Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
File:                     pffZAsirU0AJh6GIKrJ_fPoBt0A.mft (raw, json)
Hash identifier:          x978h7fhyMYysPRcf4/MA9NrxLyUG3iKz+ZZCIqg5Uc=
Subject key identifier:   B7:64:02:44:85:0C:EB:FD:22:F9:D4:88:8C:74:EA:31:7A:BA:9B:00
Authority key identifier: A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40
Certificate issuer:       /CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
Certificate serial:       019A4F9909C6DA8FAF3C7D66BBDD09DCB2B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
Manifest number:          0366
Signing time:             Tue 04 Nov 2025 16:00:20 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:20 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:20 +0000
Files and hashes:         1: pffZAsirU0AJh6GIKrJ_fPoBt0A.crl (hash: TDbTdjUpMW1eAgX94twvjfV+DYC4IQUqfYri9oWKraA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:99:09:c6:da:8f:af:3c:7d:66:bb:dd:09:dc:b2:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
        Validity
            Not Before: Nov  4 16:00:20 2025 GMT
            Not After : Nov  5 16:00:20 2025 GMT
        Subject: CN=b7640244850cebfd22f9d4888c74ea317aba9b00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:d0:79:82:6a:72:d4:ae:90:1c:80:c8:8f:a3:
                    cb:65:ab:cb:61:dc:c9:e9:43:18:78:51:0b:fb:9f:
                    ed:07:3a:92:9d:7a:af:9b:e7:40:b5:30:c2:18:33:
                    de:64:51:43:ba:74:11:00:2e:ea:a1:0e:5a:aa:af:
                    b5:82:08:cf:f5:46:db:28:1a:b1:93:48:f5:c4:41:
                    bf:fc:d0:a2:7c:0b:03:e9:e6:30:05:d2:08:dc:ef:
                    7c:06:3d:7c:d4:c3:45:1c:5c:3e:09:ce:7d:8e:77:
                    d7:eb:12:22:67:cb:e3:3f:a7:88:7a:50:31:dc:20:
                    ba:46:6f:b2:83:14:6b:eb:ac:66:92:33:e1:cd:d4:
                    7f:65:ad:df:6b:ce:65:43:d5:9e:19:af:93:5d:2a:
                    05:98:0b:7d:83:e1:93:78:d2:4d:f3:3b:97:d3:15:
                    e6:95:17:db:dc:93:d1:7a:74:72:ab:82:43:4a:6c:
                    28:ca:66:a7:6d:86:7f:e6:cf:12:0f:b9:fe:bd:18:
                    18:a2:60:49:92:d1:90:40:27:6c:91:a1:6d:de:30:
                    e9:ba:e4:94:d5:d0:2e:09:4e:83:21:74:93:a1:05:
                    b5:55:41:fd:29:92:5f:61:9e:2c:15:1a:21:8c:ab:
                    c4:68:62:c1:d8:ce:bc:9e:a9:7b:ce:ae:37:04:f7:
                    12:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:64:02:44:85:0C:EB:FD:22:F9:D4:88:8C:74:EA:31:7A:BA:9B:00
            X509v3 Authority Key Identifier:
                keyid:A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:98:1a:08:95:c9:c1:60:6d:12:b3:c1:cb:e7:fd:db:be:f7:
         e1:0e:51:d8:6c:b3:bb:56:31:68:d1:af:c1:cc:dd:ab:69:58:
         ca:2b:46:ef:ec:b4:18:54:a5:57:b1:ce:1a:7f:9f:f4:ea:c7:
         f2:1e:ee:c8:a3:94:c0:af:6a:f4:69:7f:42:73:7f:a0:dc:64:
         59:c5:44:84:f3:f2:3c:64:23:3c:fc:06:b8:16:97:d6:68:20:
         28:ab:10:0c:34:da:1c:38:a1:8a:bf:08:be:fa:25:b0:01:1a:
         48:f0:05:5d:b6:7e:8b:fb:c6:40:d5:2b:93:02:af:d8:57:f4:
         22:96:25:69:c0:05:25:df:be:71:12:d9:57:95:87:4c:ee:20:
         de:dc:92:b1:c4:c4:b1:26:a7:04:b4:44:aa:86:17:5a:3d:07:
         90:5a:d6:3b:d6:a2:d6:bd:07:ab:ce:29:0d:d7:06:37:0b:7c:
         18:33:eb:26:c2:c5:9d:dd:31:43:cb:38:36:b9:2e:cd:6d:5a:
         6e:50:04:94:40:a1:36:e2:80:a4:fb:48:ac:31:1e:98:37:df:
         e6:bb:cc:75:10:d7:b8:62:6f:f5:25:05:e3:57:3e:5a:bf:6d:
         bf:f9:6e:4a:b1:11:f6:98:f8:55:55:c4:6d:21:17:22:9e:67:
         9c:56:92:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmQnG2o+vPH1mu90J3LK3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjdkOTAyYzhhYjUzNDAwOTg3YTE4ODJhYjI3ZjdjZmEw
MWI3NDAwHhcNMjUxMTA0MTYwMDIwWhcNMjUxMTA1MTYwMDIwWjAzMTEwLwYDVQQD
EyhiNzY0MDI0NDg1MGNlYmZkMjJmOWQ0ODg4Yzc0ZWEzMTdhYmE5YjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydB5gmpy1K6QHIDIj6PLZavLYdzJ
6UMYeFEL+5/tBzqSnXqvm+dAtTDCGDPeZFFDunQRAC7qoQ5aqq+1ggjP9UbbKBqx
k0j1xEG//NCifAsD6eYwBdII3O98Bj181MNFHFw+Cc59jnfX6xIiZ8vjP6eIelAx
3CC6Rm+ygxRr66xmkjPhzdR/Za3fa85lQ9WeGa+TXSoFmAt9g+GTeNJN8zuX0xXm
lRfb3JPRenRyq4JDSmwoymanbYZ/5s8SD7n+vRgYomBJktGQQCdskaFt3jDpuuSU
1dAuCU6DIXSToQW1VUH9KZJfYZ4sFRohjKvEaGLB2M68nql7zq43BPcSOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLdkAkSFDOv9IvnUiIx06jF6upsAMB8GA1UdIwQY
MBaAFKX32QLIq1NACYehiCqyf3z6AbdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYt
MmQ2NWUwNjY4N2RlLzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYtMmQ2NWUwNjY4N2Rl
LzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABZgaCJXJ
wWBtErPBy+f927734Q5R2Gyzu1YxaNGvwczdq2lYyitG7+y0GFSlV7HOGn+f9OrH
8h7uyKOUwK9q9Gl/QnN/oNxkWcVEhPPyPGQjPPwGuBaX1mggKKsQDDTaHDihir8I
vvolsAEaSPAFXbZ+i/vGQNUrkwKv2Ff0IpYlacAFJd++cRLZV5WHTO4g3tySscTE
sSanBLREqoYXWj0HkFrWO9ai1r0Hq84pDdcGNwt8GDPrJsLFnd0xQ8s4NrkuzW1a
blAElEChNuKApPtIrDEemDff5rvMdRDXuGJv9SUF41c+Wr9tv/luSrER9pj4VVXE
bSEXIp5nnFaSXA==
-----END CERTIFICATE-----