Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
File:                     USzy1zi8akeL64yogkEB_w_IGmE.mft (raw, json)
Hash identifier:          dVZB4RUWAJNjDC4LdSxnOVPNpzaJBF4kQ7lgGO+OGv0=
Subject key identifier:   B2:D6:C0:DD:D2:10:D2:11:B8:CA:5D:A8:3A:CE:EF:2E:C4:B4:D0:02
Authority key identifier: 51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61
Certificate issuer:       /CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
Certificate serial:       019A725CF39473280FF6326155669438A6EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
Manifest number:          0501
Signing time:             Tue 11 Nov 2025 10:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:25 +0000
Files and hashes:         1: USzy1zi8akeL64yogkEB_w_IGmE.crl (hash: NJ5axRyLpWQ6QfMb1ZxZyMYdLYLAkMXOf9b1VS6avYE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:f3:94:73:28:0f:f6:32:61:55:66:94:38:a6:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
        Validity
            Not Before: Nov 11 10:01:25 2025 GMT
            Not After : Nov 12 10:01:25 2025 GMT
        Subject: CN=b2d6c0ddd210d211b8ca5da83aceef2ec4b4d002
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e0:94:5a:50:fb:c7:5f:c8:1c:5c:84:70:73:
                    14:c4:bb:b3:d8:00:a9:92:f0:79:cb:17:83:65:5c:
                    3d:b6:02:3b:49:53:f3:fb:6a:20:e8:3e:2c:38:74:
                    15:77:ee:7b:8c:62:d3:e3:9d:c8:d1:37:f7:c9:75:
                    28:5c:6c:de:7b:b7:c5:ff:1a:8a:a2:c5:ad:e0:52:
                    3b:e6:8b:44:a8:53:b4:1a:9b:a0:5e:ad:2d:c9:97:
                    2e:80:c3:55:71:18:ae:84:4c:8d:1f:9e:7c:b3:39:
                    04:bc:50:e8:6a:36:4f:d4:6c:b7:84:5c:e4:a3:d8:
                    19:25:b4:4b:da:e3:52:3c:45:cb:4d:b1:3c:3d:ee:
                    43:0a:ee:41:7a:f8:a3:4e:88:4f:21:d3:08:9f:24:
                    e7:40:a9:0a:41:03:dd:43:99:5d:f1:d9:4d:2c:5e:
                    9e:0b:cc:9c:6b:62:cf:f2:8b:63:e4:ea:23:87:ad:
                    60:0b:0d:83:74:2b:79:56:60:e1:00:8e:4b:e5:ee:
                    a9:4c:65:42:e0:08:b1:61:8a:a1:1b:96:86:e4:17:
                    fc:c3:67:5e:5f:4d:83:67:0a:65:54:e9:ad:75:09:
                    ab:c3:3b:72:d5:dd:54:f4:44:27:38:be:9a:dd:22:
                    a9:f6:23:f8:f7:b5:7e:71:f1:6f:ff:54:78:43:18:
                    6f:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:D6:C0:DD:D2:10:D2:11:B8:CA:5D:A8:3A:CE:EF:2E:C4:B4:D0:02
            X509v3 Authority Key Identifier:
                keyid:51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:c5:c6:92:3f:38:f8:98:05:f1:c2:42:a3:04:f3:28:69:40:
         7f:12:4a:4e:64:0f:21:70:64:c2:81:cc:b8:6d:a4:26:06:6d:
         d2:5f:ad:df:c8:51:5a:f8:46:1d:ed:a2:0b:08:5b:3e:20:39:
         4e:3b:c1:9e:0d:5c:c0:ee:96:d9:84:36:d2:81:34:1e:c4:c6:
         eb:0c:c5:da:3d:83:c7:1e:78:01:6d:4f:ac:73:e6:5f:a7:2f:
         e6:69:f4:f2:62:75:ca:57:21:d5:b1:a2:ad:13:e4:78:17:03:
         c4:d0:41:d2:7e:24:ca:3d:80:8a:33:25:6c:e1:b7:14:4e:4a:
         89:21:23:08:33:1f:74:c5:2e:dd:a3:83:3a:6f:58:60:e9:2f:
         31:74:35:8c:21:fb:49:37:53:69:2f:66:f1:8f:30:78:73:5b:
         88:6a:3a:b7:47:dd:f3:cc:ac:31:25:c5:8d:76:65:bc:38:5b:
         45:e3:32:c1:92:03:d7:88:00:94:d4:34:2c:1b:54:82:cf:60:
         f0:a8:9e:80:ee:36:95:da:83:89:60:ed:0a:1a:6c:88:1d:95:
         24:4f:b0:17:ca:88:8d:0e:7e:9e:bd:25:72:e3:1d:2c:20:46:
         15:a0:bd:4f:18:7c:34:27:b0:f5:ef:81:fd:a6:48:d1:ed:fc:
         19:16:e9:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXPOUcygP9jJhVWaUOKbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMmNmMmQ3MzhiYzZhNDc4YmViOGNhODgyNDEwMWZmMGZj
ODFhNjEwHhcNMjUxMTExMTAwMTI1WhcNMjUxMTEyMTAwMTI1WjAzMTEwLwYDVQQD
EyhiMmQ2YzBkZGQyMTBkMjExYjhjYTVkYTgzYWNlZWYyZWM0YjRkMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOCUWlD7x1/IHFyEcHMUxLuz2ACp
kvB5yxeDZVw9tgI7SVPz+2og6D4sOHQVd+57jGLT453I0Tf3yXUoXGzee7fF/xqK
osWt4FI75otEqFO0GpugXq0tyZcugMNVcRiuhEyNH558szkEvFDoajZP1Gy3hFzk
o9gZJbRL2uNSPEXLTbE8Pe5DCu5BevijTohPIdMInyTnQKkKQQPdQ5ld8dlNLF6e
C8yca2LP8otj5Oojh61gCw2DdCt5VmDhAI5L5e6pTGVC4AixYYqhG5aG5Bf8w2de
X02DZwplVOmtdQmrwzty1d1U9EQnOL6a3SKp9iP497V+cfFv/1R4Qxhv2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLLWwN3SENIRuMpdqDrO7y7EtNACMB8GA1UdIwQY
MBaAFFEs8tc4vGpHi+uMqIJBAf8PyBphMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUt
NzAwMWJhZjc3NWYyLzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUtNzAwMWJhZjc3NWYy
LzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFsXGkj84
+JgF8cJCowTzKGlAfxJKTmQPIXBkwoHMuG2kJgZt0l+t38hRWvhGHe2iCwhbPiA5
TjvBng1cwO6W2YQ20oE0HsTG6wzF2j2Dxx54AW1PrHPmX6cv5mn08mJ1ylch1bGi
rRPkeBcDxNBB0n4kyj2AijMlbOG3FE5KiSEjCDMfdMUu3aODOm9YYOkvMXQ1jCH7
STdTaS9m8Y8weHNbiGo6t0fd88ysMSXFjXZlvDhbReMywZID14gAlNQ0LBtUgs9g
8KiegO42ldqDiWDtChpsiB2VJE+wF8qIjQ5+nr0lcuMdLCBGFaC9Txh8NCew9e+B
/aZI0e38GRbpDA==
-----END CERTIFICATE-----