Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
File:                     USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json)
Hash identifier:          z9FZSr9a9YD9KndcOQn0ysAUUrRrr2jqHnjCgiwmlhg=
Subject key identifier:   7D:BB:3E:F1:34:8C:85:51:AD:E7:90:A8:32:BA:C6:05:8B:8B:F9:ED
Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47
Certificate issuer:       /CN=5121996654a0bb4f00858c402a820bb64be09547
Certificate serial:       019A71B8A9CCCA0B8A199AB6BD4CECD802E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
Manifest number:          099E
Signing time:             Tue 11 Nov 2025 07:01:58 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:58 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:58 +0000
Files and hashes:         1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: Of0hp48Rv9i47P7OJ1YhnI0giVk5cmSjEjM6xIaLz5Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:a9:cc:ca:0b:8a:19:9a:b6:bd:4c:ec:d8:02:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547
        Validity
            Not Before: Nov 11 07:01:58 2025 GMT
            Not After : Nov 12 07:01:58 2025 GMT
        Subject: CN=7dbb3ef1348c8551ade790a832bac6058b8bf9ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b4:31:64:9c:90:53:2c:06:a5:f3:63:f2:7c:
                    3b:39:f6:be:3d:6f:e2:40:69:eb:94:e8:0b:ac:cb:
                    23:7d:92:3e:f3:94:f3:bc:96:1f:08:d7:f3:d6:f4:
                    22:53:17:bd:bb:27:31:ef:34:4e:00:d1:62:f0:68:
                    d0:c1:02:56:7a:17:c3:ca:c3:f4:3b:a5:71:2d:e9:
                    e5:c5:71:74:d5:ae:e6:2f:8d:7f:34:c2:81:57:2e:
                    e1:b6:3a:a8:8d:50:7c:13:19:e4:65:c2:7d:1c:24:
                    7e:b9:93:d8:9f:96:2a:13:4d:84:7a:01:98:28:28:
                    e4:01:e7:c0:f8:fe:c9:9c:bf:ac:fe:19:ff:9b:cd:
                    96:7b:98:b5:7c:2e:15:13:52:75:2b:9e:93:8a:f0:
                    cd:45:ea:2e:27:10:56:1b:d8:63:ed:76:59:82:e8:
                    06:ba:d9:04:fa:73:eb:09:8c:ef:9b:d5:85:7a:f1:
                    51:ad:c7:3a:a2:98:9b:f2:3e:d6:6b:c3:b0:8d:8b:
                    17:34:1d:1b:d6:28:94:6d:10:40:dc:00:71:fd:89:
                    e6:03:f6:13:60:ea:f4:c0:e0:03:d2:e9:71:f9:da:
                    d6:a5:0f:5e:4e:a6:43:05:4f:f2:b9:f2:40:99:53:
                    ea:be:43:02:d7:bc:69:d9:6b:fc:1f:af:ad:54:37:
                    9b:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:BB:3E:F1:34:8C:85:51:AD:E7:90:A8:32:BA:C6:05:8B:8B:F9:ED
            X509v3 Authority Key Identifier:
                keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:45:1b:37:76:03:a0:53:4d:82:52:45:a1:03:b6:04:88:ea:
         e8:5f:a6:e1:1c:a4:48:30:28:b7:e7:06:7a:df:20:83:cb:f2:
         47:0f:31:c0:66:25:64:63:42:34:30:a8:d9:5a:17:4a:00:49:
         0e:9d:eb:c8:a4:19:ba:1b:e8:f3:df:8b:9a:e5:a6:14:ab:b6:
         ab:0f:ae:a7:f9:aa:37:47:be:2d:29:6e:dc:71:43:f6:6f:48:
         ae:d8:66:b9:fd:05:dc:9d:91:6b:9b:40:b7:dc:6e:8d:26:31:
         39:90:86:5b:9b:b1:4a:c8:7a:57:ed:bd:d2:49:d5:e3:f3:74:
         94:89:28:6a:6a:49:f2:e8:ed:84:cf:35:74:f5:da:7c:4b:86:
         4e:76:b4:dc:87:f4:a9:af:8c:0d:10:ab:57:01:71:4f:2a:6b:
         41:9d:68:a4:98:dd:f0:f7:c7:39:3c:bb:a5:1a:fe:69:c6:e5:
         3a:10:a6:dc:e9:1a:49:d1:db:df:6f:96:7b:c0:63:bd:f1:bc:
         6c:d3:26:ae:91:dc:af:f4:14:08:1e:8d:c9:b0:3c:c3:c3:e7:
         e9:1d:1d:f1:6d:3b:1d:d6:86:c8:0c:b4:b0:3f:fb:88:ff:1d:
         62:49:8b:ce:c4:4f:d1:9c:b7:a2:72:9a:51:72:a5:dd:80:f3:
         71:2c:cf:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKnMyguKGZq2vUzs2ALhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl
MDk1NDcwHhcNMjUxMTExMDcwMTU4WhcNMjUxMTEyMDcwMTU4WjAzMTEwLwYDVQQD
Eyg3ZGJiM2VmMTM0OGM4NTUxYWRlNzkwYTgzMmJhYzYwNThiOGJmOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLQxZJyQUywGpfNj8nw7Ofa+PW/i
QGnrlOgLrMsjfZI+85TzvJYfCNfz1vQiUxe9uycx7zROANFi8GjQwQJWehfDysP0
O6VxLenlxXF01a7mL41/NMKBVy7htjqojVB8ExnkZcJ9HCR+uZPYn5YqE02EegGY
KCjkAefA+P7JnL+s/hn/m82We5i1fC4VE1J1K56TivDNReouJxBWG9hj7XZZgugG
utkE+nPrCYzvm9WFevFRrcc6opib8j7Wa8OwjYsXNB0b1iiUbRBA3ABx/YnmA/YT
YOr0wOAD0ulx+drWpQ9eTqZDBU/yufJAmVPqvkMC17xp2Wv8H6+tVDebjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH27PvE0jIVRreeQqDK6xgWLi/ntMB8GA1UdIwQY
MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt
OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz
LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY0UbN3YD
oFNNglJFoQO2BIjq6F+m4RykSDAot+cGet8gg8vyRw8xwGYlZGNCNDCo2VoXSgBJ
Dp3ryKQZuhvo89+LmuWmFKu2qw+up/mqN0e+LSlu3HFD9m9Irthmuf0F3J2Ra5tA
t9xujSYxOZCGW5uxSsh6V+290knV4/N0lIkoampJ8ujthM81dPXafEuGTna03If0
qa+MDRCrVwFxTyprQZ1opJjd8PfHOTy7pRr+acblOhCm3OkaSdHb32+We8BjvfG8
bNMmrpHcr/QUCB6NybA8w8Pn6R0d8W07HdaGyAy0sD/7iP8dYkmLzsRP0Zy3onKa
UXKl3YDzcSzPww==
-----END CERTIFICATE-----