Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
File:                     USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json)
Hash identifier:          X4l17lw7Rp9odLf8mZefgL5vTR8SB3HFBEQU6VVWylk=
Subject key identifier:   CF:BE:BF:2F:51:86:57:33:0A:99:9E:23:65:EF:E8:C5:6A:28:CF:E3
Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47
Certificate issuer:       /CN=5121996654a0bb4f00858c402a820bb64be09547
Certificate serial:       0196C34B811D00A2AA724C935C950639D2BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
Manifest number:          07B6
Signing time:             Mon 12 May 2025 07:00:27 +0000
Manifest this update:     Mon 12 May 2025 07:00:27 +0000
Manifest next update:     Tue 13 May 2025 07:00:27 +0000
Files and hashes:         1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: o1QjA7ZkGhW8Ct8aLAgTdLyWQK8ifh8C6gcQCpsbgWQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4b:81:1d:00:a2:aa:72:4c:93:5c:95:06:39:d2:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547
        Validity
            Not Before: May 12 07:00:27 2025 GMT
            Not After : May 13 07:00:27 2025 GMT
        Subject: CN=cfbebf2f518657330a999e2365efe8c56a28cfe3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:6f:9a:7b:d2:35:ed:b9:e6:91:c5:50:84:a1:
                    35:33:c6:54:a3:42:4f:ad:97:1d:e7:e7:d4:10:c4:
                    b3:ec:a9:9d:9a:99:3f:af:63:46:06:d6:85:de:97:
                    7f:3e:3b:c3:73:92:d7:68:2d:e2:19:71:48:80:0f:
                    8b:64:f1:98:60:f3:d8:f9:89:c0:cf:57:ae:f4:1c:
                    db:5c:0f:e9:24:a6:9c:36:1b:81:17:d0:62:2d:15:
                    21:64:28:88:ed:ae:f0:68:42:38:d4:9a:13:3a:16:
                    90:1d:e6:61:7e:72:2c:37:e2:07:3a:2c:f5:19:b8:
                    43:dc:d3:95:af:ee:dd:12:01:a5:8a:9a:52:2e:dc:
                    88:1e:13:3b:78:75:c5:09:a0:5b:b2:89:80:e1:6e:
                    2e:5e:47:86:56:f6:8e:b3:e6:92:0b:42:a7:1d:19:
                    74:c5:a8:bd:d6:f3:dd:84:04:4a:a5:d8:bc:6c:18:
                    94:c0:0c:13:b8:90:5a:b6:40:4e:28:58:36:1e:b1:
                    58:9a:59:ee:e6:e2:76:26:ad:11:0d:cf:3a:27:29:
                    4e:af:94:b2:e6:80:4e:74:15:64:8e:af:25:06:ce:
                    77:fb:9e:83:e3:d9:81:86:e0:eb:29:af:24:f9:4c:
                    1a:a2:46:56:26:02:19:68:a9:cd:d7:9e:4b:f2:29:
                    0c:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:BE:BF:2F:51:86:57:33:0A:99:9E:23:65:EF:E8:C5:6A:28:CF:E3
            X509v3 Authority Key Identifier:
                keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:5c:d6:07:51:94:b9:6a:f0:55:10:9a:fa:c4:85:65:82:a2:
         d6:ac:c3:07:53:cd:d4:24:23:e1:79:b4:48:06:6c:09:40:ef:
         9d:c1:87:e7:60:fc:74:c6:d4:21:e6:fb:7d:82:7f:fd:22:08:
         23:2f:82:67:be:dc:0a:0a:98:cd:5e:a7:6b:d8:ce:c4:df:14:
         5f:29:dd:85:2c:7e:5f:98:38:1d:7c:95:f8:3b:12:40:12:9d:
         61:49:0d:28:7e:05:d2:a4:51:c2:69:35:a9:2d:62:ba:5b:05:
         33:97:23:6d:41:0f:aa:8e:a0:ce:97:a2:af:76:68:fe:4c:cc:
         75:bc:07:c5:e2:05:0e:65:f3:cf:70:cc:8a:07:51:33:89:51:
         a3:8e:c3:c9:3f:ad:cc:6c:20:6f:b7:f7:41:14:c0:b3:4d:7e:
         9b:48:55:da:34:6e:c8:6f:2e:fa:bd:b3:58:eb:b6:b2:71:6c:
         c0:e5:19:6e:9f:48:83:fb:6c:76:04:ae:56:d5:24:f4:84:77:
         54:d8:c8:70:8f:54:0f:90:4e:52:f7:2d:cf:82:7b:84:81:f7:
         8d:d8:f7:aa:4d:03:81:0f:07:78:bf:6f:47:9d:90:ca:eb:34:
         ec:d6:5d:6f:1b:6a:08:ce:54:aa:a4:84:86:5c:fd:ea:10:cb:
         fe:4f:0c:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDS4EdAKKqckyTXJUGOdK7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl
MDk1NDcwHhcNMjUwNTEyMDcwMDI3WhcNMjUwNTEzMDcwMDI3WjAzMTEwLwYDVQQD
EyhjZmJlYmYyZjUxODY1NzMzMGE5OTllMjM2NWVmZThjNTZhMjhjZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm+ae9I17bnmkcVQhKE1M8ZUo0JP
rZcd5+fUEMSz7Kmdmpk/r2NGBtaF3pd/PjvDc5LXaC3iGXFIgA+LZPGYYPPY+YnA
z1eu9BzbXA/pJKacNhuBF9BiLRUhZCiI7a7waEI41JoTOhaQHeZhfnIsN+IHOiz1
GbhD3NOVr+7dEgGlippSLtyIHhM7eHXFCaBbsomA4W4uXkeGVvaOs+aSC0KnHRl0
xai91vPdhARKpdi8bBiUwAwTuJBatkBOKFg2HrFYmlnu5uJ2Jq0RDc86JylOr5Sy
5oBOdBVkjq8lBs53+56D49mBhuDrKa8k+UwaokZWJgIZaKnN155L8ikMdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM++vy9RhlczCpmeI2Xv6MVqKM/jMB8GA1UdIwQY
MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt
OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz
LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiFzWB1GU
uWrwVRCa+sSFZYKi1qzDB1PN1CQj4Xm0SAZsCUDvncGH52D8dMbUIeb7fYJ//SII
Iy+CZ77cCgqYzV6na9jOxN8UXyndhSx+X5g4HXyV+DsSQBKdYUkNKH4F0qRRwmk1
qS1iulsFM5cjbUEPqo6gzpeir3Zo/kzMdbwHxeIFDmXzz3DMigdRM4lRo47DyT+t
zGwgb7f3QRTAs01+m0hV2jRuyG8u+r2zWOu2snFswOUZbp9Ig/tsdgSuVtUk9IR3
VNjIcI9UD5BOUvctz4J7hIH3jdj3qk0DgQ8HeL9vR52Qyus07NZdbxtqCM5UqqSE
hlz96hDL/k8M1Q==
-----END CERTIFICATE-----