Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
File:                     soehvthfaZtS-gaqGeUc8liPFLk.mft (raw, json)
Hash identifier:          OMWT+DheFDNv6ex2oh0IIGLSctAx730y0oyDpLhKSS0=
Subject key identifier:   02:58:45:70:24:07:52:C2:C5:C4:B0:E8:94:15:EC:F7:5B:72:1F:BC
Authority key identifier: B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9
Certificate issuer:       /CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
Certificate serial:       0198D6609C33BAE9125ED6EBD45AC95F24C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
Manifest number:          10EC
Signing time:             Sat 23 Aug 2025 10:01:51 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:51 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:51 +0000
Files and hashes:         1: soehvthfaZtS-gaqGeUc8liPFLk.crl (hash: nJNh4BGA386G8uNANv0F619SWrVFPQZhj5ccXRwIwek=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:9c:33:ba:e9:12:5e:d6:eb:d4:5a:c9:5f:24:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9
        Validity
            Not Before: Aug 23 10:01:51 2025 GMT
            Not After : Aug 24 10:01:51 2025 GMT
        Subject: CN=02584570240752c2c5c4b0e89415ecf75b721fbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:20:7c:16:21:3e:e4:76:a1:03:8d:7f:25:7d:
                    09:ec:ea:06:ec:40:bf:6a:4b:83:ac:bb:cf:5d:5a:
                    a9:4c:39:3d:0d:59:48:07:e3:77:d8:83:29:48:66:
                    49:24:67:db:af:60:4c:2e:e1:27:c0:c6:90:3b:b7:
                    51:27:1f:88:8c:62:84:87:b8:6a:8d:aa:88:ae:5c:
                    ff:f8:5c:fc:e8:12:c3:e9:f6:d2:dd:c0:c4:fa:4b:
                    de:92:48:f9:f3:3e:62:74:43:9d:b8:32:d7:db:ec:
                    67:23:16:ee:16:75:06:a5:f2:6c:84:6f:65:5b:76:
                    d7:cd:a5:78:9e:51:a4:bf:94:90:e3:7f:f4:f9:31:
                    6d:1e:22:93:8b:f1:71:43:51:d5:1a:9e:4c:08:07:
                    45:08:09:b7:13:73:0b:13:45:c0:17:73:ec:69:2f:
                    0c:fb:5c:43:02:21:2d:f7:5f:9b:41:0b:92:6e:a0:
                    3c:69:7d:6f:2a:32:3f:aa:06:b6:e5:90:b6:a9:c4:
                    9a:00:1b:1f:2e:a7:c9:20:87:55:91:08:39:ba:f9:
                    da:f0:65:f0:6d:69:61:41:8a:2d:04:72:13:90:1f:
                    6f:26:cc:43:e0:d2:b1:d0:02:e4:4c:4e:cb:c9:e1:
                    85:de:d0:fa:f9:83:09:d6:6c:27:00:59:80:9d:eb:
                    ed:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:58:45:70:24:07:52:C2:C5:C4:B0:E8:94:15:EC:F7:5B:72:1F:BC
            X509v3 Authority Key Identifier:
                keyid:B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:53:c4:83:9a:76:04:f7:a6:d0:28:cb:9b:5d:6d:92:da:ac:
         b4:04:b1:aa:ce:06:df:ab:01:a0:8c:1c:1f:73:63:50:9e:44:
         4b:54:53:18:cf:2d:61:a3:6a:9b:b4:82:ce:01:d3:18:2c:3a:
         69:ba:3e:86:b5:2f:ec:66:04:1f:86:4b:bd:03:19:6f:d1:f7:
         c1:6e:26:a8:88:c9:35:c4:0f:64:92:a0:00:ee:f2:ee:39:97:
         27:33:8a:cd:f3:3b:25:c8:93:22:d4:86:4e:e7:93:8f:97:ef:
         4c:d5:4c:b2:0a:77:ad:d0:4b:a4:2a:85:09:0a:99:87:90:ac:
         50:c5:af:4e:86:24:11:23:ce:f8:62:3c:ec:ba:7b:ab:9f:75:
         56:f7:fa:32:6d:e8:68:6c:d0:50:ff:00:11:1b:04:1a:22:ad:
         43:87:ab:1a:07:88:bb:ca:98:66:16:41:3b:df:14:b9:1b:a8:
         90:a2:ce:39:58:3c:50:21:c5:bf:10:cc:ef:db:b7:ce:9e:73:
         16:1a:a3:3e:91:0f:5c:89:5b:89:5b:59:fc:1a:dd:bc:23:c5:
         32:2c:00:50:c9:ac:1e:a6:50:37:19:2e:95:66:73:3a:71:69:
         01:e4:39:aa:66:a1:b8:0f:af:b7:c7:81:bc:03:60:f0:e2:7a:
         e4:4d:c0:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYJwzuukSXtbr1FrJXyTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODdhMWJlZDg1ZjY5OWI1MmZhMDZhYTE5ZTUxY2YyNTg4
ZjE0YjkwHhcNMjUwODIzMTAwMTUxWhcNMjUwODI0MTAwMTUxWjAzMTEwLwYDVQQD
EygwMjU4NDU3MDI0MDc1MmMyYzVjNGIwZTg5NDE1ZWNmNzViNzIxZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSB8FiE+5HahA41/JX0J7OoG7EC/
akuDrLvPXVqpTDk9DVlIB+N32IMpSGZJJGfbr2BMLuEnwMaQO7dRJx+IjGKEh7hq
jaqIrlz/+Fz86BLD6fbS3cDE+kvekkj58z5idEOduDLX2+xnIxbuFnUGpfJshG9l
W3bXzaV4nlGkv5SQ43/0+TFtHiKTi/FxQ1HVGp5MCAdFCAm3E3MLE0XAF3PsaS8M
+1xDAiEt91+bQQuSbqA8aX1vKjI/qga25ZC2qcSaABsfLqfJIIdVkQg5uvna8GXw
bWlhQYotBHITkB9vJsxD4NKx0ALkTE7LyeGF3tD6+YMJ1mwnAFmAnevtywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJYRXAkB1LCxcSw6JQV7Pdbch+8MB8GA1UdIwQY
MBaAFLKHob7YX2mbUvoGqhnlHPJYjxS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgt
MDJlM2Q5ZTAyZWVjLzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgtMDJlM2Q5ZTAyZWVj
LzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXFPEg5p2
BPem0CjLm11tktqstASxqs4G36sBoIwcH3NjUJ5ES1RTGM8tYaNqm7SCzgHTGCw6
abo+hrUv7GYEH4ZLvQMZb9H3wW4mqIjJNcQPZJKgAO7y7jmXJzOKzfM7JciTItSG
TueTj5fvTNVMsgp3rdBLpCqFCQqZh5CsUMWvToYkESPO+GI87Lp7q591Vvf6Mm3o
aGzQUP8AERsEGiKtQ4erGgeIu8qYZhZBO98UuRuokKLOOVg8UCHFvxDM79u3zp5z
FhqjPpEPXIlbiVtZ/BrdvCPFMiwAUMmsHqZQNxkulWZzOnFpAeQ5qmahuA+vt8eB
vANg8OJ65E3A8Q==
-----END CERTIFICATE-----