Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
File:                     USd7w4wS4ELt31bX519QVjxL0ic.mft (raw, json)
Hash identifier:          KvtNBMrq+fHRm6SuaBZWRdQUw0t0PYoedYjUpLwQlKM=
Subject key identifier:   94:7B:3B:5B:8C:53:5F:66:9E:F5:3A:B8:6A:89:05:89:78:30:AF:C4
Authority key identifier: 51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27
Certificate issuer:       /CN=51277bc38c12e042eddf56d7e75f50563c4bd227
Certificate serial:       0196D69BBAE991849AFDF22F417747CD0486
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
Manifest number:          153D
Signing time:             Fri 16 May 2025 01:00:52 +0000
Manifest this update:     Fri 16 May 2025 01:00:52 +0000
Manifest next update:     Sat 17 May 2025 01:00:52 +0000
Files and hashes:         1: USd7w4wS4ELt31bX519QVjxL0ic.crl (hash: AqPx7rAz3vLwDzvR3ETDXgDv3bt91ldSw50GEr40hxs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 16 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d6:9b:ba:e9:91:84:9a:fd:f2:2f:41:77:47:cd:04:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51277bc38c12e042eddf56d7e75f50563c4bd227
        Validity
            Not Before: May 16 01:00:52 2025 GMT
            Not After : May 17 01:00:52 2025 GMT
        Subject: CN=947b3b5b8c535f669ef53ab86a8905897830afc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:96:07:f9:3b:64:54:7b:ff:3b:f7:0c:b5:f2:
                    e4:60:27:5c:93:0f:2c:dc:e6:94:92:0f:d3:09:b2:
                    99:5a:a3:c2:8e:c8:6a:aa:fd:3f:96:8d:b2:1d:00:
                    b5:16:38:53:ef:fa:2b:03:56:0e:f5:75:bc:71:29:
                    0d:66:22:13:5e:ae:7f:3f:3a:86:f7:aa:fd:4f:5e:
                    1c:ef:25:06:2e:2c:a5:3a:0d:4e:69:50:d8:11:25:
                    6e:e6:53:b0:38:ad:37:7f:ca:2b:b3:4c:1a:7a:34:
                    4b:0b:f9:03:13:c4:3d:09:e7:08:c6:ac:7e:57:5c:
                    85:fc:ea:cb:cf:c3:4a:10:98:52:70:a6:17:f3:40:
                    f5:d6:76:83:6e:2c:b7:41:85:41:59:ca:ab:ab:65:
                    40:93:aa:32:27:7a:32:12:cc:8c:75:93:bc:e9:60:
                    4e:cd:7d:ea:cb:27:c8:11:c5:00:0b:6a:0a:3d:cf:
                    fd:28:e8:d7:4c:b4:f4:c2:1f:ff:61:f9:e8:3b:c9:
                    cc:0c:b8:4c:d1:dd:38:87:29:d4:48:0c:68:da:77:
                    b4:21:28:31:93:6c:b2:60:c5:e9:e0:8c:cc:16:0f:
                    ae:e1:af:73:f8:03:f7:91:77:5c:c8:e7:48:7e:8b:
                    6b:8b:a4:90:58:ba:62:bb:79:97:95:80:2c:9e:b9:
                    6f:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:7B:3B:5B:8C:53:5F:66:9E:F5:3A:B8:6A:89:05:89:78:30:AF:C4
            X509v3 Authority Key Identifier:
                keyid:51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:78:6e:7a:ab:5c:54:f4:5d:b2:31:a0:91:8d:21:7d:c7:71:
         0b:31:63:4f:0b:a4:52:f1:05:83:a6:97:7c:38:64:4e:9f:fe:
         a7:bf:73:c5:b0:13:da:9c:50:67:f0:e0:60:f4:c8:d5:b6:a8:
         f6:80:a3:42:fb:77:bc:68:2f:e2:06:13:6b:86:16:ba:c9:51:
         d2:c6:2d:5d:02:6f:37:d8:79:4d:2e:54:07:cf:e9:d6:00:1f:
         ab:dd:99:7b:5f:15:15:a6:10:8a:b4:7a:77:7d:c5:0b:56:69:
         bb:6b:e2:e5:a5:20:16:6e:16:c1:d2:2e:04:e4:b2:76:ba:89:
         92:6d:52:db:69:09:6c:ae:9e:93:6a:5e:b3:40:3a:00:73:49:
         fa:8d:3b:d6:4a:44:75:6d:67:15:4d:e9:c9:a7:82:eb:8e:93:
         11:20:f2:e8:0c:1a:eb:65:70:64:dd:94:9b:50:f9:31:b3:c3:
         9b:31:bc:38:38:d7:1d:57:a8:c3:b6:45:f5:5b:fa:a8:1c:54:
         c2:1b:cf:de:74:07:06:35:4a:d4:16:4d:81:c1:d5:65:65:69:
         d7:41:86:cb:90:b0:46:ed:bb:6a:c8:dc:58:1a:72:01:86:41:
         68:0f:f2:c3:64:66:bd:84:ef:c6:b7:ec:0c:89:a4:19:dc:d4:
         df:2a:33:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbWm7rpkYSa/fIvQXdHzQSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjc3YmMzOGMxMmUwNDJlZGRmNTZkN2U3NWY1MDU2M2M0
YmQyMjcwHhcNMjUwNTE2MDEwMDUyWhcNMjUwNTE3MDEwMDUyWjAzMTEwLwYDVQQD
Eyg5NDdiM2I1YjhjNTM1ZjY2OWVmNTNhYjg2YTg5MDU4OTc4MzBhZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZYH+TtkVHv/O/cMtfLkYCdckw8s
3OaUkg/TCbKZWqPCjshqqv0/lo2yHQC1FjhT7/orA1YO9XW8cSkNZiITXq5/PzqG
96r9T14c7yUGLiylOg1OaVDYESVu5lOwOK03f8ors0waejRLC/kDE8Q9CecIxqx+
V1yF/OrLz8NKEJhScKYX80D11naDbiy3QYVBWcqrq2VAk6oyJ3oyEsyMdZO86WBO
zX3qyyfIEcUAC2oKPc/9KOjXTLT0wh//YfnoO8nMDLhM0d04hynUSAxo2ne0ISgx
k2yyYMXp4IzMFg+u4a9z+AP3kXdcyOdIfotri6SQWLpiu3mXlYAsnrlvuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJR7O1uMU19mnvU6uGqJBYl4MK/EMB8GA1UdIwQY
MBaAFFEne8OMEuBC7d9W1+dfUFY8S9InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjkt
NTJjMTk3NThmYTE1LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjktNTJjMTk3NThmYTE1
LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHHhueqtc
VPRdsjGgkY0hfcdxCzFjTwukUvEFg6aXfDhkTp/+p79zxbAT2pxQZ/DgYPTI1bao
9oCjQvt3vGgv4gYTa4YWuslR0sYtXQJvN9h5TS5UB8/p1gAfq92Ze18VFaYQirR6
d33FC1Zpu2vi5aUgFm4WwdIuBOSydrqJkm1S22kJbK6ek2pes0A6AHNJ+o071kpE
dW1nFU3pyaeC646TESDy6Awa62VwZN2Um1D5MbPDmzG8ODjXHVeow7ZF9Vv6qBxU
whvP3nQHBjVK1BZNgcHVZWVp10GGy5CwRu27asjcWBpyAYZBaA/yw2RmvYTvxrfs
DImkGdzU3yozRA==
-----END CERTIFICATE-----