Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
File:                     USd7w4wS4ELt31bX519QVjxL0ic.mft (raw, json)
Hash identifier:          K7daldhwRFZttHgJBOP+esQ4J3bnkJ/D2vcMjJ/4x5I=
Subject key identifier:   64:24:02:1E:24:7E:A1:36:87:63:91:9B:36:63:DB:B4:01:26:32:29
Authority key identifier: 51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27
Certificate issuer:       /CN=51277bc38c12e042eddf56d7e75f50563c4bd227
Certificate serial:       0198D660BB5E89EA26319BCC5B360CCE1C64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 10:02:00 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:00 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:00 +0000
Files and hashes:         1: USd7w4wS4ELt31bX519QVjxL0ic.crl (hash: SersO1lnGMfKCTuXAWCQPkWvdY1SmnauJEpS4ilKObU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:02:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:bb:5e:89:ea:26:31:9b:cc:5b:36:0c:ce:1c:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51277bc38c12e042eddf56d7e75f50563c4bd227
        Validity
            Not Before: Aug 23 10:02:00 2025 GMT
            Not After : Aug 24 10:02:00 2025 GMT
        Subject: CN=6424021e247ea1368763919b3663dbb401263229
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a3:77:67:be:80:eb:29:8d:ae:14:ea:10:6a:
                    0b:7f:52:e2:12:ff:9d:1d:74:08:21:bb:fe:d1:16:
                    3b:8a:af:39:4b:85:05:c8:61:56:96:0f:d0:fc:f3:
                    97:41:d6:db:5f:14:57:80:6c:fe:9d:11:09:0d:a7:
                    df:86:5d:f0:32:6c:a2:39:f7:68:8f:d3:9e:f8:ff:
                    92:43:c8:0a:34:f2:a3:7b:10:9f:6f:01:d9:b9:25:
                    9b:c5:e3:1a:c4:5c:b6:6d:29:5b:ca:71:18:73:ab:
                    51:f7:00:2d:65:d7:71:ca:f4:07:f9:23:a3:2c:0e:
                    c8:99:27:b4:a4:34:be:9f:b2:0a:5f:8a:b1:4d:78:
                    5b:e6:05:be:d3:2e:37:83:08:cf:e1:82:57:b5:02:
                    62:ab:6d:7c:14:5a:55:8e:12:9d:8b:a9:46:dd:7e:
                    3e:f7:52:87:8f:ec:37:9e:e3:44:b5:dd:f1:ad:4d:
                    26:9f:90:b8:41:f3:c4:99:cf:bd:41:2d:ac:92:1e:
                    73:11:2f:6b:6d:20:03:f8:e3:1e:49:4b:e3:82:60:
                    37:fa:ce:09:57:35:e1:44:48:d1:5d:2f:ba:ec:9f:
                    08:6e:b6:85:e5:6b:67:1c:82:d6:9f:bd:8b:8f:e7:
                    c0:33:c5:1a:96:c8:e0:5b:0b:65:32:4c:2f:d6:41:
                    69:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:24:02:1E:24:7E:A1:36:87:63:91:9B:36:63:DB:B4:01:26:32:29
            X509v3 Authority Key Identifier:
                keyid:51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:4e:97:8a:a7:96:d8:99:2a:a2:96:ba:d1:fd:22:94:97:40:
         31:ec:9e:9f:31:f3:eb:54:83:4d:87:7d:f0:56:27:e0:2e:71:
         5f:86:4b:34:05:d8:4f:01:1c:9d:12:b1:86:8f:a2:4e:56:c6:
         5f:8d:36:2e:d0:2e:d2:11:38:48:a1:21:91:d6:dd:e5:28:99:
         0d:15:0b:61:ef:b1:dd:a7:15:fb:df:9c:fa:bf:a4:78:6d:84:
         1c:67:f1:de:ea:31:7e:9b:27:8b:0d:b3:5c:37:f0:da:c5:5b:
         d0:05:1d:bc:51:eb:f8:c5:bb:dc:08:10:d0:ea:33:df:c2:51:
         ea:de:38:74:83:dc:26:00:ba:64:4c:a8:75:db:f2:c5:30:59:
         9e:3f:9c:29:da:ec:c6:21:f4:5b:60:17:c1:09:c0:1f:72:64:
         09:aa:02:e6:50:e4:49:66:b7:ab:e4:d3:eb:13:87:0b:27:b6:
         24:af:86:86:fe:f6:0a:b2:2b:73:cc:68:5d:ea:12:cc:16:c4:
         eb:bc:0d:e6:49:0e:35:a7:ac:48:f2:6f:78:e9:60:4a:71:3f:
         10:e1:f0:4c:e4:af:7a:21:ac:e7:27:d4:d6:56:b5:16:03:dc:
         b0:f9:2b:09:6c:d8:63:10:4c:d1:e0:71:8a:8b:de:aa:a5:1b:
         75:e0:4a:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYLteieomMZvMWzYMzhxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjc3YmMzOGMxMmUwNDJlZGRmNTZkN2U3NWY1MDU2M2M0
YmQyMjcwHhcNMjUwODIzMTAwMjAwWhcNMjUwODI0MTAwMjAwWjAzMTEwLwYDVQQD
Eyg2NDI0MDIxZTI0N2VhMTM2ODc2MzkxOWIzNjYzZGJiNDAxMjYzMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqN3Z76A6ymNrhTqEGoLf1LiEv+d
HXQIIbv+0RY7iq85S4UFyGFWlg/Q/POXQdbbXxRXgGz+nREJDaffhl3wMmyiOfdo
j9Oe+P+SQ8gKNPKjexCfbwHZuSWbxeMaxFy2bSlbynEYc6tR9wAtZddxyvQH+SOj
LA7ImSe0pDS+n7IKX4qxTXhb5gW+0y43gwjP4YJXtQJiq218FFpVjhKdi6lG3X4+
91KHj+w3nuNEtd3xrU0mn5C4QfPEmc+9QS2skh5zES9rbSAD+OMeSUvjgmA3+s4J
VzXhREjRXS+67J8IbraF5WtnHILWn72Lj+fAM8UalsjgWwtlMkwv1kFpLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQkAh4kfqE2h2ORmzZj27QBJjIpMB8GA1UdIwQY
MBaAFFEne8OMEuBC7d9W1+dfUFY8S9InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjkt
NTJjMTk3NThmYTE1LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjktNTJjMTk3NThmYTE1
LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGk6XiqeW
2Jkqopa60f0ilJdAMeyenzHz61SDTYd98FYn4C5xX4ZLNAXYTwEcnRKxho+iTlbG
X402LtAu0hE4SKEhkdbd5SiZDRULYe+x3acV+9+c+r+keG2EHGfx3uoxfpsniw2z
XDfw2sVb0AUdvFHr+MW73AgQ0Ooz38JR6t44dIPcJgC6ZEyoddvyxTBZnj+cKdrs
xiH0W2AXwQnAH3JkCaoC5lDkSWa3q+TT6xOHCye2JK+Ghv72CrIrc8xoXeoSzBbE
67wN5kkONaesSPJveOlgSnE/EOHwTOSveiGs5yfU1la1FgPcsPkrCWzYYxBM0eBx
ioveqqUbdeBKbw==
-----END CERTIFICATE-----