Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
File:                     USd7w4wS4ELt31bX519QVjxL0ic.mft (raw, json)
Hash identifier:          NicR3/Vugpze5iDMJvCEa5M3j+SVi3QU60nRy7JP+Jg=
Subject key identifier:   04:62:06:AF:31:29:48:A0:56:CE:63:A1:08:AA:ED:55:16:52:B7:93
Authority key identifier: 51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27
Certificate issuer:       /CN=51277bc38c12e042eddf56d7e75f50563c4bd227
Certificate serial:       0197696108A79EB84A36FFD0BB68220AA8F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
Manifest number:          1589
Signing time:             Fri 13 Jun 2025 13:00:56 +0000
Manifest this update:     Fri 13 Jun 2025 13:00:56 +0000
Manifest next update:     Sat 14 Jun 2025 13:00:56 +0000
Files and hashes:         1: USd7w4wS4ELt31bX519QVjxL0ic.crl (hash: wt4lfIUIG2EOOuFOy9sZuO4kF8LqpOgLrzNgvfMhDBU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:08:a7:9e:b8:4a:36:ff:d0:bb:68:22:0a:a8:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51277bc38c12e042eddf56d7e75f50563c4bd227
        Validity
            Not Before: Jun 13 13:00:56 2025 GMT
            Not After : Jun 14 13:00:56 2025 GMT
        Subject: CN=046206af312948a056ce63a108aaed551652b793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:09:20:53:8c:6b:72:e0:10:f0:62:e6:36:34:
                    40:ef:31:8d:34:8e:d7:96:da:48:30:77:f8:40:d2:
                    0d:e9:dc:ea:4e:98:8c:c4:26:8f:f3:17:cc:ee:87:
                    c7:0f:f4:05:c9:40:68:9d:a8:c9:59:9b:5d:8b:e7:
                    58:0f:ec:56:1e:51:cb:67:8a:7f:1e:a7:44:c5:b9:
                    30:b2:bb:ff:e3:49:50:8f:eb:c9:46:8d:04:81:df:
                    aa:37:0e:31:c4:36:94:44:e7:36:6b:1d:d6:c9:43:
                    1a:a3:ec:8d:be:de:7e:0d:24:1c:45:ab:25:aa:ff:
                    e7:36:1f:6b:87:1d:0d:b5:b6:fa:48:a0:1d:75:6d:
                    d7:4f:3a:c1:83:d7:8f:ad:6e:75:2b:8d:68:99:b5:
                    2f:84:a2:49:b3:10:f9:7d:ad:d9:ec:69:f1:19:98:
                    65:a9:16:20:14:f1:80:58:06:22:bc:2c:88:15:d7:
                    86:50:56:6c:af:4d:ad:a9:bf:4d:02:ba:d9:29:77:
                    b2:ce:bf:ae:38:32:70:b2:6c:24:80:55:60:1e:54:
                    d7:8f:6a:f2:86:60:77:72:c7:a0:84:ac:43:1d:75:
                    37:b6:5a:c0:6e:8b:81:79:17:d3:ce:37:72:51:58:
                    86:82:01:66:4a:55:38:77:80:d6:7c:fb:db:35:ea:
                    e9:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:62:06:AF:31:29:48:A0:56:CE:63:A1:08:AA:ED:55:16:52:B7:93
            X509v3 Authority Key Identifier:
                keyid:51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:63:70:59:f1:87:52:29:c9:02:3f:0f:61:ef:50:c8:62:ce:
         b3:20:e0:e8:07:f7:8f:63:7a:fc:3d:e1:f5:97:2f:90:f2:63:
         25:d4:79:b3:3b:67:73:25:f7:5a:1f:e6:86:cc:bd:24:65:7e:
         cf:ff:d1:b1:3a:d7:03:be:65:53:0b:81:7d:ed:65:80:27:3c:
         5c:b4:04:85:69:94:3d:27:93:d0:a3:7a:72:85:fa:57:28:61:
         8b:01:8b:14:df:b8:27:ac:31:6c:b8:e0:3f:c4:40:ba:5e:d4:
         0d:a6:79:9a:f1:6b:b1:56:35:26:b9:c7:55:29:08:cc:c4:27:
         43:f8:11:9a:15:d7:d8:4b:09:df:04:41:b7:31:4c:4b:ea:c7:
         b0:c0:9e:65:3f:62:b7:1a:ec:03:a0:64:ba:5e:f8:d7:d2:1d:
         80:64:c1:ff:60:26:b2:c9:a7:2b:4e:11:55:12:eb:c4:b7:61:
         f4:0c:95:06:6b:13:af:f8:6f:41:c3:9d:48:57:9c:17:7e:d9:
         60:00:19:7e:59:6b:37:3e:18:4e:f7:9d:9f:28:bb:de:10:cd:
         a1:e6:b9:96:7e:ef:89:ce:5c:84:7f:04:5f:d1:86:05:2e:93:
         e0:f9:2b:d6:6d:c0:a2:b0:cc:51:68:91:77:d3:0a:de:32:69:
         2f:ca:b5:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYQinnrhKNv/Qu2giCqjwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjc3YmMzOGMxMmUwNDJlZGRmNTZkN2U3NWY1MDU2M2M0
YmQyMjcwHhcNMjUwNjEzMTMwMDU2WhcNMjUwNjE0MTMwMDU2WjAzMTEwLwYDVQQD
EygwNDYyMDZhZjMxMjk0OGEwNTZjZTYzYTEwOGFhZWQ1NTE2NTJiNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwkgU4xrcuAQ8GLmNjRA7zGNNI7X
ltpIMHf4QNIN6dzqTpiMxCaP8xfM7ofHD/QFyUBonajJWZtdi+dYD+xWHlHLZ4p/
HqdExbkwsrv/40lQj+vJRo0Egd+qNw4xxDaUROc2ax3WyUMao+yNvt5+DSQcRasl
qv/nNh9rhx0Ntbb6SKAddW3XTzrBg9ePrW51K41ombUvhKJJsxD5fa3Z7GnxGZhl
qRYgFPGAWAYivCyIFdeGUFZsr02tqb9NArrZKXeyzr+uODJwsmwkgFVgHlTXj2ry
hmB3cseghKxDHXU3tlrAbouBeRfTzjdyUViGggFmSlU4d4DWfPvbNerpOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFARiBq8xKUigVs5joQiq7VUWUreTMB8GA1UdIwQY
MBaAFFEne8OMEuBC7d9W1+dfUFY8S9InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjkt
NTJjMTk3NThmYTE1LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjktNTJjMTk3NThmYTE1
LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV2NwWfGH
UinJAj8PYe9QyGLOsyDg6Af3j2N6/D3h9ZcvkPJjJdR5sztncyX3Wh/mhsy9JGV+
z//RsTrXA75lUwuBfe1lgCc8XLQEhWmUPSeT0KN6coX6VyhhiwGLFN+4J6wxbLjg
P8RAul7UDaZ5mvFrsVY1JrnHVSkIzMQnQ/gRmhXX2EsJ3wRBtzFMS+rHsMCeZT9i
txrsA6Bkul7419IdgGTB/2AmssmnK04RVRLrxLdh9AyVBmsTr/hvQcOdSFecF37Z
YAAZfllrNz4YTvednyi73hDNoea5ln7vic5chH8EX9GGBS6T4Pkr1m3AorDMUWiR
d9MK3jJpL8q1Tw==
-----END CERTIFICATE-----