Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
File:                     USd7w4wS4ELt31bX519QVjxL0ic.mft (raw, json)
Hash identifier:          TMWrG1bPZ5XOfXE2NYGM2Ss/rZlgZgJOVTKGF3BG6Ko=
Subject key identifier:   8F:95:F2:50:A5:23:18:8F:7A:D6:0E:AA:A2:47:1B:C7:8D:69:C3:DC
Authority key identifier: 51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27
Certificate issuer:       /CN=51277bc38c12e042eddf56d7e75f50563c4bd227
Certificate serial:       019A4EF5951543998D83480BE2FE3A62F05C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 13:01:48 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:48 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:48 +0000
Files and hashes:         1: USd7w4wS4ELt31bX519QVjxL0ic.crl (hash: Md2BRIosYaZkx5t6bUncmo8J1L7koUYnKGEiKdF0AQU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:95:15:43:99:8d:83:48:0b:e2:fe:3a:62:f0:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51277bc38c12e042eddf56d7e75f50563c4bd227
        Validity
            Not Before: Nov  4 13:01:48 2025 GMT
            Not After : Nov  5 13:01:48 2025 GMT
        Subject: CN=8f95f250a523188f7ad60eaaa2471bc78d69c3dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:ed:51:e5:e3:68:9e:a9:05:5e:28:5d:9c:ec:
                    50:8a:da:26:97:9c:b3:df:80:f7:a0:8d:85:bd:54:
                    b9:6f:ea:a8:c1:8b:db:80:da:e5:bb:48:97:8d:b9:
                    17:50:aa:8b:0f:89:0c:fd:9f:41:b6:65:39:e3:cc:
                    f5:f1:57:18:54:81:28:41:79:d4:91:73:36:3a:be:
                    52:e8:a2:be:0c:5f:39:58:00:28:5b:28:5f:29:ba:
                    47:8e:fb:92:9c:69:ba:a1:21:b3:a3:a1:a6:5c:1e:
                    34:28:57:82:eb:f9:b1:da:44:bf:39:46:fc:14:73:
                    f3:a3:ed:0d:f3:0d:8a:83:cd:75:ac:07:e9:2b:27:
                    48:ff:7e:ba:51:3c:f7:d8:2c:1b:a6:c9:67:28:99:
                    4a:5a:13:e9:9a:0e:7f:a0:4c:08:09:54:81:b2:e7:
                    49:a6:e9:a9:de:bb:ff:db:30:b8:0e:5f:48:be:f9:
                    11:a2:8d:d6:5b:10:a5:1b:77:c1:1a:e4:22:79:6e:
                    d8:e4:46:02:ce:a5:21:d8:50:bf:f8:3b:ea:52:fd:
                    e7:eb:50:75:b5:4b:24:b5:ee:f4:f4:61:c4:74:9e:
                    3e:63:bd:43:04:c1:22:0b:db:a3:a5:a8:f1:82:e4:
                    38:0a:1d:ee:f1:09:aa:c1:d6:be:ac:f1:25:0a:34:
                    4e:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:95:F2:50:A5:23:18:8F:7A:D6:0E:AA:A2:47:1B:C7:8D:69:C3:DC
            X509v3 Authority Key Identifier:
                keyid:51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:6e:5b:70:76:f4:cc:92:06:bb:89:e1:4c:20:95:12:8e:44:
         06:b0:9f:28:8e:c6:b9:6a:5e:c6:e0:94:9a:1a:9e:e2:36:a8:
         25:d2:e7:39:1a:fa:b3:6b:c7:b9:4b:c7:13:b1:20:57:e6:26:
         14:bc:30:b5:77:32:4f:67:a0:d9:19:f0:46:0b:0c:70:a3:b5:
         8f:d9:10:7b:53:b0:79:af:d9:3a:35:2b:34:00:58:bd:f5:2c:
         f6:9d:db:d9:73:c5:6d:11:5b:a5:fc:08:b3:8a:28:c7:cc:4f:
         c5:f9:0b:62:1d:e2:94:11:39:bf:81:d4:1e:b3:6a:82:30:fb:
         38:d9:64:c7:c6:4d:c1:a9:af:71:99:86:20:cd:8a:ac:b3:3c:
         b5:d7:7a:44:8e:70:b3:1e:61:97:bb:47:2e:40:01:08:94:28:
         b5:d3:dd:6c:ed:f3:0d:f7:d6:75:3d:92:00:71:45:39:55:81:
         96:90:24:02:97:ed:3c:3d:21:18:ec:0b:ac:1e:2f:bb:52:88:
         b0:b4:ca:cb:c7:33:2f:cf:ca:b2:45:fa:ea:b1:f4:f8:f8:56:
         a6:b4:ab:7a:8b:3d:ed:e7:2d:26:bf:ba:bf:bf:9f:6c:1d:ae:
         72:71:ef:f8:a0:8c:9c:bd:24:5b:c2:66:bf:c2:18:1b:7a:00:
         67:67:27:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9ZUVQ5mNg0gL4v46YvBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjc3YmMzOGMxMmUwNDJlZGRmNTZkN2U3NWY1MDU2M2M0
YmQyMjcwHhcNMjUxMTA0MTMwMTQ4WhcNMjUxMTA1MTMwMTQ4WjAzMTEwLwYDVQQD
Eyg4Zjk1ZjI1MGE1MjMxODhmN2FkNjBlYWFhMjQ3MWJjNzhkNjljM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9e1R5eNonqkFXihdnOxQitoml5yz
34D3oI2FvVS5b+qowYvbgNrlu0iXjbkXUKqLD4kM/Z9BtmU548z18VcYVIEoQXnU
kXM2Or5S6KK+DF85WAAoWyhfKbpHjvuSnGm6oSGzo6GmXB40KFeC6/mx2kS/OUb8
FHPzo+0N8w2Kg811rAfpKydI/366UTz32CwbpslnKJlKWhPpmg5/oEwICVSBsudJ
pump3rv/2zC4Dl9IvvkRoo3WWxClG3fBGuQieW7Y5EYCzqUh2FC/+DvqUv3n61B1
tUskte709GHEdJ4+Y71DBMEiC9ujpajxguQ4Ch3u8Qmqwda+rPElCjRO7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI+V8lClIxiPetYOqqJHG8eNacPcMB8GA1UdIwQY
MBaAFFEne8OMEuBC7d9W1+dfUFY8S9InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjkt
NTJjMTk3NThmYTE1LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjktNTJjMTk3NThmYTE1
LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFW5bcHb0
zJIGu4nhTCCVEo5EBrCfKI7GuWpexuCUmhqe4jaoJdLnORr6s2vHuUvHE7EgV+Ym
FLwwtXcyT2eg2RnwRgsMcKO1j9kQe1Owea/ZOjUrNABYvfUs9p3b2XPFbRFbpfwI
s4oox8xPxfkLYh3ilBE5v4HUHrNqgjD7ONlkx8ZNwamvcZmGIM2KrLM8tdd6RI5w
sx5hl7tHLkABCJQotdPdbO3zDffWdT2SAHFFOVWBlpAkApftPD0hGOwLrB4vu1KI
sLTKy8czL8/KskX66rH0+PhWprSreos97ectJr+6v7+fbB2ucnHv+KCMnL0kW8Jm
v8IYG3oAZ2cnDA==
-----END CERTIFICATE-----