Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
File:                     USd7w4wS4ELt31bX519QVjxL0ic.mft (raw, json)
Hash identifier:          G50gkp5Q1ILRhzmleRkisWy5udf7JUW06kuP6GV9Yts=
Subject key identifier:   44:A6:DD:2E:80:89:3B:B3:DD:9F:ED:E7:AD:BC:7E:F6:02:38:0A:0B
Authority key identifier: 51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27
Certificate issuer:       /CN=51277bc38c12e042eddf56d7e75f50563c4bd227
Certificate serial:       0198A04E984B4B61CAEEC4F7E7D20D73CD9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
Manifest number:          162A
Signing time:             Tue 12 Aug 2025 22:02:42 +0000
Manifest this update:     Tue 12 Aug 2025 22:02:42 +0000
Manifest next update:     Wed 13 Aug 2025 22:02:42 +0000
Files and hashes:         1: USd7w4wS4ELt31bX519QVjxL0ic.crl (hash: XsMJEIU/npmJGMhhsC1R4JakKr8igPSNG4EibCzwpjQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4e:98:4b:4b:61:ca:ee:c4:f7:e7:d2:0d:73:cd:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51277bc38c12e042eddf56d7e75f50563c4bd227
        Validity
            Not Before: Aug 12 22:02:42 2025 GMT
            Not After : Aug 13 22:02:42 2025 GMT
        Subject: CN=44a6dd2e80893bb3dd9fede7adbc7ef602380a0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:d5:e8:18:81:49:b7:3f:f4:fb:48:0d:dd:69:
                    f3:22:15:7f:2a:87:97:42:fa:39:d8:b6:17:53:f3:
                    fe:3b:f4:35:37:73:84:97:05:8c:eb:56:88:94:a4:
                    a6:15:5a:11:bf:43:16:ae:bb:dd:8e:c0:2b:2f:39:
                    db:79:8c:0c:d6:2c:75:03:72:cd:a3:c5:de:16:eb:
                    45:6b:74:63:cc:19:7d:06:ad:27:c9:8c:70:14:b8:
                    2f:c8:8e:8e:08:3a:cd:38:e0:9d:8b:ab:7c:e3:b0:
                    3d:fd:99:21:7e:db:7e:c6:78:da:1d:13:6d:92:3a:
                    9d:47:df:e2:21:f0:94:a7:9c:33:ad:63:15:58:97:
                    05:e0:46:79:be:90:a2:0b:3f:91:4f:39:f2:58:15:
                    ea:d7:7a:c0:9d:74:5d:e3:cb:c7:62:fa:30:03:d1:
                    ae:3f:f5:6d:8d:62:b6:02:9d:33:21:8f:36:8c:48:
                    99:eb:8f:82:d2:2d:5f:1b:72:1c:76:f0:f4:c9:fa:
                    c6:d7:51:e1:40:e0:68:b6:75:23:a5:bf:01:35:c4:
                    18:7d:59:eb:50:94:c6:c8:54:bc:d1:be:d3:17:69:
                    0d:c2:e1:01:c6:21:fc:d6:5d:be:a1:17:8b:4d:ee:
                    b0:10:ef:a0:64:b3:0d:a3:3d:55:16:5c:08:13:66:
                    37:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:A6:DD:2E:80:89:3B:B3:DD:9F:ED:E7:AD:BC:7E:F6:02:38:0A:0B
            X509v3 Authority Key Identifier:
                keyid:51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:43:b7:38:30:9d:ba:41:dc:06:74:61:dd:17:27:de:cc:92:
         81:5c:74:90:d6:a1:67:e7:22:34:42:e2:09:64:7e:72:dd:2c:
         f4:a4:09:f6:2b:ac:cd:47:16:09:37:a3:cd:fe:82:31:04:76:
         d2:26:a3:99:da:99:f5:3b:6d:2b:95:a0:e1:0f:cb:23:c3:2f:
         c2:35:f3:ed:7a:07:a0:48:47:90:26:8d:67:a1:c5:40:1a:c5:
         b6:c5:f2:c2:fa:4a:eb:c8:08:de:b6:c6:ad:fa:f7:db:a8:ad:
         00:6d:f0:44:d6:0b:86:87:1d:21:67:83:47:ba:71:0f:97:71:
         73:42:80:2a:2e:78:f8:83:d3:30:56:ba:82:53:32:13:fb:86:
         9a:7e:e3:45:81:f9:55:a4:b7:9c:13:2e:80:ee:78:94:65:11:
         90:a3:f6:89:da:8d:d5:e4:05:e5:75:c7:e5:60:96:53:16:a8:
         c3:23:e3:d3:c0:9c:6c:86:1b:bb:ed:5e:ca:a6:21:a7:64:76:
         81:b6:c6:85:3e:55:db:0f:d0:cf:73:65:40:ef:b9:47:ad:b9:
         e5:23:84:d9:3c:b6:01:22:8a:42:4a:d7:b9:32:23:91:41:a4:
         43:f4:b0:c8:62:fc:35:8a:5d:8b:64:81:d8:06:54:0a:7a:b9:
         09:62:90:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTphLS2HK7sT359INc82fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjc3YmMzOGMxMmUwNDJlZGRmNTZkN2U3NWY1MDU2M2M0
YmQyMjcwHhcNMjUwODEyMjIwMjQyWhcNMjUwODEzMjIwMjQyWjAzMTEwLwYDVQQD
Eyg0NGE2ZGQyZTgwODkzYmIzZGQ5ZmVkZTdhZGJjN2VmNjAyMzgwYTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tXoGIFJtz/0+0gN3WnzIhV/KoeX
Qvo52LYXU/P+O/Q1N3OElwWM61aIlKSmFVoRv0MWrrvdjsArLznbeYwM1ix1A3LN
o8XeFutFa3RjzBl9Bq0nyYxwFLgvyI6OCDrNOOCdi6t847A9/Zkhftt+xnjaHRNt
kjqdR9/iIfCUp5wzrWMVWJcF4EZ5vpCiCz+RTznyWBXq13rAnXRd48vHYvowA9Gu
P/VtjWK2Ap0zIY82jEiZ64+C0i1fG3IcdvD0yfrG11HhQOBotnUjpb8BNcQYfVnr
UJTGyFS80b7TF2kNwuEBxiH81l2+oReLTe6wEO+gZLMNoz1VFlwIE2Y3WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFESm3S6AiTuz3Z/t5628fvYCOAoLMB8GA1UdIwQY
MBaAFFEne8OMEuBC7d9W1+dfUFY8S9InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjkt
NTJjMTk3NThmYTE1LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjktNTJjMTk3NThmYTE1
LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArUO3ODCd
ukHcBnRh3Rcn3sySgVx0kNahZ+ciNELiCWR+ct0s9KQJ9iuszUcWCTejzf6CMQR2
0iajmdqZ9TttK5Wg4Q/LI8MvwjXz7XoHoEhHkCaNZ6HFQBrFtsXywvpK68gI3rbG
rfr326itAG3wRNYLhocdIWeDR7pxD5dxc0KAKi54+IPTMFa6glMyE/uGmn7jRYH5
VaS3nBMugO54lGURkKP2idqN1eQF5XXH5WCWUxaowyPj08CcbIYbu+1eyqYhp2R2
gbbGhT5V2w/Qz3NlQO+5R6255SOE2Ty2ASKKQkrXuTIjkUGkQ/SwyGL8NYpdi2SB
2AZUCnq5CWKQgw==
-----END CERTIFICATE-----