f:3f:73:7f:5b:
                    10:75:b4:71:ad:74:73:fd:d6:13:69:1c:6d:95:a6:
                    bc:44:79:d0:04:4f:2d:d4:b5:f0:f7:6e:93:8b:6b:
                    34:f6:7d:73:da:e9:b9:ad:0d:0f:16:2d:2d:50:cd:
                    f5:50:e7:64:19:97:5e:39:28:c0:71:0a:2c:b0:0d:
                    72:96:5f:72:fa:d7:c2:60:72:e0:98:95:9e:be:c8:
                    8e:64:8c:2a:aa:3e:e9:af:9c:7d:46:a4:75:b2:f2:
                    7b:ca:ec:ef:dd:94:8e:71:a9:18:46:e5:5c:8a:77:
                    5f:39:6e:48:8b:cb:c8:74:8f:b7:13:23:81:6b:23:
                    49:dd:cd:dd:ac:f2:6b:c4:f6:a4:46:bd:50:dc:be:
                    2e:b0:68:74:c7:ec:cf:cd:ea:2e:86:ff:56:a6:b1:
                    35:67:6b:9d:5f:76:f1:26:f0:93:eb:c8:66:aa:c8:
                    cd:ec:9f:ca:8a:21:b4:87:42:20:a6:cf:c5:45:09:
                    5f:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:6D:C6:C9:99:C0:3A:77:3B:35:DE:34:5E:FA:3A:92:18:E2:19:DA
            X509v3 Authority Key Identifier:
                keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:7c:3f:a1:52:63:89:e7:fe:36:ee:6e:bd:46:bd:a1:8b:0d:
         88:fa:d1:ec:e5:26:a4:ed:1a:df:a4:83:42:9b:2a:b7:79:d4:
         97:85:e0:38:59:b1:d2:a7:02:cb:ca:c9:94:84:80:8b:1e:14:
         b8:81:96:4c:a1:b4:a3:87:11:37:b5:f5:3f:f7:ae:24:a1:61:
         69:9e:41:03:8f:0e:30:a5:e9:a4:1b:bc:7b:96:c6:2e:43:f8:
         9e:2e:68:a6:e2:b3:8d:47:10:d6:e0:7e:1f:2a:4e:e3:45:41:
         96:e3:38:cf:b1:f2:9b:f7:5c:a0:0f:da:ad:05:21:e9:c4:cf:
         dd:b4:cf:48:8b:18:fd:f9:35:cf:54:f1:44:63:75:16:86:47:
         e1:3d:e6:e9:50:1e:6a:87:58:17:23:07:44:a4:5e:18:27:3a:
         a5:4e:07:cd:45:2d:3e:ab:d8:bb:12:04:2d:95:fd:e9:d1:e7:
         2f:b9:60:73:c3:02:a3:2e:c6:fe:56:ac:c3:33:4a:c7:26:43:
         fc:21:c0:c9:fa:1a:82:13:eb:af:98:5a:49:b3:87:98:0c:aa:
         2e:93:0d:f0:4d:8e:c9:5c:96:7e:7a:70:aa:ad:87:af:44:5f:
         52:f0:7c:38:85:07:e4:41:b8:3b:77:b6:72:8a:fe:1e:75:1c:
         d6:e6:db:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7l1ypBi1gEeQwLdsUeYQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjUwMTMxMDkwMDQ2WhcNMjUwMjAxMDkwMDQ2WjAzMTEwLwYDVQQD
EygyNDZkYzZjOTk5YzAzYTc3M2IzNWRlMzQ1ZWZhM2E5MjE4ZTIxOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1ZpmUsVrEPHqXW3ulVHvx/GaGvD
/0RBR/kOL+Vc9yr739QEmOXlh5bJkRIwUU7jRZwgBe/SrSikMGf7jNl1BY+YA1i8
Hz9zf1sQdbRxrXRz/dYTaRxtlaa8RHnQBE8t1LXw926Ti2s09n1z2um5rQ0PFi0t
UM31UOdkGZdeOSjAcQossA1yll9y+tfCYHLgmJWevsiOZIwqqj7pr5x9RqR1svJ7
yuzv3ZSOcakYRuVcindfOW5Ii8vIdI+3EyOBayNJ3c3drPJrxPakRr1Q3L4usGh0
x+zPzeouhv9WprE1Z2udX3bxJvCT68hmqsjN7J/KiiG0h0Igps/FRQlfgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCRtxsmZwDp3OzXeNF76OpIY4hnaMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMXw/oVJj
ief+Nu5uvUa9oYsNiPrR7OUmpO0a36SDQpsqt3nUl4XgOFmx0qcCy8rJlISAix4U
uIGWTKG0o4cRN7X1P/euJKFhaZ5BA48OMKXppBu8e5bGLkP4ni5opuKzjUcQ1uB+
HypO40VBluM4z7Hym/dcoA/arQUh6cTP3bTPSIsY/fk1z1TxRGN1FoZH4T3m6VAe
aodYFyMHRKReGCc6pU4HzUUtPqvYuxIELZX96dHnL7lgc8MCoy7G/laswzNKxyZD
/CHAyfoaghPrr5haSbOHmAyqLpMN8E2OyVyWfnpwqq2Hr0RfUvB8OIUH5EG4O3e2
cor+HnUc1ubb3g==
-----END CERTIFICATE-----