Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
File:                     31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft (raw, json)
Hash identifier:          HqlLiHZq795y9sALu/5JDyEjKJDKm7kA/jhOrJojxJg=
Subject key identifier:   39:BE:71:CB:86:3B:AE:9B:34:0B:09:79:D2:FD:41:C1:57:FD:9C:D2
Authority key identifier: DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E
Certificate issuer:       /CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
Certificate serial:       019924442015625E7C93B26E133D3FD8FCA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
Manifest number:          0DDA
Signing time:             Sun 07 Sep 2025 13:01:08 +0000
Manifest this update:     Sun 07 Sep 2025 13:01:08 +0000
Manifest next update:     Mon 08 Sep 2025 13:01:08 +0000
Files and hashes:         1: 31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl (hash: BLtcQQczdorWLJ+OYP6AWhrx8OreUEh69Trzh+afhyo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:44:20:15:62:5e:7c:93:b2:6e:13:3d:3f:d8:fc:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
        Validity
            Not Before: Sep  7 13:01:08 2025 GMT
            Not After : Sep  8 13:01:08 2025 GMT
        Subject: CN=39be71cb863bae9b340b0979d2fd41c157fd9cd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:9e:33:16:ad:1d:08:74:d5:9d:e7:41:c3:92:
                    61:08:20:63:4e:11:9a:2b:38:9c:d6:84:66:ac:40:
                    db:42:7d:c6:16:2c:20:91:ec:af:8e:03:11:7f:6e:
                    dc:5f:f1:07:9f:26:5a:c8:64:ec:4a:cd:ac:17:72:
                    45:40:8e:23:68:40:49:0c:53:56:36:ae:ba:53:d5:
                    b5:0d:8b:d7:60:0a:85:96:f1:2f:5e:e7:c4:3b:22:
                    1b:39:ae:4c:e3:f7:c8:ec:e6:35:95:6f:1d:ea:35:
                    00:2d:1c:c1:3e:eb:53:74:3d:01:f7:34:8a:79:12:
                    0d:c7:aa:1c:bd:e6:87:93:c7:38:05:5f:6d:22:9b:
                    29:4f:66:3f:11:48:cb:2c:62:e9:23:2f:94:e0:fb:
                    08:db:f3:35:d6:d6:d4:6a:77:90:b0:f4:b5:80:97:
                    ea:e2:48:f0:fa:67:27:fa:51:f9:bf:cb:e7:13:a6:
                    84:15:40:0c:5f:b1:dc:fb:52:c7:46:ad:43:00:11:
                    c6:7f:60:a1:75:a1:74:7f:df:ff:9d:27:c2:9c:e7:
                    3f:cb:fe:bd:29:58:77:d6:9f:74:ba:af:6d:17:70:
                    18:f7:04:e8:37:35:9b:52:bc:0f:98:ff:40:66:9b:
                    7e:df:a7:d2:11:85:0e:7c:63:8c:e6:9f:16:10:2b:
                    cc:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:BE:71:CB:86:3B:AE:9B:34:0B:09:79:D2:FD:41:C1:57:FD:9C:D2
            X509v3 Authority Key Identifier:
                keyid:DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:8f:74:09:b7:2b:9f:86:2f:b4:82:e2:de:10:e3:ee:ee:05:
         29:ec:fa:ce:57:3d:4d:3f:f4:8e:79:c9:ff:35:db:ae:0f:4f:
         80:37:6f:a9:9f:c6:f4:0a:0c:af:f4:34:52:2e:8b:68:40:f3:
         90:56:af:3f:ea:76:24:c2:f1:43:45:ae:c6:e1:f1:ba:de:8e:
         64:40:dc:d4:cf:81:76:50:2d:1b:d3:29:c6:bd:8a:e6:e8:85:
         a2:ab:b5:6b:d2:4f:60:5b:27:43:41:62:df:9f:9c:72:e8:82:
         6a:ff:0a:27:4e:c1:f3:e0:7d:50:3c:61:09:42:2c:15:be:8b:
         84:86:44:d8:3c:f0:25:19:de:b5:57:f1:bc:ac:0e:4a:1f:ff:
         60:50:db:6a:07:2f:d5:ec:e9:30:91:b8:13:06:85:60:cc:c2:
         04:00:cd:1f:61:8c:77:2f:a8:04:12:15:24:04:40:40:57:a4:
         1d:3a:cd:cf:9f:7d:9e:4c:5b:a8:18:86:51:75:57:4c:3f:a1:
         6f:0e:8f:fc:72:77:5a:42:c5:c6:f8:ab:5f:3c:e8:8f:39:76:
         2d:d7:78:af:31:8e:37:c0:f0:7c:3c:f7:d7:d6:1b:fc:db:0f:
         eb:aa:c0:5a:84:5c:15:35:d5:9e:6d:4c:24:ff:1a:00:82:a4:
         44:b2:7b:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkRCAVYl58k7JuEz0/2PyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNTI1MjZmM2QyODI3NjUzMjVjMTVhNmU1NzY1ZDdjZDdm
MWY4OWUwHhcNMjUwOTA3MTMwMTA4WhcNMjUwOTA4MTMwMTA4WjAzMTEwLwYDVQQD
EygzOWJlNzFjYjg2M2JhZTliMzQwYjA5NzlkMmZkNDFjMTU3ZmQ5Y2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJ4zFq0dCHTVnedBw5JhCCBjThGa
Kzic1oRmrEDbQn3GFiwgkeyvjgMRf27cX/EHnyZayGTsSs2sF3JFQI4jaEBJDFNW
Nq66U9W1DYvXYAqFlvEvXufEOyIbOa5M4/fI7OY1lW8d6jUALRzBPutTdD0B9zSK
eRINx6ocveaHk8c4BV9tIpspT2Y/EUjLLGLpIy+U4PsI2/M11tbUaneQsPS1gJfq
4kjw+mcn+lH5v8vnE6aEFUAMX7Hc+1LHRq1DABHGf2ChdaF0f9//nSfCnOc/y/69
KVh31p90uq9tF3AY9wToNzWbUrwPmP9AZpt+36fSEYUOfGOM5p8WECvMywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDm+ccuGO66bNAsJedL9QcFX/ZzSMB8GA1UdIwQY
MBaAFN9SUm89KCdlMlwVpuV2XXzX8fieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMt
NjIzZTZjOWM0NDY0LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMtNjIzZTZjOWM0NDY0
LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsI90Cbcr
n4YvtILi3hDj7u4FKez6zlc9TT/0jnnJ/zXbrg9PgDdvqZ/G9AoMr/Q0Ui6LaEDz
kFavP+p2JMLxQ0WuxuHxut6OZEDc1M+BdlAtG9Mpxr2K5uiFoqu1a9JPYFsnQ0Fi
35+ccuiCav8KJ07B8+B9UDxhCUIsFb6LhIZE2DzwJRnetVfxvKwOSh//YFDbagcv
1ezpMJG4EwaFYMzCBADNH2GMdy+oBBIVJARAQFekHTrNz599nkxbqBiGUXVXTD+h
bw6P/HJ3WkLFxvirXzzojzl2Ldd4rzGON8DwfDz319Yb/NsP66rAWoRcFTXVnm1M
JP8aAIKkRLJ7jg==
-----END CERTIFICATE-----