Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
File:                     zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft (raw, json)
Hash identifier:          ybkj2CEQ2lRjhg6L0fftcdDQjswrH2dpd7xkl3iwwtQ=
Subject key identifier:   05:F6:0D:A7:CB:DC:97:C8:C6:66:06:D5:53:1C:B6:85:E6:E5:EE:EC
Authority key identifier: CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C
Certificate issuer:       /CN=cdbc431b1c9886dc2b21008dccfde18db735371c
Certificate serial:       019761705E8B85EB89F72CE36A770EA7011D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
Manifest number:          0303
Signing time:             Thu 12 Jun 2025 00:00:43 +0000
Manifest this update:     Thu 12 Jun 2025 00:00:43 +0000
Manifest next update:     Fri 13 Jun 2025 00:00:43 +0000
Files and hashes:         1: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl (hash: dHngG6TsMFCsQ6I1SOnDgfjADfdH/EkKLdW3WkXnvlQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:26:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:70:5e:8b:85:eb:89:f7:2c:e3:6a:77:0e:a7:01:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbc431b1c9886dc2b21008dccfde18db735371c
        Validity
            Not Before: Jun 12 00:00:43 2025 GMT
            Not After : Jun 13 00:00:43 2025 GMT
        Subject: CN=05f60da7cbdc97c8c66606d5531cb685e6e5eeec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:ed:c2:4d:ab:95:79:f7:84:77:73:38:e8:77:
                    92:72:cd:40:58:29:bf:05:bd:05:30:b9:5b:6f:36:
                    2a:bd:1d:34:d5:e8:dc:89:f5:79:af:12:3d:57:be:
                    20:61:1e:c4:89:7a:55:8b:05:1f:22:11:0a:32:98:
                    24:66:18:25:73:dd:de:17:ef:fe:c3:07:f0:28:67:
                    30:0b:8a:27:e9:95:bd:90:cb:cd:f9:bf:9b:3e:5c:
                    1e:41:6a:4d:ec:7a:28:1f:e5:f5:b6:6e:15:0c:63:
                    c2:72:0a:6a:83:a8:4f:56:cc:27:06:13:0e:99:fe:
                    78:d3:b6:ec:fc:d6:0e:9a:00:cb:03:97:08:96:15:
                    ce:2b:03:96:15:77:d8:04:26:a2:45:67:81:f6:fc:
                    23:33:fe:64:4f:a0:14:49:4a:6b:dd:7b:3a:50:52:
                    e2:e1:a2:c5:67:08:c1:a4:6b:02:0e:09:34:e3:a7:
                    91:c7:d8:25:b9:9f:00:be:b0:73:4e:c6:c1:18:00:
                    87:17:cd:f5:c8:82:98:28:93:6e:96:0b:1f:0b:55:
                    a0:cb:b9:59:1e:8e:29:a3:ca:4d:06:20:ea:f0:13:
                    5b:bc:92:95:ec:e8:0d:f1:54:fa:68:c5:07:57:b1:
                    c4:02:88:92:3a:3e:d8:42:49:fb:61:68:95:c5:8b:
                    f4:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:F6:0D:A7:CB:DC:97:C8:C6:66:06:D5:53:1C:B6:85:E6:E5:EE:EC
            X509v3 Authority Key Identifier:
                keyid:CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:37:fa:da:b6:d4:b6:da:c3:c5:2e:85:e7:3b:98:d9:ce:5d:
         74:9c:29:50:92:a2:85:34:ed:04:94:90:b0:fb:24:c5:3b:ba:
         ef:cd:4f:d7:77:6c:20:e9:22:3e:d9:32:b4:b8:9e:e2:27:a6:
         d7:73:b3:74:24:08:98:a6:93:55:e8:44:b0:4c:a1:d6:6d:43:
         2f:5e:35:1d:bd:8f:27:99:6e:c9:95:15:fc:77:3c:6a:25:0e:
         32:db:0e:75:26:b7:8c:cb:c0:4e:cc:0e:61:7c:89:95:ac:be:
         1c:20:85:10:cd:e4:ba:4d:be:c4:9a:ff:ad:fd:c9:15:9b:88:
         6a:08:da:33:14:97:0c:d0:0e:47:de:4f:a8:8c:5c:fe:97:0c:
         19:54:bc:df:6d:08:f9:a8:fd:48:a3:cc:43:49:e0:34:52:a3:
         12:a6:22:ea:4a:eb:99:eb:69:ba:3d:3f:62:1d:f4:69:69:df:
         c7:22:b8:06:1c:b8:43:a1:22:ee:cd:9b:f9:6d:cf:fb:32:a9:
         c1:61:d7:ac:3f:3d:ba:42:25:d9:87:3e:a1:62:1d:72:e3:c2:
         2a:99:ab:04:93:cf:b8:27:f9:5f:30:15:6d:7a:ab:41:9e:c8:
         7c:5d:be:be:9d:4c:ed:a8:a8:92:29:53:e5:ad:42:da:ad:d1:
         4d:d5:e0:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhcF6LheuJ9yzjancOpwEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmM0MzFiMWM5ODg2ZGMyYjIxMDA4ZGNjZmRlMThkYjcz
NTM3MWMwHhcNMjUwNjEyMDAwMDQzWhcNMjUwNjEzMDAwMDQzWjAzMTEwLwYDVQQD
EygwNWY2MGRhN2NiZGM5N2M4YzY2NjA2ZDU1MzFjYjY4NWU2ZTVlZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme3CTauVefeEd3M46HeScs1AWCm/
Bb0FMLlbbzYqvR001ejcifV5rxI9V74gYR7EiXpViwUfIhEKMpgkZhglc93eF+/+
wwfwKGcwC4on6ZW9kMvN+b+bPlweQWpN7HooH+X1tm4VDGPCcgpqg6hPVswnBhMO
mf5407bs/NYOmgDLA5cIlhXOKwOWFXfYBCaiRWeB9vwjM/5kT6AUSUpr3Xs6UFLi
4aLFZwjBpGsCDgk046eRx9gluZ8AvrBzTsbBGACHF831yIKYKJNulgsfC1Wgy7lZ
Ho4po8pNBiDq8BNbvJKV7OgN8VT6aMUHV7HEAoiSOj7YQkn7YWiVxYv0MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAX2DafL3JfIxmYG1VMctoXm5e7sMB8GA1UdIwQY
MBaAFM28QxscmIbcKyEAjcz94Y23NTccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYt
M2NkYTcxMzczZGM5LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYtM2NkYTcxMzczZGM5
LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkjf62rbU
ttrDxS6F5zuY2c5ddJwpUJKihTTtBJSQsPskxTu6781P13dsIOkiPtkytLie4iem
13OzdCQImKaTVehEsEyh1m1DL141Hb2PJ5luyZUV/Hc8aiUOMtsOdSa3jMvATswO
YXyJlay+HCCFEM3kuk2+xJr/rf3JFZuIagjaMxSXDNAOR95PqIxc/pcMGVS8320I
+aj9SKPMQ0ngNFKjEqYi6krrmetpuj0/Yh30aWnfxyK4Bhy4Q6Ei7s2b+W3P+zKp
wWHXrD89ukIl2Yc+oWIdcuPCKpmrBJPPuCf5XzAVbXqrQZ7IfF2+vp1M7aiokilT
5a1C2q3RTdXgiw==
-----END CERTIFICATE-----
Generated at Thu Jun 12 02:52:33 2025 by rpki-client