Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
File:                     pffZAsirU0AJh6GIKrJ_fPoBt0A.mft (raw, json)
Hash identifier:          XjHxNCq6Vys9jrAgbEQsN41/v86+TaOsRUjtMkrmVpw=
Subject key identifier:   47:53:7B:55:D0:31:50:E6:69:C9:8F:04:88:18:B0:01:9F:C9:C2:12
Authority key identifier: A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40
Certificate issuer:       /CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
Certificate serial:       0198A0F19530571E3CBE1180A9D38E210F79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
Manifest number:          0287
Signing time:             Wed 13 Aug 2025 01:00:43 +0000
Manifest this update:     Wed 13 Aug 2025 01:00:43 +0000
Manifest next update:     Thu 14 Aug 2025 01:00:43 +0000
Files and hashes:         1: pffZAsirU0AJh6GIKrJ_fPoBt0A.crl (hash: 37nK5jB+lb4mw0+IcxsYXKGws60Vl6bTG24oBpnDokA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:f1:95:30:57:1e:3c:be:11:80:a9:d3:8e:21:0f:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
        Validity
            Not Before: Aug 13 01:00:43 2025 GMT
            Not After : Aug 14 01:00:43 2025 GMT
        Subject: CN=47537b55d03150e669c98f048818b0019fc9c212
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:be:94:94:a6:6e:93:c3:63:6c:ac:6d:c9:97:
                    b4:7a:71:9f:65:65:22:7a:85:e5:e3:9e:32:9e:37:
                    4d:4e:4f:8b:05:98:a5:95:03:94:26:49:01:ab:46:
                    38:a4:79:a8:a7:de:c5:d1:71:fd:30:f5:6f:6a:75:
                    f8:dd:db:e3:07:85:29:92:56:fe:66:ac:7b:56:84:
                    1d:0a:88:8e:b5:b9:66:6c:50:66:68:22:a2:f2:1b:
                    80:1e:d3:9a:0c:1b:b5:f0:6a:13:9e:d2:6b:ea:97:
                    ee:68:57:b8:9f:82:14:3b:af:b6:c6:12:71:72:8c:
                    00:6b:18:e3:b8:49:b9:a0:0b:a2:66:91:60:9d:62:
                    0a:65:9b:1b:4e:b1:0d:bf:5d:7d:c2:cc:b4:3d:5d:
                    42:60:c7:7e:f6:90:63:2a:09:f4:a3:89:c1:3d:3e:
                    64:f5:19:7e:08:20:5c:30:d6:11:92:bd:76:49:4f:
                    7e:99:cc:19:bc:ea:3a:41:dd:e0:92:5c:df:43:b6:
                    15:55:af:76:95:d9:45:82:ff:bd:68:3d:52:70:7b:
                    af:34:5a:7b:2a:20:8b:85:1a:3e:75:b9:5d:25:a3:
                    62:d3:38:c9:27:3c:9c:d5:c9:2c:0c:61:d2:fe:2c:
                    30:bd:c4:3d:32:29:f2:27:90:66:a9:77:dc:ab:66:
                    c3:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:53:7B:55:D0:31:50:E6:69:C9:8F:04:88:18:B0:01:9F:C9:C2:12
            X509v3 Authority Key Identifier:
                keyid:A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:14:14:4c:02:dd:af:d3:0b:29:c7:e4:6e:13:20:4d:3d:aa:
         87:fc:8a:a8:d1:40:9d:c1:d2:5a:ce:9f:cc:0e:7c:19:a3:6b:
         2e:c1:4a:df:51:fd:5f:e3:cd:f3:6d:7f:df:e8:5a:8f:13:fb:
         11:21:c8:c9:ab:3a:59:fa:0d:0e:b3:91:c1:ed:4b:1a:9c:0d:
         0f:ba:71:13:b0:f5:c4:3f:ff:a3:ab:4f:d7:c4:c7:04:ec:33:
         dd:b4:ba:f2:bf:b8:ef:ea:4c:09:8d:0b:83:91:6e:77:a5:c2:
         4b:6b:db:cc:d3:73:e0:51:2f:09:bd:75:7f:43:21:6b:02:11:
         5c:54:00:f2:bd:ef:0d:4b:76:1f:fe:09:4e:4c:0d:a2:8b:f8:
         5c:38:f4:b7:37:5b:90:cc:61:ec:94:87:73:33:19:95:ad:b2:
         26:a8:e4:a2:e9:e6:fe:8c:56:53:5c:c0:8c:d1:2c:43:6e:98:
         22:a9:3c:27:54:c5:a8:45:fc:c4:ab:e0:b4:51:f0:49:04:26:
         c4:d4:15:5a:2f:5f:c2:5f:98:36:fa:22:14:de:76:20:a4:18:
         96:fd:44:27:1d:83:5d:cc:d2:94:61:86:89:30:00:cb:b8:1f:
         21:4b:bc:83:1f:2e:d3:dc:92:be:2d:6b:91:e7:f1:7d:80:67:
         3d:e8:3d:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZig8ZUwVx48vhGAqdOOIQ95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjdkOTAyYzhhYjUzNDAwOTg3YTE4ODJhYjI3ZjdjZmEw
MWI3NDAwHhcNMjUwODEzMDEwMDQzWhcNMjUwODE0MDEwMDQzWjAzMTEwLwYDVQQD
Eyg0NzUzN2I1NWQwMzE1MGU2NjljOThmMDQ4ODE4YjAwMTlmYzljMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0r6UlKZuk8NjbKxtyZe0enGfZWUi
eoXl454ynjdNTk+LBZillQOUJkkBq0Y4pHmop97F0XH9MPVvanX43dvjB4Upklb+
Zqx7VoQdCoiOtblmbFBmaCKi8huAHtOaDBu18GoTntJr6pfuaFe4n4IUO6+2xhJx
cowAaxjjuEm5oAuiZpFgnWIKZZsbTrENv119wsy0PV1CYMd+9pBjKgn0o4nBPT5k
9Rl+CCBcMNYRkr12SU9+mcwZvOo6Qd3gklzfQ7YVVa92ldlFgv+9aD1ScHuvNFp7
KiCLhRo+dbldJaNi0zjJJzyc1cksDGHS/iwwvcQ9MinyJ5BmqXfcq2bDHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdTe1XQMVDmacmPBIgYsAGfycISMB8GA1UdIwQY
MBaAFKX32QLIq1NACYehiCqyf3z6AbdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYt
MmQ2NWUwNjY4N2RlLzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYtMmQ2NWUwNjY4N2Rl
LzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgxQUTALd
r9MLKcfkbhMgTT2qh/yKqNFAncHSWs6fzA58GaNrLsFK31H9X+PN821/3+hajxP7
ESHIyas6WfoNDrORwe1LGpwND7pxE7D1xD//o6tP18THBOwz3bS68r+47+pMCY0L
g5Fud6XCS2vbzNNz4FEvCb11f0MhawIRXFQA8r3vDUt2H/4JTkwNoov4XDj0tzdb
kMxh7JSHczMZla2yJqjkounm/oxWU1zAjNEsQ26YIqk8J1TFqEX8xKvgtFHwSQQm
xNQVWi9fwl+YNvoiFN52IKQYlv1EJx2DXczSlGGGiTAAy7gfIUu8gx8u09ySvi1r
kefxfYBnPeg97Q==
-----END CERTIFICATE-----