Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
File:                     soehvthfaZtS-gaqGeUc8liPFLk.mft (raw, json)
Hash identifier:          iK8WmTpexp6p/SYjsCfbGvP5EE9lGy2oBu5lQs0u0ys=
Subject key identifier:   A3:86:DF:88:BB:28:D2:31:95:A5:16:7B:FB:F4:42:81:12:C5:46:8E
Authority key identifier: B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9
Certificate issuer:       /CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
Certificate serial:       019CAB6B66118696153D15B963B93A6518FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
Manifest number:          12E8
Signing time:             Sun 01 Mar 2026 22:01:08 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:08 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:08 +0000
Files and hashes:         1: soehvthfaZtS-gaqGeUc8liPFLk.crl (hash: sDJDmOxJCcZmf6T9EKTYzpibL9ek5S7vg6ZslHwRs/8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:66:11:86:96:15:3d:15:b9:63:b9:3a:65:18:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
        Validity
            Not Before: Mar  1 22:01:08 2026 GMT
            Not After : Mar  2 22:01:08 2026 GMT
        Subject: CN=a386df88bb28d23195a5167bfbf4428112c5468e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:38:ea:52:d3:d3:c3:8f:53:18:1f:ca:1b:8f:
                    8a:9d:0e:8c:ad:70:f5:b8:f8:14:5a:a0:79:80:1b:
                    be:d0:ee:76:5b:7a:37:67:31:29:50:4a:db:53:09:
                    10:cc:8f:a2:c9:d9:c3:8f:36:03:46:ed:20:68:ee:
                    6a:7c:db:37:4b:95:cd:63:2e:ae:03:9e:c9:35:88:
                    5a:35:7d:42:8a:29:89:c4:c0:fc:a2:6b:8d:0a:3f:
                    11:bd:8a:8b:0a:64:21:89:62:f4:c4:a9:59:66:78:
                    ee:87:28:04:0e:45:d7:f6:68:fa:6d:3d:d3:ce:d4:
                    f3:6a:26:ab:2e:1f:a4:8f:f5:75:42:9b:2c:96:7a:
                    47:54:63:55:67:e8:5a:34:d6:65:14:36:dc:18:3d:
                    e6:57:90:b2:55:95:32:7d:11:46:ec:e1:2c:fa:f7:
                    fa:f0:f3:d5:f6:ec:02:53:fc:74:8a:1f:ca:e7:48:
                    ad:46:89:ed:8a:3a:c7:d3:ae:ab:12:26:33:bf:2a:
                    92:f9:81:ac:5a:2f:fe:89:7d:cf:18:60:3f:81:79:
                    c8:4b:df:5d:e0:55:08:32:fb:5a:91:2a:7f:95:7c:
                    c7:a5:c0:92:6a:b2:0d:5b:ef:31:6d:a1:3f:04:89:
                    95:8a:ed:5d:e9:c0:29:91:4c:1b:3a:eb:ee:b6:05:
                    99:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:86:DF:88:BB:28:D2:31:95:A5:16:7B:FB:F4:42:81:12:C5:46:8E
            X509v3 Authority Key Identifier:
                keyid:B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:37:e1:10:db:09:cf:db:37:e2:c8:3c:a5:d7:f3:fa:ef:9f:
         25:11:ae:65:3e:b2:0a:80:1e:83:af:58:09:38:d1:7d:bb:0b:
         80:4d:b6:0e:7b:ba:c7:05:99:55:a8:ce:6a:65:c7:42:e7:c1:
         b2:ff:1e:32:2d:8a:c6:c4:b9:e6:76:a1:a9:ed:33:0a:00:dc:
         d6:4f:b3:d0:c3:7d:5d:e0:14:50:73:4b:3b:4f:fb:7f:05:48:
         5e:fd:1e:4b:bc:9a:76:2b:bf:ae:1e:1b:c1:8d:e7:50:ff:04:
         dc:0d:65:d9:b4:ae:02:ef:a3:bb:c2:cb:14:9d:66:62:e2:36:
         9e:30:66:c9:aa:90:2b:fa:42:b3:f1:e3:87:0d:ae:0d:c1:80:
         61:e1:5d:15:8e:02:a7:5f:61:dc:84:3c:87:38:ed:61:79:79:
         db:7c:ab:87:39:4d:ba:77:5d:66:6d:64:b6:df:90:2c:61:79:
         7d:0e:4a:ff:8b:a6:f7:cc:f4:d4:a1:76:71:ef:99:92:01:47:
         bd:4d:54:5d:b4:be:fa:7b:95:51:07:b6:29:eb:09:04:bd:44:
         5e:72:fe:bb:d1:57:a2:76:26:fc:ad:e7:d7:7d:c1:01:63:29:
         9f:84:fb:9c:0d:36:49:fc:2b:9b:6a:4e:5a:14:ae:79:82:e7:
         3e:0d:0c:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra2YRhpYVPRW5Y7k6ZRj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODdhMWJlZDg1ZjY5OWI1MmZhMDZhYTE5ZTUxY2YyNTg4
ZjE0YjkwHhcNMjYwMzAxMjIwMTA4WhcNMjYwMzAyMjIwMTA4WjAzMTEwLwYDVQQD
EyhhMzg2ZGY4OGJiMjhkMjMxOTVhNTE2N2JmYmY0NDI4MTEyYzU0NjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzjqUtPTw49TGB/KG4+KnQ6MrXD1
uPgUWqB5gBu+0O52W3o3ZzEpUErbUwkQzI+iydnDjzYDRu0gaO5qfNs3S5XNYy6u
A57JNYhaNX1CiimJxMD8omuNCj8RvYqLCmQhiWL0xKlZZnjuhygEDkXX9mj6bT3T
ztTzaiarLh+kj/V1QpsslnpHVGNVZ+haNNZlFDbcGD3mV5CyVZUyfRFG7OEs+vf6
8PPV9uwCU/x0ih/K50itRontijrH066rEiYzvyqS+YGsWi/+iX3PGGA/gXnIS99d
4FUIMvtakSp/lXzHpcCSarINW+8xbaE/BImViu1d6cApkUwbOuvutgWZzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOG34i7KNIxlaUWe/v0QoESxUaOMB8GA1UdIwQY
MBaAFLKHob7YX2mbUvoGqhnlHPJYjxS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgt
MDJlM2Q5ZTAyZWVjLzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgtMDJlM2Q5ZTAyZWVj
LzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWjfhENsJ
z9s34sg8pdfz+u+fJRGuZT6yCoAeg69YCTjRfbsLgE22Dnu6xwWZVajOamXHQufB
sv8eMi2KxsS55nahqe0zCgDc1k+z0MN9XeAUUHNLO0/7fwVIXv0eS7yadiu/rh4b
wY3nUP8E3A1l2bSuAu+ju8LLFJ1mYuI2njBmyaqQK/pCs/Hjhw2uDcGAYeFdFY4C
p19h3IQ8hzjtYXl523yrhzlNunddZm1ktt+QLGF5fQ5K/4um98z01KF2ce+ZkgFH
vU1UXbS++nuVUQe2KesJBL1EXnL+u9FXonYm/K3n133BAWMpn4T7nA02Sfwrm2pO
WhSueYLnPg0MoQ==
-----END CERTIFICATE-----