Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
File:                     USzy1zi8akeL64yogkEB_w_IGmE.mft (raw, json)
Hash identifier:          qX60a4SScfc686Fx3hTYDqBVp0QILYsRNbdbP2HHGzo=
Subject key identifier:   2A:AD:E7:3D:4E:FB:85:70:E8:1A:1D:EE:EF:93:7B:F0:57:B1:C4:DD
Authority key identifier: 51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61
Certificate issuer:       /CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
Certificate serial:       0199FC8F1B50538D9ACFCD9298FE91BEA20A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
Manifest number:          04C4
Signing time:             Sun 19 Oct 2025 13:01:00 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:00 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:00 +0000
Files and hashes:         1: USzy1zi8akeL64yogkEB_w_IGmE.crl (hash: w+mn/b/3R38OGP/HBxqAL6RCqz6531/kL7AyiT5Ujzw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:1b:50:53:8d:9a:cf:cd:92:98:fe:91:be:a2:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
        Validity
            Not Before: Oct 19 13:01:00 2025 GMT
            Not After : Oct 20 13:01:00 2025 GMT
        Subject: CN=2aade73d4efb8570e81a1deeef937bf057b1c4dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:17:1a:7a:0e:4e:25:a4:f7:d4:cd:71:d9:54:
                    bb:13:2f:2c:67:e5:4c:b0:38:35:80:42:89:e6:08:
                    f4:3c:22:e2:91:ef:d5:0d:ec:ee:ae:37:81:1d:a3:
                    44:71:a4:84:bf:1f:73:75:eb:7a:eb:bb:7d:06:70:
                    ef:85:0c:57:c8:9f:6d:72:91:83:b5:49:d0:88:ea:
                    64:15:2d:67:12:c4:51:7e:b0:d7:67:fc:04:d1:2f:
                    80:c6:76:15:0a:36:78:ea:bf:6b:80:e1:6e:2a:92:
                    bb:11:94:dd:97:72:3a:0f:78:c0:25:2a:d4:60:11:
                    f7:36:cf:70:6a:01:81:8a:e0:2a:9c:97:15:6c:2b:
                    90:78:25:23:b4:be:8e:72:70:39:d8:95:c6:0d:fc:
                    36:7e:e8:93:9a:b3:f5:b1:d3:36:7e:3f:60:26:4b:
                    d9:ae:a8:7f:90:79:8f:b8:d3:74:59:2d:53:9d:ab:
                    e7:1f:3b:23:1c:c5:f6:41:c0:2d:bf:a5:40:59:e6:
                    4c:59:14:6d:a0:29:2a:65:be:47:f6:c6:12:4c:86:
                    66:ef:13:db:9a:13:38:e6:7e:6b:7b:3e:a0:89:ac:
                    82:75:fd:2b:cc:43:36:8b:75:3c:12:27:5e:03:79:
                    f3:59:d7:15:af:97:e1:6f:5a:9c:cb:40:c8:60:ea:
                    b2:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:AD:E7:3D:4E:FB:85:70:E8:1A:1D:EE:EF:93:7B:F0:57:B1:C4:DD
            X509v3 Authority Key Identifier:
                keyid:51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:ac:75:e6:42:f1:34:65:85:cf:4e:30:f8:df:ca:ff:7e:9b:
         d0:98:cc:96:94:7b:9f:d9:88:8e:9a:f2:2f:68:11:27:f4:ab:
         64:4b:50:69:b2:52:ff:93:fa:62:83:27:b6:08:e8:e0:ad:9e:
         78:ec:82:de:e4:08:1f:2b:b2:35:b5:0e:b0:61:15:c1:1f:47:
         fa:3b:cb:6f:36:ba:f7:6e:c9:b3:53:88:17:6c:46:06:af:ec:
         7b:f2:73:d5:25:0e:de:b1:f1:3c:00:50:c4:8a:07:64:48:4a:
         63:f3:e2:f6:73:e2:68:23:00:98:02:39:13:18:62:25:a7:82:
         87:02:b9:a7:72:d7:d4:09:d8:c9:11:8d:ff:1f:9e:0d:8f:83:
         84:f2:58:6f:32:3d:c0:47:e9:3f:58:7a:53:34:88:d8:2c:19:
         43:ce:9b:b8:ff:ee:f2:23:1a:a7:dc:52:d0:6f:ff:07:15:c1:
         a8:3d:d8:85:14:df:ea:ec:e5:f0:b0:7d:8a:e9:78:d9:30:93:
         1a:73:31:0a:6a:a0:01:04:e4:06:22:36:a9:79:4b:87:7c:46:
         53:49:39:57:57:35:82:42:b6:a5:13:79:4f:57:02:0d:8b:56:
         b8:50:ad:42:d3:af:f0:32:38:2d:6a:41:59:7f:bf:ea:3e:77:
         c1:ae:94:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8jxtQU42az82SmP6RvqIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMmNmMmQ3MzhiYzZhNDc4YmViOGNhODgyNDEwMWZmMGZj
ODFhNjEwHhcNMjUxMDE5MTMwMTAwWhcNMjUxMDIwMTMwMTAwWjAzMTEwLwYDVQQD
EygyYWFkZTczZDRlZmI4NTcwZTgxYTFkZWVlZjkzN2JmMDU3YjFjNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixcaeg5OJaT31M1x2VS7Ey8sZ+VM
sDg1gEKJ5gj0PCLike/VDezurjeBHaNEcaSEvx9zdet667t9BnDvhQxXyJ9tcpGD
tUnQiOpkFS1nEsRRfrDXZ/wE0S+AxnYVCjZ46r9rgOFuKpK7EZTdl3I6D3jAJSrU
YBH3Ns9wagGBiuAqnJcVbCuQeCUjtL6OcnA52JXGDfw2fuiTmrP1sdM2fj9gJkvZ
rqh/kHmPuNN0WS1TnavnHzsjHMX2QcAtv6VAWeZMWRRtoCkqZb5H9sYSTIZm7xPb
mhM45n5rez6giayCdf0rzEM2i3U8EideA3nzWdcVr5fhb1qcy0DIYOqyvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqt5z1O+4Vw6Bod7u+Te/BXscTdMB8GA1UdIwQY
MBaAFFEs8tc4vGpHi+uMqIJBAf8PyBphMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUt
NzAwMWJhZjc3NWYyLzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUtNzAwMWJhZjc3NWYy
LzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeqx15kLx
NGWFz04w+N/K/36b0JjMlpR7n9mIjpryL2gRJ/SrZEtQabJS/5P6YoMntgjo4K2e
eOyC3uQIHyuyNbUOsGEVwR9H+jvLbza6927Js1OIF2xGBq/se/Jz1SUO3rHxPABQ
xIoHZEhKY/Pi9nPiaCMAmAI5ExhiJaeChwK5p3LX1AnYyRGN/x+eDY+DhPJYbzI9
wEfpP1h6UzSI2CwZQ86buP/u8iMap9xS0G//BxXBqD3YhRTf6uzl8LB9iul42TCT
GnMxCmqgAQTkBiI2qXlLh3xGU0k5V1c1gkK2pRN5T1cCDYtWuFCtQtOv8DI4LWpB
WX+/6j53wa6Ubw==
-----END CERTIFICATE-----