Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
File:                     pffZAsirU0AJh6GIKrJ_fPoBt0A.mft (raw, json)
Hash identifier:          gTX1jlSCmxXjjrvutEpJySMfW3mh9gwyCBtBhWsY8W4=
Subject key identifier:   DA:F9:43:5B:30:5C:A5:95:26:01:E5:9D:AF:31:2F:1F:37:88:3C:9E
Authority key identifier: A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40
Certificate issuer:       /CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
Certificate serial:       019A725C7DF5F86020D6F5EE2B8E94C57899
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
Manifest number:          0378
Signing time:             Tue 11 Nov 2025 10:00:55 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:55 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:55 +0000
Files and hashes:         1: pffZAsirU0AJh6GIKrJ_fPoBt0A.crl (hash: UUFwxvkdidwnCE8ed2MxdljQNbPPL2uZWiVyDYhOVLk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:7d:f5:f8:60:20:d6:f5:ee:2b:8e:94:c5:78:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
        Validity
            Not Before: Nov 11 10:00:55 2025 GMT
            Not After : Nov 12 10:00:55 2025 GMT
        Subject: CN=daf9435b305ca5952601e59daf312f1f37883c9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:58:77:38:b7:5e:04:ba:12:de:8e:94:9b:9c:
                    cb:c8:9f:50:9b:4b:d8:ab:c2:5c:b5:a3:2a:0b:e9:
                    2a:b8:f1:3e:2d:ec:9f:15:35:cf:e6:ef:c4:e5:bd:
                    df:71:ce:33:45:2d:07:fa:d2:1b:2b:51:75:ae:6f:
                    41:a2:f9:d5:7c:43:53:89:8c:62:59:3c:d4:2f:29:
                    38:49:32:64:b0:8a:29:85:2a:24:e8:27:9a:12:7e:
                    37:66:97:5b:f7:69:b0:0e:26:5f:d3:13:ec:85:87:
                    6b:dd:ed:f0:62:c4:41:8e:3f:de:f6:a3:6b:38:1d:
                    38:8f:d2:3e:5b:80:b3:17:7f:9d:51:c0:65:c1:84:
                    08:cf:e3:69:a2:ac:fc:ef:40:e5:d3:4e:64:ee:ef:
                    74:35:f2:a4:14:6c:c7:89:97:ff:ef:65:a4:71:d7:
                    6a:af:f7:6f:73:59:b3:ad:93:0d:4c:de:9c:4d:02:
                    d7:3b:41:2d:41:49:29:09:85:38:b8:90:c3:bb:76:
                    15:55:ff:37:9c:11:5d:58:a2:3d:fa:86:07:38:07:
                    ac:25:ee:3b:fe:96:02:d1:b7:6b:bf:26:aa:f5:30:
                    40:2d:94:fa:7c:1c:8b:aa:33:cf:20:bb:9b:8a:05:
                    1b:90:e5:a6:56:b1:d3:92:c9:f7:ef:56:54:82:af:
                    19:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:F9:43:5B:30:5C:A5:95:26:01:E5:9D:AF:31:2F:1F:37:88:3C:9E
            X509v3 Authority Key Identifier:
                keyid:A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:44:50:ef:99:f0:36:be:c7:f1:d4:94:c3:9a:e0:37:62:bb:
         1e:16:52:1a:fd:dc:26:c4:18:02:26:35:7c:ab:3d:ad:3f:f3:
         ed:e8:56:a0:a6:d8:9f:14:af:e7:fc:f1:16:59:e5:f8:27:2f:
         45:5d:12:18:08:4e:74:d7:3a:d3:c5:d6:91:b9:fa:2d:da:3d:
         7f:d3:8d:e7:cd:32:56:b0:61:d7:60:47:e9:0f:2f:c4:da:40:
         67:a2:7d:36:3d:bc:08:aa:f9:31:50:95:b5:51:fb:9b:db:fa:
         b3:6c:a3:cc:7a:be:97:0a:2e:b7:64:e9:49:aa:be:88:c2:4d:
         3a:68:a9:d3:be:7f:29:2e:19:37:84:67:d8:c6:d7:cb:1d:e3:
         d1:f9:05:97:87:54:ef:3b:32:7c:73:3a:2a:a1:d7:06:61:80:
         90:25:ab:fc:c5:69:70:f0:30:42:b9:4a:ca:11:45:c0:2f:0b:
         80:a7:1e:18:47:02:a7:b8:04:f0:75:5c:72:40:bc:49:6d:b8:
         cf:49:28:d5:ea:70:d4:c6:d3:0e:53:63:8a:b5:e3:9e:ea:55:
         1d:93:7b:41:0f:24:1b:9d:b9:c8:e6:be:de:38:b3:bc:ee:d7:
         81:65:6d:5e:ba:9f:20:b3:4b:bd:cf:08:fd:63:fe:28:94:bf:
         c8:60:92:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXH31+GAg1vXuK46UxXiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjdkOTAyYzhhYjUzNDAwOTg3YTE4ODJhYjI3ZjdjZmEw
MWI3NDAwHhcNMjUxMTExMTAwMDU1WhcNMjUxMTEyMTAwMDU1WjAzMTEwLwYDVQQD
EyhkYWY5NDM1YjMwNWNhNTk1MjYwMWU1OWRhZjMxMmYxZjM3ODgzYzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFh3OLdeBLoS3o6Um5zLyJ9Qm0vY
q8JctaMqC+kquPE+LeyfFTXP5u/E5b3fcc4zRS0H+tIbK1F1rm9BovnVfENTiYxi
WTzULyk4STJksIophSok6CeaEn43Zpdb92mwDiZf0xPshYdr3e3wYsRBjj/e9qNr
OB04j9I+W4CzF3+dUcBlwYQIz+Npoqz870Dl005k7u90NfKkFGzHiZf/72Wkcddq
r/dvc1mzrZMNTN6cTQLXO0EtQUkpCYU4uJDDu3YVVf83nBFdWKI9+oYHOAesJe47
/pYC0bdrvyaq9TBALZT6fByLqjPPILubigUbkOWmVrHTksn371ZUgq8Z7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNr5Q1swXKWVJgHlna8xLx83iDyeMB8GA1UdIwQY
MBaAFKX32QLIq1NACYehiCqyf3z6AbdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYt
MmQ2NWUwNjY4N2RlLzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYtMmQ2NWUwNjY4N2Rl
LzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdURQ75nw
Nr7H8dSUw5rgN2K7HhZSGv3cJsQYAiY1fKs9rT/z7ehWoKbYnxSv5/zxFlnl+Ccv
RV0SGAhOdNc608XWkbn6Ldo9f9ON580yVrBh12BH6Q8vxNpAZ6J9Nj28CKr5MVCV
tVH7m9v6s2yjzHq+lwout2TpSaq+iMJNOmip075/KS4ZN4Rn2MbXyx3j0fkFl4dU
7zsyfHM6KqHXBmGAkCWr/MVpcPAwQrlKyhFFwC8LgKceGEcCp7gE8HVcckC8SW24
z0ko1epw1MbTDlNjirXjnupVHZN7QQ8kG525yOa+3jizvO7XgWVtXrqfILNLvc8I
/WP+KJS/yGCSpg==
-----END CERTIFICATE-----