Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
File:                     pffZAsirU0AJh6GIKrJ_fPoBt0A.mft (raw, json)
Hash identifier:          clrem42mClX4p+B3H5h0+vcBzuau2i13yu5JHrc6kwU=
Subject key identifier:   8E:EA:7A:AA:37:8B:2E:0E:9D:BC:1E:59:9E:3E:AD:1A:5F:B8:BD:19
Authority key identifier: A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40
Certificate issuer:       /CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
Certificate serial:       019786FCD2D2A509B09A0816E395BA302E4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
Manifest number:          01F5
Signing time:             Thu 19 Jun 2025 07:00:05 +0000
Manifest this update:     Thu 19 Jun 2025 07:00:05 +0000
Manifest next update:     Fri 20 Jun 2025 07:00:05 +0000
Files and hashes:         1: pffZAsirU0AJh6GIKrJ_fPoBt0A.crl (hash: 4wTvam3FH8p6iHSO7HnRtHHWKO62T0DKFq7ySyfH1Ig=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 20 Jun 2025 07:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:86:fc:d2:d2:a5:09:b0:9a:08:16:e3:95:ba:30:2e:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
        Validity
            Not Before: Jun 19 07:00:05 2025 GMT
            Not After : Jun 20 07:00:05 2025 GMT
        Subject: CN=8eea7aaa378b2e0e9dbc1e599e3ead1a5fb8bd19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:28:ed:5f:66:c2:4e:3a:e9:b2:cd:95:21:94:
                    d1:22:ab:9d:5c:fb:95:04:0f:08:ed:d4:0d:8b:89:
                    ac:b4:c7:7b:13:62:e2:15:5e:5f:e2:a3:f9:3f:99:
                    08:ca:64:c4:26:6c:3a:e5:28:8e:ea:67:50:6a:75:
                    90:cc:93:44:35:59:02:4c:6d:bf:22:ad:3a:46:73:
                    41:1d:57:99:60:cf:c3:11:c1:a1:ea:c3:bd:92:54:
                    db:98:45:c9:99:88:9e:1c:4f:b1:38:12:0f:bb:ce:
                    c2:43:bf:1d:8e:77:4d:89:04:51:cd:fc:03:c6:22:
                    1a:9a:8b:d8:ac:fa:75:69:1c:d1:e0:90:c9:4c:62:
                    63:b5:4d:f7:fa:18:00:9e:de:83:dd:26:f8:dc:7d:
                    3f:56:1c:78:01:6e:9d:15:bc:2c:ab:c2:cc:29:b2:
                    44:30:e9:a9:f9:cf:61:65:52:a7:0f:60:45:3a:7e:
                    c4:9c:5a:fd:42:d5:18:0f:01:40:c6:42:b8:bd:9b:
                    c2:ea:49:bf:32:23:ee:b6:db:56:0a:37:25:92:d9:
                    91:ec:72:ef:e2:a4:98:c6:ad:e2:b4:8f:00:9b:2a:
                    03:00:b7:f8:47:fa:f9:b4:1a:f9:f2:c5:8f:5c:75:
                    49:b0:6f:09:91:7b:a5:cf:31:54:9d:7e:9a:4d:04:
                    aa:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:EA:7A:AA:37:8B:2E:0E:9D:BC:1E:59:9E:3E:AD:1A:5F:B8:BD:19
            X509v3 Authority Key Identifier:
                keyid:A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:0f:3b:ad:d7:99:44:62:a5:30:d8:51:fd:6b:f1:fc:17:a5:
         bd:ed:8b:98:5b:8c:48:2f:2a:e7:28:89:cc:93:3d:93:a1:b1:
         89:45:fe:47:f4:03:e1:df:f2:2e:9e:04:2f:43:7c:1d:43:e7:
         ec:94:e2:fe:73:9f:cb:6b:de:35:e0:c6:4f:47:e3:76:53:91:
         9f:4a:04:14:15:15:99:f1:dd:d4:0d:85:e3:71:be:b8:f9:71:
         45:56:bd:38:91:ae:64:68:18:12:cd:ea:49:8c:b5:c9:a2:76:
         cc:cd:18:57:18:bd:42:4e:ff:36:d3:ae:e2:dc:14:f6:0a:2a:
         c4:78:cd:3f:85:a2:dc:03:a5:e9:2e:88:c0:88:a4:07:c3:a8:
         e9:fe:ca:aa:7f:c0:ae:7b:82:86:27:b7:5c:5d:c5:f1:b7:4c:
         e5:9a:c4:c6:b2:6d:ef:96:6a:ee:39:8a:13:d1:a7:61:84:30:
         5a:5e:9e:e6:d5:db:6e:b9:bf:36:48:7f:49:c5:e8:98:0b:c4:
         c3:1b:5a:42:58:5d:02:54:73:38:af:bb:64:e1:c6:5e:de:b8:
         27:76:7b:81:fb:49:b7:a7:b8:3e:56:ad:1c:5b:71:bb:18:fc:
         d8:d3:5a:39:74:d6:fd:d5:da:21:9e:f6:10:0e:9a:48:6b:ea:
         78:be:e4:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeG/NLSpQmwmggW45W6MC5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjdkOTAyYzhhYjUzNDAwOTg3YTE4ODJhYjI3ZjdjZmEw
MWI3NDAwHhcNMjUwNjE5MDcwMDA1WhcNMjUwNjIwMDcwMDA1WjAzMTEwLwYDVQQD
Eyg4ZWVhN2FhYTM3OGIyZTBlOWRiYzFlNTk5ZTNlYWQxYTVmYjhiZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCjtX2bCTjrpss2VIZTRIqudXPuV
BA8I7dQNi4mstMd7E2LiFV5f4qP5P5kIymTEJmw65SiO6mdQanWQzJNENVkCTG2/
Iq06RnNBHVeZYM/DEcGh6sO9klTbmEXJmYieHE+xOBIPu87CQ78djndNiQRRzfwD
xiIamovYrPp1aRzR4JDJTGJjtU33+hgAnt6D3Sb43H0/Vhx4AW6dFbwsq8LMKbJE
MOmp+c9hZVKnD2BFOn7EnFr9QtUYDwFAxkK4vZvC6km/MiPutttWCjclktmR7HLv
4qSYxq3itI8AmyoDALf4R/r5tBr58sWPXHVJsG8JkXulzzFUnX6aTQSqrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7qeqo3iy4OnbweWZ4+rRpfuL0ZMB8GA1UdIwQY
MBaAFKX32QLIq1NACYehiCqyf3z6AbdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYt
MmQ2NWUwNjY4N2RlLzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYtMmQ2NWUwNjY4N2Rl
LzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvg87rdeZ
RGKlMNhR/Wvx/Belve2LmFuMSC8q5yiJzJM9k6GxiUX+R/QD4d/yLp4EL0N8HUPn
7JTi/nOfy2veNeDGT0fjdlORn0oEFBUVmfHd1A2F43G+uPlxRVa9OJGuZGgYEs3q
SYy1yaJ2zM0YVxi9Qk7/NtOu4twU9goqxHjNP4Wi3AOl6S6IwIikB8Oo6f7Kqn/A
rnuChie3XF3F8bdM5ZrExrJt75Zq7jmKE9GnYYQwWl6e5tXbbrm/Nkh/ScXomAvE
wxtaQlhdAlRzOK+7ZOHGXt64J3Z7gftJt6e4PlatHFtxuxj82NNaOXTW/dXaIZ72
EA6aSGvqeL7kqg==
-----END CERTIFICATE-----