Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
File:                     31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft (raw, json)
Hash identifier:          Pq23LJ9JlEnAc4TgTXpWu4kCS7taWne6MpZI4SWN2AE=
Subject key identifier:   AC:DA:DA:EE:85:74:A3:54:A7:AC:25:82:21:9F:39:3C:C3:DA:A3:6A
Authority key identifier: DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E
Certificate issuer:       /CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
Certificate serial:       01968058BE5905C6CF8B83BD02ED749E2675
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
Manifest number:          0C7C
Signing time:             Tue 29 Apr 2025 07:00:21 +0000
Manifest this update:     Tue 29 Apr 2025 07:00:21 +0000
Manifest next update:     Wed 30 Apr 2025 07:00:21 +0000
Files and hashes:         1: 31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl (hash: lPVbsoa5+v2spD2unaooBTbyF+qkKLGMGW0fbvNFKSs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 07:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:58:be:59:05:c6:cf:8b:83:bd:02:ed:74:9e:26:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
        Validity
            Not Before: Apr 29 07:00:21 2025 GMT
            Not After : Apr 30 07:00:21 2025 GMT
        Subject: CN=acdadaee8574a354a7ac2582219f393cc3daa36a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:6c:28:b9:e0:72:5e:3b:b1:30:0f:4f:e0:65:
                    38:48:ef:df:f9:01:b2:e3:1e:e7:9c:62:2d:de:b8:
                    9a:a4:65:43:ed:f7:75:ba:aa:45:18:a7:30:87:ff:
                    70:e3:ba:10:6f:3e:be:80:6d:ed:f3:89:a3:5e:1a:
                    f7:0f:4c:3b:5d:2c:a8:10:8e:7a:57:d7:2d:32:1e:
                    24:7e:79:b6:2e:fd:a3:57:06:35:15:8a:5b:5b:d2:
                    67:8e:18:d8:b5:d8:24:67:89:92:bd:42:9e:0f:70:
                    af:98:6a:50:60:b8:b1:86:20:74:7e:d8:cc:3d:36:
                    6a:ac:69:3c:ac:e7:d7:f8:03:e4:2b:14:19:b4:c3:
                    fc:3f:06:86:06:fd:f1:b5:2f:91:df:d0:38:0e:a9:
                    c7:99:77:55:7e:5b:d5:15:83:0f:ef:6f:8d:f5:06:
                    63:0d:24:d6:f8:9c:5d:f2:eb:05:dd:88:e6:3d:d6:
                    6e:b5:d7:e9:1c:40:48:37:e5:2e:16:01:2c:a4:e1:
                    cd:56:34:92:b3:db:bb:94:04:14:71:3d:02:e7:e6:
                    52:1a:1d:ee:2c:82:9d:30:10:97:10:76:d4:0d:53:
                    ad:30:c6:60:78:c0:ad:bd:17:48:a8:eb:33:09:89:
                    f2:ab:e4:a8:ef:33:57:de:1c:6d:d4:30:c9:58:78:
                    81:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:DA:DA:EE:85:74:A3:54:A7:AC:25:82:21:9F:39:3C:C3:DA:A3:6A
            X509v3 Authority Key Identifier:
                keyid:DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:68:ec:ce:24:b0:39:79:d3:2b:93:9e:35:7e:95:cc:7a:08:
         c8:b1:ed:15:5d:76:f7:a4:87:13:6c:5a:af:13:d0:63:71:e7:
         b5:63:b3:b1:3d:66:31:6f:75:51:94:5b:e6:19:cf:f8:c3:d7:
         44:7c:67:47:d4:3b:2f:49:ff:4c:ac:65:e7:60:74:06:bd:d5:
         07:ff:ff:c6:c4:7a:45:5f:ca:5a:b7:85:a0:2f:8d:1e:33:72:
         b0:d7:c4:51:13:4f:fb:60:50:dd:07:12:dd:28:35:b3:ff:72:
         8e:71:f0:92:d3:a3:58:af:0a:1e:a2:f8:d1:19:4a:eb:e5:b5:
         64:25:4b:eb:2c:d2:77:3d:e3:d0:d6:02:10:42:81:e9:1a:ad:
         30:28:86:50:bb:36:ec:81:1c:dd:bc:c6:32:0a:91:76:ee:6c:
         dc:59:c6:c3:35:7f:75:9e:05:3a:9a:f7:0d:bd:1d:de:06:58:
         bf:d7:2d:6e:f7:43:57:a8:db:0e:d2:bf:ed:f2:1e:ee:a5:40:
         bb:f5:91:96:39:fe:28:26:18:7f:c7:56:f6:af:80:af:c9:0e:
         cd:50:8a:a9:65:73:f1:46:f8:2a:e2:73:8a:01:e5:44:98:c9:
         df:c3:3e:ac:b5:66:01:ca:63:16:ae:c4:8c:d2:ec:69:a1:47:
         3a:5f:10:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAWL5ZBcbPi4O9Au10niZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNTI1MjZmM2QyODI3NjUzMjVjMTVhNmU1NzY1ZDdjZDdm
MWY4OWUwHhcNMjUwNDI5MDcwMDIxWhcNMjUwNDMwMDcwMDIxWjAzMTEwLwYDVQQD
EyhhY2RhZGFlZTg1NzRhMzU0YTdhYzI1ODIyMTlmMzkzY2MzZGFhMzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWwoueByXjuxMA9P4GU4SO/f+QGy
4x7nnGIt3riapGVD7fd1uqpFGKcwh/9w47oQbz6+gG3t84mjXhr3D0w7XSyoEI56
V9ctMh4kfnm2Lv2jVwY1FYpbW9JnjhjYtdgkZ4mSvUKeD3CvmGpQYLixhiB0ftjM
PTZqrGk8rOfX+APkKxQZtMP8PwaGBv3xtS+R39A4DqnHmXdVflvVFYMP72+N9QZj
DSTW+Jxd8usF3YjmPdZutdfpHEBIN+UuFgEspOHNVjSSs9u7lAQUcT0C5+ZSGh3u
LIKdMBCXEHbUDVOtMMZgeMCtvRdIqOszCYnyq+So7zNX3hxt1DDJWHiBPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKza2u6FdKNUp6wlgiGfOTzD2qNqMB8GA1UdIwQY
MBaAFN9SUm89KCdlMlwVpuV2XXzX8fieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMt
NjIzZTZjOWM0NDY0LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMtNjIzZTZjOWM0NDY0
LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANWjsziSw
OXnTK5OeNX6VzHoIyLHtFV1296SHE2xarxPQY3HntWOzsT1mMW91UZRb5hnP+MPX
RHxnR9Q7L0n/TKxl52B0Br3VB///xsR6RV/KWreFoC+NHjNysNfEURNP+2BQ3QcS
3Sg1s/9yjnHwktOjWK8KHqL40RlK6+W1ZCVL6yzSdz3j0NYCEEKB6RqtMCiGULs2
7IEc3bzGMgqRdu5s3FnGwzV/dZ4FOpr3Db0d3gZYv9ctbvdDV6jbDtK/7fIe7qVA
u/WRljn+KCYYf8dW9q+Ar8kOzVCKqWVz8Ub4KuJzigHlRJjJ38M+rLVmAcpjFq7E
jNLsaaFHOl8QTA==
-----END CERTIFICATE-----