Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
File:                     USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json)
Hash identifier:          yZpztHTdsIBspoSdv29xxmzhLOPwa62OXMO07o7Ko0I=
Subject key identifier:   AC:CE:E3:40:79:9A:B1:D1:C7:D2:E7:AD:E8:16:F7:BB:97:5F:B2:EC
Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47
Certificate issuer:       /CN=5121996654a0bb4f00858c402a820bb64be09547
Certificate serial:       0197B890313D126F28E4895C0AD81FBC6BBE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
Manifest number:          0835
Signing time:             Sat 28 Jun 2025 22:02:26 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:26 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:26 +0000
Files and hashes:         1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: Y6EUcK2a5dwQtijBhRF1n5jqoCQ2AEsaHqQGMKruPX8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:31:3d:12:6f:28:e4:89:5c:0a:d8:1f:bc:6b:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547
        Validity
            Not Before: Jun 28 22:02:26 2025 GMT
            Not After : Jun 29 22:02:26 2025 GMT
        Subject: CN=accee340799ab1d1c7d2e7ade816f7bb975fb2ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:12:f3:a3:1c:ed:c0:52:4e:05:50:62:fa:70:
                    7a:d8:41:ba:41:d8:ea:70:d3:09:be:b3:cb:24:e8:
                    62:dc:01:21:ea:9e:31:05:e3:e8:41:5e:96:ff:f5:
                    b1:87:67:57:40:2c:54:79:3b:c8:d9:c1:f3:4f:2b:
                    9b:e5:37:3d:0a:cb:77:df:6e:ef:c0:30:b0:9b:67:
                    3b:d2:cc:33:29:43:7c:63:a8:46:1c:8b:cb:f6:65:
                    f0:64:50:3e:01:fa:96:87:81:06:0b:00:96:b1:ec:
                    59:26:79:cf:b3:d5:91:a9:20:c1:e6:07:29:13:0a:
                    61:59:97:bd:3e:f8:23:69:03:5f:b6:bd:f8:c6:00:
                    38:d9:6e:fd:f5:55:0d:c5:24:d6:12:4b:8f:db:6a:
                    b5:ab:4f:b5:9e:5e:6f:b6:33:55:2a:26:b3:1f:67:
                    a3:cf:97:ae:70:f4:1b:50:aa:c4:2c:db:c5:91:ed:
                    e3:8c:a3:aa:b3:14:d3:91:b1:a3:41:f6:75:39:4f:
                    fd:ec:a1:57:d2:83:24:c7:fb:be:45:ff:94:b4:31:
                    95:25:99:b0:7d:98:59:b6:a5:c7:fd:3e:89:52:35:
                    6c:b7:69:30:a0:31:aa:61:92:e3:61:17:9d:3a:a5:
                    a1:05:00:33:d3:28:6c:78:32:3e:c1:85:1c:86:08:
                    d6:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:CE:E3:40:79:9A:B1:D1:C7:D2:E7:AD:E8:16:F7:BB:97:5F:B2:EC
            X509v3 Authority Key Identifier:
                keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:44:33:cf:38:f0:67:3a:c7:10:15:f5:6e:ee:3f:54:11:e2:
         e8:8b:49:fa:f5:5f:a8:33:77:af:69:3e:e0:02:42:ca:e9:7f:
         0d:f9:7b:3e:64:2e:a4:ae:2b:b3:29:12:ba:81:70:36:b8:d3:
         e1:0e:d5:f0:5c:9e:c4:d2:ba:d5:f3:e3:db:16:93:60:0f:aa:
         94:9f:e9:f0:4a:20:c4:de:2f:c4:84:7a:b9:97:a1:d4:c5:e3:
         7c:e7:33:af:26:0b:56:82:80:ae:68:b2:9b:ba:57:0e:93:65:
         d1:d2:3a:12:20:21:e3:10:91:12:b7:32:0e:e9:7a:b6:ad:1e:
         11:c1:f4:34:0f:23:d4:75:13:7b:dc:45:54:b5:77:21:f8:c8:
         05:27:29:32:c4:ef:d0:e6:79:35:32:98:fa:25:c9:54:10:01:
         fc:1a:40:07:6b:e8:3b:60:30:cf:83:5a:aa:95:f9:79:0f:97:
         48:26:14:da:ba:46:b7:9c:b2:18:f9:e0:91:23:7f:b8:99:ce:
         ce:3b:30:07:40:f6:51:23:e3:1c:ff:eb:dc:8f:d8:11:3b:c2:
         93:02:a4:50:b3:ea:ff:07:53:0c:9c:5f:64:47:01:2a:bb:6b:
         f1:ce:54:e4:80:c1:04:3d:cb:13:0d:8f:d0:4f:40:76:b4:22:
         95:44:7e:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kDE9Em8o5IlcCtgfvGu+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl
MDk1NDcwHhcNMjUwNjI4MjIwMjI2WhcNMjUwNjI5MjIwMjI2WjAzMTEwLwYDVQQD
EyhhY2NlZTM0MDc5OWFiMWQxYzdkMmU3YWRlODE2ZjdiYjk3NWZiMmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRLzoxztwFJOBVBi+nB62EG6Qdjq
cNMJvrPLJOhi3AEh6p4xBePoQV6W//Wxh2dXQCxUeTvI2cHzTyub5Tc9Cst3327v
wDCwm2c70swzKUN8Y6hGHIvL9mXwZFA+AfqWh4EGCwCWsexZJnnPs9WRqSDB5gcp
EwphWZe9PvgjaQNftr34xgA42W799VUNxSTWEkuP22q1q0+1nl5vtjNVKiazH2ej
z5eucPQbUKrELNvFke3jjKOqsxTTkbGjQfZ1OU/97KFX0oMkx/u+Rf+UtDGVJZmw
fZhZtqXH/T6JUjVst2kwoDGqYZLjYRedOqWhBQAz0yhseDI+wYUchgjWwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKzO40B5mrHRx9LnregW97uXX7LsMB8GA1UdIwQY
MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt
OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz
LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEUQzzzjw
ZzrHEBX1bu4/VBHi6ItJ+vVfqDN3r2k+4AJCyul/Dfl7PmQupK4rsykSuoFwNrjT
4Q7V8FyexNK61fPj2xaTYA+qlJ/p8EogxN4vxIR6uZeh1MXjfOczryYLVoKArmiy
m7pXDpNl0dI6EiAh4xCRErcyDul6tq0eEcH0NA8j1HUTe9xFVLV3IfjIBScpMsTv
0OZ5NTKY+iXJVBAB/BpAB2voO2Awz4NaqpX5eQ+XSCYU2rpGt5yyGPngkSN/uJnO
zjswB0D2USPjHP/r3I/YETvCkwKkULPq/wdTDJxfZEcBKrtr8c5U5IDBBD3LEw2P
0E9AdrQilUR+hQ==
-----END CERTIFICATE-----