Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
File:                     31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft (raw, json)
Hash identifier:          sexGcgyaBFu2fr9t6n8dOsNHZg55RUh0ryMLO+sA72w=
Subject key identifier:   BB:FC:E6:1F:44:BA:B6:FB:AD:8E:82:4C:28:39:6B:5D:A0:4D:81:78
Authority key identifier: DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E
Certificate issuer:       /CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
Certificate serial:       019A725C7627AF774495F13D783CD79BA374
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
Manifest number:          0E87
Signing time:             Tue 11 Nov 2025 10:00:53 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:53 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:53 +0000
Files and hashes:         1: 31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl (hash: YmPMkpGnYKS17UTpprBYtbO38DTJNJZU1eX1arjlNX0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:76:27:af:77:44:95:f1:3d:78:3c:d7:9b:a3:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
        Validity
            Not Before: Nov 11 10:00:53 2025 GMT
            Not After : Nov 12 10:00:53 2025 GMT
        Subject: CN=bbfce61f44bab6fbad8e824c28396b5da04d8178
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:d5:cd:f8:8c:40:be:13:6c:88:4c:d5:6e:d4:
                    15:d3:18:60:14:cc:4f:bd:e1:c2:e9:98:d0:aa:fb:
                    9c:8b:86:7c:6e:fe:05:f0:3d:71:23:ca:d6:a0:e9:
                    15:4d:62:7c:da:9f:0f:de:2d:be:5e:26:bd:7a:34:
                    7e:bf:01:28:18:13:b4:58:31:d3:46:81:6e:43:fd:
                    31:d9:12:a3:d4:c8:df:3f:03:5c:2d:53:bb:b0:50:
                    a0:11:51:62:fe:06:25:b1:95:19:76:c2:87:96:39:
                    ff:b9:35:5e:cd:e6:fe:e9:69:02:d3:13:18:0f:90:
                    a6:bb:9a:23:64:2b:3e:64:85:4c:6b:7a:f3:16:f4:
                    39:b9:76:ec:a0:0f:21:84:38:65:cf:f1:ee:e3:fc:
                    91:81:1a:69:e5:ce:ef:d6:56:fb:f0:1e:45:e4:3c:
                    4a:c0:c3:41:f8:3a:e1:d2:f5:ba:e9:a9:40:c5:b3:
                    6d:92:e5:82:07:91:e2:d1:de:72:d9:19:00:ef:c3:
                    11:4f:d2:66:1f:7c:23:04:d5:51:4b:73:07:2c:7c:
                    5c:26:f9:d5:48:bf:22:47:c8:8f:19:af:40:69:d3:
                    5f:64:85:a1:73:df:04:67:47:ac:fa:c9:63:09:dc:
                    61:3c:63:36:cb:a8:4f:f6:4b:eb:f5:af:b2:9f:7f:
                    b5:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:FC:E6:1F:44:BA:B6:FB:AD:8E:82:4C:28:39:6B:5D:A0:4D:81:78
            X509v3 Authority Key Identifier:
                keyid:DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:f3:b4:10:a4:dc:83:e8:98:fc:e8:e2:0c:76:0e:83:2c:7e:
         87:33:37:a6:99:9e:59:9d:23:d0:a7:91:4d:26:fb:49:ea:bc:
         95:f1:39:97:3c:a1:95:7e:07:e8:79:f9:bc:ff:28:62:81:78:
         0a:2a:d7:79:4c:f9:84:56:5f:f4:e9:95:e8:ea:ee:48:75:8a:
         a5:f2:32:b1:94:9a:0a:dd:b6:d0:76:f5:cc:31:c1:ff:00:83:
         55:59:b5:6d:43:54:d1:4c:b3:e0:df:78:60:cf:14:7a:6d:f6:
         03:3c:7a:d8:44:fb:6a:3c:82:36:44:4a:92:82:3e:54:0c:d6:
         77:c9:96:cf:bb:33:39:78:50:01:d3:d3:89:0b:f1:8f:8e:93:
         68:68:93:2e:82:e1:f9:24:99:35:f7:f2:82:c2:dd:c6:85:23:
         99:c8:94:ec:2a:3b:b1:72:fd:6b:0a:99:dc:80:14:1e:64:f0:
         65:6a:9a:d4:dd:3f:64:be:e6:e5:17:62:e5:22:e9:b2:e0:12:
         27:9d:16:df:7f:60:86:21:f6:99:47:f4:0f:f9:5b:c1:a9:fd:
         7f:7f:bb:28:bf:13:5b:5d:fb:d9:e6:b9:70:62:85:4d:94:6e:
         e2:5b:96:64:16:6c:9c:24:42:6b:13:8f:3a:17:5a:72:f8:73:
         86:9e:22:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXHYnr3dElfE9eDzXm6N0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNTI1MjZmM2QyODI3NjUzMjVjMTVhNmU1NzY1ZDdjZDdm
MWY4OWUwHhcNMjUxMTExMTAwMDUzWhcNMjUxMTEyMTAwMDUzWjAzMTEwLwYDVQQD
EyhiYmZjZTYxZjQ0YmFiNmZiYWQ4ZTgyNGMyODM5NmI1ZGEwNGQ4MTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtXN+IxAvhNsiEzVbtQV0xhgFMxP
veHC6ZjQqvuci4Z8bv4F8D1xI8rWoOkVTWJ82p8P3i2+Xia9ejR+vwEoGBO0WDHT
RoFuQ/0x2RKj1MjfPwNcLVO7sFCgEVFi/gYlsZUZdsKHljn/uTVezeb+6WkC0xMY
D5Cmu5ojZCs+ZIVMa3rzFvQ5uXbsoA8hhDhlz/Hu4/yRgRpp5c7v1lb78B5F5DxK
wMNB+Drh0vW66alAxbNtkuWCB5Hi0d5y2RkA78MRT9JmH3wjBNVRS3MHLHxcJvnV
SL8iR8iPGa9AadNfZIWhc98EZ0es+sljCdxhPGM2y6hP9kvr9a+yn3+1VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLv85h9Eurb7rY6CTCg5a12gTYF4MB8GA1UdIwQY
MBaAFN9SUm89KCdlMlwVpuV2XXzX8fieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMt
NjIzZTZjOWM0NDY0LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMtNjIzZTZjOWM0NDY0
LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADPO0EKTc
g+iY/OjiDHYOgyx+hzM3ppmeWZ0j0KeRTSb7Seq8lfE5lzyhlX4H6Hn5vP8oYoF4
CirXeUz5hFZf9OmV6OruSHWKpfIysZSaCt220Hb1zDHB/wCDVVm1bUNU0Uyz4N94
YM8Uem32Azx62ET7ajyCNkRKkoI+VAzWd8mWz7szOXhQAdPTiQvxj46TaGiTLoLh
+SSZNffygsLdxoUjmciU7Co7sXL9awqZ3IAUHmTwZWqa1N0/ZL7m5Rdi5SLpsuAS
J50W339ghiH2mUf0D/lbwan9f3+7KL8TW1372ea5cGKFTZRu4luWZBZsnCRCaxOP
Ohdacvhzhp4iNw==
-----END CERTIFICATE-----