Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
File:                     USd7w4wS4ELt31bX519QVjxL0ic.mft (raw, json)
Hash identifier:          pmNbtDRkNXq81C82oBbRpGeqWIIfjfsAGQEbKlxWR9A=
Subject key identifier:   ED:8D:19:9D:8C:9A:05:AE:BF:B5:F9:5F:83:44:9F:DE:71:A4:71:00
Authority key identifier: 51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27
Certificate issuer:       /CN=51277bc38c12e042eddf56d7e75f50563c4bd227
Certificate serial:       019923A0516F0E683C0C46AA7CAB451CEF91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 10:02:13 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:13 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:13 +0000
Files and hashes:         1: USd7w4wS4ELt31bX519QVjxL0ic.crl (hash: ZgkSiZsAr20ZJHILjRgZ7QdmUFAQQbq8N2z+BoGyLBc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:51:6f:0e:68:3c:0c:46:aa:7c:ab:45:1c:ef:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51277bc38c12e042eddf56d7e75f50563c4bd227
        Validity
            Not Before: Sep  7 10:02:13 2025 GMT
            Not After : Sep  8 10:02:13 2025 GMT
        Subject: CN=ed8d199d8c9a05aebfb5f95f83449fde71a47100
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:07:d0:27:e6:a2:88:83:ab:2c:7b:d1:77:34:
                    8b:88:63:b9:7c:ac:6b:ae:7d:c4:cb:87:ae:a7:db:
                    a3:a7:42:c5:61:4e:7d:56:4a:4b:75:7c:bc:0e:f2:
                    f5:4e:e1:43:cb:02:b2:fd:01:5c:0e:4f:1e:71:68:
                    b5:53:a1:30:5d:4b:87:2e:74:59:bf:11:27:c3:3c:
                    5a:a0:bd:c1:e2:ea:42:fe:f0:af:04:53:4f:db:5a:
                    fc:56:8e:95:e6:fa:71:cc:81:4f:b5:5e:ad:06:e7:
                    25:48:d7:a3:6c:08:cc:33:f2:b6:2d:59:2f:b6:2b:
                    e2:d0:e1:f3:e4:45:65:28:38:9b:79:68:8f:f1:ae:
                    2b:c5:a5:05:e9:81:76:9d:78:45:ce:8b:91:1b:97:
                    ff:4d:a8:42:46:f8:34:65:a1:b5:37:1b:06:bd:e9:
                    90:c1:e3:ad:9e:df:cd:ed:3f:a7:32:88:28:1c:f8:
                    8a:8e:d1:f7:63:61:12:cb:79:9a:6d:ea:68:e3:5a:
                    dd:42:17:d0:f1:a0:59:e8:07:62:0d:73:57:32:b4:
                    a7:97:1b:4c:b9:e5:42:7e:18:7c:78:c2:5f:d3:e3:
                    63:dc:7b:43:41:4b:28:52:97:18:c4:e7:f2:32:07:
                    d1:14:cf:11:3e:f1:26:08:02:16:74:24:ce:56:e7:
                    c8:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:8D:19:9D:8C:9A:05:AE:BF:B5:F9:5F:83:44:9F:DE:71:A4:71:00
            X509v3 Authority Key Identifier:
                keyid:51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:d5:ec:31:79:82:d4:b9:bb:e3:42:85:64:88:46:4b:e6:16:
         69:1b:2b:11:25:56:6a:96:f0:56:44:4e:5b:5b:fb:fe:98:42:
         b7:0b:74:85:d9:96:03:83:3f:e8:13:0e:23:44:04:20:49:44:
         94:71:63:10:50:51:76:78:c3:ba:b3:b7:d3:34:43:f9:88:39:
         e6:b9:3d:ba:40:78:98:37:0d:82:78:cd:db:9f:d5:62:52:a1:
         7b:b4:77:f9:04:f8:4e:e5:f3:8c:78:c4:ab:e7:fe:73:d0:35:
         2f:57:c8:57:dd:ce:fa:03:36:13:a8:e1:14:18:09:b5:f3:93:
         56:a7:eb:75:85:b6:c6:fc:42:06:50:0f:77:51:b2:77:45:f8:
         5a:46:79:02:51:0c:c0:b4:02:66:51:16:47:fc:5e:52:e7:6b:
         57:67:52:36:e0:5d:e8:cb:22:e1:7f:4f:f9:f0:0a:6c:1f:12:
         2b:f5:d1:7f:a0:19:48:43:ea:e1:5c:7f:15:bc:07:f2:fb:a2:
         ea:1d:71:58:ea:49:73:1a:9e:2e:eb:fc:5e:e0:ca:5a:c4:9b:
         73:84:56:d4:21:41:b5:ca:49:e2:67:15:39:8b:aa:74:f3:73:
         a5:75:60:81:55:bf:1f:fe:a8:eb:53:65:14:36:87:73:da:79:
         42:60:24:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoFFvDmg8DEaqfKtFHO+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjc3YmMzOGMxMmUwNDJlZGRmNTZkN2U3NWY1MDU2M2M0
YmQyMjcwHhcNMjUwOTA3MTAwMjEzWhcNMjUwOTA4MTAwMjEzWjAzMTEwLwYDVQQD
EyhlZDhkMTk5ZDhjOWEwNWFlYmZiNWY5NWY4MzQ0OWZkZTcxYTQ3MTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygfQJ+aiiIOrLHvRdzSLiGO5fKxr
rn3Ey4eup9ujp0LFYU59VkpLdXy8DvL1TuFDywKy/QFcDk8ecWi1U6EwXUuHLnRZ
vxEnwzxaoL3B4upC/vCvBFNP21r8Vo6V5vpxzIFPtV6tBuclSNejbAjMM/K2LVkv
tivi0OHz5EVlKDibeWiP8a4rxaUF6YF2nXhFzouRG5f/TahCRvg0ZaG1NxsGvemQ
weOtnt/N7T+nMogoHPiKjtH3Y2ESy3mabepo41rdQhfQ8aBZ6AdiDXNXMrSnlxtM
ueVCfhh8eMJf0+Nj3HtDQUsoUpcYxOfyMgfRFM8RPvEmCAIWdCTOVufIzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2NGZ2MmgWuv7X5X4NEn95xpHEAMB8GA1UdIwQY
MBaAFFEne8OMEuBC7d9W1+dfUFY8S9InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjkt
NTJjMTk3NThmYTE1LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjktNTJjMTk3NThmYTE1
LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbtXsMXmC
1Lm740KFZIhGS+YWaRsrESVWapbwVkROW1v7/phCtwt0hdmWA4M/6BMOI0QEIElE
lHFjEFBRdnjDurO30zRD+Yg55rk9ukB4mDcNgnjN25/VYlKhe7R3+QT4TuXzjHjE
q+f+c9A1L1fIV93O+gM2E6jhFBgJtfOTVqfrdYW2xvxCBlAPd1Gyd0X4WkZ5AlEM
wLQCZlEWR/xeUudrV2dSNuBd6Msi4X9P+fAKbB8SK/XRf6AZSEPq4Vx/FbwH8vui
6h1xWOpJcxqeLuv8XuDKWsSbc4RW1CFBtcpJ4mcVOYuqdPNzpXVggVW/H/6o61Nl
FDaHc9p5QmAklw==
-----END CERTIFICATE-----