Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
File:                     USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json)
Hash identifier:          i/HKRgdhqOvwgzZ0sT5rCmLIR9js/MaE7X3vBkZ/fKA=
Subject key identifier:   C4:47:D5:DE:40:19:5C:93:27:CC:5A:5B:5D:65:60:2D:FF:9B:F5:9F
Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47
Certificate issuer:       /CN=5121996654a0bb4f00858c402a820bb64be09547
Certificate serial:       0198D472A3604EE87194F41594FE2D48AFCE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
Manifest number:          08C8
Signing time:             Sat 23 Aug 2025 01:02:19 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:19 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:19 +0000
Files and hashes:         1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: htEwHx9po3rgdZjVrXFlNSB6RF96FxA7rmjEwqJzN6g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:a3:60:4e:e8:71:94:f4:15:94:fe:2d:48:af:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547
        Validity
            Not Before: Aug 23 01:02:19 2025 GMT
            Not After : Aug 24 01:02:19 2025 GMT
        Subject: CN=c447d5de40195c9327cc5a5b5d65602dff9bf59f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:19:0c:49:50:94:ee:25:c0:e9:50:5a:c1:13:
                    91:22:75:74:cd:bb:81:5b:82:0b:97:4a:24:57:6a:
                    6f:05:b7:ed:18:52:17:cd:1f:10:06:4a:64:9b:74:
                    5a:ec:a9:5f:ec:f6:d0:9c:93:30:7b:e2:86:72:f3:
                    9f:45:a6:19:09:52:6a:1e:22:7c:a2:c5:50:d0:76:
                    bd:88:37:63:af:b7:a8:79:d2:eb:cf:09:33:03:82:
                    72:78:99:fd:d4:20:2d:1b:af:58:c0:9b:d1:ef:c5:
                    1f:12:cc:ae:b1:1d:98:56:0b:ce:ad:f0:8b:c9:f6:
                    4c:73:c8:53:f2:3a:69:e5:4f:f3:18:ae:e7:78:4b:
                    0b:b6:3d:43:47:a3:4d:8b:08:da:ef:3b:d6:d0:bc:
                    ad:98:a7:02:1a:f1:91:d3:26:ac:2d:eb:90:75:f5:
                    56:13:5d:6b:42:41:d2:76:d7:66:71:95:57:30:25:
                    e4:ec:df:0e:01:51:00:dc:3d:79:1c:49:b2:09:34:
                    6c:f4:33:9b:6d:3c:9a:37:6e:03:b4:c6:d4:02:42:
                    6b:a3:3b:8c:20:e6:d4:e8:3e:83:38:b0:1d:2c:cd:
                    58:7b:f9:b4:dd:91:81:bf:1f:37:f4:8c:3f:15:1f:
                    fe:d1:57:8b:36:ed:b0:1f:e0:ff:36:92:df:ea:93:
                    c9:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:47:D5:DE:40:19:5C:93:27:CC:5A:5B:5D:65:60:2D:FF:9B:F5:9F
            X509v3 Authority Key Identifier:
                keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:61:75:02:8e:2e:59:5d:0a:37:bf:ac:2d:97:c0:58:6c:98:
         24:9f:55:2d:ed:bd:e1:cf:25:5e:3e:60:78:3f:16:42:f5:5c:
         7b:34:67:19:92:ae:95:d6:e7:49:f5:04:3e:b0:e8:19:4d:9a:
         af:5a:d9:6f:54:1c:d8:bb:70:38:c0:cd:ed:af:cf:a5:e8:88:
         a1:4b:44:46:f3:53:12:eb:78:41:3d:0f:7a:a4:aa:4c:1f:9b:
         29:63:27:cd:c1:e8:99:e2:ee:13:f1:ee:b3:e7:c5:c0:19:de:
         bd:09:c4:dc:f5:ce:bc:47:c3:60:dc:58:f8:3d:aa:24:62:91:
         66:f8:54:9a:60:19:ec:a8:71:ce:4e:63:f1:e3:24:c5:f4:7f:
         92:88:30:c6:8d:fe:43:ee:03:b1:3c:f9:d0:6c:2c:3c:46:19:
         4c:8f:f6:d3:39:71:3d:11:bc:d0:8b:3c:42:8d:30:59:04:1a:
         10:df:8d:75:55:9d:e8:f9:94:93:3b:19:71:9b:45:6e:92:23:
         b6:f3:c8:c0:9d:08:61:03:33:c7:3b:e5:e7:81:61:3d:dd:88:
         67:a0:dd:be:64:4d:36:65:8b:12:a6:35:e6:0d:06:a8:d1:2d:
         87:04:2e:56:c3:1e:3c:3c:9d:d2:f1:22:43:35:dc:00:eb:60:
         93:3c:aa:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcqNgTuhxlPQVlP4tSK/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl
MDk1NDcwHhcNMjUwODIzMDEwMjE5WhcNMjUwODI0MDEwMjE5WjAzMTEwLwYDVQQD
EyhjNDQ3ZDVkZTQwMTk1YzkzMjdjYzVhNWI1ZDY1NjAyZGZmOWJmNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4xkMSVCU7iXA6VBawRORInV0zbuB
W4ILl0okV2pvBbftGFIXzR8QBkpkm3Ra7Klf7PbQnJMwe+KGcvOfRaYZCVJqHiJ8
osVQ0Ha9iDdjr7eoedLrzwkzA4JyeJn91CAtG69YwJvR78UfEsyusR2YVgvOrfCL
yfZMc8hT8jpp5U/zGK7neEsLtj1DR6NNiwja7zvW0LytmKcCGvGR0yasLeuQdfVW
E11rQkHSdtdmcZVXMCXk7N8OAVEA3D15HEmyCTRs9DObbTyaN24DtMbUAkJrozuM
IObU6D6DOLAdLM1Ye/m03ZGBvx839Iw/FR/+0VeLNu2wH+D/NpLf6pPJRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMRH1d5AGVyTJ8xaW11lYC3/m/WfMB8GA1UdIwQY
MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt
OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz
LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR2F1Ao4u
WV0KN7+sLZfAWGyYJJ9VLe294c8lXj5geD8WQvVcezRnGZKuldbnSfUEPrDoGU2a
r1rZb1Qc2LtwOMDN7a/PpeiIoUtERvNTEut4QT0PeqSqTB+bKWMnzcHomeLuE/Hu
s+fFwBnevQnE3PXOvEfDYNxY+D2qJGKRZvhUmmAZ7Khxzk5j8eMkxfR/kogwxo3+
Q+4DsTz50GwsPEYZTI/20zlxPRG80Is8Qo0wWQQaEN+NdVWd6PmUkzsZcZtFbpIj
tvPIwJ0IYQMzxzvl54FhPd2IZ6DdvmRNNmWLEqY15g0GqNEthwQuVsMePDyd0vEi
QzXcAOtgkzyquA==
-----END CERTIFICATE-----