Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
File:                     USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json)
Hash identifier:          /xNS3+2yuUB0O2pUOoQA3TSwHIAO5ZE1j9BRSCAaCpI=
Subject key identifier:   74:0D:E3:C8:98:30:83:42:8A:9C:52:EC:87:80:69:D9:99:83:4F:27
Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47
Certificate issuer:       /CN=5121996654a0bb4f00858c402a820bb64be09547
Certificate serial:       01965349DCA86EE86F563388B5FFEF5F8765
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
Manifest number:          077C
Signing time:             Sun 20 Apr 2025 13:01:11 +0000
Manifest this update:     Sun 20 Apr 2025 13:01:11 +0000
Manifest next update:     Mon 21 Apr 2025 13:01:11 +0000
Files and hashes:         1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: NqT4fnCEN3ezuhX8QGSnClt3HCoGzgo82DH7fsKrlis=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:49:dc:a8:6e:e8:6f:56:33:88:b5:ff:ef:5f:87:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547
        Validity
            Not Before: Apr 20 13:01:11 2025 GMT
            Not After : Apr 21 13:01:11 2025 GMT
        Subject: CN=740de3c8983083428a9c52ec878069d999834f27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ae:25:9f:17:8d:83:83:2b:f5:1c:9f:0e:5d:
                    e0:a6:57:24:57:17:84:d5:b2:c3:d7:6a:19:78:56:
                    ac:af:81:2b:51:44:df:7a:f1:10:90:4c:3c:1e:22:
                    2d:d7:35:46:90:6b:98:43:85:8b:e8:f1:44:1f:b5:
                    58:0f:4f:cf:ec:c8:7a:ff:66:2a:e2:dc:97:1e:14:
                    1c:4a:21:eb:d0:cd:3f:21:d1:80:0c:9e:47:47:45:
                    ed:39:4d:a6:08:89:2a:55:85:c6:50:76:27:d6:42:
                    32:a8:2b:b2:1e:30:28:f0:33:e3:71:be:3c:cf:b5:
                    e3:89:aa:84:8c:10:f8:a1:a7:0e:cc:b5:ac:ac:cb:
                    81:ad:9d:b3:a2:ec:b7:21:e5:29:2e:2e:a8:d5:58:
                    fd:27:2e:49:de:e1:f3:63:4c:e3:d0:3b:b0:73:16:
                    df:3d:8d:12:da:97:58:f4:96:c7:77:66:c3:57:02:
                    14:fb:5e:a9:6e:e0:16:3f:1f:e9:08:98:c0:85:7e:
                    7f:b4:b7:28:e0:e4:08:92:3b:8f:72:b5:d8:54:a0:
                    c0:94:f0:ef:2d:08:5f:9c:bf:ec:0a:96:c8:b7:12:
                    70:b4:08:ef:54:9b:9e:b9:13:62:c5:90:8e:7d:10:
                    cb:79:fb:df:cf:69:af:95:a7:45:0d:28:99:b0:61:
                    a1:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:0D:E3:C8:98:30:83:42:8A:9C:52:EC:87:80:69:D9:99:83:4F:27
            X509v3 Authority Key Identifier:
                keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:dd:6d:dd:c4:86:d0:f7:2c:91:f0:97:7c:6a:d5:af:00:e8:
         88:51:93:74:77:1b:6d:d7:cc:d1:c6:a4:db:f2:1d:91:d0:50:
         6f:d0:b8:9d:0d:18:84:32:60:5f:ea:9d:17:06:26:11:65:cd:
         18:c7:17:e2:c4:44:63:f5:77:37:e1:9b:12:08:b2:49:1b:df:
         25:f4:c9:a7:bd:bd:5e:53:41:80:0a:df:34:a6:6c:be:73:68:
         42:f0:d6:9d:c7:54:43:5f:f6:01:e6:96:73:2c:ef:b7:97:38:
         ab:a3:33:17:eb:61:19:be:cc:da:17:55:fe:51:b1:c2:4e:6a:
         d9:09:75:d1:37:0f:42:1e:46:da:e0:b3:e7:db:29:e8:4a:58:
         3a:99:d4:be:22:a2:d1:fb:16:88:8c:d6:03:86:ce:bf:17:05:
         05:f8:d8:bf:cf:63:e1:8e:d5:3b:d0:3e:92:70:d6:6d:e9:d2:
         bd:6b:7d:a5:cb:64:b3:f3:fa:ea:ca:42:6a:1b:26:ac:78:ac:
         33:38:a1:81:d7:19:cc:96:55:36:ac:04:8b:1b:19:b0:9a:6c:
         2b:17:9e:90:df:0e:9e:10:77:ae:60:b0:46:b9:6f:e4:55:31:
         b0:cf:a6:a1:4f:33:f5:4b:12:8a:8e:77:bb:88:6b:b5:99:91:
         86:ce:55:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTSdyobuhvVjOItf/vX4dlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl
MDk1NDcwHhcNMjUwNDIwMTMwMTExWhcNMjUwNDIxMTMwMTExWjAzMTEwLwYDVQQD
Eyg3NDBkZTNjODk4MzA4MzQyOGE5YzUyZWM4NzgwNjlkOTk5ODM0ZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAua4lnxeNg4Mr9RyfDl3gplckVxeE
1bLD12oZeFasr4ErUUTfevEQkEw8HiIt1zVGkGuYQ4WL6PFEH7VYD0/P7Mh6/2Yq
4tyXHhQcSiHr0M0/IdGADJ5HR0XtOU2mCIkqVYXGUHYn1kIyqCuyHjAo8DPjcb48
z7XjiaqEjBD4oacOzLWsrMuBrZ2zouy3IeUpLi6o1Vj9Jy5J3uHzY0zj0Duwcxbf
PY0S2pdY9JbHd2bDVwIU+16pbuAWPx/pCJjAhX5/tLco4OQIkjuPcrXYVKDAlPDv
LQhfnL/sCpbItxJwtAjvVJueuRNixZCOfRDLefvfz2mvladFDSiZsGGhFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQN48iYMINCipxS7IeAadmZg08nMB8GA1UdIwQY
MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt
OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz
LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGN1t3cSG
0PcskfCXfGrVrwDoiFGTdHcbbdfM0cak2/IdkdBQb9C4nQ0YhDJgX+qdFwYmEWXN
GMcX4sREY/V3N+GbEgiySRvfJfTJp729XlNBgArfNKZsvnNoQvDWncdUQ1/2AeaW
cyzvt5c4q6MzF+thGb7M2hdV/lGxwk5q2Ql10TcPQh5G2uCz59sp6EpYOpnUviKi
0fsWiIzWA4bOvxcFBfjYv89j4Y7VO9A+knDWbenSvWt9pctks/P66spCahsmrHis
MzihgdcZzJZVNqwEixsZsJpsKxeekN8OnhB3rmCwRrlv5FUxsM+moU8z9UsSio53
u4hrtZmRhs5VuQ==
-----END CERTIFICATE-----