Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
File:                     pffZAsirU0AJh6GIKrJ_fPoBt0A.mft (raw, json)
Hash identifier:          /tl11JpYU9zp4nnuSjLlCRxYFhhUnEKQ58MMP26+sps=
Subject key identifier:   E7:D2:DD:82:23:0A:D4:3B:3E:D7:E6:84:26:C3:74:BF:28:57:CE:06
Authority key identifier: A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40
Certificate issuer:       /CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
Certificate serial:       01968BEF142825311C1856C0086C68BD1351
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
Manifest number:          0173
Signing time:             Thu 01 May 2025 13:00:23 +0000
Manifest this update:     Thu 01 May 2025 13:00:23 +0000
Manifest next update:     Fri 02 May 2025 13:00:23 +0000
Files and hashes:         1: pffZAsirU0AJh6GIKrJ_fPoBt0A.crl (hash: RqmWqSftBWEBresVr9c+n1DPm4n26B5utr5CV57MkSM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8b:ef:14:28:25:31:1c:18:56:c0:08:6c:68:bd:13:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
        Validity
            Not Before: May  1 13:00:23 2025 GMT
            Not After : May  2 13:00:23 2025 GMT
        Subject: CN=e7d2dd82230ad43b3ed7e68426c374bf2857ce06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:25:79:9d:52:4f:0c:aa:41:49:d8:2b:f8:d8:
                    4b:b4:31:15:0e:cf:48:f2:1a:36:e4:49:2a:ab:9a:
                    6f:bc:61:f8:18:4e:76:57:c1:be:72:1a:93:c1:f1:
                    25:7e:30:b9:61:f4:a0:25:29:d8:e4:f3:6e:0e:a4:
                    0b:0c:ff:a9:1b:a6:af:cb:d1:be:35:59:4b:f9:4e:
                    0a:ab:ab:90:72:13:e0:d2:df:cd:32:94:9e:6e:e7:
                    c2:05:60:d6:f3:4c:73:14:65:d5:43:0a:89:6e:7d:
                    7e:c8:33:4d:53:96:67:ff:4f:dd:b8:d5:20:36:33:
                    54:4a:dc:7c:a4:56:e8:bc:a2:13:24:2d:c8:5f:08:
                    f6:a2:0d:f8:2a:19:8f:f6:1a:01:7c:76:e2:35:d3:
                    d4:82:9f:93:36:8c:74:e8:99:3e:df:18:ed:18:5b:
                    a7:af:d6:9e:c1:a8:2c:18:bf:f2:e8:6f:97:4a:b3:
                    5f:21:3b:6a:d1:bc:de:a7:e5:2f:b0:25:25:b1:32:
                    17:f9:dd:6e:3e:b1:33:08:e9:b7:45:e0:80:63:65:
                    d4:ed:7a:88:4d:7d:1b:6f:bd:63:75:51:1c:31:f7:
                    e4:7e:fc:e5:dc:51:fb:3d:24:cd:87:31:ba:02:68:
                    da:e1:3c:d6:a5:db:66:fb:aa:ad:db:95:20:0b:ab:
                    87:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:D2:DD:82:23:0A:D4:3B:3E:D7:E6:84:26:C3:74:BF:28:57:CE:06
            X509v3 Authority Key Identifier:
                keyid:A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:97:5c:ae:eb:04:26:12:fb:c1:8f:21:bb:3f:09:bf:da:6b:
         e8:c7:8b:e5:23:4b:a3:7d:ce:76:c0:cf:ba:31:b1:1a:d3:6d:
         1f:f3:50:61:c2:b9:af:b8:e4:b8:2f:2d:ee:40:4e:32:02:e3:
         3d:4e:f8:78:c2:a5:46:06:31:69:a1:16:86:dc:79:1d:d8:48:
         4e:fa:ba:e2:19:78:fd:99:7e:be:b6:76:17:61:99:c1:6f:db:
         b0:98:53:5c:9e:f5:0b:83:fd:80:57:20:f4:7b:35:ce:3c:82:
         e2:0f:4c:ec:8d:44:16:b3:4b:3c:67:4e:06:ea:c0:80:21:d0:
         fc:d7:56:1e:e2:50:24:4d:da:85:4c:72:f8:8f:22:72:2a:cc:
         84:8e:d3:07:21:54:fd:9d:45:9a:76:a8:d5:2c:2e:1b:5c:5a:
         68:e4:28:ef:b4:c8:5b:f5:91:7e:61:51:49:2a:82:01:3c:28:
         25:0c:1f:a6:e9:a4:2b:04:70:48:99:50:8c:3e:47:5f:b6:e1:
         5f:1b:dd:02:b6:63:38:43:b0:1f:04:bc:27:3e:0d:08:fd:6f:
         23:d7:05:1c:bd:8b:80:93:49:2e:1c:56:90:a6:43:eb:6c:72:
         65:f3:ab:2b:12:02:08:22:c9:33:7d:55:6b:d9:64:cf:c1:c6:
         bf:5d:b7:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaL7xQoJTEcGFbACGxovRNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjdkOTAyYzhhYjUzNDAwOTg3YTE4ODJhYjI3ZjdjZmEw
MWI3NDAwHhcNMjUwNTAxMTMwMDIzWhcNMjUwNTAyMTMwMDIzWjAzMTEwLwYDVQQD
EyhlN2QyZGQ4MjIzMGFkNDNiM2VkN2U2ODQyNmMzNzRiZjI4NTdjZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiV5nVJPDKpBSdgr+NhLtDEVDs9I
8ho25Ekqq5pvvGH4GE52V8G+chqTwfElfjC5YfSgJSnY5PNuDqQLDP+pG6avy9G+
NVlL+U4Kq6uQchPg0t/NMpSebufCBWDW80xzFGXVQwqJbn1+yDNNU5Zn/0/duNUg
NjNUStx8pFbovKITJC3IXwj2og34KhmP9hoBfHbiNdPUgp+TNox06Jk+3xjtGFun
r9aewagsGL/y6G+XSrNfITtq0bzep+UvsCUlsTIX+d1uPrEzCOm3ReCAY2XU7XqI
TX0bb71jdVEcMffkfvzl3FH7PSTNhzG6Amja4TzWpdtm+6qt25UgC6uH9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfS3YIjCtQ7PtfmhCbDdL8oV84GMB8GA1UdIwQY
MBaAFKX32QLIq1NACYehiCqyf3z6AbdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYt
MmQ2NWUwNjY4N2RlLzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYtMmQ2NWUwNjY4N2Rl
LzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJJdcrusE
JhL7wY8huz8Jv9pr6MeL5SNLo33OdsDPujGxGtNtH/NQYcK5r7jkuC8t7kBOMgLj
PU74eMKlRgYxaaEWhtx5HdhITvq64hl4/Zl+vrZ2F2GZwW/bsJhTXJ71C4P9gFcg
9Hs1zjyC4g9M7I1EFrNLPGdOBurAgCHQ/NdWHuJQJE3ahUxy+I8icirMhI7TByFU
/Z1Fmnao1SwuG1xaaOQo77TIW/WRfmFRSSqCATwoJQwfpumkKwRwSJlQjD5HX7bh
XxvdArZjOEOwHwS8Jz4NCP1vI9cFHL2LgJNJLhxWkKZD62xyZfOrKxICCCLJM31V
a9lkz8HGv123Ug==
-----END CERTIFICATE-----