Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
File:                     soehvthfaZtS-gaqGeUc8liPFLk.mft (raw, json)
Hash identifier:          YRlpdc8NurLJrJtqLPMnOCdkGQMGZcCFAb1dKwrm2CQ=
Subject key identifier:   15:55:FD:88:B5:DE:C0:5E:41:86:09:A6:D1:FB:2F:A5:1F:2F:17:45
Authority key identifier: B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9
Certificate issuer:       /CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
Certificate serial:       019873E34A30786A5ED1022B3D59C785C631
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
Manifest number:          10B9
Signing time:             Mon 04 Aug 2025 07:02:12 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:12 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:12 +0000
Files and hashes:         1: soehvthfaZtS-gaqGeUc8liPFLk.crl (hash: 7v3n1fc7TxTKFk5YIIYyXqFvSP8+gm7l6n8bkgGxQI4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:4a:30:78:6a:5e:d1:02:2b:3d:59:c7:85:c6:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
        Validity
            Not Before: Aug  4 07:02:12 2025 GMT
            Not After : Aug  5 07:02:12 2025 GMT
        Subject: CN=1555fd88b5dec05e418609a6d1fb2fa51f2f1745
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:d6:d6:a9:66:dc:92:0a:29:38:18:8d:e1:2d:
                    d7:d7:de:c9:cb:33:12:13:9a:01:77:84:4c:26:fb:
                    65:e0:c8:0a:b7:72:5f:53:1a:02:7f:fc:a1:8c:62:
                    6f:8f:89:56:0b:60:fe:fb:38:0a:58:e5:a4:c5:b6:
                    80:d5:56:fd:be:2f:cb:89:9b:47:3e:c5:3a:90:fd:
                    6e:b3:e8:b3:f7:03:11:10:09:b3:dd:5c:3b:75:ca:
                    ad:4e:65:80:c4:b3:c8:af:74:a7:f0:17:f2:cf:c2:
                    36:4a:9a:f4:c7:06:15:3e:f8:1b:55:4e:ce:43:d6:
                    44:31:c3:2a:0e:65:ca:8d:32:08:0f:8c:f4:47:99:
                    0e:c5:67:66:0e:23:d7:b9:4a:c8:a7:08:3f:89:51:
                    2b:38:79:82:06:a5:55:b6:37:42:47:15:50:49:7b:
                    2b:b4:89:96:a7:d0:23:83:2e:46:86:91:49:2b:c6:
                    5a:bb:f9:cb:01:0e:5d:88:1f:26:5b:35:66:86:60:
                    88:10:bd:03:f8:b0:62:bd:6c:c9:31:fb:e9:dc:03:
                    71:7a:20:c0:69:65:22:ec:52:25:37:a8:ca:55:e6:
                    14:9e:5c:12:2c:33:3f:d9:82:58:1d:5c:75:22:0d:
                    e1:3a:b5:11:1f:2c:59:9d:64:4c:07:df:20:dd:d5:
                    5e:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:55:FD:88:B5:DE:C0:5E:41:86:09:A6:D1:FB:2F:A5:1F:2F:17:45
            X509v3 Authority Key Identifier:
                keyid:B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:35:1e:36:be:f8:93:ba:f9:9d:11:07:8a:e2:a5:a8:c1:96:
         ad:d0:5c:b0:4f:89:04:a4:c7:5d:b2:f5:d2:bf:d0:fe:ec:84:
         62:e1:d2:27:a6:7f:ae:e7:31:9a:21:85:94:d3:9f:d4:c3:27:
         70:2c:22:cd:75:f0:22:ef:c3:a9:df:a9:8f:d8:16:a0:86:89:
         1b:47:48:8f:82:70:bd:16:c1:ca:de:b2:93:63:8c:95:f5:3b:
         62:32:d1:64:1b:b6:2a:96:b5:dd:d1:d3:39:51:b3:57:6d:f2:
         25:fb:f0:d7:a0:03:1c:65:be:f5:cf:fc:f0:7b:8c:77:d6:04:
         eb:da:40:3d:87:ed:da:bc:8a:f1:83:81:63:cf:fb:d7:63:b1:
         1f:e2:e2:5c:da:f0:84:0e:34:a1:15:e1:0f:7b:60:15:40:5a:
         9f:69:e5:2c:db:6e:3c:d9:eb:9c:10:76:53:42:fc:5b:2f:3c:
         4a:35:0c:07:e1:c3:d7:ca:83:43:21:3b:6e:e8:af:73:25:f3:
         bf:31:bf:2f:9d:2e:2d:dd:63:5f:a3:26:d4:dc:9e:65:fc:d9:
         c1:36:ed:e7:fc:34:35:ca:1b:6a:30:3c:9b:22:b6:40:65:0c:
         4a:32:7f:57:47:f5:e3:a0:24:ac:38:8e:a8:27:67:6f:43:37:
         ee:12:e1:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz40oweGpe0QIrPVnHhcYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODdhMWJlZDg1ZjY5OWI1MmZhMDZhYTE5ZTUxY2YyNTg4
ZjE0YjkwHhcNMjUwODA0MDcwMjEyWhcNMjUwODA1MDcwMjEyWjAzMTEwLwYDVQQD
EygxNTU1ZmQ4OGI1ZGVjMDVlNDE4NjA5YTZkMWZiMmZhNTFmMmYxNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNbWqWbckgopOBiN4S3X197JyzMS
E5oBd4RMJvtl4MgKt3JfUxoCf/yhjGJvj4lWC2D++zgKWOWkxbaA1Vb9vi/LiZtH
PsU6kP1us+iz9wMREAmz3Vw7dcqtTmWAxLPIr3Sn8Bfyz8I2Spr0xwYVPvgbVU7O
Q9ZEMcMqDmXKjTIID4z0R5kOxWdmDiPXuUrIpwg/iVErOHmCBqVVtjdCRxVQSXsr
tImWp9Ajgy5GhpFJK8Zau/nLAQ5diB8mWzVmhmCIEL0D+LBivWzJMfvp3ANxeiDA
aWUi7FIlN6jKVeYUnlwSLDM/2YJYHVx1Ig3hOrURHyxZnWRMB98g3dVeNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBVV/Yi13sBeQYYJptH7L6UfLxdFMB8GA1UdIwQY
MBaAFLKHob7YX2mbUvoGqhnlHPJYjxS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgt
MDJlM2Q5ZTAyZWVjLzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgtMDJlM2Q5ZTAyZWVj
LzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbjUeNr74
k7r5nREHiuKlqMGWrdBcsE+JBKTHXbL10r/Q/uyEYuHSJ6Z/rucxmiGFlNOf1MMn
cCwizXXwIu/Dqd+pj9gWoIaJG0dIj4JwvRbByt6yk2OMlfU7YjLRZBu2Kpa13dHT
OVGzV23yJfvw16ADHGW+9c/88HuMd9YE69pAPYft2ryK8YOBY8/712OxH+LiXNrw
hA40oRXhD3tgFUBan2nlLNtuPNnrnBB2U0L8Wy88SjUMB+HD18qDQyE7buivcyXz
vzG/L50uLd1jX6Mm1NyeZfzZwTbt5/w0NcobajA8myK2QGUMSjJ/V0f146AkrDiO
qCdnb0M37hLhJA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:03:22 2025 by rpki-client