Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
File:                     soehvthfaZtS-gaqGeUc8liPFLk.mft (raw, json)
Hash identifier:          4ruKB23sesXuosflDUOe4dd9pCFBJqDf8VMzfv2PNX0=
Subject key identifier:   1F:21:6A:5B:78:00:ED:29:1F:C0:18:62:EC:93:CE:C3:3A:2C:A8:7C
Authority key identifier: B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9
Certificate issuer:       /CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
Certificate serial:       0199180A6D12ECE956EA9BE5C8EB7256AD39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
Manifest number:          110E
Signing time:             Fri 05 Sep 2025 04:02:40 +0000
Manifest this update:     Fri 05 Sep 2025 04:02:40 +0000
Manifest next update:     Sat 06 Sep 2025 04:02:40 +0000
Files and hashes:         1: soehvthfaZtS-gaqGeUc8liPFLk.crl (hash: P/YC2WTjMoNvmPoQ38PnQRIJAQVznMa9CqT0tcrwgy4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:0a:6d:12:ec:e9:56:ea:9b:e5:c8:eb:72:56:ad:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
        Validity
            Not Before: Sep  5 04:02:40 2025 GMT
            Not After : Sep  6 04:02:40 2025 GMT
        Subject: CN=1f216a5b7800ed291fc01862ec93cec33a2ca87c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:bf:8a:03:68:ea:1d:6a:6e:2b:19:96:12:15:
                    3b:c5:f2:54:7f:ea:50:c1:8c:fe:00:02:5d:8e:82:
                    a0:43:86:96:25:4d:36:79:fa:10:f0:6c:84:04:05:
                    77:42:3c:f0:76:9b:83:f2:61:4c:62:5f:0e:ba:34:
                    ad:4f:dc:c6:41:d9:30:c1:9f:d4:5a:5f:4b:83:ae:
                    e9:89:27:db:67:d2:7d:00:1d:f8:f0:ff:1f:cb:8f:
                    75:ea:90:25:99:76:91:c9:5f:8b:78:ef:cf:3d:be:
                    61:f8:60:41:44:ef:ca:31:b4:e9:e8:8b:ec:e8:32:
                    3e:74:4f:df:f2:f9:95:b2:b0:86:48:6f:62:0b:42:
                    26:23:f3:f2:b9:2d:24:0b:2c:cd:ce:ea:22:ff:36:
                    c5:3c:e5:e2:3d:05:e6:40:83:62:6a:f8:65:bb:17:
                    a5:4f:95:0a:2b:65:1c:70:bb:cd:50:95:4e:ad:48:
                    fe:57:2a:ac:2a:02:46:bf:d7:71:2e:71:76:2a:4e:
                    58:e0:1c:3e:28:c9:f0:51:0b:4b:47:77:86:f0:dc:
                    fe:52:54:29:98:21:59:de:16:fd:ca:08:34:81:5e:
                    17:a6:a2:d4:38:2d:34:d9:20:b5:3b:fe:dd:bb:f3:
                    aa:d4:d7:49:1c:40:2d:5a:55:ab:fa:60:10:a8:55:
                    9d:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:21:6A:5B:78:00:ED:29:1F:C0:18:62:EC:93:CE:C3:3A:2C:A8:7C
            X509v3 Authority Key Identifier:
                keyid:B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:c4:e0:d6:f5:b6:1b:c4:57:ee:89:e8:dd:83:39:d0:7f:76:
         61:c4:e4:7e:02:3a:9c:fc:62:80:97:f1:f3:55:e7:72:65:f0:
         3e:3d:62:82:9a:ed:fd:c4:29:6b:5c:d4:0e:db:b8:59:3b:d7:
         c7:24:9d:e9:17:8d:e4:f0:20:f9:09:be:32:e6:ca:02:3c:f9:
         dd:82:64:53:cd:cc:ff:e5:49:91:ce:41:bb:f3:7c:d3:19:15:
         d3:69:24:4c:07:3c:d3:ac:f7:da:7c:a3:44:38:a8:91:02:cd:
         ea:62:1a:22:ef:c5:82:e2:c5:72:c3:31:51:61:9c:b6:d8:f4:
         c1:73:81:5f:49:ca:90:ff:4c:66:f3:b0:69:dc:68:3a:df:0e:
         c3:b2:56:04:03:ea:40:f5:69:57:bf:1b:1e:7c:7d:b5:58:75:
         96:f8:d8:16:ea:60:36:27:bd:a2:fc:ad:c6:c4:75:51:92:2f:
         de:54:a4:b9:f5:a8:0f:7a:3d:d5:a6:97:0c:c8:9f:0d:26:6d:
         4f:2b:cd:c9:50:39:0d:2c:d7:f7:34:b5:09:53:02:fc:01:3f:
         51:1b:cc:da:9b:61:df:97:46:ef:49:ec:d6:fb:00:7c:69:ee:
         e1:0b:9c:96:92:e6:6b:23:a8:5a:3a:9f:f3:45:7f:4e:c3:f2:
         ac:b7:fd:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCm0S7OlW6pvlyOtyVq05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODdhMWJlZDg1ZjY5OWI1MmZhMDZhYTE5ZTUxY2YyNTg4
ZjE0YjkwHhcNMjUwOTA1MDQwMjQwWhcNMjUwOTA2MDQwMjQwWjAzMTEwLwYDVQQD
EygxZjIxNmE1Yjc4MDBlZDI5MWZjMDE4NjJlYzkzY2VjMzNhMmNhODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyr+KA2jqHWpuKxmWEhU7xfJUf+pQ
wYz+AAJdjoKgQ4aWJU02efoQ8GyEBAV3QjzwdpuD8mFMYl8OujStT9zGQdkwwZ/U
Wl9Lg67piSfbZ9J9AB348P8fy4916pAlmXaRyV+LeO/PPb5h+GBBRO/KMbTp6Ivs
6DI+dE/f8vmVsrCGSG9iC0ImI/PyuS0kCyzNzuoi/zbFPOXiPQXmQINiavhluxel
T5UKK2UccLvNUJVOrUj+VyqsKgJGv9dxLnF2Kk5Y4Bw+KMnwUQtLR3eG8Nz+UlQp
mCFZ3hb9ygg0gV4XpqLUOC002SC1O/7du/Oq1NdJHEAtWlWr+mAQqFWdAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8halt4AO0pH8AYYuyTzsM6LKh8MB8GA1UdIwQY
MBaAFLKHob7YX2mbUvoGqhnlHPJYjxS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgt
MDJlM2Q5ZTAyZWVjLzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgtMDJlM2Q5ZTAyZWVj
LzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGcTg1vW2
G8RX7ono3YM50H92YcTkfgI6nPxigJfx81XncmXwPj1igprt/cQpa1zUDtu4WTvX
xySd6ReN5PAg+Qm+MubKAjz53YJkU83M/+VJkc5Bu/N80xkV02kkTAc806z32nyj
RDiokQLN6mIaIu/FguLFcsMxUWGcttj0wXOBX0nKkP9MZvOwadxoOt8Ow7JWBAPq
QPVpV78bHnx9tVh1lvjYFupgNie9ovytxsR1UZIv3lSkufWoD3o91aaXDMifDSZt
TyvNyVA5DSzX9zS1CVMC/AE/URvM2pth35dG70ns1vsAfGnu4QuclpLmayOoWjqf
80V/TsPyrLf9mg==
-----END CERTIFICATE-----