Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
File:                     31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft (raw, json)
Hash identifier:          oBzvSOxD/52kLHqUpNnA57nnNCakRIsphLuS9zMfVPA=
Subject key identifier:   DB:A9:52:6C:FF:99:B5:84:A8:5C:21:67:9B:FD:29:03:9E:65:1E:3C
Authority key identifier: DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E
Certificate issuer:       /CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
Certificate serial:       019D371BED9437E8F9A35F2049FC7042E168
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
Manifest number:          0FF6
Signing time:             Sun 29 Mar 2026 01:01:10 +0000
Manifest this update:     Sun 29 Mar 2026 01:01:10 +0000
Manifest next update:     Mon 30 Mar 2026 01:01:10 +0000
Files and hashes:         1: 31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl (hash: lwmFL5pVnZp236Y5Ni2kerQqNhdR/Yrc+JNGs2KydU4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:ed:94:37:e8:f9:a3:5f:20:49:fc:70:42:e1:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
        Validity
            Not Before: Mar 29 01:01:10 2026 GMT
            Not After : Mar 30 01:01:10 2026 GMT
        Subject: CN=dba9526cff99b584a85c21679bfd29039e651e3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ae:3b:a8:e9:2a:d7:6a:72:cf:76:f8:71:ab:
                    ad:d8:1b:20:55:54:32:8f:24:62:09:36:c5:0e:04:
                    0a:2d:ab:d8:10:a9:a0:e9:f6:99:8b:14:68:7f:b4:
                    3e:7b:9c:11:f4:ae:49:25:1c:69:29:b8:90:da:92:
                    c6:cc:3d:ed:8c:10:0c:f7:36:5c:8d:af:17:f4:9f:
                    53:27:7f:b9:bb:71:69:3a:39:51:62:7a:6d:16:3f:
                    e9:db:53:0f:24:17:85:0e:3a:25:90:58:e4:0d:c1:
                    ca:97:9f:eb:f0:a2:eb:ed:3d:bc:b7:67:f3:30:e2:
                    9f:4d:3f:9d:42:8c:64:91:af:32:07:af:9d:be:0a:
                    db:0f:47:e6:36:d6:a0:1a:f4:e3:74:b0:bd:00:fd:
                    d3:8f:ef:6c:ba:be:54:55:3c:88:13:98:74:e9:8a:
                    e3:36:ef:7c:d0:c1:3a:ab:65:d7:89:34:e9:d1:ab:
                    3c:8e:1f:6e:5d:0a:09:88:8c:b7:f6:9d:ae:d9:7d:
                    c4:c3:da:98:e9:98:cf:9c:97:bc:30:0b:4c:24:92:
                    af:73:94:b1:7e:c5:06:3c:7d:95:bc:f3:65:9f:dd:
                    e6:2e:68:f3:5a:a9:ba:30:a3:f8:b1:d9:61:4e:16:
                    06:53:11:39:e5:e4:12:68:d8:83:57:ba:0a:b2:c7:
                    93:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:A9:52:6C:FF:99:B5:84:A8:5C:21:67:9B:FD:29:03:9E:65:1E:3C
            X509v3 Authority Key Identifier:
                keyid:DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:79:c9:e3:47:1f:43:75:71:81:90:bf:47:d6:75:d4:02:ee:
         60:7e:7f:70:11:2c:60:ac:ee:0f:a5:bf:36:1f:90:f9:27:84:
         5a:a6:46:95:a6:b7:d7:65:af:76:2e:1b:55:3a:15:bd:be:9e:
         eb:c5:a0:2e:dc:a8:8b:b2:61:40:7f:9c:90:23:c7:99:93:95:
         c6:13:dd:3d:04:0d:4e:3f:95:b4:ed:e0:ad:31:45:28:cf:9e:
         54:bf:09:d0:2b:81:83:1e:d3:29:9a:99:49:c2:b2:e6:cf:c3:
         6f:35:79:88:31:7d:2b:5d:18:0f:bc:3d:9d:e7:bc:40:de:54:
         e8:62:26:fc:2d:2f:14:2a:f9:7b:8b:18:5f:9a:42:62:fc:08:
         45:f3:8d:e7:8d:a6:4c:95:ce:18:34:c3:77:14:1c:29:38:e2:
         8f:9d:38:a5:e1:ac:25:2c:35:b6:90:4e:0c:43:4b:af:ec:0f:
         2b:81:7a:cc:e8:51:af:a1:c8:8a:84:7b:70:46:c2:b4:d9:3d:
         c6:87:92:87:6c:48:c0:76:5f:01:f8:b1:3e:5f:b6:11:26:dc:
         74:9d:7c:b9:c9:15:62:1f:89:e8:c0:1f:a4:46:48:51:0a:35:
         86:e6:53:1f:b2:2f:1f:b5:e4:19:82:00:58:66:ea:b6:94:67:
         30:e5:83:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G+2UN+j5o18gSfxwQuFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNTI1MjZmM2QyODI3NjUzMjVjMTVhNmU1NzY1ZDdjZDdm
MWY4OWUwHhcNMjYwMzI5MDEwMTEwWhcNMjYwMzMwMDEwMTEwWjAzMTEwLwYDVQQD
EyhkYmE5NTI2Y2ZmOTliNTg0YTg1YzIxNjc5YmZkMjkwMzllNjUxZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy647qOkq12pyz3b4caut2BsgVVQy
jyRiCTbFDgQKLavYEKmg6faZixRof7Q+e5wR9K5JJRxpKbiQ2pLGzD3tjBAM9zZc
ja8X9J9TJ3+5u3FpOjlRYnptFj/p21MPJBeFDjolkFjkDcHKl5/r8KLr7T28t2fz
MOKfTT+dQoxkka8yB6+dvgrbD0fmNtagGvTjdLC9AP3Tj+9sur5UVTyIE5h06Yrj
Nu980ME6q2XXiTTp0as8jh9uXQoJiIy39p2u2X3Ew9qY6ZjPnJe8MAtMJJKvc5Sx
fsUGPH2VvPNln93mLmjzWqm6MKP4sdlhThYGUxE55eQSaNiDV7oKsseTkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNupUmz/mbWEqFwhZ5v9KQOeZR48MB8GA1UdIwQY
MBaAFN9SUm89KCdlMlwVpuV2XXzX8fieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMt
NjIzZTZjOWM0NDY0LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMtNjIzZTZjOWM0NDY0
LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKXnJ40cf
Q3VxgZC/R9Z11ALuYH5/cBEsYKzuD6W/Nh+Q+SeEWqZGlaa312Wvdi4bVToVvb6e
68WgLtyoi7JhQH+ckCPHmZOVxhPdPQQNTj+VtO3grTFFKM+eVL8J0CuBgx7TKZqZ
ScKy5s/DbzV5iDF9K10YD7w9nee8QN5U6GIm/C0vFCr5e4sYX5pCYvwIRfON542m
TJXOGDTDdxQcKTjij504peGsJSw1tpBODENLr+wPK4F6zOhRr6HIioR7cEbCtNk9
xoeSh2xIwHZfAfixPl+2ESbcdJ18uckVYh+J6MAfpEZIUQo1huZTH7IvH7XkGYIA
WGbqtpRnMOWDoA==
-----END CERTIFICATE-----