Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
File:                     31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft (raw, json)
Hash identifier:          XOJCWJKR0HvK8AdcV+Jpw6uVqBfCcqGEMW3UchSDxc8=
Subject key identifier:   3A:59:48:8D:F9:39:AA:24:11:5F:86:13:AC:C1:1F:2A:8B:7E:43:DB
Authority key identifier: DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E
Certificate issuer:       /CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
Certificate serial:       019749310BE86A8C957696C6EE1BE2B5AE58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
Manifest number:          0CE4
Signing time:             Sat 07 Jun 2025 07:00:40 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:40 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:40 +0000
Files and hashes:         1: 31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl (hash: kNAoXzTBothTixQAME9MP7bsUhulIN3itGSMglWYBEs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:0b:e8:6a:8c:95:76:96:c6:ee:1b:e2:b5:ae:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
        Validity
            Not Before: Jun  7 07:00:40 2025 GMT
            Not After : Jun  8 07:00:40 2025 GMT
        Subject: CN=3a59488df939aa24115f8613acc11f2a8b7e43db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:8b:80:3c:cd:42:9d:4c:0c:cb:76:ae:34:bc:
                    aa:bf:94:00:26:6c:99:ff:5f:ab:83:28:d0:57:b4:
                    d9:14:91:ac:a6:d8:21:48:f7:22:93:c3:07:94:11:
                    15:41:ac:e3:2e:4c:6e:f5:d2:0f:bd:f3:40:da:66:
                    b2:b1:eb:aa:e1:78:c8:f5:d9:e1:a3:4a:28:98:ca:
                    ad:cf:16:44:00:b5:60:b5:b9:12:d8:33:27:bc:dc:
                    88:f8:0d:75:4e:25:7a:23:9a:bb:51:28:11:c6:65:
                    1b:af:a6:04:ff:4a:18:7c:97:6f:c5:29:95:1d:b4:
                    b4:e8:22:fc:f9:1a:cd:25:0d:95:22:a0:f7:86:76:
                    90:f3:b5:41:e0:71:c4:a5:2a:c3:5f:d1:bc:d6:c2:
                    f4:05:9a:3e:52:2e:26:85:fc:e9:3d:80:49:b6:7c:
                    a4:95:a1:4c:c4:99:f8:8e:ad:f3:3c:30:a0:b1:88:
                    7c:11:98:5e:37:83:40:35:52:1c:9a:78:59:32:41:
                    3a:26:78:56:a4:f8:3b:18:d4:bb:e0:6b:f2:c8:2e:
                    2c:70:32:6e:dc:b9:46:29:4f:a6:d2:96:23:0f:a3:
                    40:9f:07:a2:d2:d7:4e:7f:ac:49:fc:fe:3b:39:ca:
                    28:b8:d6:75:cb:c8:5e:d7:42:74:f1:59:f1:29:34:
                    20:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:59:48:8D:F9:39:AA:24:11:5F:86:13:AC:C1:1F:2A:8B:7E:43:DB
            X509v3 Authority Key Identifier:
                keyid:DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:ac:14:52:c8:cf:92:38:fc:4a:d9:8f:e4:1c:2f:ee:dd:ac:
         33:63:c4:e8:fe:ce:a7:37:72:26:6e:34:01:08:bb:8d:88:e2:
         de:fd:a0:e7:94:25:d0:52:ef:92:44:27:f6:3d:b4:b1:b9:fd:
         80:f5:2f:08:17:b1:51:62:37:18:37:a6:49:03:7e:f9:48:55:
         10:d6:da:46:38:9a:a9:15:c4:33:2c:da:16:e7:7d:b1:10:6c:
         a8:3b:88:3f:5a:6a:00:f7:a7:c0:8a:4b:c0:56:e4:19:14:04:
         67:6d:e1:c6:19:4b:6c:ef:c2:04:bf:bd:0b:86:93:a9:a1:c9:
         72:90:85:bc:a0:5d:05:d9:91:d0:b7:29:ae:74:16:84:ff:46:
         17:d8:0f:d7:ec:32:8f:53:90:dc:c6:a3:89:4d:66:fa:1d:74:
         8b:80:2c:51:b6:50:c0:e0:0a:c2:12:92:80:08:9e:00:6a:b7:
         f6:9e:fa:45:f8:3a:31:18:d8:a0:c0:b2:95:36:b8:69:74:ca:
         29:ca:e6:cc:06:cf:3f:84:71:31:94:25:0a:71:cc:b0:49:f3:
         d7:a2:69:50:9a:2e:08:2d:d7:74:7b:e3:e7:45:27:ec:53:c1:
         8a:3b:8e:c5:3e:e5:53:84:e7:74:ae:e4:53:4f:a9:29:60:28:
         f2:bb:b1:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMQvoaoyVdpbG7hvita5YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNTI1MjZmM2QyODI3NjUzMjVjMTVhNmU1NzY1ZDdjZDdm
MWY4OWUwHhcNMjUwNjA3MDcwMDQwWhcNMjUwNjA4MDcwMDQwWjAzMTEwLwYDVQQD
EygzYTU5NDg4ZGY5MzlhYTI0MTE1Zjg2MTNhY2MxMWYyYThiN2U0M2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYuAPM1CnUwMy3auNLyqv5QAJmyZ
/1+rgyjQV7TZFJGsptghSPcik8MHlBEVQazjLkxu9dIPvfNA2mayseuq4XjI9dnh
o0oomMqtzxZEALVgtbkS2DMnvNyI+A11TiV6I5q7USgRxmUbr6YE/0oYfJdvxSmV
HbS06CL8+RrNJQ2VIqD3hnaQ87VB4HHEpSrDX9G81sL0BZo+Ui4mhfzpPYBJtnyk
laFMxJn4jq3zPDCgsYh8EZheN4NANVIcmnhZMkE6JnhWpPg7GNS74GvyyC4scDJu
3LlGKU+m0pYjD6NAnwei0tdOf6xJ/P47OcoouNZ1y8he10J08VnxKTQghwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDpZSI35OaokEV+GE6zBHyqLfkPbMB8GA1UdIwQY
MBaAFN9SUm89KCdlMlwVpuV2XXzX8fieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMt
NjIzZTZjOWM0NDY0LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMtNjIzZTZjOWM0NDY0
LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD6wUUsjP
kjj8StmP5Bwv7t2sM2PE6P7OpzdyJm40AQi7jYji3v2g55Ql0FLvkkQn9j20sbn9
gPUvCBexUWI3GDemSQN++UhVENbaRjiaqRXEMyzaFud9sRBsqDuIP1pqAPenwIpL
wFbkGRQEZ23hxhlLbO/CBL+9C4aTqaHJcpCFvKBdBdmR0LcprnQWhP9GF9gP1+wy
j1OQ3MajiU1m+h10i4AsUbZQwOAKwhKSgAieAGq39p76Rfg6MRjYoMCylTa4aXTK
KcrmzAbPP4RxMZQlCnHMsEnz16JpUJouCC3XdHvj50Un7FPBijuOxT7lU4TndK7k
U0+pKWAo8ruxaw==
-----END CERTIFICATE-----