Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
File:                     USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json)
Hash identifier:          bhoTqO41uWenECFJseEJIivCjScrWHoV9j2fcvk47jA=
Subject key identifier:   13:1E:0C:0B:40:58:EA:7C:BB:3C:B8:CD:0A:D6:F6:1E:D6:BC:7B:1B
Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47
Certificate issuer:       /CN=5121996654a0bb4f00858c402a820bb64be09547
Certificate serial:       019A4EF521F4A547E4F6E34C07B3106CEE12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
Manifest number:          098C
Signing time:             Tue 04 Nov 2025 13:01:18 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:18 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:18 +0000
Files and hashes:         1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: +jpVk5dvauSkZO6n0IVunRMbO3bOQW3gbRKI1PTTUPc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:21:f4:a5:47:e4:f6:e3:4c:07:b3:10:6c:ee:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547
        Validity
            Not Before: Nov  4 13:01:18 2025 GMT
            Not After : Nov  5 13:01:18 2025 GMT
        Subject: CN=131e0c0b4058ea7cbb3cb8cd0ad6f61ed6bc7b1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:77:e9:39:82:9f:0a:ad:81:c7:1d:8c:80:a5:
                    6b:3c:b4:cb:dc:c0:35:d9:96:09:cc:0e:8a:fe:6b:
                    c6:53:99:1c:b8:4b:e1:bf:ef:b1:ec:fb:41:20:86:
                    8d:91:fe:49:dc:6d:b4:a1:3b:ba:7a:36:45:50:f6:
                    39:77:78:e5:1a:0d:e3:8a:b0:ac:ce:02:d6:d4:6f:
                    4a:22:c0:ba:55:73:b8:37:64:83:e0:c1:7f:ed:dc:
                    97:e1:4b:3b:21:35:1d:7b:28:76:a5:19:fb:08:69:
                    58:2f:f7:bd:1f:ed:22:48:80:db:47:b2:d4:08:15:
                    2a:ea:37:b0:d3:4b:d1:da:83:ac:ae:0d:66:d2:a5:
                    e2:0d:39:46:a1:5d:59:b0:b1:0a:71:23:ab:ad:fd:
                    5b:98:97:b3:c2:a8:f7:2e:b4:fa:80:94:65:0f:91:
                    0b:bf:c4:1c:23:b1:a1:c2:37:72:af:93:ed:7d:a4:
                    71:3d:35:3c:28:4a:d9:8a:62:bc:68:3d:8e:f5:34:
                    4e:61:64:43:8c:53:ac:3e:bd:5f:13:88:31:18:10:
                    81:e8:ca:70:5f:16:39:49:05:b5:0b:b3:8b:bb:0d:
                    0d:da:73:43:33:8e:21:97:1c:9f:d6:9d:0c:0c:ef:
                    9c:84:2d:df:46:3c:e8:80:21:44:e0:c7:2d:0e:12:
                    f1:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:1E:0C:0B:40:58:EA:7C:BB:3C:B8:CD:0A:D6:F6:1E:D6:BC:7B:1B
            X509v3 Authority Key Identifier:
                keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:a2:0b:12:d3:f3:2a:55:b9:a0:10:76:af:3c:80:f6:e8:0b:
         0a:15:34:d6:c5:a4:a0:90:9b:9a:5b:6b:94:e1:b5:9d:d9:71:
         2c:21:86:52:40:1e:8c:90:77:41:28:56:4c:59:ed:d5:63:a6:
         4d:64:d9:b3:2c:5a:a8:55:1f:68:89:32:6d:8f:8a:73:7f:60:
         85:bb:76:22:4f:eb:a4:e4:21:31:62:26:83:ff:94:e6:7e:d9:
         88:f5:8f:80:59:9c:9c:f0:21:88:49:7b:56:50:b3:26:2c:55:
         a0:77:6d:98:6a:93:60:8a:fe:fc:f9:aa:7c:a8:d9:1d:e0:27:
         72:d2:5d:84:38:22:28:79:2d:b9:a5:1d:5a:4b:d5:1d:73:35:
         2c:e6:0f:8d:1e:ab:f1:9e:8b:81:79:0d:f6:7a:88:1e:8f:56:
         59:08:3f:fc:3b:c1:f6:14:31:ac:a9:7e:5a:57:90:8e:01:72:
         92:6a:44:59:d3:89:c4:91:8f:8f:2a:4d:c6:d9:0c:ce:6c:62:
         1e:7b:99:10:b4:97:92:f8:db:e3:eb:da:39:86:d4:5d:48:50:
         4b:eb:dc:c5:80:e4:a0:32:7a:71:d8:9c:b5:98:79:1a:59:86:
         ac:7c:b7:6e:5f:fb:d9:d8:7a:18:b6:75:25:3f:e6:04:cb:aa:
         de:64:14:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9SH0pUfk9uNMB7MQbO4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl
MDk1NDcwHhcNMjUxMTA0MTMwMTE4WhcNMjUxMTA1MTMwMTE4WjAzMTEwLwYDVQQD
EygxMzFlMGMwYjQwNThlYTdjYmIzY2I4Y2QwYWQ2ZjYxZWQ2YmM3YjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnfpOYKfCq2Bxx2MgKVrPLTL3MA1
2ZYJzA6K/mvGU5kcuEvhv++x7PtBIIaNkf5J3G20oTu6ejZFUPY5d3jlGg3jirCs
zgLW1G9KIsC6VXO4N2SD4MF/7dyX4Us7ITUdeyh2pRn7CGlYL/e9H+0iSIDbR7LU
CBUq6jew00vR2oOsrg1m0qXiDTlGoV1ZsLEKcSOrrf1bmJezwqj3LrT6gJRlD5EL
v8QcI7Ghwjdyr5PtfaRxPTU8KErZimK8aD2O9TROYWRDjFOsPr1fE4gxGBCB6Mpw
XxY5SQW1C7OLuw0N2nNDM44hlxyf1p0MDO+chC3fRjzogCFE4MctDhLxPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMeDAtAWOp8uzy4zQrW9h7WvHsbMB8GA1UdIwQY
MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt
OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz
LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANqILEtPz
KlW5oBB2rzyA9ugLChU01sWkoJCbmltrlOG1ndlxLCGGUkAejJB3QShWTFnt1WOm
TWTZsyxaqFUfaIkybY+Kc39ghbt2Ik/rpOQhMWImg/+U5n7ZiPWPgFmcnPAhiEl7
VlCzJixVoHdtmGqTYIr+/PmqfKjZHeAnctJdhDgiKHktuaUdWkvVHXM1LOYPjR6r
8Z6LgXkN9nqIHo9WWQg//DvB9hQxrKl+WleQjgFykmpEWdOJxJGPjypNxtkMzmxi
HnuZELSXkvjb4+vaOYbUXUhQS+vcxYDkoDJ6cdictZh5GlmGrHy3bl/72dh6GLZ1
JT/mBMuq3mQUUw==
-----END CERTIFICATE-----