Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
File:                     zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft (raw, json)
Hash identifier:          p3GR6i93d8jicZK8ogcAHawoOMZRbiOwMXPGLSfCb38=
Subject key identifier:   B0:2E:BB:FC:C7:97:BD:FC:27:6B:83:F8:24:09:9D:4A:E7:08:91:16
Authority key identifier: CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C
Certificate issuer:       /CN=cdbc431b1c9886dc2b21008dccfde18db735371c
Certificate serial:       019921B2204B4A6DD664D631FC9C4A3C1285
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
Manifest number:          03EB
Signing time:             Sun 07 Sep 2025 01:02:25 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:25 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:25 +0000
Files and hashes:         1: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl (hash: 0e36ZPUD7dM02O42ta7Vd3QrXFEFL1m29Xl3B02/dLo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b2:20:4b:4a:6d:d6:64:d6:31:fc:9c:4a:3c:12:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbc431b1c9886dc2b21008dccfde18db735371c
        Validity
            Not Before: Sep  7 01:02:25 2025 GMT
            Not After : Sep  8 01:02:25 2025 GMT
        Subject: CN=b02ebbfcc797bdfc276b83f824099d4ae7089116
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:9d:60:1a:3c:b5:aa:88:59:8e:9a:8c:a5:03:
                    6b:8e:ac:9e:ec:03:d0:82:96:40:4c:9c:77:b8:1a:
                    06:95:e5:96:1c:39:2d:4f:c4:1c:83:fa:ca:6a:0b:
                    08:1c:a5:7a:32:21:b4:ea:be:28:35:41:ea:e0:ab:
                    73:3f:35:b3:df:37:a3:30:7f:e4:26:b3:54:4b:30:
                    3b:4b:a4:6e:32:f1:55:d6:58:01:8e:96:a4:59:b7:
                    91:47:06:18:53:35:72:05:a9:11:4e:8a:6e:d9:2d:
                    0a:9f:f9:6b:b6:27:9b:26:a1:a3:25:f8:82:c7:cc:
                    0e:a9:6f:3a:ea:75:9b:25:22:79:87:af:d7:0b:e3:
                    9a:6c:e4:6e:63:b0:c0:43:a4:7e:d6:97:f4:fe:b1:
                    eb:92:65:0c:a6:5b:20:fa:04:82:78:f3:49:83:37:
                    fb:93:f3:fe:9d:fd:fa:70:84:cf:8a:af:ae:4a:ba:
                    74:cd:35:5f:64:db:6b:61:f2:99:6f:d6:07:6a:99:
                    83:82:b8:aa:08:19:2e:53:4f:d5:7f:74:78:5b:0e:
                    cf:dc:ed:78:3c:87:47:f6:bb:e5:d1:f1:68:64:5a:
                    e8:7e:6e:48:0b:a8:73:17:80:53:9e:6d:30:a4:d1:
                    ce:1a:20:78:b7:8d:53:64:e7:88:00:55:e8:27:b1:
                    ca:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:2E:BB:FC:C7:97:BD:FC:27:6B:83:F8:24:09:9D:4A:E7:08:91:16
            X509v3 Authority Key Identifier:
                keyid:CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:3c:e7:fc:1c:0a:6a:5b:8b:1a:d6:46:d1:73:a3:ce:a6:18:
         a4:49:8b:0e:b1:18:26:d4:43:06:c9:eb:fe:01:c8:a0:af:c3:
         2c:ec:15:e6:8f:ed:9a:f3:7e:8d:2a:39:c1:d1:1e:85:90:5b:
         4a:08:2d:68:ee:2c:35:5e:d2:6c:83:2b:3a:ff:74:86:d0:96:
         66:3e:9c:a1:62:c6:f3:30:d3:60:4a:9e:9b:70:ac:cb:b2:b1:
         d2:e5:16:dc:fc:23:20:9e:09:5f:5b:01:0f:e5:ff:ff:69:bd:
         f0:53:f6:14:7d:36:f9:74:74:b0:bd:91:d7:40:8c:7a:9f:ca:
         03:5a:fb:0f:98:81:87:15:8f:76:a6:dc:07:70:0e:c3:a9:14:
         1e:6d:ea:90:1c:21:23:42:4b:c6:0b:5c:84:be:b0:a7:af:67:
         f2:19:29:3a:c1:26:f9:93:f3:ae:ac:02:88:02:e6:f3:cc:ce:
         60:8e:9a:0b:4a:7a:83:6c:dd:c0:b3:19:73:77:d7:e1:15:36:
         37:79:2d:c7:9c:9d:8a:9f:7d:be:31:bc:1b:1a:0b:ad:f0:2d:
         88:8f:c8:97:cc:c9:b8:8c:62:6d:68:84:ff:37:fb:c9:3b:2a:
         76:de:42:e8:4b:c1:e6:f6:34:85:81:92:42:d0:d9:43:0a:4b:
         3a:09:dc:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsiBLSm3WZNYx/JxKPBKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmM0MzFiMWM5ODg2ZGMyYjIxMDA4ZGNjZmRlMThkYjcz
NTM3MWMwHhcNMjUwOTA3MDEwMjI1WhcNMjUwOTA4MDEwMjI1WjAzMTEwLwYDVQQD
EyhiMDJlYmJmY2M3OTdiZGZjMjc2YjgzZjgyNDA5OWQ0YWU3MDg5MTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp1gGjy1qohZjpqMpQNrjqye7APQ
gpZATJx3uBoGleWWHDktT8Qcg/rKagsIHKV6MiG06r4oNUHq4KtzPzWz3zejMH/k
JrNUSzA7S6RuMvFV1lgBjpakWbeRRwYYUzVyBakRTopu2S0Kn/lrtiebJqGjJfiC
x8wOqW866nWbJSJ5h6/XC+OabORuY7DAQ6R+1pf0/rHrkmUMplsg+gSCePNJgzf7
k/P+nf36cITPiq+uSrp0zTVfZNtrYfKZb9YHapmDgriqCBkuU0/Vf3R4Ww7P3O14
PIdH9rvl0fFoZFrofm5IC6hzF4BTnm0wpNHOGiB4t41TZOeIAFXoJ7HK7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLAuu/zHl738J2uD+CQJnUrnCJEWMB8GA1UdIwQY
MBaAFM28QxscmIbcKyEAjcz94Y23NTccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYt
M2NkYTcxMzczZGM5LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYtM2NkYTcxMzczZGM5
LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgDzn/BwK
aluLGtZG0XOjzqYYpEmLDrEYJtRDBsnr/gHIoK/DLOwV5o/tmvN+jSo5wdEehZBb
SggtaO4sNV7SbIMrOv90htCWZj6coWLG8zDTYEqem3Csy7Kx0uUW3PwjIJ4JX1sB
D+X//2m98FP2FH02+XR0sL2R10CMep/KA1r7D5iBhxWPdqbcB3AOw6kUHm3qkBwh
I0JLxgtchL6wp69n8hkpOsEm+ZPzrqwCiALm88zOYI6aC0p6g2zdwLMZc3fX4RU2
N3ktx5ydip99vjG8GxoLrfAtiI/Il8zJuIxibWiE/zf7yTsqdt5C6EvB5vY0hYGS
QtDZQwpLOgncfQ==
-----END CERTIFICATE-----