Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
File:                     31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft (raw, json)
Hash identifier:          LJeYw+ZAh6XAMfGV9WzOxaDT1pJAv4UP88RTCt0r1zU=
Subject key identifier:   40:03:33:23:F7:87:A4:94:8D:ED:75:03:04:C8:A3:ED:53:F9:04:90
Authority key identifier: DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E
Certificate issuer:       /CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
Certificate serial:       019DA3418262EE0D611616F9F1182F9D80DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
Manifest number:          102E
Signing time:             Sun 19 Apr 2026 01:01:12 +0000
Manifest this update:     Sun 19 Apr 2026 01:01:12 +0000
Manifest next update:     Mon 20 Apr 2026 01:01:12 +0000
Files and hashes:         1: 31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl (hash: 3TSBsoYCmasKCbJioLLu10N6WzsPpWS5FFd683Uf/Ng=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 01:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:41:82:62:ee:0d:61:16:16:f9:f1:18:2f:9d:80:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
        Validity
            Not Before: Apr 19 01:01:12 2026 GMT
            Not After : Apr 20 01:01:12 2026 GMT
        Subject: CN=40033323f787a4948ded750304c8a3ed53f90490
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:9a:ab:dc:ca:57:c5:7e:e9:c3:d9:91:48:31:
                    5f:55:aa:04:50:44:92:9a:d0:83:96:cd:b7:0f:33:
                    a0:0b:81:ab:09:af:b5:9a:d3:66:79:4a:a6:e1:9d:
                    11:ff:31:92:f3:b5:25:1b:a6:c1:9d:72:38:fd:f6:
                    a1:29:f3:4a:91:d6:8e:d4:43:bc:86:20:05:06:66:
                    04:91:04:df:44:6d:ea:08:53:c7:78:6e:c1:60:bb:
                    8d:70:cc:e5:c4:3d:d9:47:50:d9:e5:2b:dc:18:f0:
                    19:6a:bf:cd:ba:2e:fd:c2:5d:12:48:9e:72:46:7d:
                    0e:4c:ca:f5:0a:38:e9:89:26:73:30:83:56:85:54:
                    98:e9:00:12:f6:0f:f9:c9:76:5f:40:32:25:15:40:
                    c0:41:ee:00:fb:f1:4f:44:19:c6:38:6c:72:d2:d4:
                    bd:cf:f5:32:05:f0:18:9b:dd:14:55:c8:08:16:68:
                    63:8d:e9:99:df:84:b8:a3:d0:e2:73:09:70:4a:e7:
                    8f:cb:4d:b8:21:0b:56:59:18:e7:0c:88:ea:cd:81:
                    01:4f:37:52:3e:95:b6:46:96:85:a3:fd:46:ec:f4:
                    68:31:ce:21:d5:8f:1b:00:f3:7c:96:9b:cd:7d:27:
                    fb:b1:f2:30:27:2e:3e:de:59:02:7a:b7:45:a7:1e:
                    34:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:03:33:23:F7:87:A4:94:8D:ED:75:03:04:C8:A3:ED:53:F9:04:90
            X509v3 Authority Key Identifier:
                keyid:DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:79:69:e6:47:9c:f0:7a:38:10:22:fb:29:e2:ec:67:3b:d8:
         9d:81:d7:59:2b:64:56:d2:2b:fa:6f:77:02:6f:90:d3:10:82:
         59:f8:d5:cb:5b:48:82:7f:0b:9f:f2:cd:77:2e:89:8d:40:51:
         36:a9:43:30:2e:42:67:8e:11:a1:7e:aa:13:11:c8:55:0b:a5:
         28:ad:09:78:b0:ef:9a:2e:c2:ce:51:06:15:bb:a2:d0:5b:17:
         54:5f:72:4d:34:0a:85:7e:ef:06:c5:29:a7:a8:37:7a:66:38:
         ee:5e:0b:8e:ab:dd:97:4a:90:03:83:a4:df:f7:65:a7:cf:c4:
         4d:b7:69:0f:c0:fb:d1:87:44:37:aa:5a:57:5f:19:a1:fa:57:
         f7:d5:0f:c3:c6:45:be:19:64:85:ff:1b:31:92:03:10:94:c1:
         f8:42:f4:93:54:2d:17:b7:5e:5d:80:47:51:c7:fc:05:8c:0d:
         22:23:2b:97:78:cb:86:c1:c8:84:b3:a0:86:84:c4:f9:a3:57:
         85:5a:d4:05:8a:30:bb:05:18:c1:60:1e:b5:50:b1:89:a0:a9:
         55:4e:9b:f8:74:95:22:20:5c:a3:0b:45:86:d0:f5:d7:1a:2a:
         ed:ab:89:f6:59:3f:d5:df:f6:91:31:d4:0e:04:eb:15:06:77:
         e8:b6:5d:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jQYJi7g1hFhb58RgvnYDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNTI1MjZmM2QyODI3NjUzMjVjMTVhNmU1NzY1ZDdjZDdm
MWY4OWUwHhcNMjYwNDE5MDEwMTEyWhcNMjYwNDIwMDEwMTEyWjAzMTEwLwYDVQQD
Eyg0MDAzMzMyM2Y3ODdhNDk0OGRlZDc1MDMwNGM4YTNlZDUzZjkwNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspqr3MpXxX7pw9mRSDFfVaoEUESS
mtCDls23DzOgC4GrCa+1mtNmeUqm4Z0R/zGS87UlG6bBnXI4/fahKfNKkdaO1EO8
hiAFBmYEkQTfRG3qCFPHeG7BYLuNcMzlxD3ZR1DZ5SvcGPAZar/Nui79wl0SSJ5y
Rn0OTMr1CjjpiSZzMINWhVSY6QAS9g/5yXZfQDIlFUDAQe4A+/FPRBnGOGxy0tS9
z/UyBfAYm90UVcgIFmhjjemZ34S4o9DicwlwSuePy024IQtWWRjnDIjqzYEBTzdS
PpW2RpaFo/1G7PRoMc4h1Y8bAPN8lpvNfSf7sfIwJy4+3lkCerdFpx40zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEADMyP3h6SUje11AwTIo+1T+QSQMB8GA1UdIwQY
MBaAFN9SUm89KCdlMlwVpuV2XXzX8fieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMt
NjIzZTZjOWM0NDY0LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMtNjIzZTZjOWM0NDY0
LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApXlp5kec
8Ho4ECL7KeLsZzvYnYHXWStkVtIr+m93Am+Q0xCCWfjVy1tIgn8Ln/LNdy6JjUBR
NqlDMC5CZ44RoX6qExHIVQulKK0JeLDvmi7CzlEGFbui0FsXVF9yTTQKhX7vBsUp
p6g3emY47l4Ljqvdl0qQA4Ok3/dlp8/ETbdpD8D70YdEN6paV18ZofpX99UPw8ZF
vhlkhf8bMZIDEJTB+EL0k1QtF7deXYBHUcf8BYwNIiMrl3jLhsHIhLOghoTE+aNX
hVrUBYowuwUYwWAetVCxiaCpVU6b+HSVIiBcowtFhtD11xoq7auJ9lk/1d/2kTHU
DgTrFQZ36LZd6A==
-----END CERTIFICATE-----