Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
File:                     USzy1zi8akeL64yogkEB_w_IGmE.mft (raw, json)
Hash identifier:          P5aLNXLoEfb3hQ4gg5+gzInX5dQ0ZToqe6liCZ4zM0s=
Subject key identifier:   45:AF:DE:60:8A:F1:A6:C2:89:B6:D8:EA:8B:18:07:1D:10:C6:E1:8D
Authority key identifier: 51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61
Certificate issuer:       /CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
Certificate serial:       01984A0A0D2AFDB18EA86B1DEA356FB7B4FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
Manifest number:          03E3
Signing time:             Sun 27 Jul 2025 04:00:29 +0000
Manifest this update:     Sun 27 Jul 2025 04:00:29 +0000
Manifest next update:     Mon 28 Jul 2025 04:00:29 +0000
Files and hashes:         1: USzy1zi8akeL64yogkEB_w_IGmE.crl (hash: v8NWBCLr4g1ojMCks+SKRvNN5wmWrtnmxzUHR8w9PYM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:0a:0d:2a:fd:b1:8e:a8:6b:1d:ea:35:6f:b7:b4:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
        Validity
            Not Before: Jul 27 04:00:29 2025 GMT
            Not After : Jul 28 04:00:29 2025 GMT
        Subject: CN=45afde608af1a6c289b6d8ea8b18071d10c6e18d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e3:a4:01:b6:d6:d4:0c:14:a7:9b:60:fc:59:
                    3f:db:e7:00:67:96:c4:f4:0b:92:65:65:47:ae:ad:
                    3f:b2:eb:f2:2e:0d:0f:07:9f:5b:35:c7:c3:ac:53:
                    b0:ed:d1:33:7a:58:87:5d:75:46:a5:b3:37:58:60:
                    d9:8a:b1:aa:66:53:a6:d7:bb:56:dd:be:1f:47:c2:
                    b4:74:e9:cd:77:9f:56:ed:f5:25:94:4d:de:57:8d:
                    3a:6c:88:36:28:f0:40:cc:24:f5:9b:20:86:36:3f:
                    ff:4c:53:d0:32:b1:df:90:c5:e4:5e:f2:00:08:7d:
                    0f:45:68:ac:67:47:98:70:19:ab:9c:38:2f:d2:63:
                    25:a1:00:81:4d:1b:05:0c:a8:56:06:2f:85:39:09:
                    96:d7:b2:5d:f5:3e:90:08:1a:13:91:ad:0c:b3:42:
                    f5:c5:4d:94:a6:0b:bf:89:75:6a:2b:31:0a:1c:29:
                    bf:c5:a9:a2:bd:ff:7a:3a:61:aa:c1:6a:ad:e5:37:
                    59:68:de:c5:69:7c:59:3b:2c:8c:c4:a6:26:69:e1:
                    4d:ea:5a:fa:d5:d6:2d:d8:a8:47:d6:48:c0:5c:65:
                    45:36:84:21:1c:d2:2c:f0:3b:89:07:51:62:8c:aa:
                    b3:4b:d9:d5:88:60:92:6f:f7:a6:bb:30:c4:54:e3:
                    a8:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:AF:DE:60:8A:F1:A6:C2:89:B6:D8:EA:8B:18:07:1D:10:C6:E1:8D
            X509v3 Authority Key Identifier:
                keyid:51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:ae:4f:9f:1a:43:ad:01:6e:05:27:92:0c:b3:4e:dd:66:30:
         63:6c:55:0f:51:f4:c0:ae:9e:c9:5d:4d:b4:e5:88:07:37:75:
         f6:b6:02:8a:da:75:e4:64:86:c7:3d:49:fe:f7:24:20:d4:b3:
         0a:0c:b4:58:d8:0b:12:8f:38:8d:d2:df:f9:7f:e6:9e:77:47:
         75:3d:fb:b5:61:bf:42:a1:be:03:59:66:cf:67:3d:7e:ba:d3:
         d2:94:d7:20:43:f6:85:2a:76:75:c7:74:09:aa:9e:1c:48:eb:
         90:c4:f7:4b:48:d8:20:da:9b:9a:6b:38:de:9b:6a:6c:41:d3:
         f0:92:81:2e:e5:22:f0:94:83:2b:1f:aa:6e:b1:1b:8a:ec:f8:
         ea:e0:66:68:f0:e9:c4:bf:41:52:4c:9c:c1:3c:ed:93:5e:58:
         22:81:71:b9:84:1d:1e:8e:f7:fc:ea:7c:5b:e0:81:e1:d7:a2:
         3a:a2:41:84:fd:b8:54:ea:55:72:f9:13:c7:7b:ce:ca:d6:cf:
         82:6a:71:12:5c:c4:33:3b:d3:c8:d3:49:b5:cf:f9:99:a1:a0:
         ba:1b:fd:ed:98:be:47:28:93:92:e6:d8:7a:25:32:b4:9e:10:
         a3:44:99:5f:10:f1:55:46:ab:3b:d9:eb:1a:68:ee:16:8b:52:
         2d:15:ac:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKCg0q/bGOqGsd6jVvt7T9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMmNmMmQ3MzhiYzZhNDc4YmViOGNhODgyNDEwMWZmMGZj
ODFhNjEwHhcNMjUwNzI3MDQwMDI5WhcNMjUwNzI4MDQwMDI5WjAzMTEwLwYDVQQD
Eyg0NWFmZGU2MDhhZjFhNmMyODliNmQ4ZWE4YjE4MDcxZDEwYzZlMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+OkAbbW1AwUp5tg/Fk/2+cAZ5bE
9AuSZWVHrq0/suvyLg0PB59bNcfDrFOw7dEzeliHXXVGpbM3WGDZirGqZlOm17tW
3b4fR8K0dOnNd59W7fUllE3eV406bIg2KPBAzCT1myCGNj//TFPQMrHfkMXkXvIA
CH0PRWisZ0eYcBmrnDgv0mMloQCBTRsFDKhWBi+FOQmW17Jd9T6QCBoTka0Ms0L1
xU2Upgu/iXVqKzEKHCm/xamivf96OmGqwWqt5TdZaN7FaXxZOyyMxKYmaeFN6lr6
1dYt2KhH1kjAXGVFNoQhHNIs8DuJB1FijKqzS9nViGCSb/emuzDEVOOoGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWv3mCK8abCibbY6osYBx0QxuGNMB8GA1UdIwQY
MBaAFFEs8tc4vGpHi+uMqIJBAf8PyBphMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUt
NzAwMWJhZjc3NWYyLzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUtNzAwMWJhZjc3NWYy
LzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPq5PnxpD
rQFuBSeSDLNO3WYwY2xVD1H0wK6eyV1NtOWIBzd19rYCitp15GSGxz1J/vckINSz
Cgy0WNgLEo84jdLf+X/mnndHdT37tWG/QqG+A1lmz2c9frrT0pTXIEP2hSp2dcd0
CaqeHEjrkMT3S0jYINqbmms43ptqbEHT8JKBLuUi8JSDKx+qbrEbiuz46uBmaPDp
xL9BUkycwTztk15YIoFxuYQdHo73/Op8W+CB4deiOqJBhP24VOpVcvkTx3vOytbP
gmpxElzEMzvTyNNJtc/5maGguhv97Zi+RyiTkubYeiUytJ4Qo0SZXxDxVUarO9nr
GmjuFotSLRWsHw==
-----END CERTIFICATE-----