Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
File:                     soehvthfaZtS-gaqGeUc8liPFLk.mft (raw, json)
Hash identifier:          KQgXVaC0bgpJnDDNiLfl31JXcL2jjfJ9DQrWtJu6SfU=
Subject key identifier:   CD:73:22:6B:CF:A2:74:1E:21:6C:47:BC:CD:AE:BC:96:03:B1:9C:94
Authority key identifier: B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9
Certificate issuer:       /CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
Certificate serial:       019D3865DFE55EFA83DAD4EC26A94EDB11EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
Manifest number:          1331
Signing time:             Sun 29 Mar 2026 07:01:33 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:33 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:33 +0000
Files and hashes:         1: soehvthfaZtS-gaqGeUc8liPFLk.crl (hash: F9KBt54fGn7/u2lxsNgQn4kG1+dLyomm886UvTCmTVM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:df:e5:5e:fa:83:da:d4:ec:26:a9:4e:db:11:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
        Validity
            Not Before: Mar 29 07:01:33 2026 GMT
            Not After : Mar 30 07:01:33 2026 GMT
        Subject: CN=cd73226bcfa2741e216c47bccdaebc9603b19c94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:2a:39:96:81:f3:f8:fe:dc:c0:7a:2b:4f:9e:
                    7f:38:a7:e5:35:29:d1:e4:a0:1f:23:7b:d7:93:7f:
                    f3:b0:d4:b7:a6:dd:75:49:1e:48:20:a2:56:f2:6a:
                    f5:0b:76:05:37:87:6e:09:8b:6a:0a:45:7e:f1:5f:
                    84:c2:99:24:8a:36:f9:86:32:ea:1c:58:cb:eb:20:
                    5c:54:8b:59:21:72:72:95:1e:b4:b1:49:7e:7b:e2:
                    19:81:cd:2e:79:df:24:1f:7c:28:b3:56:5f:e3:36:
                    80:1d:cb:ef:d5:f9:ed:44:b5:07:09:63:b7:0c:d6:
                    e6:6d:cf:ed:2e:4b:72:20:6a:02:7c:85:75:30:5d:
                    ea:19:75:78:49:01:09:ab:00:6c:36:1d:09:6e:86:
                    88:f7:03:01:3f:c4:4f:94:5d:e2:c3:0b:31:b0:fc:
                    71:55:6c:f6:ca:6b:d5:a1:83:3e:d4:d4:6f:f8:af:
                    1d:f9:f9:00:86:e6:3d:fd:bd:7e:ef:97:b8:01:d4:
                    d8:3f:ce:84:11:c6:4d:76:8a:85:91:52:5f:5d:de:
                    72:47:8c:c6:c9:00:69:14:d0:41:78:25:fc:b8:60:
                    1a:50:b7:32:3b:b5:05:88:2d:57:e8:84:b9:6e:c9:
                    ba:20:63:1a:4b:6c:21:5c:c2:21:79:d9:be:53:c1:
                    77:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:73:22:6B:CF:A2:74:1E:21:6C:47:BC:CD:AE:BC:96:03:B1:9C:94
            X509v3 Authority Key Identifier:
                keyid:B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:b2:70:49:29:56:68:e6:f0:d2:c0:7e:6c:22:1c:40:19:7a:
         a3:d2:fd:a2:f2:48:e1:69:e2:85:f8:25:10:0c:f9:ec:ca:2c:
         68:97:48:ac:a1:5a:72:09:ca:0c:52:8f:22:db:69:41:5d:c0:
         50:9a:c0:f9:f9:dc:c7:f8:94:9e:f1:f7:49:ad:00:8a:8a:af:
         5b:49:86:55:1d:fe:99:59:e0:2c:ac:0d:b4:7c:40:64:be:7a:
         27:15:a6:54:8f:79:d5:d6:9f:bc:79:0e:6c:fa:7b:d0:8f:95:
         eb:27:0b:b4:7b:2e:93:c5:36:fa:0f:43:02:16:f8:70:ee:22:
         10:53:bc:0f:80:e3:d6:d1:1d:74:a4:6b:dc:1b:99:af:21:b0:
         27:8f:01:c7:11:ec:0d:27:0e:64:ef:31:d3:94:fe:de:16:6a:
         16:ee:76:eb:c0:ab:44:98:ef:b8:4c:7c:27:57:90:de:8a:7d:
         96:6f:61:03:87:98:01:05:9b:d5:1b:df:c0:28:ec:96:fb:5a:
         7a:78:3c:6c:11:ef:22:e2:f2:f3:88:5b:31:b0:29:46:1b:d7:
         52:0b:ef:ce:73:32:2d:d8:e4:3e:cc:9a:f1:6e:a6:c7:13:c2:
         af:11:25:e4:0c:37:f9:c2:39:3d:d2:22:01:ca:ab:e3:53:02:
         11:b4:0a:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zd/lXvqD2tTsJqlO2xHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODdhMWJlZDg1ZjY5OWI1MmZhMDZhYTE5ZTUxY2YyNTg4
ZjE0YjkwHhcNMjYwMzI5MDcwMTMzWhcNMjYwMzMwMDcwMTMzWjAzMTEwLwYDVQQD
EyhjZDczMjI2YmNmYTI3NDFlMjE2YzQ3YmNjZGFlYmM5NjAzYjE5Yzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCo5loHz+P7cwHorT55/OKflNSnR
5KAfI3vXk3/zsNS3pt11SR5IIKJW8mr1C3YFN4duCYtqCkV+8V+Ewpkkijb5hjLq
HFjL6yBcVItZIXJylR60sUl+e+IZgc0ued8kH3wos1Zf4zaAHcvv1fntRLUHCWO3
DNbmbc/tLktyIGoCfIV1MF3qGXV4SQEJqwBsNh0JboaI9wMBP8RPlF3iwwsxsPxx
VWz2ymvVoYM+1NRv+K8d+fkAhuY9/b1+75e4AdTYP86EEcZNdoqFkVJfXd5yR4zG
yQBpFNBBeCX8uGAaULcyO7UFiC1X6IS5bsm6IGMaS2whXMIhedm+U8F3uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM1zImvPonQeIWxHvM2uvJYDsZyUMB8GA1UdIwQY
MBaAFLKHob7YX2mbUvoGqhnlHPJYjxS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgt
MDJlM2Q5ZTAyZWVjLzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgtMDJlM2Q5ZTAyZWVj
LzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi7JwSSlW
aObw0sB+bCIcQBl6o9L9ovJI4WnihfglEAz57MosaJdIrKFacgnKDFKPIttpQV3A
UJrA+fncx/iUnvH3Sa0AioqvW0mGVR3+mVngLKwNtHxAZL56JxWmVI951dafvHkO
bPp70I+V6ycLtHsuk8U2+g9DAhb4cO4iEFO8D4Dj1tEddKRr3BuZryGwJ48BxxHs
DScOZO8x05T+3hZqFu5268CrRJjvuEx8J1eQ3op9lm9hA4eYAQWb1RvfwCjslvta
eng8bBHvIuLy84hbMbApRhvXUgvvznMyLdjkPsya8W6mxxPCrxEl5Aw3+cI5PdIi
Acqr41MCEbQKhg==
-----END CERTIFICATE-----