Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
File:                     USzy1zi8akeL64yogkEB_w_IGmE.mft (raw, json)
Hash identifier:          bczym+YftQv9Ywg7fIzTYYX1RJu156mqLfcIJmxHoIk=
Subject key identifier:   B6:E5:00:E6:97:09:63:5B:AE:E7:04:41:9D:09:80:FC:1F:53:6A:20
Authority key identifier: 51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61
Certificate issuer:       /CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
Certificate serial:       0198D705DC165D1BC0E2CAAF0BD724432511
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
Manifest number:          042C
Signing time:             Sat 23 Aug 2025 13:02:22 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:22 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:22 +0000
Files and hashes:         1: USzy1zi8akeL64yogkEB_w_IGmE.crl (hash: tKwBFPyJIE84Y1xyiWbq5SSjc/PwXb3mic/YbzDOxGA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:dc:16:5d:1b:c0:e2:ca:af:0b:d7:24:43:25:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
        Validity
            Not Before: Aug 23 13:02:22 2025 GMT
            Not After : Aug 24 13:02:22 2025 GMT
        Subject: CN=b6e500e69709635baee704419d0980fc1f536a20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ce:a7:20:66:b9:d1:f7:84:b9:6b:73:14:61:
                    3e:fb:f9:65:40:cf:5a:a7:ab:0b:c4:92:de:37:28:
                    8a:d7:66:8e:be:69:5b:df:11:5a:35:cb:e8:d9:84:
                    f0:b9:4b:1d:f2:e6:8e:08:45:85:b7:ef:13:51:b6:
                    75:a4:3e:b8:24:c7:d6:2b:17:af:75:f0:8f:56:fe:
                    1d:e4:d5:19:26:f9:d7:a3:f2:c5:56:5f:81:86:76:
                    57:72:87:d8:cf:2d:a8:7c:ad:0e:2d:82:da:83:e1:
                    a7:8e:5c:60:d9:59:fa:49:e7:f0:95:38:f5:2b:6a:
                    36:f9:e5:5d:d4:29:1a:82:8b:ff:2b:4b:92:57:75:
                    f8:b6:c0:01:cd:8a:6c:67:74:b7:ed:f9:ca:28:4d:
                    13:27:1e:6b:7a:88:98:69:9a:3b:97:a4:9b:82:fc:
                    7b:33:e4:63:c5:71:fe:d1:4a:5a:bc:e9:05:91:ff:
                    99:b5:fe:56:10:bf:25:1c:9f:5e:c9:a5:02:cb:a1:
                    fe:15:b5:ad:38:2e:17:e6:64:8c:33:7f:4d:f0:de:
                    0e:f5:b4:60:48:a3:52:38:57:9e:ef:08:92:74:8f:
                    34:8a:f8:ec:ac:87:a6:95:88:50:46:06:bb:5e:13:
                    80:17:6e:96:e2:30:8f:4e:17:41:04:11:4b:4f:35:
                    cc:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:E5:00:E6:97:09:63:5B:AE:E7:04:41:9D:09:80:FC:1F:53:6A:20
            X509v3 Authority Key Identifier:
                keyid:51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:fd:16:32:74:ca:c5:d7:3b:e9:09:35:a5:34:6b:3d:90:68:
         cc:79:ee:f9:2d:a9:2a:c9:c9:35:5c:9e:a5:c5:7d:4f:0a:7a:
         a8:17:81:fa:db:34:17:5b:1e:4d:6a:6c:17:2c:24:48:d7:98:
         d2:27:f8:b7:2c:07:05:83:34:9d:44:ef:8c:53:1f:bc:94:b2:
         a5:c2:2f:03:b0:2a:6c:fe:30:10:f3:82:03:79:85:09:53:62:
         f4:64:e1:ac:4d:a7:ba:c7:e5:cc:61:fe:fd:4c:10:62:09:a3:
         8d:3c:11:79:9f:04:a4:4e:f5:8c:cb:1e:5c:5c:0d:8f:e8:d6:
         36:a4:a1:c2:1d:a0:2d:fd:78:4a:73:99:ab:82:d8:0d:37:ba:
         9b:48:56:d8:35:69:c9:32:43:fd:94:45:60:d1:43:20:74:14:
         06:68:97:66:5b:e7:de:db:25:a7:21:e4:f1:83:00:a9:07:0d:
         cc:5f:b3:1b:b3:6d:c9:a8:d1:ef:77:0f:a7:4c:b5:cd:18:9f:
         f8:ae:78:7d:b1:fd:85:e7:01:c1:4e:c0:db:0a:8d:99:25:f2:
         57:d2:6a:94:9c:94:88:be:61:2d:2d:3b:03:e6:80:f2:60:69:
         d6:08:37:cc:08:2a:f7:16:29:33:50:c0:db:91:82:32:31:b6:
         59:70:66:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBdwWXRvA4sqvC9ckQyURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMmNmMmQ3MzhiYzZhNDc4YmViOGNhODgyNDEwMWZmMGZj
ODFhNjEwHhcNMjUwODIzMTMwMjIyWhcNMjUwODI0MTMwMjIyWjAzMTEwLwYDVQQD
EyhiNmU1MDBlNjk3MDk2MzViYWVlNzA0NDE5ZDA5ODBmYzFmNTM2YTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts6nIGa50feEuWtzFGE++/llQM9a
p6sLxJLeNyiK12aOvmlb3xFaNcvo2YTwuUsd8uaOCEWFt+8TUbZ1pD64JMfWKxev
dfCPVv4d5NUZJvnXo/LFVl+BhnZXcofYzy2ofK0OLYLag+Gnjlxg2Vn6SefwlTj1
K2o2+eVd1Ckagov/K0uSV3X4tsABzYpsZ3S37fnKKE0TJx5reoiYaZo7l6Sbgvx7
M+RjxXH+0UpavOkFkf+Ztf5WEL8lHJ9eyaUCy6H+FbWtOC4X5mSMM39N8N4O9bRg
SKNSOFee7wiSdI80ivjsrIemlYhQRga7XhOAF26W4jCPThdBBBFLTzXMXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLblAOaXCWNbrucEQZ0JgPwfU2ogMB8GA1UdIwQY
MBaAFFEs8tc4vGpHi+uMqIJBAf8PyBphMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUt
NzAwMWJhZjc3NWYyLzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUtNzAwMWJhZjc3NWYy
LzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkv0WMnTK
xdc76Qk1pTRrPZBozHnu+S2pKsnJNVyepcV9Twp6qBeB+ts0F1seTWpsFywkSNeY
0if4tywHBYM0nUTvjFMfvJSypcIvA7AqbP4wEPOCA3mFCVNi9GThrE2nusflzGH+
/UwQYgmjjTwReZ8EpE71jMseXFwNj+jWNqShwh2gLf14SnOZq4LYDTe6m0hW2DVp
yTJD/ZRFYNFDIHQUBmiXZlvn3tslpyHk8YMAqQcNzF+zG7NtyajR73cPp0y1zRif
+K54fbH9hecBwU7A2wqNmSXyV9JqlJyUiL5hLS07A+aA8mBp1gg3zAgq9xYpM1DA
25GCMjG2WXBmHQ==
-----END CERTIFICATE-----