Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
File:                     zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft (raw, json)
Hash identifier:          WM332vSGXP+XK4/YZBRNVYjKaS3s5M4WRgVnAZIzUcg=
Subject key identifier:   C7:A8:32:CD:80:A8:AE:7D:40:6F:86:F2:1D:9F:BF:97:2C:CF:C1:FC
Authority key identifier: CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C
Certificate issuer:       /CN=cdbc431b1c9886dc2b21008dccfde18db735371c
Certificate serial:       019A71B7C02899E6865EBE30C0613D6BC5F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
Manifest number:          0499
Signing time:             Tue 11 Nov 2025 07:00:58 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:58 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:58 +0000
Files and hashes:         1: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl (hash: WEwD9qemm1icgFs7qlbxFbR4dfHMZ1hwRaeMojLIgHw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:c0:28:99:e6:86:5e:be:30:c0:61:3d:6b:c5:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbc431b1c9886dc2b21008dccfde18db735371c
        Validity
            Not Before: Nov 11 07:00:58 2025 GMT
            Not After : Nov 12 07:00:58 2025 GMT
        Subject: CN=c7a832cd80a8ae7d406f86f21d9fbf972ccfc1fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:a7:5b:7d:e0:97:46:f8:8e:81:64:4a:91:6d:
                    6e:24:ec:d8:6b:87:7a:82:96:9a:a8:ab:2a:4a:ff:
                    8e:5c:39:e5:71:1d:98:79:47:5d:c2:75:d4:61:50:
                    fb:9b:81:49:b9:78:14:a9:fe:ab:c3:9f:52:d8:67:
                    1a:7c:42:03:f8:a7:ad:71:3e:8e:b5:b2:94:16:ac:
                    c4:aa:d3:25:77:f0:f2:b7:2d:87:bf:23:78:01:e9:
                    f8:9c:f1:1a:38:ed:ea:2e:05:b7:c3:30:6f:e7:e7:
                    07:0b:19:70:34:53:a5:6a:63:68:02:53:ed:14:63:
                    7e:31:f2:a3:32:6d:72:2b:3f:b3:cf:30:1f:0b:04:
                    21:36:2a:9b:ba:1f:c6:c5:7d:bc:6c:dd:ab:17:aa:
                    50:b4:0f:75:d7:be:59:2f:30:29:e9:7a:7d:ba:d6:
                    66:a9:eb:68:16:8c:f2:25:6c:59:a4:d6:59:63:88:
                    6c:25:b9:35:fc:a9:09:cb:58:60:da:11:9c:29:3b:
                    f9:a4:73:3d:b2:99:9c:43:83:24:bb:f1:95:b4:7b:
                    68:07:f6:b4:df:2c:af:2a:95:ee:00:2e:13:fe:2b:
                    1f:15:64:d0:7f:ad:46:d2:05:80:d9:1a:21:94:df:
                    0b:d9:6d:6e:fc:d1:3e:09:a1:71:ac:9d:85:ba:49:
                    72:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:A8:32:CD:80:A8:AE:7D:40:6F:86:F2:1D:9F:BF:97:2C:CF:C1:FC
            X509v3 Authority Key Identifier:
                keyid:CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         db:e3:3d:59:fa:58:99:a8:35:d3:48:ac:7a:4e:5b:24:3b:9b:
         39:3e:73:35:64:8b:c7:50:26:31:f8:e9:2d:65:b8:39:a1:df:
         b2:0a:bb:8e:77:62:7f:52:cd:ee:52:36:ec:1c:0e:d5:60:73:
         d8:67:22:26:7a:bc:45:d1:39:47:f3:5a:c4:c1:5e:d5:ee:1d:
         c1:bd:d6:6d:60:45:2a:ce:aa:42:29:af:a7:e0:a9:2e:05:0c:
         72:69:d4:83:fd:8c:3d:1b:0b:2f:2a:49:08:2b:dc:ca:8a:f0:
         e7:e5:5a:81:b4:2e:76:e7:96:62:d1:44:34:97:b0:0e:8f:d3:
         91:48:32:41:6a:77:44:95:ef:fb:29:48:e5:91:b7:bd:2f:05:
         e1:d2:de:d9:e1:c8:7d:73:98:95:da:6f:11:fa:70:21:4b:a3:
         5f:45:f9:84:6a:0a:f5:46:83:36:82:18:91:a3:ef:1e:f3:32:
         69:a2:c1:ce:75:bf:00:75:12:32:33:1f:4e:cf:ad:e9:41:98:
         0d:e6:27:79:49:26:b5:60:06:ac:21:07:3f:60:3b:ea:f2:1c:
         ad:d9:66:06:7d:75:8b:25:49:1e:0e:ca:3c:88:04:14:7e:f7:
         d6:39:f1:ab:59:07:65:ed:ea:46:fc:12:cd:88:72:80:f0:8a:
         05:f0:cf:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt8AomeaGXr4wwGE9a8X2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmM0MzFiMWM5ODg2ZGMyYjIxMDA4ZGNjZmRlMThkYjcz
NTM3MWMwHhcNMjUxMTExMDcwMDU4WhcNMjUxMTEyMDcwMDU4WjAzMTEwLwYDVQQD
EyhjN2E4MzJjZDgwYThhZTdkNDA2Zjg2ZjIxZDlmYmY5NzJjY2ZjMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKdbfeCXRviOgWRKkW1uJOzYa4d6
gpaaqKsqSv+OXDnlcR2YeUddwnXUYVD7m4FJuXgUqf6rw59S2GcafEID+KetcT6O
tbKUFqzEqtMld/Dyty2HvyN4Aen4nPEaOO3qLgW3wzBv5+cHCxlwNFOlamNoAlPt
FGN+MfKjMm1yKz+zzzAfCwQhNiqbuh/GxX28bN2rF6pQtA91175ZLzAp6Xp9utZm
qetoFozyJWxZpNZZY4hsJbk1/KkJy1hg2hGcKTv5pHM9spmcQ4Mku/GVtHtoB/a0
3yyvKpXuAC4T/isfFWTQf61G0gWA2RohlN8L2W1u/NE+CaFxrJ2FuklyRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMeoMs2AqK59QG+G8h2fv5csz8H8MB8GA1UdIwQY
MBaAFM28QxscmIbcKyEAjcz94Y23NTccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYt
M2NkYTcxMzczZGM5LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYtM2NkYTcxMzczZGM5
LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2+M9WfpY
mag100isek5bJDubOT5zNWSLx1AmMfjpLWW4OaHfsgq7jndif1LN7lI27BwO1WBz
2GciJnq8RdE5R/NaxMFe1e4dwb3WbWBFKs6qQimvp+CpLgUMcmnUg/2MPRsLLypJ
CCvcyorw5+VagbQudueWYtFENJewDo/TkUgyQWp3RJXv+ylI5ZG3vS8F4dLe2eHI
fXOYldpvEfpwIUujX0X5hGoK9UaDNoIYkaPvHvMyaaLBznW/AHUSMjMfTs+t6UGY
DeYneUkmtWAGrCEHP2A76vIcrdlmBn11iyVJHg7KPIgEFH731jnxq1kHZe3qRvwS
zYhygPCKBfDPXQ==
-----END CERTIFICATE-----