Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
File:                     USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json)
Hash identifier:          gOtdo3VsrHrQ5kM0ZhFbYCQhVVO+NyD/8Pg5N/uIPAc=
Subject key identifier:   D8:9D:C7:97:8B:57:F3:5F:9D:C8:E4:C4:2F:9D:5E:E2:D3:9A:71:02
Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47
Certificate issuer:       /CN=5121996654a0bb4f00858c402a820bb64be09547
Certificate serial:       01967FB4510CD1F7A19339C6DEA02376938C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
Manifest number:          0793
Signing time:             Tue 29 Apr 2025 04:00:45 +0000
Manifest this update:     Tue 29 Apr 2025 04:00:45 +0000
Manifest next update:     Wed 30 Apr 2025 04:00:45 +0000
Files and hashes:         1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: 0ZKOqi+Jy+uOodEqMNUUEnA9FHn+5PsYrYp4PXBXPH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 04:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b4:51:0c:d1:f7:a1:93:39:c6:de:a0:23:76:93:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547
        Validity
            Not Before: Apr 29 04:00:45 2025 GMT
            Not After : Apr 30 04:00:45 2025 GMT
        Subject: CN=d89dc7978b57f35f9dc8e4c42f9d5ee2d39a7102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:db:bf:1a:ac:f9:c5:a0:12:f0:4a:0b:f7:3b:
                    2a:62:71:9f:19:88:1a:8d:cc:d9:24:37:15:bb:e7:
                    ea:c3:c1:d7:af:fe:82:d2:65:47:1b:0d:3a:fa:ce:
                    75:1d:76:de:f4:ff:06:a9:5a:5d:21:33:cc:c9:b5:
                    1b:16:bf:84:de:1f:02:ba:64:fd:90:a4:53:80:fc:
                    5d:c8:80:54:5b:11:d0:13:60:21:df:44:99:49:03:
                    0d:8d:a2:49:68:20:c7:30:a4:8f:04:ee:09:9a:16:
                    52:d4:60:dd:4d:e8:dd:00:c9:7b:61:91:be:97:5a:
                    0b:94:5e:84:55:6b:ca:ab:40:06:5d:02:f7:5f:d3:
                    86:cf:cc:6c:1b:91:56:a2:77:a8:37:a3:fa:b0:36:
                    fb:07:7d:c8:72:79:f8:0f:ec:b1:8c:e7:9a:41:8c:
                    0f:f5:b4:9b:3e:2b:1e:29:ba:f4:eb:2b:ca:e9:10:
                    df:79:36:22:75:0e:53:ee:ce:8c:e6:88:b9:8f:21:
                    f1:71:57:72:f6:39:5e:56:d0:aa:af:63:e6:ec:bd:
                    61:42:8f:f5:7d:39:ce:6a:f6:75:c5:92:0a:76:53:
                    e7:f2:75:e0:54:26:6a:2a:6c:9b:2f:a8:1d:e5:cd:
                    8c:b2:3c:88:f6:d6:1a:a2:25:b0:1c:d1:3b:20:f7:
                    e9:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:9D:C7:97:8B:57:F3:5F:9D:C8:E4:C4:2F:9D:5E:E2:D3:9A:71:02
            X509v3 Authority Key Identifier:
                keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:f2:67:65:23:7e:8f:9a:30:e6:23:5a:4c:60:b5:59:f0:43:
         06:de:22:67:16:b9:be:47:3e:8c:71:90:27:cf:2b:7a:9c:09:
         60:c6:7c:00:9b:34:68:7d:c7:57:8c:fe:ac:7f:c8:23:fd:48:
         79:7b:fb:bb:5d:2d:79:1b:3d:af:cb:37:f3:ab:91:18:fe:88:
         af:a8:93:d8:5f:4f:57:95:f3:8a:b0:d4:42:57:04:eb:3a:ba:
         95:e1:57:f7:92:66:85:23:99:c6:1f:47:e7:73:33:e0:47:ce:
         89:48:68:bc:c1:4d:bc:b0:ec:80:cc:58:d1:b0:c7:5e:a3:81:
         66:e0:ba:b1:06:79:63:28:0d:2a:8a:04:53:d9:d5:af:21:36:
         d7:04:c1:fa:75:3f:bd:62:5d:72:0d:7c:fd:76:91:07:cf:16:
         55:36:d0:3e:14:fd:19:f2:b9:52:8e:ae:01:ad:7a:a6:84:22:
         6d:e5:a3:7a:1b:42:4d:f9:e7:6e:6e:ff:d5:ba:bd:71:14:17:
         17:d3:aa:20:31:c0:8d:a9:c6:93:3f:cc:e2:64:41:d6:db:e4:
         03:88:13:77:23:30:43:b3:09:59:60:0c:be:cd:00:bc:fd:84:
         43:85:59:2f:36:1f:cc:17:66:52:80:9c:31:1c:79:06:e5:38:
         de:21:e9:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tFEM0fehkznG3qAjdpOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl
MDk1NDcwHhcNMjUwNDI5MDQwMDQ1WhcNMjUwNDMwMDQwMDQ1WjAzMTEwLwYDVQQD
EyhkODlkYzc5NzhiNTdmMzVmOWRjOGU0YzQyZjlkNWVlMmQzOWE3MTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Nu/Gqz5xaAS8EoL9zsqYnGfGYga
jczZJDcVu+fqw8HXr/6C0mVHGw06+s51HXbe9P8GqVpdITPMybUbFr+E3h8CumT9
kKRTgPxdyIBUWxHQE2Ah30SZSQMNjaJJaCDHMKSPBO4JmhZS1GDdTejdAMl7YZG+
l1oLlF6EVWvKq0AGXQL3X9OGz8xsG5FWoneoN6P6sDb7B33Icnn4D+yxjOeaQYwP
9bSbPiseKbr06yvK6RDfeTYidQ5T7s6M5oi5jyHxcVdy9jleVtCqr2Pm7L1hQo/1
fTnOavZ1xZIKdlPn8nXgVCZqKmybL6gd5c2MsjyI9tYaoiWwHNE7IPfp7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNidx5eLV/NfncjkxC+dXuLTmnECMB8GA1UdIwQY
MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt
OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz
LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ/JnZSN+
j5ow5iNaTGC1WfBDBt4iZxa5vkc+jHGQJ88repwJYMZ8AJs0aH3HV4z+rH/II/1I
eXv7u10teRs9r8s386uRGP6Ir6iT2F9PV5XzirDUQlcE6zq6leFX95JmhSOZxh9H
53Mz4EfOiUhovMFNvLDsgMxY0bDHXqOBZuC6sQZ5YygNKooEU9nVryE21wTB+nU/
vWJdcg18/XaRB88WVTbQPhT9GfK5Uo6uAa16poQibeWjehtCTfnnbm7/1bq9cRQX
F9OqIDHAjanGkz/M4mRB1tvkA4gTdyMwQ7MJWWAMvs0AvP2EQ4VZLzYfzBdmUoCc
MRx5BuU43iHprA==
-----END CERTIFICATE-----