Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
File:                     USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json)
Hash identifier:          KPu3L1bruECfijs6RR3TS6Pg4bdKKKamMvJH3MUS0YA=
Subject key identifier:   FC:81:F0:81:AD:FB:93:27:74:58:AD:A7:38:D8:A6:BF:19:6D:A0:43
Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47
Certificate issuer:       /CN=5121996654a0bb4f00858c402a820bb64be09547
Certificate serial:       01975045D851F2DFB1BA3901B9588109DCD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
Manifest number:          07FF
Signing time:             Sun 08 Jun 2025 16:00:43 +0000
Manifest this update:     Sun 08 Jun 2025 16:00:43 +0000
Manifest next update:     Mon 09 Jun 2025 16:00:43 +0000
Files and hashes:         1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: tDmDjIsBu0VAhzw4i2FPPcy0ttUsc4fO2Xq9OyQ0C7s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 11:44:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:45:d8:51:f2:df:b1:ba:39:01:b9:58:81:09:dc:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547
        Validity
            Not Before: Jun  8 16:00:43 2025 GMT
            Not After : Jun  9 16:00:43 2025 GMT
        Subject: CN=fc81f081adfb93277458ada738d8a6bf196da043
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:4d:fa:3b:23:00:30:20:71:38:28:8b:33:a3:
                    3a:09:ed:15:47:05:81:b4:ab:62:3c:59:b2:55:ad:
                    5f:b1:91:82:de:de:ca:14:1e:39:9a:13:c3:ae:40:
                    2c:13:64:b1:f1:d2:22:99:93:ac:4a:53:4d:2f:43:
                    34:2a:07:3a:ee:cb:af:8f:c2:33:1f:60:5b:13:23:
                    a5:ac:c0:e0:fc:5f:16:13:c8:f2:1d:e1:d4:01:38:
                    8a:eb:30:1e:59:0e:07:42:89:43:e7:53:32:39:38:
                    31:c2:d4:19:2a:01:fa:1a:1f:26:6e:66:b4:ed:9f:
                    47:2e:7b:34:54:be:37:30:fb:c5:60:b9:6c:82:83:
                    a7:2b:22:fc:ff:38:65:11:5c:03:59:c0:55:3f:28:
                    e7:e1:ff:af:b3:f2:7c:85:af:58:48:d6:f2:62:04:
                    4a:02:68:b0:f3:c7:7e:e8:82:b7:a8:e7:59:5b:fe:
                    8c:cb:48:3b:f5:6d:8b:e9:42:a1:e7:01:50:cd:9b:
                    b3:78:62:17:39:25:49:c9:ef:8f:db:3a:f9:1a:63:
                    2c:33:4a:43:b0:eb:1e:d8:99:ab:b3:4a:12:5d:48:
                    5f:6f:76:3e:a3:e6:73:40:84:2b:42:26:27:60:80:
                    1b:76:1f:90:fa:6c:82:60:03:e7:99:20:fd:bc:eb:
                    e0:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:81:F0:81:AD:FB:93:27:74:58:AD:A7:38:D8:A6:BF:19:6D:A0:43
            X509v3 Authority Key Identifier:
                keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:8d:6d:22:ab:a8:6a:53:02:ea:32:00:f0:fa:80:12:7a:9a:
         11:2b:e1:ba:8c:e8:c7:5a:44:c5:8e:2e:58:7f:c2:3c:b6:26:
         94:95:2c:b3:a1:50:85:0c:97:17:d1:c9:42:26:04:d1:da:61:
         98:a2:74:78:15:88:ce:b0:35:f0:b4:8b:cb:22:d9:fc:a0:1c:
         f5:9a:7d:0f:da:67:76:2a:2b:eb:32:64:ce:da:4f:69:57:a7:
         de:dd:1d:5b:b5:08:89:a5:57:7e:8e:79:45:16:63:79:bc:3a:
         67:df:0d:51:2d:b7:46:ad:bf:8c:3d:90:d7:82:4a:4e:30:90:
         e5:85:bd:d0:0e:c0:fd:34:86:41:b5:79:1d:ae:15:66:f6:65:
         7e:8a:aa:74:c2:2a:ed:a8:7b:42:01:5c:25:6b:20:eb:1c:51:
         07:0e:11:dc:85:de:b3:ec:fd:5d:dc:b2:07:7a:65:42:d5:88:
         61:da:40:af:27:cf:dd:23:ff:98:ad:3c:9a:6f:82:cc:f9:ec:
         61:bf:10:61:83:a1:39:66:e5:87:64:5f:32:99:98:0b:ca:da:
         19:5d:72:ec:23:7f:e2:e7:5b:3c:19:56:3a:43:21:1a:b0:30:
         b5:3e:e0:96:5f:6d:8f:67:fe:40:12:f5:a8:46:b3:ed:15:59:
         b0:ca:80:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRdhR8t+xujkBuViBCdzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl
MDk1NDcwHhcNMjUwNjA4MTYwMDQzWhcNMjUwNjA5MTYwMDQzWjAzMTEwLwYDVQQD
EyhmYzgxZjA4MWFkZmI5MzI3NzQ1OGFkYTczOGQ4YTZiZjE5NmRhMDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs036OyMAMCBxOCiLM6M6Ce0VRwWB
tKtiPFmyVa1fsZGC3t7KFB45mhPDrkAsE2Sx8dIimZOsSlNNL0M0Kgc67suvj8Iz
H2BbEyOlrMDg/F8WE8jyHeHUATiK6zAeWQ4HQolD51MyOTgxwtQZKgH6Gh8mbma0
7Z9HLns0VL43MPvFYLlsgoOnKyL8/zhlEVwDWcBVPyjn4f+vs/J8ha9YSNbyYgRK
Amiw88d+6IK3qOdZW/6My0g79W2L6UKh5wFQzZuzeGIXOSVJye+P2zr5GmMsM0pD
sOse2Jmrs0oSXUhfb3Y+o+ZzQIQrQiYnYIAbdh+Q+myCYAPnmSD9vOvgpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPyB8IGt+5MndFitpzjYpr8ZbaBDMB8GA1UdIwQY
MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt
OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz
LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOI1tIquo
alMC6jIA8PqAEnqaESvhuozox1pExY4uWH/CPLYmlJUss6FQhQyXF9HJQiYE0dph
mKJ0eBWIzrA18LSLyyLZ/KAc9Zp9D9pndior6zJkztpPaVen3t0dW7UIiaVXfo55
RRZjebw6Z98NUS23Rq2/jD2Q14JKTjCQ5YW90A7A/TSGQbV5Ha4VZvZlfoqqdMIq
7ah7QgFcJWsg6xxRBw4R3IXes+z9XdyyB3plQtWIYdpAryfP3SP/mK08mm+CzPns
Yb8QYYOhOWblh2RfMpmYC8raGV1y7CN/4udbPBlWOkMhGrAwtT7gll9tj2f+QBL1
qEaz7RVZsMqAdw==
-----END CERTIFICATE-----