Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
File:                     USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json)
Hash identifier:          FGlN7Q+TTk7BcRuEd/HjfxIg86N5+Iv2YLO6jL90UqU=
Subject key identifier:   72:F3:A7:A9:EE:24:DF:36:BA:3D:5C:9D:07:50:F7:C6:26:1B:01:3C
Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47
Certificate issuer:       /CN=5121996654a0bb4f00858c402a820bb64be09547
Certificate serial:       019D270438F101870AEE86B31C0D9BFF4136
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
Manifest number:          0B05
Signing time:             Wed 25 Mar 2026 22:01:21 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:21 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:21 +0000
Files and hashes:         1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: 7sYEQnju2WsWaVEWldj9v8wf0N8+PjrV21D7k42adHo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:38:f1:01:87:0a:ee:86:b3:1c:0d:9b:ff:41:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547
        Validity
            Not Before: Mar 25 22:01:21 2026 GMT
            Not After : Mar 26 22:01:21 2026 GMT
        Subject: CN=72f3a7a9ee24df36ba3d5c9d0750f7c6261b013c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b7:c8:cf:82:cc:0c:02:9c:4d:0e:f0:ca:e5:
                    17:f0:db:12:66:6f:2f:6c:ce:b6:b0:49:f1:eb:70:
                    99:d8:d2:70:bd:1d:09:24:13:a0:7e:59:1b:e6:5e:
                    eb:2c:39:fb:f6:8f:72:7c:d3:4d:f7:78:c6:f8:25:
                    34:9d:51:8d:07:d6:53:86:c5:e3:2f:6d:7c:8a:3b:
                    1b:a1:56:69:30:12:af:af:f6:72:86:a5:eb:6a:5a:
                    43:1a:ed:51:5a:72:c0:55:d9:90:7b:99:a5:ec:03:
                    4a:38:90:bb:bc:a0:0d:46:6e:2c:19:42:37:36:06:
                    02:d8:c7:c5:75:51:7c:2b:4b:78:ed:03:81:a3:73:
                    e6:97:45:e7:f6:f3:76:2f:b9:df:03:16:dc:e5:23:
                    c3:c7:f0:eb:56:fe:06:e4:e6:11:1e:de:da:c1:91:
                    0a:67:23:20:ee:d1:fa:ad:37:07:ba:ff:1e:f3:8d:
                    35:b6:6e:8b:83:c8:5c:83:e7:7b:9b:00:ee:f8:0a:
                    5a:0c:4d:d3:63:3b:65:2c:62:b1:26:51:af:08:10:
                    58:61:76:96:81:82:bd:04:70:60:b8:c9:0c:f4:e0:
                    c7:74:89:e9:7b:08:84:df:34:1e:5d:d4:6e:d6:6d:
                    2f:20:5a:81:d7:f4:32:6b:f9:de:b1:68:7d:be:75:
                    13:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:F3:A7:A9:EE:24:DF:36:BA:3D:5C:9D:07:50:F7:C6:26:1B:01:3C
            X509v3 Authority Key Identifier:
                keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:f1:ea:18:c7:53:1f:65:6c:06:46:a0:70:66:32:b8:88:7c:
         5a:9e:8e:23:5c:76:53:65:a3:31:c1:48:9e:bf:e4:0f:b7:3d:
         76:d6:93:17:c2:85:c3:f2:c8:0e:00:e3:3d:e6:ad:3c:aa:59:
         7a:44:06:74:02:20:64:cf:2c:1f:3e:33:73:e3:7a:fd:79:20:
         79:55:9b:78:fe:97:38:7a:34:10:5d:3a:ea:fb:fe:c2:aa:38:
         24:27:21:36:1f:b9:45:8e:8e:ff:cb:4d:32:87:67:14:32:31:
         22:93:a9:82:32:df:00:c8:ac:94:b8:d5:ee:de:4a:47:aa:33:
         73:b0:1f:0a:c6:52:90:32:79:bf:0e:78:c7:8b:a5:a7:03:a7:
         47:88:ea:87:83:5c:7a:c7:18:fd:16:82:bd:41:4d:97:17:ad:
         30:c8:c6:7b:e0:ce:c5:09:dd:e7:89:7a:6f:e1:e5:83:cf:81:
         fa:aa:21:7d:17:8f:2c:1a:19:4a:72:de:31:7c:89:e0:ce:cf:
         45:6f:42:28:93:5d:5f:77:40:f5:30:bc:67:f8:3c:d9:25:5c:
         0c:c2:3c:dc:81:7f:c4:66:4c:34:25:c2:e2:ee:d5:d3:66:a2:
         0e:24:2d:7e:0d:c2:dd:6e:ab:a9:f4:55:87:bb:4d:94:b4:6d:
         9e:54:9a:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBDjxAYcK7oazHA2b/0E2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl
MDk1NDcwHhcNMjYwMzI1MjIwMTIxWhcNMjYwMzI2MjIwMTIxWjAzMTEwLwYDVQQD
Eyg3MmYzYTdhOWVlMjRkZjM2YmEzZDVjOWQwNzUwZjdjNjI2MWIwMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLfIz4LMDAKcTQ7wyuUX8NsSZm8v
bM62sEnx63CZ2NJwvR0JJBOgflkb5l7rLDn79o9yfNNN93jG+CU0nVGNB9ZThsXj
L218ijsboVZpMBKvr/ZyhqXralpDGu1RWnLAVdmQe5ml7ANKOJC7vKANRm4sGUI3
NgYC2MfFdVF8K0t47QOBo3Pml0Xn9vN2L7nfAxbc5SPDx/DrVv4G5OYRHt7awZEK
ZyMg7tH6rTcHuv8e8401tm6Lg8hcg+d7mwDu+ApaDE3TYztlLGKxJlGvCBBYYXaW
gYK9BHBguMkM9ODHdInpewiE3zQeXdRu1m0vIFqB1/Qya/nesWh9vnUT/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLzp6nuJN82uj1cnQdQ98YmGwE8MB8GA1UdIwQY
MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt
OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz
LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcfHqGMdT
H2VsBkagcGYyuIh8Wp6OI1x2U2WjMcFInr/kD7c9dtaTF8KFw/LIDgDjPeatPKpZ
ekQGdAIgZM8sHz4zc+N6/XkgeVWbeP6XOHo0EF066vv+wqo4JCchNh+5RY6O/8tN
ModnFDIxIpOpgjLfAMislLjV7t5KR6ozc7AfCsZSkDJ5vw54x4ulpwOnR4jqh4Nc
escY/RaCvUFNlxetMMjGe+DOxQnd54l6b+Hlg8+B+qohfRePLBoZSnLeMXyJ4M7P
RW9CKJNdX3dA9TC8Z/g82SVcDMI83IF/xGZMNCXC4u7V02aiDiQtfg3C3W6rqfRV
h7tNlLRtnlSa5w==
-----END CERTIFICATE-----