Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
File:                     zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft (raw, json)
Hash identifier:          KSrQxcXh/SnZybylz054TFDw/W79g1e3Xq2FMezHGS8=
Subject key identifier:   40:66:FA:AB:E1:A3:54:D2:25:3F:6C:F4:04:43:1B:A3:62:80:45:6D
Authority key identifier: CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C
Certificate issuer:       /CN=cdbc431b1c9886dc2b21008dccfde18db735371c
Certificate serial:       01976B182C97248AD7C70A7BA8DDB84BE41A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
Manifest number:          0308
Signing time:             Fri 13 Jun 2025 21:00:35 +0000
Manifest this update:     Fri 13 Jun 2025 21:00:35 +0000
Manifest next update:     Sat 14 Jun 2025 21:00:35 +0000
Files and hashes:         1: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl (hash: 1VTPXgEDT2DXFxpdFBm6PGEwxRyA4hyvn59hfppfLT0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 18:59:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:18:2c:97:24:8a:d7:c7:0a:7b:a8:dd:b8:4b:e4:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbc431b1c9886dc2b21008dccfde18db735371c
        Validity
            Not Before: Jun 13 21:00:35 2025 GMT
            Not After : Jun 14 21:00:35 2025 GMT
        Subject: CN=4066faabe1a354d2253f6cf404431ba36280456d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:27:fd:d6:c0:d1:8f:31:da:b2:53:71:37:36:
                    0e:38:c3:69:50:83:0d:d5:27:45:a5:55:81:19:c3:
                    e9:89:c2:df:3c:df:87:c8:40:fc:14:03:ea:f8:1d:
                    ea:16:79:6b:8a:38:f7:18:03:1b:b1:b2:60:6c:2b:
                    60:b0:83:52:1f:5e:00:fd:7a:cc:aa:ee:1c:08:ba:
                    c9:e1:67:d8:61:dd:5c:a9:a1:c0:4c:8f:c1:4d:38:
                    ff:de:3d:5f:e3:7b:4d:7e:d7:55:9f:03:10:42:a6:
                    7a:57:c6:a4:c7:40:b6:52:f1:42:98:e3:66:ff:02:
                    35:cd:76:83:5d:e9:df:25:38:89:03:a4:11:98:f5:
                    6d:ba:50:82:8b:fa:a7:d2:c5:b7:c1:04:75:f0:08:
                    6e:33:9e:0b:70:98:74:23:1e:07:a0:4a:b9:68:be:
                    68:7b:db:83:13:ba:88:6d:25:3d:c8:4c:89:4b:b8:
                    f3:27:f5:62:18:5f:62:a3:2e:70:e1:96:ba:30:f7:
                    10:18:b3:fd:aa:b9:98:b8:ce:44:79:6f:73:cf:8f:
                    83:46:d1:18:6f:2d:9b:8a:b2:e8:bb:6f:e2:b3:60:
                    0d:69:59:ad:32:ed:c4:e9:9b:f9:04:38:bc:db:a1:
                    51:02:8e:12:94:c4:3b:b6:b6:c4:84:b4:9f:48:59:
                    d9:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:66:FA:AB:E1:A3:54:D2:25:3F:6C:F4:04:43:1B:A3:62:80:45:6D
            X509v3 Authority Key Identifier:
                keyid:CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:6b:59:f0:e2:6a:ed:15:53:8d:04:a4:a0:83:33:6a:79:01:
         6e:f0:2f:7d:4c:a3:e7:f3:70:1e:1d:9b:f2:fa:3b:4a:15:17:
         f7:29:28:72:90:fd:ff:aa:fd:e6:07:4c:90:f8:77:d4:b6:a2:
         19:33:d2:f6:23:e4:e9:75:b9:70:30:76:89:ff:c2:2f:cb:85:
         d9:8e:24:ec:7c:00:45:97:cd:96:d4:25:7e:17:96:e1:40:fd:
         39:2b:f8:5d:9b:36:37:3a:c8:f4:95:82:48:a7:09:ae:7c:47:
         56:ac:59:08:47:a8:e2:70:f1:cd:4e:22:cd:5d:64:ef:94:27:
         54:99:77:e1:84:e8:fa:88:e8:83:d1:05:78:b7:0e:64:8c:ed:
         93:42:3e:ab:ff:19:b6:c6:ab:4f:a7:f7:18:1b:b2:bc:ca:3c:
         e4:91:47:49:59:54:42:08:4a:3b:07:90:ca:be:42:f9:e5:cd:
         e6:c2:9d:3f:d6:9c:35:2c:11:e2:51:db:52:7e:28:d0:d8:91:
         d7:b9:2a:f8:5d:6d:a8:d7:88:04:c9:2e:62:74:c6:47:6e:5b:
         52:b5:f0:1b:f3:64:06:09:45:e2:04:09:f1:a1:f1:af:91:3f:
         4e:b9:92:01:07:5e:d9:b6:9d:bc:7a:2d:6d:b4:30:2d:93:34:
         1e:12:6d:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrGCyXJIrXxwp7qN24S+QaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmM0MzFiMWM5ODg2ZGMyYjIxMDA4ZGNjZmRlMThkYjcz
NTM3MWMwHhcNMjUwNjEzMjEwMDM1WhcNMjUwNjE0MjEwMDM1WjAzMTEwLwYDVQQD
Eyg0MDY2ZmFhYmUxYTM1NGQyMjUzZjZjZjQwNDQzMWJhMzYyODA0NTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCf91sDRjzHaslNxNzYOOMNpUIMN
1SdFpVWBGcPpicLfPN+HyED8FAPq+B3qFnlrijj3GAMbsbJgbCtgsINSH14A/XrM
qu4cCLrJ4WfYYd1cqaHATI/BTTj/3j1f43tNftdVnwMQQqZ6V8akx0C2UvFCmONm
/wI1zXaDXenfJTiJA6QRmPVtulCCi/qn0sW3wQR18AhuM54LcJh0Ix4HoEq5aL5o
e9uDE7qIbSU9yEyJS7jzJ/ViGF9ioy5w4Za6MPcQGLP9qrmYuM5EeW9zz4+DRtEY
by2birLou2/is2ANaVmtMu3E6Zv5BDi826FRAo4SlMQ7trbEhLSfSFnZFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBm+qvho1TSJT9s9ARDG6NigEVtMB8GA1UdIwQY
MBaAFM28QxscmIbcKyEAjcz94Y23NTccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYt
M2NkYTcxMzczZGM5LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYtM2NkYTcxMzczZGM5
LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcWtZ8OJq
7RVTjQSkoIMzankBbvAvfUyj5/NwHh2b8vo7ShUX9ykocpD9/6r95gdMkPh31Lai
GTPS9iPk6XW5cDB2if/CL8uF2Y4k7HwARZfNltQlfheW4UD9OSv4XZs2NzrI9JWC
SKcJrnxHVqxZCEeo4nDxzU4izV1k75QnVJl34YTo+ojog9EFeLcOZIztk0I+q/8Z
tsarT6f3GBuyvMo85JFHSVlUQghKOweQyr5C+eXN5sKdP9acNSwR4lHbUn4o0NiR
17kq+F1tqNeIBMkuYnTGR25bUrXwG/NkBglF4gQJ8aHxr5E/TrmSAQde2badvHot
bbQwLZM0HhJtsg==
-----END CERTIFICATE-----