Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File:                     NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier:          LDQ2gMTdHqS1Z3e9SjS7bZOmx4G0WUHB1RSyoc3KcGs=
Subject key identifier:   67:9F:57:7C:13:52:26:43:7A:9A:69:1B:E4:02:96:2C:B4:38:D2:A4
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer:       /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial:       019890DAC9D8D6FB5AEC0A6809653BBD0724
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number:          02C5
Signing time:             Sat 09 Aug 2025 22:01:54 +0000
Manifest this update:     Sat 09 Aug 2025 22:01:54 +0000
Manifest next update:     Sun 10 Aug 2025 22:01:54 +0000
Files and hashes:         1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: go4J/9V21SMRzwZQoRD4M2C7iWPQGOPs9raosgeRRT8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 18:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:90:da:c9:d8:d6:fb:5a:ec:0a:68:09:65:3b:bd:07:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
        Validity
            Not Before: Aug  9 22:01:54 2025 GMT
            Not After : Aug 10 22:01:54 2025 GMT
        Subject: CN=679f577c135226437a9a691be402962cb438d2a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a3:da:d9:b4:62:e6:a6:d3:7f:c4:a4:73:83:
                    f1:ab:3c:ad:50:a9:2a:c6:a9:7b:e8:22:77:ad:4b:
                    c2:5a:e9:b1:2c:19:ed:e9:89:a7:1a:94:f8:3b:e3:
                    ef:f7:5e:a8:12:0d:c2:d6:a1:ec:1a:94:99:85:5c:
                    d5:dc:41:4e:ec:77:4b:72:50:eb:09:cf:6a:d7:f4:
                    db:7b:cf:f5:7c:33:fc:71:34:d2:7a:33:77:6d:26:
                    9b:14:cc:08:f9:ea:1a:39:9d:0f:0d:d5:dd:5b:de:
                    7a:fb:0e:89:30:80:67:c9:04:5d:25:82:b6:96:c9:
                    cf:6d:ff:eb:b8:51:a1:29:63:a7:b7:e4:3f:15:07:
                    76:3b:fc:4b:e1:f9:bb:f9:f8:18:8a:18:78:16:90:
                    71:31:1b:88:a2:00:dc:89:8e:80:9e:7b:4e:43:24:
                    57:46:fb:c5:7e:d1:85:40:fb:65:11:b6:d2:49:a4:
                    37:a4:28:76:ca:02:b7:24:2d:c3:63:9c:2f:6e:98:
                    88:96:8d:cf:d1:bf:aa:ad:25:6d:15:80:c9:36:bf:
                    5a:e9:57:c8:34:4c:60:cb:dd:0a:d8:88:c2:45:98:
                    42:21:b5:26:f9:0b:7b:ce:60:d7:b2:f3:0c:6e:55:
                    e4:41:db:f4:c5:f7:a9:73:20:12:2e:c2:fa:6b:68:
                    82:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:9F:57:7C:13:52:26:43:7A:9A:69:1B:E4:02:96:2C:B4:38:D2:A4
            X509v3 Authority Key Identifier:
                keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:94:13:e5:89:51:9a:95:db:5e:de:ee:8b:a6:9f:e0:7a:42:
         31:67:4c:62:05:f5:d1:5b:9e:11:2b:29:50:ff:c9:ba:54:9c:
         09:55:c0:1a:81:ef:d3:59:b6:ce:cd:1d:e7:25:f4:91:d5:5e:
         20:df:2f:24:64:8e:07:c1:bf:32:e8:49:3f:a4:41:76:0a:7b:
         31:77:3e:08:50:6d:df:85:02:7e:31:dd:fc:7d:6a:75:39:33:
         6d:68:d8:37:75:d2:34:2b:25:e1:6f:bd:af:17:eb:44:2d:74:
         c8:e2:56:7f:17:20:01:ed:bb:b5:6d:d0:0a:af:6e:66:18:e7:
         b2:c7:f4:61:e3:3e:01:46:be:2c:ce:e3:23:94:4b:ba:5d:35:
         b6:17:16:1d:ba:09:aa:c7:28:27:1a:c9:e5:be:b1:a9:79:d1:
         74:dd:d1:1c:af:f4:3c:13:c0:ce:7e:31:76:7d:9e:49:d9:7f:
         3d:c6:f7:bb:fd:8a:e2:ab:dc:7c:44:a6:cd:ca:74:e3:75:db:
         93:95:09:dc:aa:62:54:8a:14:65:f7:a1:2f:9e:23:42:89:1d:
         04:6b:8a:d8:72:cc:88:50:8b:a5:7c:08:f6:8f:7c:99:0f:7e:
         a1:7a:71:97:ac:59:e9:7b:c2:c1:a4:2a:5b:74:52:30:c3:0f:
         14:ed:bd:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiQ2snY1vta7ApoCWU7vQckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjUwODA5MjIwMTU0WhcNMjUwODEwMjIwMTU0WjAzMTEwLwYDVQQD
Eyg2NzlmNTc3YzEzNTIyNjQzN2E5YTY5MWJlNDAyOTYyY2I0MzhkMmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6Pa2bRi5qbTf8Skc4PxqzytUKkq
xql76CJ3rUvCWumxLBnt6YmnGpT4O+Pv916oEg3C1qHsGpSZhVzV3EFO7HdLclDr
Cc9q1/Tbe8/1fDP8cTTSejN3bSabFMwI+eoaOZ0PDdXdW956+w6JMIBnyQRdJYK2
lsnPbf/ruFGhKWOnt+Q/FQd2O/xL4fm7+fgYihh4FpBxMRuIogDciY6AnntOQyRX
RvvFftGFQPtlEbbSSaQ3pCh2ygK3JC3DY5wvbpiIlo3P0b+qrSVtFYDJNr9a6VfI
NExgy90K2IjCRZhCIbUm+Qt7zmDXsvMMblXkQdv0xfepcyASLsL6a2iCJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGefV3wTUiZDepppG+QCliy0ONKkMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxpQT5YlR
mpXbXt7ui6af4HpCMWdMYgX10VueESspUP/JulScCVXAGoHv01m2zs0d5yX0kdVe
IN8vJGSOB8G/MuhJP6RBdgp7MXc+CFBt34UCfjHd/H1qdTkzbWjYN3XSNCsl4W+9
rxfrRC10yOJWfxcgAe27tW3QCq9uZhjnssf0YeM+AUa+LM7jI5RLul01thcWHboJ
qscoJxrJ5b6xqXnRdN3RHK/0PBPAzn4xdn2eSdl/Pcb3u/2K4qvcfESmzcp043Xb
k5UJ3KpiVIoUZfehL54jQokdBGuK2HLMiFCLpXwI9o98mQ9+oXpxl6xZ6XvCwaQq
W3RSMMMPFO295Q==
-----END CERTIFICATE-----