Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
File:                     USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json)
Hash identifier:          yZKL1UDtRz6WUqTnr7GbZQAMapMLjyddRYLWTz1xLro=
Subject key identifier:   44:B3:06:4A:FA:E9:44:38:7E:8F:25:68:CB:C9:40:1F:80:E5:28:68
Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47
Certificate issuer:       /CN=5121996654a0bb4f00858c402a820bb64be09547
Certificate serial:       019CAB6B7E3BE44ADD77DAB0945479AFDEF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
Manifest number:          0AC5
Signing time:             Sun 01 Mar 2026 22:01:14 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:14 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:14 +0000
Files and hashes:         1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: Kx5T6ckBavCYD6HXrGBu3nkJxiv4sVGeiKBbzN+/o/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:7e:3b:e4:4a:dd:77:da:b0:94:54:79:af:de:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547
        Validity
            Not Before: Mar  1 22:01:14 2026 GMT
            Not After : Mar  2 22:01:14 2026 GMT
        Subject: CN=44b3064afae944387e8f2568cbc9401f80e52868
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:cc:6f:d9:1e:8e:be:da:9e:55:4e:47:bc:30:
                    25:43:15:57:89:8c:b2:0a:26:60:d2:32:98:71:7a:
                    75:cf:6a:1d:85:9c:3e:76:f9:61:a2:ed:54:cf:9e:
                    f2:6c:6d:97:11:3a:df:37:f8:43:90:fc:29:bd:4a:
                    0a:30:40:ed:aa:ab:94:66:8f:eb:62:03:f6:d8:63:
                    3a:be:83:63:f2:1e:2c:63:2e:2d:0d:71:b9:ef:7e:
                    28:d7:7c:3c:f3:1e:73:11:6e:bc:f7:d7:cd:7a:4a:
                    70:33:98:2c:4a:ef:7e:16:e6:36:75:b2:66:58:e0:
                    fa:1c:9e:21:e2:8a:e6:e2:c6:af:46:d8:0c:72:86:
                    9a:0d:33:da:48:96:e8:bf:89:aa:4f:a4:b0:29:95:
                    73:d9:23:91:49:10:fa:35:b3:82:dd:5b:c8:47:2a:
                    da:82:6d:1f:1a:ec:11:b9:92:a7:66:e6:08:fe:68:
                    73:11:ce:78:f2:c3:cf:50:fa:48:37:10:d2:80:d4:
                    d4:f7:b6:5d:f6:cc:0d:5b:eb:9b:13:21:cf:c3:29:
                    48:11:10:78:d3:4a:e9:f3:cf:d8:4b:52:c1:9d:62:
                    b4:b8:c8:89:f7:45:de:50:e5:d1:2f:fe:68:d5:9f:
                    87:75:90:fa:e1:28:6d:fd:8a:39:74:12:1d:f7:5f:
                    79:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:B3:06:4A:FA:E9:44:38:7E:8F:25:68:CB:C9:40:1F:80:E5:28:68
            X509v3 Authority Key Identifier:
                keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:1c:8c:3d:ca:93:34:62:0a:92:cf:3e:31:e5:c4:ae:41:5e:
         4f:73:f2:3e:ef:ee:5b:37:f7:3b:35:86:1c:d3:1e:2a:b0:ed:
         29:59:e0:70:ec:f5:1e:6a:85:67:d5:93:36:f0:56:b2:c8:a0:
         27:bf:1a:00:6b:2c:be:5b:ef:63:fe:02:3e:76:56:5a:53:e4:
         2d:8a:06:47:e4:1d:cf:95:09:28:06:f1:d5:f4:72:a7:97:62:
         bc:61:3e:7f:fa:3b:1c:4e:42:16:9d:e6:03:42:04:20:58:9c:
         71:2a:12:b1:bd:1c:cd:ec:0c:2c:17:a0:60:b7:28:0f:a3:e7:
         bd:ba:17:58:0c:e1:73:09:26:96:da:71:a2:d8:c7:39:12:35:
         50:9c:81:82:cb:3c:55:bb:68:c0:5f:05:5d:1d:b7:8d:fd:4c:
         8d:7f:37:39:84:29:65:44:10:d4:f4:3a:0c:8f:b6:24:fb:4c:
         d0:f8:61:0e:95:41:46:12:23:3a:04:10:fa:97:01:66:a5:bd:
         81:b2:15:b5:03:16:9e:09:67:d0:1a:08:f7:9c:a1:f0:af:6b:
         14:5e:d4:cb:7e:80:7d:ab:57:a4:2a:d1:e8:ee:0b:33:1b:9f:
         c0:2c:ea:64:fe:6d:3a:45:d7:5b:07:8a:dd:0a:3d:cf:69:74:
         fc:e2:02:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra3475Erdd9qwlFR5r97zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl
MDk1NDcwHhcNMjYwMzAxMjIwMTE0WhcNMjYwMzAyMjIwMTE0WjAzMTEwLwYDVQQD
Eyg0NGIzMDY0YWZhZTk0NDM4N2U4ZjI1NjhjYmM5NDAxZjgwZTUyODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8xv2R6OvtqeVU5HvDAlQxVXiYyy
CiZg0jKYcXp1z2odhZw+dvlhou1Uz57ybG2XETrfN/hDkPwpvUoKMEDtqquUZo/r
YgP22GM6voNj8h4sYy4tDXG5734o13w88x5zEW6899fNekpwM5gsSu9+FuY2dbJm
WOD6HJ4h4orm4savRtgMcoaaDTPaSJbov4mqT6SwKZVz2SORSRD6NbOC3VvIRyra
gm0fGuwRuZKnZuYI/mhzEc548sPPUPpINxDSgNTU97Zd9swNW+ubEyHPwylIERB4
00rp88/YS1LBnWK0uMiJ90XeUOXRL/5o1Z+HdZD64Sht/Yo5dBId9195SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFESzBkr66UQ4fo8laMvJQB+A5ShoMB8GA1UdIwQY
MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt
OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz
LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAARyMPcqT
NGIKks8+MeXErkFeT3PyPu/uWzf3OzWGHNMeKrDtKVngcOz1HmqFZ9WTNvBWssig
J78aAGssvlvvY/4CPnZWWlPkLYoGR+Qdz5UJKAbx1fRyp5divGE+f/o7HE5CFp3m
A0IEIFiccSoSsb0czewMLBegYLcoD6PnvboXWAzhcwkmltpxotjHORI1UJyBgss8
VbtowF8FXR23jf1MjX83OYQpZUQQ1PQ6DI+2JPtM0PhhDpVBRhIjOgQQ+pcBZqW9
gbIVtQMWngln0BoI95yh8K9rFF7Uy36AfatXpCrR6O4LMxufwCzqZP5tOkXXWweK
3Qo9z2l0/OICmQ==
-----END CERTIFICATE-----