Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
File:                     pffZAsirU0AJh6GIKrJ_fPoBt0A.mft (raw, json)
Hash identifier:          1/OZVUVjEQIwHIyxjRtgEXeJdIwqRs+affpHfpbdyeo=
Subject key identifier:   AD:28:50:DD:12:36:24:BD:E7:A4:C5:35:A1:A9:A9:06:39:3A:FE:33
Authority key identifier: A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40
Certificate issuer:       /CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
Certificate serial:       01975C80D57263E62A4C59D0F8EF23BA5629
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
Manifest number:          01DF
Signing time:             Wed 11 Jun 2025 01:00:36 +0000
Manifest this update:     Wed 11 Jun 2025 01:00:36 +0000
Manifest next update:     Thu 12 Jun 2025 01:00:36 +0000
Files and hashes:         1: pffZAsirU0AJh6GIKrJ_fPoBt0A.crl (hash: 2+nQGtqBqVQa0V3kdtNpsgqD5+QzGApKrPzc8YUiecg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:80:d5:72:63:e6:2a:4c:59:d0:f8:ef:23:ba:56:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
        Validity
            Not Before: Jun 11 01:00:36 2025 GMT
            Not After : Jun 12 01:00:36 2025 GMT
        Subject: CN=ad2850dd123624bde7a4c535a1a9a906393afe33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:04:4d:fa:9a:48:64:7a:00:ab:d0:eb:43:d0:
                    e9:06:9d:06:82:d5:22:44:3e:8e:22:00:7f:e3:58:
                    04:d1:95:2e:01:2e:be:1f:45:97:bf:8d:d4:10:3e:
                    35:d1:e4:c1:8d:79:b1:55:e2:1b:55:4c:c7:9c:a4:
                    90:e6:c1:0c:4c:96:3c:9c:6d:ce:28:4d:c3:e6:71:
                    38:7a:89:d5:d3:e2:2f:0a:79:bc:73:c9:fe:11:05:
                    95:f0:0f:86:39:62:b7:3e:40:a6:78:85:4b:cd:6a:
                    e5:03:6b:ce:fe:15:86:b9:9c:0e:5a:e2:27:a9:df:
                    3d:01:36:27:c5:a2:3d:c0:99:36:5d:4f:37:76:8e:
                    ae:70:34:4f:aa:c8:08:7b:72:a6:85:54:24:2e:6c:
                    26:7e:16:c8:75:eb:15:c3:b2:49:cb:52:9b:80:41:
                    6a:aa:ab:84:b2:c2:aa:24:88:de:d9:d3:06:65:c1:
                    8c:55:a4:93:1c:49:70:01:11:bd:4d:82:3d:ae:e1:
                    1e:f3:6d:f4:56:77:48:c1:b4:54:12:dd:85:e2:fd:
                    f7:7c:eb:01:30:f8:60:e7:a1:c8:c2:6e:00:30:96:
                    4c:e2:e0:4c:63:e6:a9:0c:26:92:0a:80:56:80:c9:
                    88:f8:b4:72:a1:bb:6f:1a:5c:a6:ed:69:fd:26:00:
                    e9:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:28:50:DD:12:36:24:BD:E7:A4:C5:35:A1:A9:A9:06:39:3A:FE:33
            X509v3 Authority Key Identifier:
                keyid:A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:c4:36:d9:3b:a6:48:a4:94:74:8b:50:be:cc:69:39:28:1f:
         78:ac:52:c9:26:94:00:cb:f8:29:64:e6:cd:62:40:b4:47:33:
         ab:be:07:43:be:7c:d4:60:2a:90:2c:3e:45:e9:8e:77:ae:7b:
         8e:19:1f:1d:f4:47:f3:de:a0:7b:ba:aa:f5:b9:11:df:30:7c:
         05:dd:86:60:e9:35:6b:b3:6e:98:c1:bb:b0:56:8a:fa:37:b9:
         2b:99:d4:4a:e1:4d:53:b0:8b:9a:09:e0:09:92:fb:0b:ec:6f:
         1b:e8:0a:e3:e4:a2:2e:6d:a2:a8:15:57:25:60:49:f7:bc:2d:
         7f:6d:96:78:85:06:c9:f5:c7:72:f1:2c:29:8b:78:8b:ff:3f:
         f8:b4:64:0a:73:4e:42:4a:27:5f:4b:e3:67:75:3a:9e:0b:dd:
         55:52:22:ec:9e:71:d9:6c:a4:4d:92:05:04:89:a3:51:b8:8f:
         0f:66:6f:2e:8b:50:ac:95:9f:53:5a:ae:e3:e7:b8:60:ca:fb:
         6d:40:9a:6d:14:66:1f:24:f5:ba:cb:d1:c3:9b:9e:5f:81:8b:
         62:cc:a7:36:bd:2a:c2:e9:31:38:d2:35:cb:7c:95:94:51:77:
         cc:82:ec:44:49:81:f4:ce:c8:4b:51:b7:75:6c:0b:ac:6c:1c:
         d4:63:f5:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcgNVyY+YqTFnQ+O8julYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjdkOTAyYzhhYjUzNDAwOTg3YTE4ODJhYjI3ZjdjZmEw
MWI3NDAwHhcNMjUwNjExMDEwMDM2WhcNMjUwNjEyMDEwMDM2WjAzMTEwLwYDVQQD
EyhhZDI4NTBkZDEyMzYyNGJkZTdhNGM1MzVhMWE5YTkwNjM5M2FmZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogRN+ppIZHoAq9DrQ9DpBp0GgtUi
RD6OIgB/41gE0ZUuAS6+H0WXv43UED410eTBjXmxVeIbVUzHnKSQ5sEMTJY8nG3O
KE3D5nE4eonV0+IvCnm8c8n+EQWV8A+GOWK3PkCmeIVLzWrlA2vO/hWGuZwOWuIn
qd89ATYnxaI9wJk2XU83do6ucDRPqsgIe3KmhVQkLmwmfhbIdesVw7JJy1KbgEFq
qquEssKqJIje2dMGZcGMVaSTHElwARG9TYI9ruEe8230VndIwbRUEt2F4v33fOsB
MPhg56HIwm4AMJZM4uBMY+apDCaSCoBWgMmI+LRyobtvGlym7Wn9JgDpzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0oUN0SNiS956TFNaGpqQY5Ov4zMB8GA1UdIwQY
MBaAFKX32QLIq1NACYehiCqyf3z6AbdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYt
MmQ2NWUwNjY4N2RlLzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYtMmQ2NWUwNjY4N2Rl
LzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdcQ22Tum
SKSUdItQvsxpOSgfeKxSySaUAMv4KWTmzWJAtEczq74HQ7581GAqkCw+RemOd657
jhkfHfRH896ge7qq9bkR3zB8Bd2GYOk1a7NumMG7sFaK+je5K5nUSuFNU7CLmgng
CZL7C+xvG+gK4+SiLm2iqBVXJWBJ97wtf22WeIUGyfXHcvEsKYt4i/8/+LRkCnNO
QkonX0vjZ3U6ngvdVVIi7J5x2WykTZIFBImjUbiPD2ZvLotQrJWfU1qu4+e4YMr7
bUCabRRmHyT1usvRw5ueX4GLYsynNr0qwukxONI1y3yVlFF3zILsREmB9M7IS1G3
dWwLrGwc1GP13Q==
-----END CERTIFICATE-----
Generated at Wed Jun 11 10:11:20 2025 by rpki-client