Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
File:                     USd7w4wS4ELt31bX519QVjxL0ic.mft (raw, json)
Hash identifier:          n8RBrYCv2q62FUeNugU6PkWK29E3FRYqF6coaizykrI=
Subject key identifier:   EE:86:F5:19:5D:5F:1E:11:C3:A2:53:46:96:FB:F9:15:DE:A5:59:5E
Authority key identifier: 51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27
Certificate issuer:       /CN=51277bc38c12e042eddf56d7e75f50563c4bd227
Certificate serial:       0199FBEC214FACEBAB5172DB6A9FF938AEEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:03:00 +0000
Manifest this update:     Sun 19 Oct 2025 10:03:00 +0000
Manifest next update:     Mon 20 Oct 2025 10:03:00 +0000
Files and hashes:         1: USd7w4wS4ELt31bX519QVjxL0ic.crl (hash: lZRp27QRhurmu8M1GnnBqc17xadZywyoI626PaYIKvo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:03:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:21:4f:ac:eb:ab:51:72:db:6a:9f:f9:38:ae:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51277bc38c12e042eddf56d7e75f50563c4bd227
        Validity
            Not Before: Oct 19 10:03:00 2025 GMT
            Not After : Oct 20 10:03:00 2025 GMT
        Subject: CN=ee86f5195d5f1e11c3a2534696fbf915dea5595e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:3b:d6:54:c7:a3:96:f8:47:22:41:54:10:a1:
                    73:a1:ec:35:dc:49:52:19:2d:df:4c:1c:d7:96:8c:
                    62:5e:cb:fb:b7:05:fe:43:d2:2a:17:53:b7:e7:ae:
                    81:c4:ee:23:9e:74:7f:0c:5f:82:3f:af:b5:54:91:
                    f9:9b:95:f8:86:8e:14:74:4a:a4:78:cf:ef:bb:bc:
                    c5:6b:d5:4a:a5:f9:37:db:d1:5f:62:b5:e7:64:00:
                    bf:e4:ee:c7:6e:82:ce:3f:53:3b:25:93:09:04:17:
                    80:89:ac:22:6c:4c:f8:ba:73:c9:62:46:7c:4e:34:
                    65:85:ff:8f:6f:7c:69:74:1e:4a:01:22:da:94:e6:
                    b5:1c:6e:5b:09:cc:8a:46:1c:d9:74:a9:40:80:f1:
                    82:2a:b8:71:74:27:fd:db:b5:91:66:c3:9c:18:d3:
                    c7:24:6e:6b:8f:f0:7d:ff:6b:ea:65:52:1d:31:0c:
                    a5:68:ca:5d:b9:09:5d:80:9c:a5:c6:43:fa:29:54:
                    30:d1:2c:7c:8f:a1:7f:da:4c:7d:1e:61:54:e2:cf:
                    05:64:da:f7:33:d9:30:88:18:7f:e3:84:e4:08:c3:
                    dd:cf:d2:01:a8:b6:c1:aa:87:06:a5:18:06:89:be:
                    cd:b6:20:f1:f9:10:f7:3e:79:a9:4f:c6:78:a7:b7:
                    9a:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:86:F5:19:5D:5F:1E:11:C3:A2:53:46:96:FB:F9:15:DE:A5:59:5E
            X509v3 Authority Key Identifier:
                keyid:51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:68:0c:b2:9d:97:0a:92:dd:f6:df:74:f8:81:56:a5:2f:ec:
         3a:f5:45:c4:f8:b6:dc:10:8e:39:04:83:7c:99:38:b6:a6:37:
         7b:17:0d:c5:85:db:ee:a3:1c:4f:aa:c2:28:39:13:64:91:28:
         a9:2f:93:cf:50:1b:20:d9:a0:65:99:05:47:05:07:d1:88:27:
         c2:1a:83:3d:3d:cf:a7:e6:2f:28:4f:8f:a6:dc:49:d0:8a:51:
         e0:79:50:1a:1b:66:73:c7:c3:2c:07:90:af:5e:5e:37:cf:07:
         53:2a:a4:03:ad:f4:98:b4:03:b7:b8:8c:db:76:e7:c9:ab:93:
         16:12:38:cc:80:ff:c5:0b:9a:56:00:fe:f7:40:2e:ed:7d:67:
         85:73:4d:55:de:fc:84:be:98:03:94:69:f4:cc:77:64:19:c6:
         6d:cc:f7:1b:a7:dd:fa:93:0f:96:a6:4c:a9:3c:d2:8b:d3:6e:
         39:b9:21:71:a7:ef:15:92:e8:6e:39:0a:49:32:48:4b:a3:34:
         ed:d9:8b:8a:c0:e1:fd:aa:bb:a5:b1:d3:8d:f8:59:1a:f9:a0:
         9a:8a:32:64:af:c9:0f:9a:36:4e:29:1e:d2:d2:15:bf:5d:c7:
         73:64:d2:55:8b:03:a5:c7:26:1f:61:8e:aa:de:b9:6d:b8:91:
         4c:b4:ee:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77CFPrOurUXLbap/5OK7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjc3YmMzOGMxMmUwNDJlZGRmNTZkN2U3NWY1MDU2M2M0
YmQyMjcwHhcNMjUxMDE5MTAwMzAwWhcNMjUxMDIwMTAwMzAwWjAzMTEwLwYDVQQD
EyhlZTg2ZjUxOTVkNWYxZTExYzNhMjUzNDY5NmZiZjkxNWRlYTU1OTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzvWVMejlvhHIkFUEKFzoew13ElS
GS3fTBzXloxiXsv7twX+Q9IqF1O3566BxO4jnnR/DF+CP6+1VJH5m5X4ho4UdEqk
eM/vu7zFa9VKpfk329FfYrXnZAC/5O7HboLOP1M7JZMJBBeAiawibEz4unPJYkZ8
TjRlhf+Pb3xpdB5KASLalOa1HG5bCcyKRhzZdKlAgPGCKrhxdCf927WRZsOcGNPH
JG5rj/B9/2vqZVIdMQylaMpduQldgJylxkP6KVQw0Sx8j6F/2kx9HmFU4s8FZNr3
M9kwiBh/44TkCMPdz9IBqLbBqocGpRgGib7NtiDx+RD3PnmpT8Z4p7eavwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO6G9RldXx4Rw6JTRpb7+RXepVleMB8GA1UdIwQY
MBaAFFEne8OMEuBC7d9W1+dfUFY8S9InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjkt
NTJjMTk3NThmYTE1LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjktNTJjMTk3NThmYTE1
LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXmgMsp2X
CpLd9t90+IFWpS/sOvVFxPi23BCOOQSDfJk4tqY3excNxYXb7qMcT6rCKDkTZJEo
qS+Tz1AbINmgZZkFRwUH0YgnwhqDPT3Pp+YvKE+PptxJ0IpR4HlQGhtmc8fDLAeQ
r15eN88HUyqkA630mLQDt7iM23bnyauTFhI4zID/xQuaVgD+90Au7X1nhXNNVd78
hL6YA5Rp9Mx3ZBnGbcz3G6fd+pMPlqZMqTzSi9NuObkhcafvFZLobjkKSTJIS6M0
7dmLisDh/aq7pbHTjfhZGvmgmooyZK/JD5o2Tike0tIVv13Hc2TSVYsDpccmH2GO
qt65bbiRTLTulw==
-----END CERTIFICATE-----