Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
File:                     USzy1zi8akeL64yogkEB_w_IGmE.mft (raw, json)
Hash identifier:          cvB0jh/zbsQFX7lwuQ6bbNXxY/RndPVKq85PyEyosvM=
Subject key identifier:   3E:C1:73:D7:3F:7C:67:0E:3F:85:28:07:DE:AF:E1:E3:BE:D8:82:18
Authority key identifier: 51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61
Certificate issuer:       /CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
Certificate serial:       0197B745B71700B2BF9D95E466EB91FE380B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
Manifest number:          0397
Signing time:             Sat 28 Jun 2025 16:01:28 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:28 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:28 +0000
Files and hashes:         1: USzy1zi8akeL64yogkEB_w_IGmE.crl (hash: vzMBaD+QWdJFwFeOukQ5qHgjsYwGRlJMjIADt8Sd8UU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:b7:17:00:b2:bf:9d:95:e4:66:eb:91:fe:38:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
        Validity
            Not Before: Jun 28 16:01:28 2025 GMT
            Not After : Jun 29 16:01:28 2025 GMT
        Subject: CN=3ec173d73f7c670e3f852807deafe1e3bed88218
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:c5:19:b4:63:ab:61:33:8f:a7:60:8e:58:8b:
                    e2:48:b1:e7:a0:e9:f0:0f:cf:d6:21:31:38:59:19:
                    1e:a2:32:87:50:c2:35:39:27:83:72:91:60:55:cb:
                    9d:58:1b:2d:7a:2e:45:8f:66:32:e8:c9:af:1f:ca:
                    31:80:e1:68:bb:0f:cb:66:9b:b1:5d:95:bf:db:50:
                    ae:fb:1b:8c:85:eb:79:8e:a6:ac:97:81:7e:71:87:
                    d7:5e:5f:e1:58:14:2f:3c:a6:fc:d6:1d:23:dc:de:
                    f7:93:1e:84:33:e2:5e:d5:53:59:ab:4d:96:ba:1c:
                    b2:ef:66:71:50:9a:5f:39:57:40:9b:c1:a1:bd:d5:
                    86:81:9c:dd:fe:d3:b9:1a:72:6f:89:f0:1c:82:02:
                    5e:05:a0:fb:45:7a:9e:f9:8b:66:c1:7a:87:51:0d:
                    53:f1:24:9d:63:1b:e4:16:4d:36:45:da:ef:ca:24:
                    e6:0e:61:10:cc:4f:99:5c:b9:3a:10:db:58:26:35:
                    45:ab:d4:28:e3:d7:22:32:5f:e9:ed:02:4a:bd:79:
                    67:0a:26:4e:ea:f2:18:66:33:54:24:31:8b:7a:eb:
                    ec:91:9f:f1:65:d6:8f:3c:e4:fd:e8:61:1f:ba:90:
                    7a:b0:2f:7f:e5:90:0f:15:a9:9c:ae:27:eb:25:95:
                    a3:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:C1:73:D7:3F:7C:67:0E:3F:85:28:07:DE:AF:E1:E3:BE:D8:82:18
            X509v3 Authority Key Identifier:
                keyid:51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:1b:2e:76:a8:d4:9d:a1:2f:40:f1:26:c7:b6:88:9b:4c:bb:
         c4:f3:e7:ec:40:9f:15:b7:8a:46:b8:f6:de:dd:bc:06:f2:5a:
         aa:7c:fc:62:ae:05:8c:ed:61:66:3a:03:52:62:a6:23:3b:32:
         ff:4d:f8:31:54:54:77:a2:02:38:da:c0:7c:3c:40:37:67:02:
         bd:9c:23:e0:2b:65:47:33:01:e4:1b:d6:cf:00:8b:50:c7:4c:
         71:24:fb:52:01:f7:f9:c4:77:28:a4:83:bd:ed:1b:73:e2:e5:
         76:6a:53:9c:d1:96:88:69:d0:4f:2d:55:5d:e8:21:05:5b:ff:
         ca:76:25:88:54:c4:ba:da:8b:8d:4c:6e:2d:32:51:25:38:b7:
         a8:55:7d:3d:ce:d0:cd:13:12:61:ed:78:7e:b4:cb:08:0d:b8:
         c6:43:30:bc:58:ed:86:e3:f4:10:3a:96:1e:70:34:1d:4b:3f:
         b6:40:3d:a6:40:99:b8:fc:8f:8f:7f:3e:87:1c:da:92:5e:5f:
         49:5b:9d:1a:db:2d:d9:a9:46:71:b3:bc:d6:46:e4:2b:36:5b:
         ff:0b:f5:da:c9:fa:9a:f5:ab:90:5b:50:40:61:5a:b2:0e:b3:
         0e:d3:8a:91:40:2a:e0:94:56:96:e6:41:34:12:60:87:bd:99:
         b0:79:34:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RbcXALK/nZXkZuuR/jgLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMmNmMmQ3MzhiYzZhNDc4YmViOGNhODgyNDEwMWZmMGZj
ODFhNjEwHhcNMjUwNjI4MTYwMTI4WhcNMjUwNjI5MTYwMTI4WjAzMTEwLwYDVQQD
EygzZWMxNzNkNzNmN2M2NzBlM2Y4NTI4MDdkZWFmZTFlM2JlZDg4MjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMUZtGOrYTOPp2COWIviSLHnoOnw
D8/WITE4WRkeojKHUMI1OSeDcpFgVcudWBstei5Fj2Yy6MmvH8oxgOFouw/LZpux
XZW/21Cu+xuMhet5jqasl4F+cYfXXl/hWBQvPKb81h0j3N73kx6EM+Je1VNZq02W
uhyy72ZxUJpfOVdAm8GhvdWGgZzd/tO5GnJvifAcggJeBaD7RXqe+YtmwXqHUQ1T
8SSdYxvkFk02RdrvyiTmDmEQzE+ZXLk6ENtYJjVFq9Qo49ciMl/p7QJKvXlnCiZO
6vIYZjNUJDGLeuvskZ/xZdaPPOT96GEfupB6sC9/5ZAPFamcrifrJZWjRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7Bc9c/fGcOP4UoB96v4eO+2IIYMB8GA1UdIwQY
MBaAFFEs8tc4vGpHi+uMqIJBAf8PyBphMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUt
NzAwMWJhZjc3NWYyLzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUtNzAwMWJhZjc3NWYy
LzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANRsudqjU
naEvQPEmx7aIm0y7xPPn7ECfFbeKRrj23t28BvJaqnz8Yq4FjO1hZjoDUmKmIzsy
/034MVRUd6ICONrAfDxAN2cCvZwj4CtlRzMB5BvWzwCLUMdMcST7UgH3+cR3KKSD
ve0bc+LldmpTnNGWiGnQTy1VXeghBVv/ynYliFTEutqLjUxuLTJRJTi3qFV9Pc7Q
zRMSYe14frTLCA24xkMwvFjthuP0EDqWHnA0HUs/tkA9pkCZuPyPj38+hxzakl5f
SVudGtst2alGcbO81kbkKzZb/wv12sn6mvWrkFtQQGFasg6zDtOKkUAq4JRWluZB
NBJgh72ZsHk0/w==
-----END CERTIFICATE-----