Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
File:                     USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json)
Hash identifier:          XoEUam3f09SrKfv710Jxl3MJYnZUnCCz/2jlTFsTvzQ=
Subject key identifier:   28:62:A9:A4:D7:D3:86:2A:5C:3A:35:01:51:5B:6B:3D:5A:5E:1B:61
Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47
Certificate issuer:       /CN=5121996654a0bb4f00858c402a820bb64be09547
Certificate serial:       0199FDDA266001E03BCEBC38CAA4954E7249
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
Manifest number:          0962
Signing time:             Sun 19 Oct 2025 19:02:36 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:36 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:36 +0000
Files and hashes:         1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: EQq/4IGZ7Vh/9tgkVBxfPYdroutqZtyZ1TOD/KEiBhk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:da:26:60:01:e0:3b:ce:bc:38:ca:a4:95:4e:72:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547
        Validity
            Not Before: Oct 19 19:02:36 2025 GMT
            Not After : Oct 20 19:02:36 2025 GMT
        Subject: CN=2862a9a4d7d3862a5c3a3501515b6b3d5a5e1b61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6f:88:6e:af:6a:61:ae:a6:da:71:ae:9a:1a:
                    7a:ef:40:fc:7c:48:e3:a7:40:5c:e3:f4:57:e3:c9:
                    79:94:03:e5:2d:8b:5d:53:d4:72:67:e9:16:34:77:
                    8d:9d:d4:8c:45:05:b9:7c:6c:8d:c3:54:ce:65:fc:
                    42:a4:55:49:d9:12:5d:63:36:93:65:dc:96:aa:d0:
                    ff:0d:50:ae:f8:07:2f:1d:53:7d:28:73:c5:e7:04:
                    e7:f4:55:06:81:3d:73:34:d1:d9:ff:7d:3d:d8:d9:
                    ff:7e:08:60:b0:31:c0:64:33:ae:2c:df:d7:d4:95:
                    f4:2c:f1:7e:ab:f6:98:3a:18:e5:ed:d5:96:18:d4:
                    25:28:a4:f3:4e:21:52:c3:7d:df:f5:6f:70:06:dd:
                    fb:c3:e4:f7:31:84:b2:95:b1:e9:84:d5:37:d6:97:
                    25:1d:79:08:44:f4:04:65:8c:05:f6:41:44:61:b1:
                    c5:65:4f:b3:a2:58:f2:d4:4d:ce:ed:ab:19:a8:72:
                    69:cd:cb:49:c0:66:66:84:65:20:c3:d0:18:d4:a1:
                    3a:ba:1d:10:1a:d7:89:98:20:79:2a:e0:35:9f:ef:
                    11:6d:50:e2:3c:a9:6a:a8:e6:57:a1:b5:b7:d3:ee:
                    d5:68:f9:93:ae:ce:ae:ba:29:5b:ee:51:c1:40:ae:
                    ad:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:62:A9:A4:D7:D3:86:2A:5C:3A:35:01:51:5B:6B:3D:5A:5E:1B:61
            X509v3 Authority Key Identifier:
                keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:05:4b:d2:01:82:bd:6e:50:57:36:82:f2:93:af:cf:1c:98:
         a0:b1:3b:30:a6:a9:e9:1e:fc:02:e0:d9:6c:36:2c:b8:3f:cf:
         04:5b:d1:10:52:cc:ca:10:83:ef:db:13:c2:23:01:fe:ce:3d:
         f9:a0:05:a9:0a:81:e7:b4:19:f0:7b:d5:7e:e2:18:b5:99:bc:
         7b:77:72:e9:2f:fe:00:f4:95:62:01:aa:6a:85:d9:38:18:88:
         87:11:8e:90:9f:43:10:53:76:0b:b7:1b:b0:cc:e9:ff:d7:aa:
         43:7a:fa:65:2c:15:36:19:8b:21:9a:95:ec:36:ee:89:b7:06:
         db:bc:79:12:c6:37:ff:e1:89:39:25:51:12:35:2c:25:c9:e1:
         46:d9:ba:8c:ad:ea:5a:47:b3:79:77:24:d8:36:14:c7:79:be:
         f9:18:24:53:d1:98:8b:1c:bf:43:8d:83:e3:25:47:14:18:bb:
         94:ef:72:d3:ee:67:92:87:74:e9:67:3f:d9:60:20:dc:2d:28:
         de:ee:37:db:a8:9d:45:de:9c:50:26:12:e9:a6:59:ce:85:d5:
         dd:90:d6:9d:d5:f1:42:68:22:a1:fb:6a:93:c2:1b:31:81:6e:
         a6:3a:ee:ab:a4:01:40:56:9a:13:23:ca:6d:d0:57:06:d7:23:
         17:6a:3e:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92iZgAeA7zrw4yqSVTnJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl
MDk1NDcwHhcNMjUxMDE5MTkwMjM2WhcNMjUxMDIwMTkwMjM2WjAzMTEwLwYDVQQD
EygyODYyYTlhNGQ3ZDM4NjJhNWMzYTM1MDE1MTViNmIzZDVhNWUxYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW+Ibq9qYa6m2nGumhp670D8fEjj
p0Bc4/RX48l5lAPlLYtdU9RyZ+kWNHeNndSMRQW5fGyNw1TOZfxCpFVJ2RJdYzaT
ZdyWqtD/DVCu+AcvHVN9KHPF5wTn9FUGgT1zNNHZ/3092Nn/fghgsDHAZDOuLN/X
1JX0LPF+q/aYOhjl7dWWGNQlKKTzTiFSw33f9W9wBt37w+T3MYSylbHphNU31pcl
HXkIRPQEZYwF9kFEYbHFZU+zoljy1E3O7asZqHJpzctJwGZmhGUgw9AY1KE6uh0Q
GteJmCB5KuA1n+8RbVDiPKlqqOZXobW30+7VaPmTrs6uuilb7lHBQK6tgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChiqaTX04YqXDo1AVFbaz1aXhthMB8GA1UdIwQY
MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt
OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz
LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACgVL0gGC
vW5QVzaC8pOvzxyYoLE7MKap6R78AuDZbDYsuD/PBFvREFLMyhCD79sTwiMB/s49
+aAFqQqB57QZ8HvVfuIYtZm8e3dy6S/+APSVYgGqaoXZOBiIhxGOkJ9DEFN2C7cb
sMzp/9eqQ3r6ZSwVNhmLIZqV7DbuibcG27x5EsY3/+GJOSVREjUsJcnhRtm6jK3q
WkezeXck2DYUx3m++RgkU9GYixy/Q42D4yVHFBi7lO9y0+5nkod06Wc/2WAg3C0o
3u4326idRd6cUCYS6aZZzoXV3ZDWndXxQmgioftqk8IbMYFupjruq6QBQFaaEyPK
bdBXBtcjF2o+1g==
-----END CERTIFICATE-----