Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
File:                     pffZAsirU0AJh6GIKrJ_fPoBt0A.mft (raw, json)
Hash identifier:          EeEMs6MRFKSKwzVNYHZGD2ywvpR0T9tz0ePNrN7Smhw=
Subject key identifier:   F8:6F:96:4A:45:E7:43:4B:F3:39:B1:88:2B:EF:76:BB:D6:67:20:F0
Authority key identifier: A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40
Certificate issuer:       /CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
Certificate serial:       019922557B956163FC3FE1A073D4D6D7DCE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
Manifest number:          02CA
Signing time:             Sun 07 Sep 2025 04:00:51 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:51 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:51 +0000
Files and hashes:         1: pffZAsirU0AJh6GIKrJ_fPoBt0A.crl (hash: fg5YeJiDwtI0D/BqBnZdDUpc1/qnPr4+M9cIipWCZHc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:7b:95:61:63:fc:3f:e1:a0:73:d4:d6:d7:dc:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
        Validity
            Not Before: Sep  7 04:00:51 2025 GMT
            Not After : Sep  8 04:00:51 2025 GMT
        Subject: CN=f86f964a45e7434bf339b1882bef76bbd66720f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:3a:0b:dc:c7:15:4b:b8:3b:4b:9c:e8:5b:fd:
                    3a:a0:2c:c5:bb:fb:19:f6:5d:01:d5:50:48:fd:27:
                    f6:c7:35:cc:d5:e0:81:e7:ac:38:42:ee:0e:34:33:
                    b3:3a:f2:a1:1f:48:2b:56:1e:ca:e1:4a:2c:dd:89:
                    5c:15:b4:5b:1a:1f:5d:66:de:7c:bd:90:c5:5c:7b:
                    bf:72:f2:95:04:6c:dc:9d:3a:e6:40:82:bf:c1:20:
                    b5:7e:e9:70:a8:88:5e:15:f4:67:d1:5d:ba:a8:05:
                    39:5a:1b:d8:b5:ee:5a:f3:55:f2:e3:4a:ba:44:9e:
                    76:20:f5:38:4e:e6:11:0d:47:c8:72:92:ad:7c:a4:
                    6f:a0:ae:b4:dd:97:49:c2:e5:0e:e5:10:1b:ec:87:
                    e5:31:71:05:ec:01:4d:74:21:e5:04:58:ce:ec:b6:
                    18:1b:c2:b2:83:30:e6:84:f4:36:36:df:78:cd:0a:
                    4a:7f:2d:1c:50:dd:58:08:0c:b3:82:6c:ab:45:24:
                    9d:62:a7:87:ba:ec:7d:56:8d:53:85:f5:8d:3c:68:
                    ac:73:38:83:7f:2e:fb:77:19:b7:f0:80:c3:27:a3:
                    5e:56:e2:5b:fa:73:b6:b5:b8:e4:9c:df:81:be:d4:
                    8c:ba:31:63:7b:9e:4e:4a:a5:64:6a:d1:1c:09:e4:
                    a1:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:6F:96:4A:45:E7:43:4B:F3:39:B1:88:2B:EF:76:BB:D6:67:20:F0
            X509v3 Authority Key Identifier:
                keyid:A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:b4:4b:df:bd:25:3b:8f:00:ad:e0:2e:36:09:45:8c:5c:a3:
         50:bf:c0:2e:a5:f0:b8:91:8c:f2:dd:79:ad:55:98:d7:59:a8:
         74:31:d5:86:91:77:9d:c9:4e:78:f7:5a:83:5f:f7:b7:c1:f3:
         ea:70:ad:a0:4d:24:a9:67:09:a4:6f:ee:8f:c0:7b:be:02:60:
         d2:d2:4a:c6:ea:7f:67:af:72:b9:a1:0a:94:b5:41:bc:05:50:
         e6:e1:67:43:6d:f2:fb:ca:96:0d:1a:0e:88:b2:b2:8f:2b:d8:
         f7:ac:8c:90:98:f6:8b:a9:c5:c1:7f:00:96:67:37:8b:d9:95:
         97:18:fd:70:28:4a:b5:70:f4:3c:d5:e3:7a:38:33:4b:30:84:
         e8:85:c3:66:c6:3a:be:7d:ac:fe:c0:34:60:28:02:52:81:ed:
         7e:2b:d6:02:88:55:10:14:fc:4f:0f:81:b8:16:76:18:48:38:
         93:6a:cc:d8:f8:c7:42:f6:fb:4e:24:91:48:d3:0f:78:74:f6:
         bc:7a:71:48:aa:84:63:57:f0:bd:73:66:c5:d6:aa:29:4a:99:
         c1:9d:44:94:28:a5:db:27:f8:71:16:73:4f:0e:47:21:9a:8f:
         0b:ec:b8:64:60:fb:bd:d8:38:cf:29:18:9f:69:6a:63:2f:e3:
         77:47:0c:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVXuVYWP8P+Ggc9TW19zgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjdkOTAyYzhhYjUzNDAwOTg3YTE4ODJhYjI3ZjdjZmEw
MWI3NDAwHhcNMjUwOTA3MDQwMDUxWhcNMjUwOTA4MDQwMDUxWjAzMTEwLwYDVQQD
EyhmODZmOTY0YTQ1ZTc0MzRiZjMzOWIxODgyYmVmNzZiYmQ2NjcyMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmToL3McVS7g7S5zoW/06oCzFu/sZ
9l0B1VBI/Sf2xzXM1eCB56w4Qu4ONDOzOvKhH0grVh7K4Uos3YlcFbRbGh9dZt58
vZDFXHu/cvKVBGzcnTrmQIK/wSC1fulwqIheFfRn0V26qAU5WhvYte5a81Xy40q6
RJ52IPU4TuYRDUfIcpKtfKRvoK603ZdJwuUO5RAb7IflMXEF7AFNdCHlBFjO7LYY
G8KygzDmhPQ2Nt94zQpKfy0cUN1YCAyzgmyrRSSdYqeHuux9Vo1ThfWNPGiscziD
fy77dxm38IDDJ6NeVuJb+nO2tbjknN+BvtSMujFje55OSqVkatEcCeShpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhvlkpF50NL8zmxiCvvdrvWZyDwMB8GA1UdIwQY
MBaAFKX32QLIq1NACYehiCqyf3z6AbdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYt
MmQ2NWUwNjY4N2RlLzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYtMmQ2NWUwNjY4N2Rl
LzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcbRL370l
O48AreAuNglFjFyjUL/ALqXwuJGM8t15rVWY11modDHVhpF3nclOePdag1/3t8Hz
6nCtoE0kqWcJpG/uj8B7vgJg0tJKxup/Z69yuaEKlLVBvAVQ5uFnQ23y+8qWDRoO
iLKyjyvY96yMkJj2i6nFwX8Almc3i9mVlxj9cChKtXD0PNXjejgzSzCE6IXDZsY6
vn2s/sA0YCgCUoHtfivWAohVEBT8Tw+BuBZ2GEg4k2rM2PjHQvb7TiSRSNMPeHT2
vHpxSKqEY1fwvXNmxdaqKUqZwZ1ElCil2yf4cRZzTw5HIZqPC+y4ZGD7vdg4zykY
n2lqYy/jd0cMVA==
-----END CERTIFICATE-----