Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
File:                     USzy1zi8akeL64yogkEB_w_IGmE.mft (raw, json)
Hash identifier:          anCKOK8rwukHQEF6kEQkcIEOl/YKRKB4YoHwRHqpVWM=
Subject key identifier:   3D:44:EA:2E:64:4E:71:4C:60:3F:FD:E2:67:92:D8:D6:F4:4E:C5:F5
Authority key identifier: 51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61
Certificate issuer:       /CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
Certificate serial:       019D27A908F89D556DF50F438C35FE1BDF49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
Manifest number:          0668
Signing time:             Thu 26 Mar 2026 01:01:22 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:22 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:22 +0000
Files and hashes:         1: USzy1zi8akeL64yogkEB_w_IGmE.crl (hash: 9AAO7X8NwcQdvQ/MOlU9/3njx8LBRmFafJ/WjllTA94=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a9:08:f8:9d:55:6d:f5:0f:43:8c:35:fe:1b:df:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
        Validity
            Not Before: Mar 26 01:01:22 2026 GMT
            Not After : Mar 27 01:01:22 2026 GMT
        Subject: CN=3d44ea2e644e714c603ffde26792d8d6f44ec5f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:a5:ba:09:18:cb:a3:dd:05:4c:8a:0e:ba:8e:
                    e6:aa:4a:9c:fe:85:0d:3e:9b:a6:b8:34:ff:ae:3f:
                    06:80:e2:c4:2d:e2:f5:1d:00:da:a2:ba:df:45:83:
                    96:e9:9a:6a:d9:1a:cd:2f:a2:c6:78:68:72:4b:8f:
                    59:10:89:02:6f:6d:2e:5c:21:ad:c7:e4:a6:ee:fd:
                    c5:46:6d:e3:9a:bd:7f:03:07:42:5f:8b:5b:c3:90:
                    51:78:bc:ae:fd:c5:24:49:55:c9:55:2e:eb:e1:12:
                    bf:27:84:ca:e0:8b:c5:37:25:fe:1d:ac:a7:09:b2:
                    b0:a1:b3:c9:35:35:6a:67:ab:94:d1:01:ae:a8:93:
                    74:34:04:f1:bd:a8:e8:22:d2:8d:4d:94:29:05:ec:
                    e8:c3:f1:35:fe:b0:9e:c0:bf:d7:27:30:72:9b:f5:
                    3d:5d:c7:19:18:08:45:7c:81:20:ad:62:52:06:ae:
                    11:ee:fc:9c:c7:9e:e3:ef:d4:96:1c:7b:9c:3d:9c:
                    c9:86:ad:e6:1a:ab:08:d4:b3:e0:ab:95:b7:d3:4d:
                    7a:de:a4:b9:01:19:8d:62:ec:63:fe:16:3f:6c:ad:
                    2e:0f:7a:98:0a:14:ee:34:ec:f4:97:dc:86:83:17:
                    fc:76:4f:63:c2:79:b4:8d:7a:53:dd:57:e1:79:b6:
                    0b:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:44:EA:2E:64:4E:71:4C:60:3F:FD:E2:67:92:D8:D6:F4:4E:C5:F5
            X509v3 Authority Key Identifier:
                keyid:51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:d9:62:81:2e:6d:69:3b:f1:39:e1:d9:0d:a2:e5:70:35:5f:
         fd:db:ce:e4:3a:49:dd:50:9f:08:c3:18:a6:5b:d0:46:8c:6e:
         32:7b:96:82:9c:6b:6e:02:93:bb:c8:28:50:ec:74:74:7f:d5:
         6d:c3:04:d5:4e:ed:ba:41:db:db:36:0f:40:5b:57:ec:0e:75:
         76:b0:86:a9:74:27:89:09:0c:cd:0b:39:6e:47:97:7c:73:8a:
         63:27:00:c3:86:78:06:c9:0a:5a:02:48:40:56:7b:8f:db:04:
         91:2d:2d:1d:b0:f5:bd:b1:f4:11:78:c6:77:bd:67:6b:9b:e3:
         dc:f7:a5:86:65:9b:8a:07:db:13:e1:c2:fd:1a:f5:ee:bc:95:
         20:7a:6f:8e:57:57:f2:e5:3b:11:98:79:07:b8:1a:c7:c9:21:
         2d:47:40:e4:1a:d8:1d:56:ea:df:91:5b:53:78:5f:dd:83:a0:
         7b:d5:dd:3f:9e:15:39:a2:1b:eb:2d:50:1f:4c:39:58:cc:ad:
         44:28:01:69:ef:ef:bf:bd:6d:51:de:7c:ce:4b:46:19:8e:67:
         a6:75:d3:fd:f1:b3:b3:df:a6:7a:b9:fa:61:2d:53:4e:d2:9b:
         0e:0a:6e:b8:82:47:a3:ae:85:46:72:84:5d:88:41:6d:7a:b9:
         f9:44:6c:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqQj4nVVt9Q9DjDX+G99JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMmNmMmQ3MzhiYzZhNDc4YmViOGNhODgyNDEwMWZmMGZj
ODFhNjEwHhcNMjYwMzI2MDEwMTIyWhcNMjYwMzI3MDEwMTIyWjAzMTEwLwYDVQQD
EygzZDQ0ZWEyZTY0NGU3MTRjNjAzZmZkZTI2NzkyZDhkNmY0NGVjNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaW6CRjLo90FTIoOuo7mqkqc/oUN
PpumuDT/rj8GgOLELeL1HQDaorrfRYOW6Zpq2RrNL6LGeGhyS49ZEIkCb20uXCGt
x+Sm7v3FRm3jmr1/AwdCX4tbw5BReLyu/cUkSVXJVS7r4RK/J4TK4IvFNyX+Hayn
CbKwobPJNTVqZ6uU0QGuqJN0NATxvajoItKNTZQpBezow/E1/rCewL/XJzBym/U9
XccZGAhFfIEgrWJSBq4R7vycx57j79SWHHucPZzJhq3mGqsI1LPgq5W300163qS5
ARmNYuxj/hY/bK0uD3qYChTuNOz0l9yGgxf8dk9jwnm0jXpT3VfhebYLCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1E6i5kTnFMYD/94meS2Nb0TsX1MB8GA1UdIwQY
MBaAFFEs8tc4vGpHi+uMqIJBAf8PyBphMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUt
NzAwMWJhZjc3NWYyLzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUtNzAwMWJhZjc3NWYy
LzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi9ligS5t
aTvxOeHZDaLlcDVf/dvO5DpJ3VCfCMMYplvQRoxuMnuWgpxrbgKTu8goUOx0dH/V
bcME1U7tukHb2zYPQFtX7A51drCGqXQniQkMzQs5bkeXfHOKYycAw4Z4BskKWgJI
QFZ7j9sEkS0tHbD1vbH0EXjGd71na5vj3PelhmWbigfbE+HC/Rr17ryVIHpvjldX
8uU7EZh5B7gax8khLUdA5BrYHVbq35FbU3hf3YOge9XdP54VOaIb6y1QH0w5WMyt
RCgBae/vv71tUd58zktGGY5npnXT/fGzs9+mern6YS1TTtKbDgpuuIJHo66FRnKE
XYhBbXq5+URsZQ==
-----END CERTIFICATE-----