Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
File:                     soehvthfaZtS-gaqGeUc8liPFLk.mft (raw, json)
Hash identifier:          RQxtwtflcXSgjmLyKz0qd5pquCfPymYxIujx45tRLoQ=
Subject key identifier:   A3:FD:44:D5:15:81:A2:B3:F1:B7:75:E0:25:A9:DA:5F:B2:73:90:F9
Authority key identifier: B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9
Certificate issuer:       /CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
Certificate serial:       019D2704BF820E2EA92DAC408D0123E93B8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
Manifest number:          1328
Signing time:             Wed 25 Mar 2026 22:01:55 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:55 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:55 +0000
Files and hashes:         1: soehvthfaZtS-gaqGeUc8liPFLk.crl (hash: Bx9zrzrjht9J2qPtbSJRkbXd3KfTUXYI+N/8/H7/3no=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:bf:82:0e:2e:a9:2d:ac:40:8d:01:23:e9:3b:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
        Validity
            Not Before: Mar 25 22:01:55 2026 GMT
            Not After : Mar 26 22:01:55 2026 GMT
        Subject: CN=a3fd44d51581a2b3f1b775e025a9da5fb27390f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:af:9e:fa:33:5c:9a:6b:96:c3:3e:20:c6:5c:
                    f9:e6:7a:b0:22:50:bb:aa:97:ac:5b:31:d7:22:d0:
                    b4:46:3b:54:c9:4f:f2:e1:1c:ec:5d:e9:78:0a:f9:
                    0e:87:d0:bf:5e:84:1f:1b:f0:07:85:89:bd:0e:be:
                    c8:0c:7c:e0:fe:5c:d6:b9:13:06:0c:d0:78:c7:a1:
                    5b:f6:eb:cc:d8:77:3d:7a:02:58:b7:6f:dc:ee:c3:
                    47:e8:28:b4:b9:97:02:2a:a2:49:2c:81:03:7f:c3:
                    c0:46:8b:e6:e8:0e:e6:b3:cc:da:39:74:ed:3e:22:
                    ce:36:b0:13:91:5c:ef:67:15:73:1f:b8:98:1f:b5:
                    93:2b:71:d3:3e:25:a3:28:4e:49:62:7b:b8:f8:a9:
                    a7:58:4a:bb:df:91:54:b9:52:03:73:0b:d4:02:6a:
                    7f:7c:a5:e9:0a:db:e2:9d:fb:96:a2:85:54:6b:5d:
                    bd:57:3d:c7:9e:31:af:37:9b:49:07:d6:36:ba:07:
                    02:1a:d6:44:e6:bf:4f:7b:3a:03:e7:65:b5:d4:d6:
                    7e:bf:c8:ef:ce:10:56:e7:57:4d:43:11:b3:9a:ed:
                    c1:bb:ad:76:73:7d:7e:54:f5:3a:86:9f:ba:8f:b9:
                    c7:9b:78:51:2c:db:77:10:89:23:f8:24:10:6d:dc:
                    3f:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:FD:44:D5:15:81:A2:B3:F1:B7:75:E0:25:A9:DA:5F:B2:73:90:F9
            X509v3 Authority Key Identifier:
                keyid:B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:f8:2b:ae:34:bf:72:36:39:11:87:d5:7e:70:d7:7f:a6:81:
         0a:64:df:72:ca:09:92:76:29:01:46:fb:7a:b1:4e:a0:44:5b:
         42:57:3e:36:9b:ec:9b:60:70:55:ca:54:fa:ab:43:c7:67:d3:
         b6:e2:70:af:32:26:22:8e:10:e9:c4:3f:c7:33:6a:dd:0c:a3:
         05:9c:b9:26:cf:86:ca:27:c7:93:27:8b:f3:c9:a2:be:67:36:
         27:6c:1d:72:dd:d2:86:c2:c6:9f:9c:7a:56:e0:6b:47:4f:df:
         28:5d:47:de:14:1f:29:fe:68:3f:42:09:46:d8:69:8d:7c:80:
         37:1d:91:04:3f:4f:e8:e4:f4:b2:77:83:8e:e5:be:82:d3:c2:
         42:df:87:cc:2f:68:a4:6a:64:51:fc:13:69:35:d3:dd:75:2f:
         a2:31:31:1d:b4:7a:29:72:9f:ce:d9:9c:0e:ed:4d:25:a8:e4:
         85:f2:0b:d5:68:16:73:db:ad:de:cf:2c:af:94:0a:e6:eb:d1:
         6e:7a:b1:d1:ec:b9:9e:a9:93:ba:d2:fe:39:29:ac:59:7b:20:
         3a:63:dc:d9:b0:78:1c:21:af:19:1f:b2:11:18:d2:5d:85:10:
         2c:6c:f2:9e:41:fd:43:04:9a:71:ad:38:e1:2c:e7:42:5f:28:
         80:f7:bb:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBL+CDi6pLaxAjQEj6TuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODdhMWJlZDg1ZjY5OWI1MmZhMDZhYTE5ZTUxY2YyNTg4
ZjE0YjkwHhcNMjYwMzI1MjIwMTU1WhcNMjYwMzI2MjIwMTU1WjAzMTEwLwYDVQQD
EyhhM2ZkNDRkNTE1ODFhMmIzZjFiNzc1ZTAyNWE5ZGE1ZmIyNzM5MGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvq+e+jNcmmuWwz4gxlz55nqwIlC7
qpesWzHXItC0RjtUyU/y4RzsXel4CvkOh9C/XoQfG/AHhYm9Dr7IDHzg/lzWuRMG
DNB4x6Fb9uvM2Hc9egJYt2/c7sNH6Ci0uZcCKqJJLIEDf8PARovm6A7ms8zaOXTt
PiLONrATkVzvZxVzH7iYH7WTK3HTPiWjKE5JYnu4+KmnWEq735FUuVIDcwvUAmp/
fKXpCtvinfuWooVUa129Vz3HnjGvN5tJB9Y2ugcCGtZE5r9PezoD52W11NZ+v8jv
zhBW51dNQxGzmu3Bu612c31+VPU6hp+6j7nHm3hRLNt3EIkj+CQQbdw/mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKP9RNUVgaKz8bd14CWp2l+yc5D5MB8GA1UdIwQY
MBaAFLKHob7YX2mbUvoGqhnlHPJYjxS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgt
MDJlM2Q5ZTAyZWVjLzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgtMDJlM2Q5ZTAyZWVj
LzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ/grrjS/
cjY5EYfVfnDXf6aBCmTfcsoJknYpAUb7erFOoERbQlc+Npvsm2BwVcpU+qtDx2fT
tuJwrzImIo4Q6cQ/xzNq3QyjBZy5Js+GyifHkyeL88mivmc2J2wdct3ShsLGn5x6
VuBrR0/fKF1H3hQfKf5oP0IJRthpjXyANx2RBD9P6OT0sneDjuW+gtPCQt+HzC9o
pGpkUfwTaTXT3XUvojExHbR6KXKfztmcDu1NJajkhfIL1WgWc9ut3s8sr5QK5uvR
bnqx0ey5nqmTutL+OSmsWXsgOmPc2bB4HCGvGR+yERjSXYUQLGzynkH9QwSaca04
4SznQl8ogPe7PA==
-----END CERTIFICATE-----