Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
File:                     pffZAsirU0AJh6GIKrJ_fPoBt0A.mft (raw, json)
Hash identifier:          8I/r8W4bk/GwJ99QkC3DESVikqE3m788N0RJwHdr7o0=
Subject key identifier:   DD:A0:F4:54:41:19:10:A4:95:2E:AB:14:05:52:B3:85:B4:D8:70:4F
Authority key identifier: A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40
Certificate issuer:       /CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
Certificate serial:       019D3909AF70BA442BAD298FA6BFFB08EDF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
Manifest number:          04E8
Signing time:             Sun 29 Mar 2026 10:00:28 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:28 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:28 +0000
Files and hashes:         1: pffZAsirU0AJh6GIKrJ_fPoBt0A.crl (hash: TKkP5w/8YONuG1/4xLYm+veaJHUDwr6awkjw4WOVmG8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:af:70:ba:44:2b:ad:29:8f:a6:bf:fb:08:ed:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
        Validity
            Not Before: Mar 29 10:00:28 2026 GMT
            Not After : Mar 30 10:00:28 2026 GMT
        Subject: CN=dda0f454411910a4952eab140552b385b4d8704f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:94:05:13:81:63:cb:9c:72:30:38:a0:7a:6b:
                    74:b1:0b:e4:3a:e3:9f:2c:28:8d:82:f7:29:93:28:
                    b0:fb:e1:4d:3f:14:aa:23:ad:a3:1c:21:25:1d:7a:
                    46:00:dd:2e:6c:57:8e:58:bf:03:85:1a:cb:02:00:
                    99:53:eb:53:5a:33:d7:a1:e6:bf:15:8f:6d:46:b4:
                    2e:77:0a:8b:54:cb:b3:3d:3f:4d:78:51:0c:a3:86:
                    6a:29:5b:b3:73:25:72:0a:0f:ba:a9:00:15:e5:ae:
                    83:2f:76:d2:ca:34:56:22:03:cc:63:d0:8f:6e:bd:
                    f5:b5:bd:79:d0:1f:29:0a:ee:f6:4e:79:05:49:97:
                    14:86:0d:75:11:63:e1:0d:fd:e0:7d:de:06:07:ae:
                    30:84:d9:8f:8f:d8:17:1f:55:41:13:28:76:be:cd:
                    15:cc:cf:ca:56:50:19:94:d2:9f:8d:51:31:11:18:
                    a7:e4:93:8d:8c:7c:a9:60:d2:c6:d4:7e:77:9c:55:
                    93:c3:34:c8:1c:fe:99:dd:da:f2:5d:8f:db:dd:6e:
                    5c:c5:86:c8:5d:11:75:3d:e1:04:03:57:9f:0a:e6:
                    6d:fc:8b:89:8a:89:d1:6b:02:18:10:cc:dd:bd:ea:
                    31:fd:d0:a7:2b:7e:03:df:93:92:86:53:1a:6a:e5:
                    30:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:A0:F4:54:41:19:10:A4:95:2E:AB:14:05:52:B3:85:B4:D8:70:4F
            X509v3 Authority Key Identifier:
                keyid:A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:c1:96:ab:7f:79:8f:df:58:cf:d2:88:ed:46:ce:57:c6:43:
         e0:1f:f8:33:92:16:de:96:2e:a3:85:4d:74:a9:f3:4d:4d:61:
         71:d3:a7:66:bd:72:ab:b8:37:e9:0a:22:21:1c:3b:cd:b1:e7:
         13:10:1a:b7:c6:42:0a:11:36:af:c2:68:ce:63:ab:52:66:23:
         fb:09:9d:b0:f1:1c:ca:d0:a4:82:0a:f5:93:94:df:57:72:4e:
         8f:02:08:89:e2:5f:37:de:54:12:aa:c9:9c:72:88:f0:11:74:
         69:25:24:11:b4:1b:d9:25:54:a6:06:b8:50:9a:28:36:11:10:
         50:bd:cd:25:a7:20:79:07:28:d0:42:fa:57:bc:05:9b:41:77:
         de:b1:f8:2f:ba:ca:c3:73:ca:11:6f:ca:4c:bf:4c:25:92:2a:
         b6:63:3a:6e:6c:ec:a8:08:a3:f2:15:ed:55:65:25:06:bb:25:
         19:fd:89:d9:58:6a:f0:f1:b2:7f:ad:a2:88:e7:de:25:be:a4:
         57:fb:99:a7:a6:37:90:12:60:31:d6:aa:74:5e:a4:0c:2c:2a:
         a7:6d:9d:0d:ca:99:a8:d8:3f:30:7f:96:3a:6b:ab:b6:fc:ea:
         31:b4:ad:92:cb:10:93:ef:1f:08:7b:1b:48:f3:9a:b1:0e:31:
         8f:5c:3a:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Ca9wukQrrSmPpr/7CO33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjdkOTAyYzhhYjUzNDAwOTg3YTE4ODJhYjI3ZjdjZmEw
MWI3NDAwHhcNMjYwMzI5MTAwMDI4WhcNMjYwMzMwMTAwMDI4WjAzMTEwLwYDVQQD
EyhkZGEwZjQ1NDQxMTkxMGE0OTUyZWFiMTQwNTUyYjM4NWI0ZDg3MDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZQFE4Fjy5xyMDigemt0sQvkOuOf
LCiNgvcpkyiw++FNPxSqI62jHCElHXpGAN0ubFeOWL8DhRrLAgCZU+tTWjPXoea/
FY9tRrQudwqLVMuzPT9NeFEMo4ZqKVuzcyVyCg+6qQAV5a6DL3bSyjRWIgPMY9CP
br31tb150B8pCu72TnkFSZcUhg11EWPhDf3gfd4GB64whNmPj9gXH1VBEyh2vs0V
zM/KVlAZlNKfjVExERin5JONjHypYNLG1H53nFWTwzTIHP6Z3dryXY/b3W5cxYbI
XRF1PeEEA1efCuZt/IuJionRawIYEMzdveox/dCnK34D35OShlMaauUw5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN2g9FRBGRCklS6rFAVSs4W02HBPMB8GA1UdIwQY
MBaAFKX32QLIq1NACYehiCqyf3z6AbdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYt
MmQ2NWUwNjY4N2RlLzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYtMmQ2NWUwNjY4N2Rl
LzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMsGWq395
j99Yz9KI7UbOV8ZD4B/4M5IW3pYuo4VNdKnzTU1hcdOnZr1yq7g36QoiIRw7zbHn
ExAat8ZCChE2r8JozmOrUmYj+wmdsPEcytCkggr1k5TfV3JOjwIIieJfN95UEqrJ
nHKI8BF0aSUkEbQb2SVUpga4UJooNhEQUL3NJacgeQco0EL6V7wFm0F33rH4L7rK
w3PKEW/KTL9MJZIqtmM6bmzsqAij8hXtVWUlBrslGf2J2Vhq8PGyf62iiOfeJb6k
V/uZp6Y3kBJgMdaqdF6kDCwqp22dDcqZqNg/MH+WOmurtvzqMbStkssQk+8fCHsb
SPOasQ4xj1w6ww==
-----END CERTIFICATE-----