Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
File:                     pffZAsirU0AJh6GIKrJ_fPoBt0A.mft (raw, json)
Hash identifier:          UMUU/b7ZCQ6mLKcuHs+EW5UaNkR1MyKnrtR+4wKShL0=
Subject key identifier:   FD:39:9D:70:6D:77:D2:73:68:A4:8F:2A:45:25:48:D8:65:20:1C:32
Authority key identifier: A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40
Certificate issuer:       /CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
Certificate serial:       0194C42C81192C0331AF812F077FD4574F69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
Manifest number:          87
Signing time:             Sun 02 Feb 2025 01:00:38 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:38 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:38 +0000
Files and hashes:         1: pffZAsirU0AJh6GIKrJ_fPoBt0A.crl (hash: b6lNTUvdxE8z95qgofbG05zo5Akm68nJZx02L7A1mq4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:81:19:2c:03:31:af:81:2f:07:7f:d4:57:4f:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
        Validity
            Not Before: Feb  2 01:00:38 2025 GMT
            Not After : Feb  3 01:00:38 2025 GMT
        Subject: CN=fd399d706d77d27368a48f2a452548d865201c32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d0:fe:87:45:57:d2:8e:7a:5b:09:2e:94:07:
                    6c:7a:d9:b3:c7:c8:33:85:c8:05:35:41:a1:9b:a2:
                    60:a6:1e:4e:ca:eb:90:82:d2:0b:32:03:85:07:74:
                    e3:6b:15:86:1e:45:d8:6f:d4:d4:ed:3c:4b:b5:14:
                    3b:24:e2:d6:9b:d1:b4:70:da:37:bb:43:16:50:8d:
                    10:33:f1:cb:a4:3d:d4:1c:28:b8:1c:4a:63:ba:19:
                    39:a1:be:db:c2:bb:36:6b:b2:69:d7:60:bd:8a:01:
                    5c:bf:85:d2:ff:cf:c8:5a:da:e7:a9:05:a1:d3:da:
                    43:ef:6e:ce:0e:41:f9:1b:e0:da:70:ee:2c:24:67:
                    0b:ab:e4:98:49:43:77:9c:5a:ae:5d:b4:ed:de:f5:
                    a3:5f:79:0e:95:62:85:7c:e5:b5:67:e6:7a:ae:e2:
                    11:c2:88:75:8f:e4:a2:74:b6:50:64:10:fc:95:63:
                    7d:3d:8b:5c:c0:56:00:3c:3d:99:c7:76:f8:81:c6:
                    8d:50:5f:8d:18:51:3b:12:57:88:c7:4b:3d:c0:5a:
                    43:32:1d:c7:26:1c:b3:16:73:c9:2e:9e:e9:06:60:
                    4b:75:a0:55:68:d8:44:51:db:11:c7:04:12:a0:ff:
                    41:c1:ef:4f:73:df:fd:48:9d:c0:cb:71:f6:73:03:
                    4e:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:39:9D:70:6D:77:D2:73:68:A4:8F:2A:45:25:48:D8:65:20:1C:32
            X509v3 Authority Key Identifier:
                keyid:A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:42:e0:a3:76:0f:1b:6f:d8:d4:ea:7f:f1:a0:46:e4:6f:f2:
         35:ba:ce:29:df:ac:c6:c6:43:fb:4e:f5:54:05:58:00:c6:d8:
         ba:9c:35:55:2b:0a:75:be:f5:74:cc:8b:d5:d5:19:41:a7:b1:
         6b:e6:42:f9:f5:bf:c7:8b:b5:45:09:4a:39:3f:07:e0:cf:69:
         85:32:07:7d:a5:89:85:a7:72:53:0b:6a:54:3e:bd:fb:08:3a:
         3b:0c:c7:64:b8:9d:43:9f:e0:76:33:90:eb:b4:99:9b:c2:c2:
         f8:66:6b:27:a8:23:6d:77:8c:91:92:2c:f2:d4:63:0e:6d:ba:
         8a:50:f5:bd:12:02:02:e0:3b:e5:3d:4f:f2:4d:f2:df:7c:9e:
         fe:d7:42:e9:2a:d6:db:43:5c:38:85:fa:41:7f:c6:9f:91:93:
         d0:9c:24:88:b0:ea:a5:dc:83:41:10:60:84:fe:7e:d0:32:ce:
         92:2f:b7:55:1e:4f:dc:74:55:80:7a:87:11:6f:19:83:9a:14:
         93:db:b2:14:2c:18:aa:d1:9f:f3:83:e1:ad:75:e4:56:97:9a:
         2f:a4:ba:97:2e:fb:70:c5:e0:23:96:16:e6:8c:14:58:7d:0d:
         b1:61:99:f9:12:22:e6:a6:fe:e5:7d:a6:cd:ca:6b:57:d0:52:
         8b:da:57:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELIEZLAMxr4EvB3/UV09pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjdkOTAyYzhhYjUzNDAwOTg3YTE4ODJhYjI3ZjdjZmEw
MWI3NDAwHhcNMjUwMjAyMDEwMDM4WhcNMjUwMjAzMDEwMDM4WjAzMTEwLwYDVQQD
EyhmZDM5OWQ3MDZkNzdkMjczNjhhNDhmMmE0NTI1NDhkODY1MjAxYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9D+h0VX0o56WwkulAdsetmzx8gz
hcgFNUGhm6Jgph5OyuuQgtILMgOFB3TjaxWGHkXYb9TU7TxLtRQ7JOLWm9G0cNo3
u0MWUI0QM/HLpD3UHCi4HEpjuhk5ob7bwrs2a7Jp12C9igFcv4XS/8/IWtrnqQWh
09pD727ODkH5G+DacO4sJGcLq+SYSUN3nFquXbTt3vWjX3kOlWKFfOW1Z+Z6ruIR
woh1j+SidLZQZBD8lWN9PYtcwFYAPD2Zx3b4gcaNUF+NGFE7EleIx0s9wFpDMh3H
JhyzFnPJLp7pBmBLdaBVaNhEUdsRxwQSoP9Bwe9Pc9/9SJ3Ay3H2cwNO8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP05nXBtd9JzaKSPKkUlSNhlIBwyMB8GA1UdIwQY
MBaAFKX32QLIq1NACYehiCqyf3z6AbdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYt
MmQ2NWUwNjY4N2RlLzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYtMmQ2NWUwNjY4N2Rl
LzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU0Lgo3YP
G2/Y1Op/8aBG5G/yNbrOKd+sxsZD+071VAVYAMbYupw1VSsKdb71dMyL1dUZQaex
a+ZC+fW/x4u1RQlKOT8H4M9phTIHfaWJhadyUwtqVD69+wg6OwzHZLidQ5/gdjOQ
67SZm8LC+GZrJ6gjbXeMkZIs8tRjDm26ilD1vRICAuA75T1P8k3y33ye/tdC6SrW
20NcOIX6QX/Gn5GT0JwkiLDqpdyDQRBghP5+0DLOki+3VR5P3HRVgHqHEW8Zg5oU
k9uyFCwYqtGf84PhrXXkVpeaL6S6ly77cMXgI5YW5owUWH0NsWGZ+RIi5qb+5X2m
zcprV9BSi9pXXA==
-----END CERTIFICATE-----