Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
File:                     pffZAsirU0AJh6GIKrJ_fPoBt0A.mft (raw, json)
Hash identifier:          hU/q/bxTcK7BVRhFhJmxThyFfQKGbFEw2gvNZgkDRKY=
Subject key identifier:   D4:A8:6B:58:FA:E1:AD:94:A5:6B:AE:2C:FC:9D:B8:7F:F1:A1:91:95
Authority key identifier: A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40
Certificate issuer:       /CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
Certificate serial:       019758A40D7D6A4AC433487CD3ABD769661E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
Manifest number:          01DD
Signing time:             Tue 10 Jun 2025 07:00:35 +0000
Manifest this update:     Tue 10 Jun 2025 07:00:35 +0000
Manifest next update:     Wed 11 Jun 2025 07:00:35 +0000
Files and hashes:         1: pffZAsirU0AJh6GIKrJ_fPoBt0A.crl (hash: gxh+JoivCpkyIHCsPDqRdJmL6T9o28NwWvpmMBmFCK4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:a4:0d:7d:6a:4a:c4:33:48:7c:d3:ab:d7:69:66:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
        Validity
            Not Before: Jun 10 07:00:35 2025 GMT
            Not After : Jun 11 07:00:35 2025 GMT
        Subject: CN=d4a86b58fae1ad94a56bae2cfc9db87ff1a19195
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:88:68:5c:ca:4b:33:4d:8e:25:67:dc:53:cd:
                    12:c9:5c:95:0d:a9:da:90:a3:98:72:1c:f7:be:d1:
                    e2:ca:d0:e6:4b:b2:06:b2:d4:96:15:38:26:f7:0d:
                    96:11:7b:5b:dc:93:fc:bc:5d:b5:33:d8:8f:d7:ca:
                    6f:21:ef:b4:b0:c1:97:a1:82:15:d9:70:02:0d:c0:
                    f4:e5:a3:13:25:3b:ce:01:4b:a2:33:ad:11:c7:94:
                    e0:aa:78:78:a4:f8:1a:dc:4c:97:14:5d:09:dc:74:
                    d0:5e:5e:be:65:24:f4:b9:1b:07:aa:4d:8e:45:5d:
                    84:d2:e1:e2:53:13:6c:ce:2b:42:30:e0:52:5d:e6:
                    12:3a:3b:e4:7d:51:13:a9:3b:d5:76:5a:b3:89:5a:
                    80:84:d7:c2:92:55:1a:4a:98:34:20:dd:b6:be:3a:
                    21:5e:10:e3:46:38:12:21:b5:76:e3:19:21:18:df:
                    14:fb:1d:bf:97:13:c9:69:bf:e2:f9:a8:32:9b:8c:
                    f6:67:88:e4:ac:96:fa:6d:e8:ce:fd:d1:24:ee:6e:
                    d8:51:04:0c:2b:8e:50:17:e2:b3:de:76:94:91:72:
                    96:01:97:97:d5:e7:86:6f:3e:76:d9:51:cf:78:24:
                    07:f6:1e:f9:c4:5f:9d:72:01:ea:b1:26:fb:a9:a3:
                    a9:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:A8:6B:58:FA:E1:AD:94:A5:6B:AE:2C:FC:9D:B8:7F:F1:A1:91:95
            X509v3 Authority Key Identifier:
                keyid:A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:67:3b:66:87:51:59:dc:c4:85:63:3a:04:d6:87:1c:0c:75:
         e2:ce:75:b4:bc:74:85:5d:e3:7b:9e:8f:58:78:6d:ca:38:96:
         18:24:ac:60:4a:0d:93:0c:21:dc:48:da:c7:f7:46:45:6d:d3:
         dc:f2:91:fc:9d:b2:3a:0e:a7:e3:6e:ec:3a:51:83:d9:39:4d:
         49:1d:99:5f:6e:47:bf:9e:5e:aa:7f:e9:6d:3d:37:dc:6d:f2:
         c4:c4:18:29:9a:7c:c6:06:0b:d4:8f:c8:2a:38:1b:af:36:1b:
         23:99:83:f3:14:b4:90:e8:d7:b7:8e:51:ce:b8:e2:50:09:4e:
         a9:86:4c:ac:8f:b1:1d:0b:33:f3:29:75:6a:c1:40:ff:84:e0:
         a3:19:ca:e1:f5:86:38:b7:f5:7e:e9:84:4c:39:49:56:b4:c9:
         d7:88:1c:46:72:69:66:16:59:0b:05:c9:a7:4e:ee:ed:35:9f:
         76:98:e7:24:0b:3a:26:27:b0:f4:89:2c:6a:b6:78:f4:ff:d0:
         a2:9c:01:4d:3b:9c:4f:a6:d8:4c:7b:b0:6d:cd:53:24:87:36:
         28:76:04:a3:69:fe:2e:97:ce:29:3e:85:72:66:a6:d5:2a:52:
         ad:49:97:04:c5:13:cf:be:a3:0d:0c:99:e8:0a:30:64:1b:c9:
         b4:83:d7:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYpA19akrEM0h806vXaWYeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjdkOTAyYzhhYjUzNDAwOTg3YTE4ODJhYjI3ZjdjZmEw
MWI3NDAwHhcNMjUwNjEwMDcwMDM1WhcNMjUwNjExMDcwMDM1WjAzMTEwLwYDVQQD
EyhkNGE4NmI1OGZhZTFhZDk0YTU2YmFlMmNmYzlkYjg3ZmYxYTE5MTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYhoXMpLM02OJWfcU80SyVyVDana
kKOYchz3vtHiytDmS7IGstSWFTgm9w2WEXtb3JP8vF21M9iP18pvIe+0sMGXoYIV
2XACDcD05aMTJTvOAUuiM60Rx5Tgqnh4pPga3EyXFF0J3HTQXl6+ZST0uRsHqk2O
RV2E0uHiUxNszitCMOBSXeYSOjvkfVETqTvVdlqziVqAhNfCklUaSpg0IN22vjoh
XhDjRjgSIbV24xkhGN8U+x2/lxPJab/i+agym4z2Z4jkrJb6bejO/dEk7m7YUQQM
K45QF+Kz3naUkXKWAZeX1eeGbz522VHPeCQH9h75xF+dcgHqsSb7qaOp8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSoa1j64a2UpWuuLPyduH/xoZGVMB8GA1UdIwQY
MBaAFKX32QLIq1NACYehiCqyf3z6AbdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYt
MmQ2NWUwNjY4N2RlLzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYtMmQ2NWUwNjY4N2Rl
LzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKWc7ZodR
WdzEhWM6BNaHHAx14s51tLx0hV3je56PWHhtyjiWGCSsYEoNkwwh3Ejax/dGRW3T
3PKR/J2yOg6n427sOlGD2TlNSR2ZX25Hv55eqn/pbT033G3yxMQYKZp8xgYL1I/I
KjgbrzYbI5mD8xS0kOjXt45RzrjiUAlOqYZMrI+xHQsz8yl1asFA/4TgoxnK4fWG
OLf1fumETDlJVrTJ14gcRnJpZhZZCwXJp07u7TWfdpjnJAs6Jiew9IksarZ49P/Q
opwBTTucT6bYTHuwbc1TJIc2KHYEo2n+LpfOKT6Fcmam1SpSrUmXBMUTz76jDQyZ
6AowZBvJtIPX8Q==
-----END CERTIFICATE-----
Generated at Tue Jun 10 10:46:54 2025 by rpki-client