Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
File:                     soehvthfaZtS-gaqGeUc8liPFLk.mft (raw, json)
Hash identifier:          dFBLI3PyH3tWiUJAhB2JTZIf5wUCr/ImpbP8x1H4Bvo=
Subject key identifier:   B5:2D:76:89:5B:D6:E6:48:6E:D4:BF:32:98:5F:2F:3B:8F:DF:AF:0D
Authority key identifier: B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9
Certificate issuer:       /CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
Certificate serial:       019A4D067500030F18099F182CFABE465178
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
Manifest number:          11AE
Signing time:             Tue 04 Nov 2025 04:01:00 +0000
Manifest this update:     Tue 04 Nov 2025 04:01:00 +0000
Manifest next update:     Wed 05 Nov 2025 04:01:00 +0000
Files and hashes:         1: soehvthfaZtS-gaqGeUc8liPFLk.crl (hash: YmTSEa01Y+om9nI2UjNppvDM8Qn4kzu/gRWSZ5wEV2g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:06:75:00:03:0f:18:09:9f:18:2c:fa:be:46:51:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
        Validity
            Not Before: Nov  4 04:01:00 2025 GMT
            Not After : Nov  5 04:01:00 2025 GMT
        Subject: CN=b52d76895bd6e6486ed4bf32985f2f3b8fdfaf0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:dd:44:ce:8c:2c:8e:d3:65:0f:42:6f:4e:ab:
                    cb:e6:27:05:00:77:1d:50:b1:e4:99:76:57:85:b9:
                    0d:65:09:2f:b9:59:b1:2c:bc:8d:ba:24:9a:f1:36:
                    85:ac:b9:98:0c:18:2a:71:0b:58:d8:88:dd:0e:ac:
                    b2:de:ce:e5:b7:58:d9:1e:6c:74:ab:6d:87:cd:48:
                    d7:0c:1d:5f:6d:eb:39:24:a9:b3:49:e6:f3:b9:d3:
                    d8:7e:53:e8:06:b3:f7:49:4a:a5:d5:6f:b3:fa:fd:
                    e4:c4:4a:42:28:4e:b6:d5:25:9e:d1:ef:9f:f3:89:
                    14:dc:12:c7:a6:ec:78:d3:84:af:28:fd:3b:43:14:
                    da:9c:22:a6:26:e3:8d:a0:6d:06:e6:80:bc:b4:7b:
                    ee:38:03:e4:d9:e3:a1:f8:7a:4d:ca:70:8c:06:86:
                    4d:40:21:28:3a:e0:31:89:c6:f2:3c:d1:73:fd:54:
                    37:26:47:df:70:8a:69:f9:16:31:54:06:5f:fd:e3:
                    e4:83:d6:47:39:15:8a:1e:49:91:13:14:fc:89:9b:
                    6c:3a:fc:94:29:ec:04:47:d2:5b:5f:7b:a5:54:22:
                    55:1f:44:18:fe:b1:44:88:df:89:df:a9:cf:14:bc:
                    b0:64:5f:0c:62:8b:34:ff:d2:32:85:f0:02:7f:90:
                    6b:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:2D:76:89:5B:D6:E6:48:6E:D4:BF:32:98:5F:2F:3B:8F:DF:AF:0D
            X509v3 Authority Key Identifier:
                keyid:B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:05:d7:6e:95:5a:87:bb:49:e7:96:51:1f:6d:c3:d5:bd:b1:
         ff:fb:56:35:76:d4:58:7c:4a:3e:07:0f:3a:eb:f9:6b:b2:fa:
         fc:28:b0:ac:b1:0a:bf:01:d7:28:81:74:28:f8:8d:58:2c:b7:
         c2:a4:2e:ff:6f:ec:39:77:e2:86:5e:45:3e:45:50:fc:ae:92:
         f9:da:2b:59:05:3b:db:cd:c8:97:8c:f6:ff:55:38:b3:94:97:
         93:ef:c2:29:50:bb:0c:13:ba:f3:9b:b9:e2:36:f8:36:88:27:
         94:fd:99:e2:a0:63:16:c1:33:1f:5c:ab:d3:68:c7:e5:2d:5b:
         82:2c:5e:d8:26:0c:b3:ae:42:33:64:5b:a9:35:cf:a7:f4:f2:
         98:27:18:74:e3:fb:05:50:48:f1:4c:dc:54:dd:c3:8b:0e:fa:
         c7:29:16:c3:9e:ca:f2:81:a7:61:b7:d6:3c:6d:4d:e4:61:74:
         69:08:ad:80:d3:d5:14:dc:32:bd:7f:99:48:2e:17:8c:b5:d4:
         98:ab:70:78:1b:dd:ad:93:84:7b:96:b3:8e:c3:82:00:e2:d5:
         40:43:02:1e:86:31:ea:13:ea:d9:01:ab:74:de:fb:fa:1c:8f:
         74:99:1f:30:1f:d7:06:ba:3e:0d:cc:6e:d2:76:bb:0d:3f:b8:
         8d:84:7d:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBnUAAw8YCZ8YLPq+RlF4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODdhMWJlZDg1ZjY5OWI1MmZhMDZhYTE5ZTUxY2YyNTg4
ZjE0YjkwHhcNMjUxMTA0MDQwMTAwWhcNMjUxMTA1MDQwMTAwWjAzMTEwLwYDVQQD
EyhiNTJkNzY4OTViZDZlNjQ4NmVkNGJmMzI5ODVmMmYzYjhmZGZhZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyN1EzowsjtNlD0JvTqvL5icFAHcd
ULHkmXZXhbkNZQkvuVmxLLyNuiSa8TaFrLmYDBgqcQtY2IjdDqyy3s7lt1jZHmx0
q22HzUjXDB1fbes5JKmzSebzudPYflPoBrP3SUql1W+z+v3kxEpCKE621SWe0e+f
84kU3BLHpux404SvKP07QxTanCKmJuONoG0G5oC8tHvuOAPk2eOh+HpNynCMBoZN
QCEoOuAxicbyPNFz/VQ3JkffcIpp+RYxVAZf/ePkg9ZHORWKHkmRExT8iZtsOvyU
KewER9JbX3ulVCJVH0QY/rFEiN+J36nPFLywZF8MYos0/9IyhfACf5BrjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLUtdolb1uZIbtS/MphfLzuP368NMB8GA1UdIwQY
MBaAFLKHob7YX2mbUvoGqhnlHPJYjxS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgt
MDJlM2Q5ZTAyZWVjLzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgtMDJlM2Q5ZTAyZWVj
LzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALwXXbpVa
h7tJ55ZRH23D1b2x//tWNXbUWHxKPgcPOuv5a7L6/CiwrLEKvwHXKIF0KPiNWCy3
wqQu/2/sOXfihl5FPkVQ/K6S+dorWQU7283Il4z2/1U4s5SXk+/CKVC7DBO685u5
4jb4NognlP2Z4qBjFsEzH1yr02jH5S1bgixe2CYMs65CM2RbqTXPp/TymCcYdOP7
BVBI8UzcVN3Diw76xykWw57K8oGnYbfWPG1N5GF0aQitgNPVFNwyvX+ZSC4XjLXU
mKtweBvdrZOEe5azjsOCAOLVQEMCHoYx6hPq2QGrdN77+hyPdJkfMB/XBro+Dcxu
0na7DT+4jYR9eQ==
-----END CERTIFICATE-----