Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File:                     NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier:          9mKgQ1z1rIeZcEQuRGk3N1M/yprcx51Aqngzex4t0nc=
Subject key identifier:   5C:E1:7A:04:9E:99:25:E9:D9:4A:21:07:A3:D0:43:E1:C0:32:71:10
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer:       /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial:       019692CCB5471F820D11CBDAF20F516F801D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number:          01BD
Signing time:             Fri 02 May 2025 21:00:11 +0000
Manifest this update:     Fri 02 May 2025 21:00:11 +0000
Manifest next update:     Sat 03 May 2025 21:00:11 +0000
Files and hashes:         1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: Ejy+ZqcjHzgVrRmD//Q6LYe/VP7u1RbgTaliOGVAqY0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 14:24:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:92:cc:b5:47:1f:82:0d:11:cb:da:f2:0f:51:6f:80:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
        Validity
            Not Before: May  2 21:00:11 2025 GMT
            Not After : May  3 21:00:11 2025 GMT
        Subject: CN=5ce17a049e9925e9d94a2107a3d043e1c0327110
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:31:91:14:28:3d:2b:b3:37:96:9d:aa:b2:98:
                    fc:50:83:00:e0:8c:9c:1c:02:37:40:96:d3:75:e6:
                    1e:07:7f:75:23:66:16:b8:40:26:10:4a:39:94:df:
                    c4:88:d8:37:e3:d7:c5:c4:75:47:22:56:45:27:c6:
                    c9:12:80:9e:d4:b4:af:0e:78:c0:b1:39:52:30:50:
                    8d:b5:82:28:41:be:17:e6:34:c0:80:a8:6e:66:fc:
                    cd:ab:a4:7e:78:18:b9:fa:0b:40:9d:9b:8e:bf:ed:
                    d9:bb:41:14:b0:85:c8:81:9d:a5:ce:6b:31:2a:86:
                    67:ff:be:8f:b0:ea:f6:77:ac:32:31:2a:65:b6:37:
                    e9:46:bb:16:e2:3b:ca:7c:70:9d:fa:69:18:35:84:
                    bb:2c:7c:1e:24:73:65:72:ac:90:e6:97:a8:b1:4b:
                    30:9e:fb:03:3d:95:d5:22:45:a4:2b:d9:87:9f:33:
                    7b:dc:89:14:a1:ee:be:03:d8:0f:12:ad:2f:f7:f5:
                    49:da:fa:db:ba:39:18:dc:26:e2:57:3c:d2:76:09:
                    a3:9b:7f:86:bd:fd:cf:8e:8a:99:13:cc:2d:53:84:
                    69:0d:50:82:4b:3f:6c:0d:08:ca:69:32:54:ba:6e:
                    35:71:92:3c:1c:86:f2:cd:5b:87:18:32:52:33:50:
                    03:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:E1:7A:04:9E:99:25:E9:D9:4A:21:07:A3:D0:43:E1:C0:32:71:10
            X509v3 Authority Key Identifier:
                keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:5c:cb:c9:a1:aa:4a:46:7a:56:bb:8f:83:d7:91:ff:1f:b6:
         16:75:f8:a0:23:df:0a:97:20:27:28:d5:7a:61:35:66:71:c9:
         8f:b7:27:47:2b:f2:ae:a7:99:8f:7e:5f:39:6e:cd:1d:0f:22:
         58:74:ab:12:32:3b:c3:6f:8e:20:35:b4:c6:dc:b6:53:67:09:
         c4:12:b2:ee:9f:94:a2:13:fc:05:ee:a5:6a:ac:e5:fe:7e:60:
         06:8e:33:88:f2:67:28:33:47:3b:24:06:88:00:b2:31:fa:4d:
         59:a5:0a:62:3b:d5:a5:31:13:16:20:4d:27:31:11:df:a1:06:
         03:3d:84:f4:13:10:7d:51:78:32:89:1e:15:35:95:d0:b7:df:
         64:72:68:e6:48:4b:3f:2f:99:0f:24:58:28:b9:6c:19:ad:98:
         37:36:e1:2c:7d:75:ae:57:1e:b0:fc:90:43:f1:17:8b:95:da:
         e8:45:c2:89:2a:69:fe:ed:d7:28:4a:1d:0e:60:6d:57:57:43:
         9d:e8:43:4a:10:30:62:62:a5:47:d4:cb:42:70:49:3d:7b:8e:
         6d:d0:a4:2f:0a:8b:e6:41:4c:d9:b2:58:54:c2:83:26:ce:81:
         5d:d9:44:c3:b4:d5:74:98:a1:59:b7:e7:19:11:22:be:99:de:
         5f:82:82:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaSzLVHH4INEcva8g9Rb4AdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjUwNTAyMjEwMDExWhcNMjUwNTAzMjEwMDExWjAzMTEwLwYDVQQD
Eyg1Y2UxN2EwNDllOTkyNWU5ZDk0YTIxMDdhM2QwNDNlMWMwMzI3MTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDGRFCg9K7M3lp2qspj8UIMA4Iyc
HAI3QJbTdeYeB391I2YWuEAmEEo5lN/EiNg349fFxHVHIlZFJ8bJEoCe1LSvDnjA
sTlSMFCNtYIoQb4X5jTAgKhuZvzNq6R+eBi5+gtAnZuOv+3Zu0EUsIXIgZ2lzmsx
KoZn/76PsOr2d6wyMSpltjfpRrsW4jvKfHCd+mkYNYS7LHweJHNlcqyQ5peosUsw
nvsDPZXVIkWkK9mHnzN73IkUoe6+A9gPEq0v9/VJ2vrbujkY3CbiVzzSdgmjm3+G
vf3PjoqZE8wtU4RpDVCCSz9sDQjKaTJUum41cZI8HIbyzVuHGDJSM1ADfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFzhegSemSXp2UohB6PQQ+HAMnEQMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfVzLyaGq
SkZ6VruPg9eR/x+2FnX4oCPfCpcgJyjVemE1ZnHJj7cnRyvyrqeZj35fOW7NHQ8i
WHSrEjI7w2+OIDW0xty2U2cJxBKy7p+UohP8Be6laqzl/n5gBo4ziPJnKDNHOyQG
iACyMfpNWaUKYjvVpTETFiBNJzER36EGAz2E9BMQfVF4MokeFTWV0LffZHJo5khL
Py+ZDyRYKLlsGa2YNzbhLH11rlcesPyQQ/EXi5Xa6EXCiSpp/u3XKEodDmBtV1dD
nehDShAwYmKlR9TLQnBJPXuObdCkLwqL5kFM2bJYVMKDJs6BXdlEw7TVdJihWbfn
GREivpneX4KC4g==
-----END CERTIFICATE-----