Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
File:                     31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft (raw, json)
Hash identifier:          v7pVvEwCkejYDKaeu845f+DghXo0+5MpEAcps5ApIso=
Subject key identifier:   CB:CB:7F:A4:30:B9:CA:F8:52:66:B3:B0:ED:7E:D8:8A:11:DD:8F:70
Authority key identifier: DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E
Certificate issuer:       /CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
Certificate serial:       019EBF238C20DB67A2855130BC0BDFC45EA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
Manifest number:          10C1
Signing time:             Sat 13 Jun 2026 04:00:38 +0000
Manifest this update:     Sat 13 Jun 2026 04:00:38 +0000
Manifest next update:     Sun 14 Jun 2026 04:00:38 +0000
Files and hashes:         1: 31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl (hash: /zEwADau0IbAZclA4hUIrAeYHAUe+JLo1r7pgDPapAE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:23:8c:20:db:67:a2:85:51:30:bc:0b:df:c4:5e:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
        Validity
            Not Before: Jun 13 04:00:38 2026 GMT
            Not After : Jun 14 04:00:38 2026 GMT
        Subject: CN=cbcb7fa430b9caf85266b3b0ed7ed88a11dd8f70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:86:7b:bc:68:a2:28:19:3b:c6:e4:e6:87:0f:
                    af:5d:d8:0a:4f:1a:bb:07:dd:4c:a0:4c:a7:7b:2c:
                    17:4f:d5:ca:d8:f8:a3:5d:99:cd:32:89:fa:7c:af:
                    02:28:96:09:0f:da:be:b9:d9:e1:ab:ff:19:f2:f8:
                    f4:70:36:b6:87:63:ab:c8:93:28:ae:e1:4e:38:f8:
                    5e:f3:fc:a2:a8:3b:f9:a9:c9:73:c1:6d:b0:0a:48:
                    d8:6d:62:11:9f:f4:0c:e0:98:b0:bc:24:d0:09:3f:
                    26:d5:46:d2:96:3b:94:5d:71:4b:cb:4a:b6:5e:2e:
                    13:00:48:4c:ba:72:ec:d1:75:98:c6:99:3f:69:ba:
                    f6:31:dd:27:64:32:d3:7d:1b:f1:0c:c2:c1:e8:d5:
                    42:01:31:0f:d9:c2:21:6b:79:3f:0a:72:18:fc:ec:
                    9f:7b:6b:de:b8:7e:6e:fc:8d:e4:7d:c1:ab:2e:a9:
                    4a:cb:c8:67:f0:d3:38:7e:5a:61:53:39:48:28:23:
                    7b:15:0d:e2:29:ef:34:7f:20:a5:b4:2d:c0:f3:5a:
                    d2:6e:46:43:76:7c:90:40:19:ac:10:f5:73:3e:54:
                    ad:f7:44:c2:4a:b6:e4:ae:9b:8e:31:d4:f4:83:5b:
                    b5:f4:a1:ce:29:87:48:4a:58:83:49:89:b3:ab:6e:
                    0f:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:CB:7F:A4:30:B9:CA:F8:52:66:B3:B0:ED:7E:D8:8A:11:DD:8F:70
            X509v3 Authority Key Identifier:
                keyid:DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:49:52:c5:43:4d:21:e3:93:75:58:c3:0b:27:0d:59:b0:4a:
         ae:ae:90:d8:01:9d:f4:4e:d7:3e:d1:e7:3b:28:f6:8e:86:49:
         a8:cd:21:08:64:d1:0e:a8:de:2c:0a:f1:c0:7c:8e:cc:60:b6:
         3c:81:86:e3:a6:a0:b0:20:e5:5b:43:14:68:f1:58:3b:c3:8e:
         12:6c:00:22:9b:b0:4e:a8:1b:09:aa:1d:04:55:57:17:2a:e8:
         4e:2e:14:2b:06:1e:88:6c:6f:33:d0:b3:d7:34:a9:78:e8:05:
         1a:8e:1d:69:44:c1:42:9e:21:20:70:fc:01:88:c8:a5:70:fe:
         97:f5:cc:f5:39:de:7f:4a:db:90:5f:51:83:e4:34:c3:2c:4e:
         00:0c:5a:6b:97:f2:84:b2:6b:70:78:28:30:fd:7c:2e:64:b8:
         96:8a:34:ae:45:88:88:bc:db:45:b3:8f:7b:da:6b:0a:e0:77:
         09:1f:be:77:48:1b:dc:8c:2d:90:4f:2c:80:36:e6:2b:01:f7:
         c7:ed:28:c1:ce:6b:d6:fc:66:48:14:7c:28:05:cc:98:4a:2c:
         cd:e2:d6:57:be:c0:1e:ae:3f:07:81:f5:ef:0c:f9:73:40:5d:
         49:5b:6e:13:d0:db:75:6d:48:8d:92:cd:53:c0:33:6f:61:90:
         4c:2a:31:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/I4wg22eihVEwvAvfxF6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNTI1MjZmM2QyODI3NjUzMjVjMTVhNmU1NzY1ZDdjZDdm
MWY4OWUwHhcNMjYwNjEzMDQwMDM4WhcNMjYwNjE0MDQwMDM4WjAzMTEwLwYDVQQD
EyhjYmNiN2ZhNDMwYjljYWY4NTI2NmIzYjBlZDdlZDg4YTExZGQ4ZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYZ7vGiiKBk7xuTmhw+vXdgKTxq7
B91MoEyneywXT9XK2PijXZnNMon6fK8CKJYJD9q+udnhq/8Z8vj0cDa2h2OryJMo
ruFOOPhe8/yiqDv5qclzwW2wCkjYbWIRn/QM4JiwvCTQCT8m1UbSljuUXXFLy0q2
Xi4TAEhMunLs0XWYxpk/abr2Md0nZDLTfRvxDMLB6NVCATEP2cIha3k/CnIY/Oyf
e2veuH5u/I3kfcGrLqlKy8hn8NM4flphUzlIKCN7FQ3iKe80fyCltC3A81rSbkZD
dnyQQBmsEPVzPlSt90TCSrbkrpuOMdT0g1u19KHOKYdISliDSYmzq24PlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMvLf6Qwucr4UmazsO1+2IoR3Y9wMB8GA1UdIwQY
MBaAFN9SUm89KCdlMlwVpuV2XXzX8fieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMt
NjIzZTZjOWM0NDY0LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMtNjIzZTZjOWM0NDY0
LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfUlSxUNN
IeOTdVjDCycNWbBKrq6Q2AGd9E7XPtHnOyj2joZJqM0hCGTRDqjeLArxwHyOzGC2
PIGG46agsCDlW0MUaPFYO8OOEmwAIpuwTqgbCaodBFVXFyroTi4UKwYeiGxvM9Cz
1zSpeOgFGo4daUTBQp4hIHD8AYjIpXD+l/XM9Tnef0rbkF9Rg+Q0wyxOAAxaa5fy
hLJrcHgoMP18LmS4loo0rkWIiLzbRbOPe9prCuB3CR++d0gb3IwtkE8sgDbmKwH3
x+0owc5r1vxmSBR8KAXMmEoszeLWV77AHq4/B4H17wz5c0BdSVtuE9DbdW1IjZLN
U8Azb2GQTCoxRQ==
-----END CERTIFICATE-----