Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
File:                     soehvthfaZtS-gaqGeUc8liPFLk.mft (raw, json)
Hash identifier:          tuFUuNuOXXI9PMkBjx4V2YCxqiawdEGY/mhBGwUQKJU=
Subject key identifier:   F6:4D:6A:16:95:CD:17:FB:CC:36:54:ED:37:0A:BD:ED:9A:C2:9D:AC
Authority key identifier: B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9
Certificate issuer:       /CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
Certificate serial:       019A71B81912726E64D08D888B89C7B8369D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
Manifest number:          11C1
Signing time:             Tue 11 Nov 2025 07:01:21 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:21 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:21 +0000
Files and hashes:         1: soehvthfaZtS-gaqGeUc8liPFLk.crl (hash: JpgssgN99a2LbCTw9YGOMzL97baYPbJ/VZFOLDTWySc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:19:12:72:6e:64:d0:8d:88:8b:89:c7:b8:36:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
        Validity
            Not Before: Nov 11 07:01:21 2025 GMT
            Not After : Nov 12 07:01:21 2025 GMT
        Subject: CN=f64d6a1695cd17fbcc3654ed370abded9ac29dac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:ca:30:1a:97:47:58:ed:e9:76:27:b0:a9:b8:
                    7b:76:df:cc:17:b6:98:de:04:2c:3f:33:c4:0a:a7:
                    00:79:5a:44:52:52:94:15:3b:d7:ac:ff:2b:43:9d:
                    cf:d4:95:9e:96:5c:39:e1:96:08:9d:6c:2d:ad:bc:
                    24:27:f0:6b:c3:09:5f:e4:5f:09:e0:9a:c7:52:bc:
                    13:9e:0d:91:db:3e:22:33:52:5c:8a:38:c9:31:39:
                    b1:4a:9b:76:30:d7:14:6d:2c:f0:4a:6e:fc:aa:6f:
                    4d:5e:3c:46:2b:76:27:4a:fc:b1:81:44:26:ba:4b:
                    33:fc:66:81:66:0e:88:08:14:ce:cb:96:63:a5:a2:
                    27:80:56:d3:14:29:01:40:4d:ba:6e:c4:8a:55:52:
                    7e:44:b3:0b:28:13:74:38:ef:1f:e6:81:cc:d0:72:
                    3e:bd:5a:e8:16:2c:67:a8:e6:8e:8f:41:10:73:d3:
                    cd:8e:9d:d9:2a:1e:23:e5:a0:fa:7b:f8:46:cf:ec:
                    91:7a:34:97:7a:58:19:d6:0a:1d:aa:3c:94:4d:f5:
                    a3:be:ce:c0:70:08:d3:dc:43:e5:8e:87:bd:e2:44:
                    69:4f:a1:f1:ab:69:03:b7:2e:8d:33:e5:ec:9d:bd:
                    e5:ed:91:2f:bb:01:8d:33:00:19:6f:9b:58:76:d0:
                    04:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:4D:6A:16:95:CD:17:FB:CC:36:54:ED:37:0A:BD:ED:9A:C2:9D:AC
            X509v3 Authority Key Identifier:
                keyid:B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:c7:c4:ac:06:97:b5:61:c0:20:0b:5a:06:05:b9:98:9d:b2:
         d4:5f:0f:24:8b:4d:99:9c:e9:8f:d8:6c:a8:05:73:8b:9f:22:
         6e:e4:15:6f:d8:01:79:be:a3:0e:d3:58:64:aa:4c:1a:67:84:
         4d:26:72:cf:f4:fd:9a:df:a1:ae:53:cc:26:5a:8c:a0:3c:b5:
         ff:a9:81:d3:5c:8e:7a:fe:73:16:af:df:c7:96:a7:bd:5e:71:
         4b:52:d0:7d:3b:83:8e:9e:b6:62:db:30:c2:6c:f2:95:a3:9d:
         85:7a:98:79:9a:58:18:5e:1f:de:b1:08:c7:d0:41:8d:09:ca:
         aa:bd:11:f1:01:8d:20:8c:7f:fd:81:e7:33:9a:30:98:be:04:
         39:5e:9f:8e:ba:5b:73:91:04:67:5c:df:63:e0:45:48:9b:66:
         d3:77:53:cb:c4:72:38:b5:a7:90:24:f4:e8:00:6e:34:e3:48:
         55:66:fa:15:60:64:ed:b0:e0:9d:c3:b1:09:97:6f:9f:73:d5:
         8e:df:fd:09:f9:46:ea:18:50:52:48:39:13:9d:4c:39:4e:87:
         ea:97:0a:8d:37:8f:e1:de:05:7e:bc:d1:7b:c9:e6:45:7a:07:
         e2:c5:95:d6:72:db:7b:90:a6:66:c1:fb:36:23:2d:41:4c:52:
         e2:d3:b6:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBkScm5k0I2Ii4nHuDadMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODdhMWJlZDg1ZjY5OWI1MmZhMDZhYTE5ZTUxY2YyNTg4
ZjE0YjkwHhcNMjUxMTExMDcwMTIxWhcNMjUxMTEyMDcwMTIxWjAzMTEwLwYDVQQD
EyhmNjRkNmExNjk1Y2QxN2ZiY2MzNjU0ZWQzNzBhYmRlZDlhYzI5ZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38owGpdHWO3pdiewqbh7dt/MF7aY
3gQsPzPECqcAeVpEUlKUFTvXrP8rQ53P1JWellw54ZYInWwtrbwkJ/Brwwlf5F8J
4JrHUrwTng2R2z4iM1JcijjJMTmxSpt2MNcUbSzwSm78qm9NXjxGK3YnSvyxgUQm
uksz/GaBZg6ICBTOy5ZjpaIngFbTFCkBQE26bsSKVVJ+RLMLKBN0OO8f5oHM0HI+
vVroFixnqOaOj0EQc9PNjp3ZKh4j5aD6e/hGz+yRejSXelgZ1godqjyUTfWjvs7A
cAjT3EPljoe94kRpT6Hxq2kDty6NM+Xsnb3l7ZEvuwGNMwAZb5tYdtAEPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPZNahaVzRf7zDZU7TcKve2awp2sMB8GA1UdIwQY
MBaAFLKHob7YX2mbUvoGqhnlHPJYjxS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgt
MDJlM2Q5ZTAyZWVjLzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgtMDJlM2Q5ZTAyZWVj
LzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYMfErAaX
tWHAIAtaBgW5mJ2y1F8PJItNmZzpj9hsqAVzi58ibuQVb9gBeb6jDtNYZKpMGmeE
TSZyz/T9mt+hrlPMJlqMoDy1/6mB01yOev5zFq/fx5anvV5xS1LQfTuDjp62Ytsw
wmzylaOdhXqYeZpYGF4f3rEIx9BBjQnKqr0R8QGNIIx//YHnM5owmL4EOV6fjrpb
c5EEZ1zfY+BFSJtm03dTy8RyOLWnkCT06ABuNONIVWb6FWBk7bDgncOxCZdvn3PV
jt/9CflG6hhQUkg5E51MOU6H6pcKjTeP4d4FfrzRe8nmRXoH4sWV1nLbe5CmZsH7
NiMtQUxS4tO2aQ==
-----END CERTIFICATE-----