Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
File:                     USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json)
Hash identifier:          ZO5OlmucBA+nwgkWJVbvAc919g/p87nBNYd1ULERCjY=
Subject key identifier:   C1:D6:83:1E:8E:AB:3C:0A:78:E8:CF:E6:07:FB:7B:1A:4C:FB:95:C5
Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47
Certificate issuer:       /CN=5121996654a0bb4f00858c402a820bb64be09547
Certificate serial:       019D386618F07E534534A8C3D245E6133542
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
Manifest number:          0B0E
Signing time:             Sun 29 Mar 2026 07:01:48 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:48 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:48 +0000
Files and hashes:         1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: 53XF4QVOVhCAf5TvMn2qAjUpj6IKKf70iQH1LFrNCpg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:18:f0:7e:53:45:34:a8:c3:d2:45:e6:13:35:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547
        Validity
            Not Before: Mar 29 07:01:48 2026 GMT
            Not After : Mar 30 07:01:48 2026 GMT
        Subject: CN=c1d6831e8eab3c0a78e8cfe607fb7b1a4cfb95c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:7e:7a:e7:e7:5d:82:8e:19:72:d4:86:a7:d4:
                    a4:a1:56:f5:1d:90:cb:7e:56:3e:da:ee:a2:62:31:
                    25:58:73:8c:d4:ac:b6:e4:95:4c:65:1c:15:31:9f:
                    08:07:34:0d:ee:46:d5:63:f1:e6:03:66:26:a2:13:
                    22:bf:ab:6e:f1:b9:7e:77:dc:94:59:4d:58:56:e6:
                    27:7f:d4:bd:03:40:b2:ce:f8:3b:d2:26:44:98:9b:
                    41:fd:71:ba:89:60:6b:93:f1:f2:03:f4:ab:43:aa:
                    91:24:fe:59:2c:33:12:35:b9:ef:83:1f:c8:fc:9e:
                    63:af:66:6d:29:20:88:e0:34:94:b4:72:32:91:8e:
                    b2:27:91:20:78:8f:08:e6:49:55:ae:7d:f8:b1:9e:
                    28:44:54:ad:4f:a3:20:72:b9:03:0a:d3:d2:43:f3:
                    98:9f:f5:20:6f:3d:da:0e:b2:43:10:c9:82:f4:75:
                    75:e1:fa:32:05:b7:35:9e:a5:4d:d5:49:5e:62:20:
                    84:88:66:ba:39:b4:97:07:bc:16:ad:a5:b1:e9:20:
                    cc:76:1b:48:bf:e4:7d:3c:2e:0a:b3:da:b3:e3:bf:
                    cc:cb:71:a3:ff:3f:bd:37:43:36:f3:05:a5:fd:fd:
                    f7:e7:86:f9:ab:89:a3:90:e1:47:47:1e:64:e5:4a:
                    9a:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:D6:83:1E:8E:AB:3C:0A:78:E8:CF:E6:07:FB:7B:1A:4C:FB:95:C5
            X509v3 Authority Key Identifier:
                keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:44:fb:2a:3c:8a:87:7a:34:94:dc:4c:be:f4:81:9a:dd:3b:
         e1:25:a9:60:c4:0b:41:7d:bf:b3:1a:0e:3c:5d:af:a7:c3:3a:
         60:58:4e:5d:42:83:45:a4:69:6d:8b:08:cd:d3:1c:6a:8d:df:
         be:99:9e:c8:dc:46:35:49:f5:2b:33:29:5c:97:57:d5:f3:22:
         49:fc:8e:9e:d4:3d:ab:95:18:80:27:d5:f0:c3:d9:87:eb:46:
         10:a7:22:b8:b3:fc:0b:1d:ae:46:7d:9b:66:d2:f8:84:87:0a:
         6b:f2:2d:8b:54:f3:ae:84:4d:c6:f7:8f:22:5b:2e:82:63:4c:
         f4:54:aa:71:8f:98:04:73:1a:6f:56:5b:e4:a7:9e:7e:d9:94:
         a0:a0:d3:67:79:9c:8f:2d:a9:c1:4d:d8:a9:9c:44:43:f3:fb:
         40:ba:b5:24:a8:00:a0:4a:ea:55:01:e0:ca:c8:60:db:17:f2:
         2e:bd:4f:30:02:32:7e:b5:c1:71:cd:3a:fc:82:42:7e:3a:74:
         10:9a:d9:8b:ef:fc:f2:69:18:99:26:28:f9:e1:e1:4a:fa:62:
         83:e5:75:dd:c9:71:aa:04:2d:8e:63:ea:e7:d1:92:c1:35:d6:
         f9:62:26:42:04:da:32:cc:0d:e9:9f:6b:95:00:e1:00:a3:63:
         7b:43:ad:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZhjwflNFNKjD0kXmEzVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl
MDk1NDcwHhcNMjYwMzI5MDcwMTQ4WhcNMjYwMzMwMDcwMTQ4WjAzMTEwLwYDVQQD
EyhjMWQ2ODMxZThlYWIzYzBhNzhlOGNmZTYwN2ZiN2IxYTRjZmI5NWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3565+ddgo4ZctSGp9SkoVb1HZDL
flY+2u6iYjElWHOM1Ky25JVMZRwVMZ8IBzQN7kbVY/HmA2YmohMiv6tu8bl+d9yU
WU1YVuYnf9S9A0Cyzvg70iZEmJtB/XG6iWBrk/HyA/SrQ6qRJP5ZLDMSNbnvgx/I
/J5jr2ZtKSCI4DSUtHIykY6yJ5EgeI8I5klVrn34sZ4oRFStT6MgcrkDCtPSQ/OY
n/Ugbz3aDrJDEMmC9HV14foyBbc1nqVN1UleYiCEiGa6ObSXB7wWraWx6SDMdhtI
v+R9PC4Ks9qz47/My3Gj/z+9N0M28wWl/f3354b5q4mjkOFHRx5k5UqaCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMHWgx6OqzwKeOjP5gf7expM+5XFMB8GA1UdIwQY
MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt
OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz
LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADkT7KjyK
h3o0lNxMvvSBmt074SWpYMQLQX2/sxoOPF2vp8M6YFhOXUKDRaRpbYsIzdMcao3f
vpmeyNxGNUn1KzMpXJdX1fMiSfyOntQ9q5UYgCfV8MPZh+tGEKciuLP8Cx2uRn2b
ZtL4hIcKa/Iti1TzroRNxvePIlsugmNM9FSqcY+YBHMab1Zb5KeeftmUoKDTZ3mc
jy2pwU3YqZxEQ/P7QLq1JKgAoErqVQHgyshg2xfyLr1PMAIyfrXBcc06/IJCfjp0
EJrZi+/88mkYmSYo+eHhSvpig+V13clxqgQtjmPq59GSwTXW+WImQgTaMswN6Z9r
lQDhAKNje0OtlQ==
-----END CERTIFICATE-----