Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
File:                     USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json)
Hash identifier:          /Glv6UXFmzy8ZUnNLeUzbqCtU+73d1aK3bZe4UX7sLc=
Subject key identifier:   53:CE:65:77:34:74:AD:96:8B:81:44:AA:61:6C:6C:5F:D5:50:2F:DD
Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47
Certificate issuer:       /CN=5121996654a0bb4f00858c402a820bb64be09547
Certificate serial:       019DA48B0CA23531DB226FFE9D386BE73394
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
Manifest number:          0B46
Signing time:             Sun 19 Apr 2026 07:01:09 +0000
Manifest this update:     Sun 19 Apr 2026 07:01:09 +0000
Manifest next update:     Mon 20 Apr 2026 07:01:09 +0000
Files and hashes:         1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: qDdiQG9ozQ4Mas/kAZQh+bd66/pLkTPHRla+1L5zEPM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8b:0c:a2:35:31:db:22:6f:fe:9d:38:6b:e7:33:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547
        Validity
            Not Before: Apr 19 07:01:09 2026 GMT
            Not After : Apr 20 07:01:09 2026 GMT
        Subject: CN=53ce65773474ad968b8144aa616c6c5fd5502fdd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:1f:d2:56:d3:ac:03:a6:08:69:1b:61:2c:b6:
                    93:bd:e4:52:70:43:23:e5:75:fb:4c:f6:0a:4c:24:
                    7c:5d:38:2e:7a:8b:ac:78:f1:6b:cc:08:fd:a6:76:
                    fc:62:34:a4:da:5b:fd:a9:52:44:3a:6a:9d:8c:07:
                    e6:a8:bf:12:db:b7:26:bc:a1:0a:9a:67:5c:18:90:
                    e6:ad:e9:24:65:90:31:80:e6:8a:b8:38:c2:25:9c:
                    a5:c8:5a:a4:00:3c:e7:9c:c0:9f:90:f7:e4:48:83:
                    2b:19:93:b4:ae:55:e0:3d:6a:5a:31:93:cd:1a:a7:
                    73:56:fb:75:ec:a7:20:50:23:87:65:2e:e3:e7:f5:
                    bb:7f:41:06:cc:72:29:68:5d:9b:75:33:23:e8:43:
                    48:74:65:08:bb:0a:65:c5:1e:90:3c:fc:5d:3a:7b:
                    a8:30:a2:e6:6c:b3:54:bc:41:a0:ff:7e:ea:f0:b9:
                    27:ba:a9:1d:19:66:72:a2:b3:bb:a7:46:e3:f6:2c:
                    40:6d:56:3a:6d:4f:8a:c0:67:bb:88:90:2c:fe:03:
                    58:b2:3f:b6:0d:98:88:bf:a0:40:41:9f:13:1f:d3:
                    32:42:40:de:11:1a:ae:72:af:0d:38:79:9a:d5:19:
                    3f:11:6b:9f:bf:27:24:7c:12:cc:07:5e:ec:d1:36:
                    e7:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:CE:65:77:34:74:AD:96:8B:81:44:AA:61:6C:6C:5F:D5:50:2F:DD
            X509v3 Authority Key Identifier:
                keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:d9:9a:3d:a0:8a:c8:f3:ef:42:c1:29:c2:e5:09:13:fe:0f:
         e4:aa:a2:51:c5:83:79:40:d4:6f:e5:f5:4a:20:91:6d:8f:25:
         75:62:29:2f:dc:fe:0d:07:b0:c1:0e:ab:74:54:98:23:ea:77:
         73:9c:94:b9:5c:d3:32:02:7b:3c:f7:3b:7f:95:79:08:09:76:
         d6:3f:31:86:17:c4:15:a3:88:62:c0:79:5d:fa:c7:25:44:6b:
         c4:e2:24:88:54:83:15:9d:fd:6b:1f:9b:45:f4:a4:8b:f4:be:
         30:ce:0c:2c:f7:f0:24:8c:33:91:08:96:34:d6:22:73:50:99:
         46:39:70:34:27:27:60:2f:a3:9a:76:0d:83:c6:97:f3:9a:63:
         69:80:ef:93:ce:ae:fa:63:f2:50:59:0f:9c:f3:3a:24:16:bb:
         0b:af:2d:9f:c3:a4:07:35:af:56:31:eb:42:10:70:cf:84:1f:
         e7:db:91:8e:31:37:9c:d8:6c:82:b9:30:17:4b:e2:06:63:6d:
         d3:fc:ef:32:5b:4c:d5:bf:1a:5e:c8:d5:97:1e:2e:26:45:52:
         da:5e:d5:ec:99:00:67:f4:97:78:4c:6b:f5:7b:79:0c:ab:a1:
         7c:ff:6a:24:9c:72:48:cf:fd:76:55:04:d7:fe:27:0a:53:43:
         ef:da:bd:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kiwyiNTHbIm/+nThr5zOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl
MDk1NDcwHhcNMjYwNDE5MDcwMTA5WhcNMjYwNDIwMDcwMTA5WjAzMTEwLwYDVQQD
Eyg1M2NlNjU3NzM0NzRhZDk2OGI4MTQ0YWE2MTZjNmM1ZmQ1NTAyZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h/SVtOsA6YIaRthLLaTveRScEMj
5XX7TPYKTCR8XTgueousePFrzAj9pnb8YjSk2lv9qVJEOmqdjAfmqL8S27cmvKEK
mmdcGJDmrekkZZAxgOaKuDjCJZylyFqkADznnMCfkPfkSIMrGZO0rlXgPWpaMZPN
GqdzVvt17KcgUCOHZS7j5/W7f0EGzHIpaF2bdTMj6ENIdGUIuwplxR6QPPxdOnuo
MKLmbLNUvEGg/37q8LknuqkdGWZyorO7p0bj9ixAbVY6bU+KwGe7iJAs/gNYsj+2
DZiIv6BAQZ8TH9MyQkDeERqucq8NOHma1Rk/EWufvyckfBLMB17s0TbnBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFPOZXc0dK2Wi4FEqmFsbF/VUC/dMB8GA1UdIwQY
MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt
OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz
LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX9maPaCK
yPPvQsEpwuUJE/4P5KqiUcWDeUDUb+X1SiCRbY8ldWIpL9z+DQewwQ6rdFSYI+p3
c5yUuVzTMgJ7PPc7f5V5CAl21j8xhhfEFaOIYsB5XfrHJURrxOIkiFSDFZ39ax+b
RfSki/S+MM4MLPfwJIwzkQiWNNYic1CZRjlwNCcnYC+jmnYNg8aX85pjaYDvk86u
+mPyUFkPnPM6JBa7C68tn8OkBzWvVjHrQhBwz4Qf59uRjjE3nNhsgrkwF0viBmNt
0/zvMltM1b8aXsjVlx4uJkVS2l7V7JkAZ/SXeExr9Xt5DKuhfP9qJJxySM/9dlUE
1/4nClND79q9NQ==
-----END CERTIFICATE-----