Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
File:                     31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft (raw, json)
Hash identifier:          QmAcST5yTPYlRoh6g3naCnhEUV5zJp+AXHKB/g0vTgU=
Subject key identifier:   44:B8:2F:FA:F6:3D:36:98:10:C7:2F:CD:60:2A:98:78:79:E6:80:2D
Authority key identifier: DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E
Certificate issuer:       /CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
Certificate serial:       019651FF9BB825258F3704F96D84E68AC774
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
Manifest number:          0C64
Signing time:             Sun 20 Apr 2025 07:00:27 +0000
Manifest this update:     Sun 20 Apr 2025 07:00:27 +0000
Manifest next update:     Mon 21 Apr 2025 07:00:27 +0000
Files and hashes:         1: 31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl (hash: qoJ4Otk1IKnKwXVAOhMA8UROgseyY1hfAfC7ILw1qXI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:ff:9b:b8:25:25:8f:37:04:f9:6d:84:e6:8a:c7:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
        Validity
            Not Before: Apr 20 07:00:27 2025 GMT
            Not After : Apr 21 07:00:27 2025 GMT
        Subject: CN=44b82ffaf63d369810c72fcd602a987879e6802d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:eb:40:17:37:59:a6:dd:65:04:17:4e:f9:c5:
                    56:13:4c:81:8e:ea:9e:3c:b4:08:0e:50:df:70:94:
                    0f:26:c0:1e:10:43:9f:17:bf:c1:2e:8e:61:d3:2e:
                    0a:06:d0:32:48:4b:ee:e1:68:31:c6:ab:03:72:2d:
                    51:bb:09:29:3e:e4:4a:fe:ab:38:92:f3:1c:ec:f0:
                    d9:97:4d:5e:55:b6:45:cb:6e:c0:23:36:1c:f6:0b:
                    2f:02:33:f5:03:96:41:9b:99:67:23:cf:2e:2c:00:
                    75:90:79:a7:7c:6c:79:a1:09:57:45:43:5f:75:f7:
                    41:59:03:21:d6:b7:5c:37:9e:3e:44:f4:41:55:a7:
                    19:83:46:5b:73:f5:ff:46:7a:55:52:d1:57:fb:6c:
                    bf:36:89:ac:9e:46:e1:48:b7:9e:f8:92:1f:0e:c7:
                    16:62:d0:d4:f0:42:0e:32:8b:a9:80:ed:19:c9:07:
                    2d:ac:b3:49:88:4d:10:7d:1e:12:a5:ff:04:be:bb:
                    d3:85:2f:75:e6:aa:64:ce:62:0d:df:a6:a0:87:f0:
                    e9:f5:ef:e7:91:a1:2a:72:d8:3e:02:2c:30:88:1a:
                    3e:fe:10:72:13:12:33:f3:54:e8:9f:29:6e:85:8b:
                    c6:fb:96:8b:d1:50:59:8a:4f:c9:8b:05:a4:b6:4f:
                    66:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:B8:2F:FA:F6:3D:36:98:10:C7:2F:CD:60:2A:98:78:79:E6:80:2D
            X509v3 Authority Key Identifier:
                keyid:DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:3c:01:ef:37:9b:e5:56:7d:56:b4:28:3c:b2:7d:fb:91:8e:
         32:c9:90:40:6d:cb:e7:6e:c9:c3:66:70:da:fa:58:ad:8c:1a:
         b9:e4:9a:c7:05:57:db:61:98:5a:e2:1b:4c:70:66:54:23:48:
         69:8d:63:64:df:9c:c3:03:25:58:b1:4f:61:2e:91:fb:ca:94:
         f0:28:07:e1:d0:2f:ef:03:01:a4:05:85:cc:6a:c3:6f:d9:5f:
         17:79:04:7d:4c:ec:05:99:fe:c0:2f:4c:3f:fe:71:46:19:bc:
         2f:d9:16:ff:18:39:31:f7:e2:e0:d0:c5:b0:c4:3b:75:42:b0:
         2a:52:66:c0:ea:3a:a5:64:1c:cb:3c:9b:02:72:ea:b7:a2:d9:
         a8:cc:33:2a:76:05:9f:60:d5:4d:00:25:74:e4:d3:21:ef:4e:
         83:51:1d:97:7b:dc:78:88:f9:d6:3c:03:e4:be:89:75:23:43:
         5c:3f:43:86:5a:a8:f3:07:2a:56:04:07:fe:32:4e:94:44:2e:
         f5:b7:db:27:8e:ff:50:f5:fe:ee:da:2d:0d:e4:42:8e:f6:97:
         3e:48:ab:ef:d1:60:2d:6f:fa:7c:95:56:53:7e:30:db:e3:a7:
         56:70:cf:b8:de:44:8b:ab:f3:3c:fd:40:ab:2f:aa:ae:36:0d:
         6f:94:74:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZR/5u4JSWPNwT5bYTmisd0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNTI1MjZmM2QyODI3NjUzMjVjMTVhNmU1NzY1ZDdjZDdm
MWY4OWUwHhcNMjUwNDIwMDcwMDI3WhcNMjUwNDIxMDcwMDI3WjAzMTEwLwYDVQQD
Eyg0NGI4MmZmYWY2M2QzNjk4MTBjNzJmY2Q2MDJhOTg3ODc5ZTY4MDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6utAFzdZpt1lBBdO+cVWE0yBjuqe
PLQIDlDfcJQPJsAeEEOfF7/BLo5h0y4KBtAySEvu4WgxxqsDci1RuwkpPuRK/qs4
kvMc7PDZl01eVbZFy27AIzYc9gsvAjP1A5ZBm5lnI88uLAB1kHmnfGx5oQlXRUNf
dfdBWQMh1rdcN54+RPRBVacZg0Zbc/X/RnpVUtFX+2y/NomsnkbhSLee+JIfDscW
YtDU8EIOMoupgO0ZyQctrLNJiE0QfR4Spf8EvrvThS915qpkzmIN36agh/Dp9e/n
kaEqctg+AiwwiBo+/hByExIz81TonyluhYvG+5aL0VBZik/JiwWktk9msQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFES4L/r2PTaYEMcvzWAqmHh55oAtMB8GA1UdIwQY
MBaAFN9SUm89KCdlMlwVpuV2XXzX8fieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMt
NjIzZTZjOWM0NDY0LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMtNjIzZTZjOWM0NDY0
LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIzwB7zeb
5VZ9VrQoPLJ9+5GOMsmQQG3L527Jw2Zw2vpYrYwaueSaxwVX22GYWuIbTHBmVCNI
aY1jZN+cwwMlWLFPYS6R+8qU8CgH4dAv7wMBpAWFzGrDb9lfF3kEfUzsBZn+wC9M
P/5xRhm8L9kW/xg5Mffi4NDFsMQ7dUKwKlJmwOo6pWQcyzybAnLqt6LZqMwzKnYF
n2DVTQAldOTTIe9Og1Edl3vceIj51jwD5L6JdSNDXD9Dhlqo8wcqVgQH/jJOlEQu
9bfbJ47/UPX+7totDeRCjvaXPkir79FgLW/6fJVWU34w2+OnVnDPuN5Ei6vzPP1A
qy+qrjYNb5R0UQ==
-----END CERTIFICATE-----