Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
File:                     pffZAsirU0AJh6GIKrJ_fPoBt0A.mft (raw, json)
Hash identifier:          FrEO2nI30AVKzxiXKwrLCbuQ45psfuf/OQ0AEkT0GxM=
Subject key identifier:   B1:51:F6:4F:78:A4:28:B3:F2:27:6D:FF:54:ED:50:04:CB:77:FF:BA
Authority key identifier: A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40
Certificate issuer:       /CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
Certificate serial:       019752D8B1DCCEB1397E2022AD0F90798681
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
Manifest number:          01DA
Signing time:             Mon 09 Jun 2025 04:00:22 +0000
Manifest this update:     Mon 09 Jun 2025 04:00:22 +0000
Manifest next update:     Tue 10 Jun 2025 04:00:22 +0000
Files and hashes:         1: pffZAsirU0AJh6GIKrJ_fPoBt0A.crl (hash: F3Up4Elj1c77FShD+Cwjeph5ukR72D6nZwDW9X/u6pY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:d8:b1:dc:ce:b1:39:7e:20:22:ad:0f:90:79:86:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
        Validity
            Not Before: Jun  9 04:00:22 2025 GMT
            Not After : Jun 10 04:00:22 2025 GMT
        Subject: CN=b151f64f78a428b3f2276dff54ed5004cb77ffba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:fe:80:b3:6c:98:60:85:a1:86:8a:65:b2:0e:
                    27:34:0d:bc:88:60:c2:a6:52:7e:f1:ee:f1:e4:a2:
                    06:13:db:e9:62:ae:3a:cc:83:00:c2:1c:8e:50:c5:
                    e2:47:07:44:f0:a5:73:44:11:d4:03:f3:3a:ee:ec:
                    60:ae:8f:b9:f6:06:78:27:e0:e2:bf:0b:66:0d:55:
                    14:be:83:c0:41:49:48:c4:7e:84:0d:ad:3e:86:43:
                    5e:a6:02:ab:0a:c2:69:f2:d0:e4:9c:21:85:f8:09:
                    53:01:0d:5e:d6:d3:ea:17:0f:7d:3b:af:f6:e2:e8:
                    42:26:07:6a:a6:25:ee:9e:c2:19:20:3b:19:fd:f9:
                    bd:dd:d3:0e:9c:21:d5:74:3d:32:43:c7:98:50:19:
                    68:b6:c5:a3:68:c7:96:a6:90:a0:65:9e:ee:1a:e2:
                    c0:64:8b:ca:96:9b:09:15:f8:4c:dd:48:e8:78:00:
                    e1:eb:f1:29:a9:2d:b4:7a:a5:39:e4:e5:c4:05:a8:
                    d9:9a:48:c9:55:2b:97:9a:41:e7:a3:ff:40:39:8f:
                    14:02:9a:69:5f:a5:78:35:bc:d2:97:56:9e:5e:4b:
                    ae:e5:7b:b9:08:e9:e0:da:52:ba:7e:88:3b:4d:7d:
                    dc:60:b9:22:44:18:53:af:b7:9b:b8:b6:04:e1:05:
                    c1:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:51:F6:4F:78:A4:28:B3:F2:27:6D:FF:54:ED:50:04:CB:77:FF:BA
            X509v3 Authority Key Identifier:
                keyid:A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:4b:f4:69:fc:10:87:6c:44:24:18:dc:98:0f:2d:b9:52:bc:
         85:dd:45:ce:15:73:27:45:58:d4:84:f5:07:4f:0a:c4:23:a8:
         14:a0:7b:e1:53:f8:de:e3:2b:df:8b:87:23:ba:90:aa:36:d5:
         73:0e:47:3f:cb:8d:7c:ba:84:43:c1:bd:20:a1:9f:eb:81:c6:
         47:82:0a:37:c5:20:35:f5:dc:2d:98:6a:a8:ed:72:a2:8f:fe:
         c8:eb:69:9b:92:05:eb:91:62:e0:c9:33:97:2d:d9:88:2a:8a:
         76:02:62:49:ab:17:ce:b8:37:09:33:7e:e9:6e:63:b7:4d:c4:
         92:69:af:99:5c:00:a5:06:a1:cb:5f:f4:75:4e:aa:eb:4f:3c:
         7a:b4:73:2e:ac:14:ea:96:0e:bc:8e:cb:43:4b:fe:34:e7:a6:
         41:fd:cb:35:03:8d:d8:2d:86:3b:ba:ef:6b:e4:42:31:d4:38:
         cc:23:ed:1e:bd:20:39:ee:d8:f7:6f:1e:50:e6:b3:b8:31:bc:
         80:b9:39:7c:87:e1:3b:b1:b2:45:98:5a:8e:9d:1d:73:cb:61:
         79:34:cb:8e:04:d2:59:e4:c8:91:30:44:ff:4f:03:81:fb:ac:
         c2:81:ec:2a:ed:96:26:c2:5d:58:13:ae:32:47:52:2a:ca:fd:
         ed:f2:eb:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdS2LHczrE5fiAirQ+QeYaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjdkOTAyYzhhYjUzNDAwOTg3YTE4ODJhYjI3ZjdjZmEw
MWI3NDAwHhcNMjUwNjA5MDQwMDIyWhcNMjUwNjEwMDQwMDIyWjAzMTEwLwYDVQQD
EyhiMTUxZjY0Zjc4YTQyOGIzZjIyNzZkZmY1NGVkNTAwNGNiNzdmZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP6As2yYYIWhhoplsg4nNA28iGDC
plJ+8e7x5KIGE9vpYq46zIMAwhyOUMXiRwdE8KVzRBHUA/M67uxgro+59gZ4J+Di
vwtmDVUUvoPAQUlIxH6EDa0+hkNepgKrCsJp8tDknCGF+AlTAQ1e1tPqFw99O6/2
4uhCJgdqpiXunsIZIDsZ/fm93dMOnCHVdD0yQ8eYUBlotsWjaMeWppCgZZ7uGuLA
ZIvKlpsJFfhM3UjoeADh6/EpqS20eqU55OXEBajZmkjJVSuXmkHno/9AOY8UAppp
X6V4NbzSl1aeXkuu5Xu5COng2lK6fog7TX3cYLkiRBhTr7ebuLYE4QXB3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFR9k94pCiz8idt/1TtUATLd/+6MB8GA1UdIwQY
MBaAFKX32QLIq1NACYehiCqyf3z6AbdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYt
MmQ2NWUwNjY4N2RlLzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYtMmQ2NWUwNjY4N2Rl
LzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAREv0afwQ
h2xEJBjcmA8tuVK8hd1FzhVzJ0VY1IT1B08KxCOoFKB74VP43uMr34uHI7qQqjbV
cw5HP8uNfLqEQ8G9IKGf64HGR4IKN8UgNfXcLZhqqO1yoo/+yOtpm5IF65Fi4Mkz
ly3ZiCqKdgJiSasXzrg3CTN+6W5jt03EkmmvmVwApQahy1/0dU6q6088erRzLqwU
6pYOvI7LQ0v+NOemQf3LNQON2C2GO7rva+RCMdQ4zCPtHr0gOe7Y928eUOazuDG8
gLk5fIfhO7GyRZhajp0dc8theTTLjgTSWeTIkTBE/08DgfuswoHsKu2WJsJdWBOu
MkdSKsr97fLrsQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 09:18:36 2025 by rpki-client