Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
File:                     zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft (raw, json)
Hash identifier:          MEquLMvGm3Z6xAI8hZIowbNxel6Xk2HehiRH6JwGIbg=
Subject key identifier:   0D:14:08:C4:AD:09:09:F8:36:B4:51:73:70:F9:69:DC:D7:D3:BE:36
Authority key identifier: CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C
Certificate issuer:       /CN=cdbc431b1c9886dc2b21008dccfde18db735371c
Certificate serial:       01975BA4E186BA11EBDEEF2CEA11FAE1E5E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
Manifest number:          0300
Signing time:             Tue 10 Jun 2025 21:00:21 +0000
Manifest this update:     Tue 10 Jun 2025 21:00:21 +0000
Manifest next update:     Wed 11 Jun 2025 21:00:21 +0000
Files and hashes:         1: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl (hash: b0aiolC6WjK90ZabcEOW4khlaNOStIwvTUFRuTBTpyM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 21:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:a4:e1:86:ba:11:eb:de:ef:2c:ea:11:fa:e1:e5:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbc431b1c9886dc2b21008dccfde18db735371c
        Validity
            Not Before: Jun 10 21:00:21 2025 GMT
            Not After : Jun 11 21:00:21 2025 GMT
        Subject: CN=0d1408c4ad0909f836b4517370f969dcd7d3be36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:5d:b3:6f:22:54:81:36:98:62:a8:97:02:8e:
                    ec:0a:7f:7d:9e:59:a2:98:e5:2e:be:91:24:b4:8a:
                    19:da:13:22:45:87:0a:38:72:9f:80:80:55:02:58:
                    ff:ec:18:c5:d5:0d:fc:79:53:a5:f2:7c:f0:08:d1:
                    a9:4c:d4:11:d4:53:05:27:78:35:57:b1:f9:6b:76:
                    28:3a:23:f4:27:ef:02:d1:9b:2c:a0:0a:c0:de:82:
                    22:4d:30:3d:9b:02:b6:cc:e4:43:72:bc:c9:02:cc:
                    b5:91:ec:b2:e0:8a:51:81:35:57:4e:7e:67:84:0f:
                    80:b4:22:f7:64:af:e6:5e:39:1a:7f:e7:92:9d:3a:
                    b0:60:74:a3:89:67:3e:40:2a:97:53:17:38:ac:98:
                    4c:68:12:61:7d:28:c4:25:95:be:73:87:46:ed:ca:
                    19:1c:15:b2:76:68:28:bf:1b:3d:d5:da:94:62:32:
                    16:e2:62:14:97:45:e2:55:33:c9:73:69:6d:bb:00:
                    0a:15:86:e0:97:eb:2c:5a:c1:5c:ac:65:06:96:38:
                    a9:5d:ee:06:77:5b:d2:5d:76:95:14:f1:10:b4:58:
                    ca:1c:f3:72:ab:4a:89:72:4d:8e:93:e7:54:ea:70:
                    31:23:aa:c4:2a:d5:74:c5:ab:41:68:2b:f0:1f:01:
                    26:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:14:08:C4:AD:09:09:F8:36:B4:51:73:70:F9:69:DC:D7:D3:BE:36
            X509v3 Authority Key Identifier:
                keyid:CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:06:b4:8d:d7:27:56:f6:65:04:f1:b7:04:40:8e:44:93:93:
         0c:be:af:cc:e4:97:cf:68:39:ed:a3:5e:8b:e0:3f:a5:15:b7:
         d3:58:12:7d:16:90:e6:76:dc:a6:d6:03:b4:f2:63:29:1c:d2:
         35:6c:7b:f9:b5:94:e9:9f:b4:23:98:d5:64:33:02:28:88:81:
         6c:4a:b3:25:11:e2:97:20:ec:c9:d2:9c:97:a6:c9:34:95:72:
         d8:60:fe:69:c3:82:80:91:69:ab:27:77:88:6d:e5:25:7c:63:
         5b:ec:4f:80:5e:b9:79:e4:3f:7c:38:22:45:59:ca:11:70:77:
         e4:b4:aa:4d:ae:cd:0f:70:f0:62:17:08:0f:bb:fa:1b:60:a6:
         00:d5:c6:82:e9:5b:71:23:ef:1e:0a:c5:fa:f8:c1:a1:b8:70:
         ab:52:39:9f:a2:71:10:ff:6e:04:39:6b:98:50:bb:19:a5:3a:
         d5:b2:e4:79:19:52:15:11:87:37:09:a0:b7:96:2a:18:b3:78:
         29:40:83:ac:64:1c:ae:86:89:a3:3a:61:53:1a:d9:a2:dd:1d:
         dc:b0:7d:d3:19:80:68:56:ff:ba:6a:9e:bd:af:9e:07:20:6b:
         8c:ff:42:03:09:18:71:1e:bd:1b:07:ef:15:93:29:32:6a:d7:
         78:1c:f6:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbpOGGuhHr3u8s6hH64eXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmM0MzFiMWM5ODg2ZGMyYjIxMDA4ZGNjZmRlMThkYjcz
NTM3MWMwHhcNMjUwNjEwMjEwMDIxWhcNMjUwNjExMjEwMDIxWjAzMTEwLwYDVQQD
EygwZDE0MDhjNGFkMDkwOWY4MzZiNDUxNzM3MGY5NjlkY2Q3ZDNiZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvV2zbyJUgTaYYqiXAo7sCn99nlmi
mOUuvpEktIoZ2hMiRYcKOHKfgIBVAlj/7BjF1Q38eVOl8nzwCNGpTNQR1FMFJ3g1
V7H5a3YoOiP0J+8C0ZssoArA3oIiTTA9mwK2zORDcrzJAsy1keyy4IpRgTVXTn5n
hA+AtCL3ZK/mXjkaf+eSnTqwYHSjiWc+QCqXUxc4rJhMaBJhfSjEJZW+c4dG7coZ
HBWydmgovxs91dqUYjIW4mIUl0XiVTPJc2ltuwAKFYbgl+ssWsFcrGUGljipXe4G
d1vSXXaVFPEQtFjKHPNyq0qJck2Ok+dU6nAxI6rEKtV0xatBaCvwHwEmdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0UCMStCQn4NrRRc3D5adzX0742MB8GA1UdIwQY
MBaAFM28QxscmIbcKyEAjcz94Y23NTccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYt
M2NkYTcxMzczZGM5LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYtM2NkYTcxMzczZGM5
LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADga0jdcn
VvZlBPG3BECORJOTDL6vzOSXz2g57aNei+A/pRW301gSfRaQ5nbcptYDtPJjKRzS
NWx7+bWU6Z+0I5jVZDMCKIiBbEqzJRHilyDsydKcl6bJNJVy2GD+acOCgJFpqyd3
iG3lJXxjW+xPgF65eeQ/fDgiRVnKEXB35LSqTa7ND3DwYhcID7v6G2CmANXGgulb
cSPvHgrF+vjBobhwq1I5n6JxEP9uBDlrmFC7GaU61bLkeRlSFRGHNwmgt5YqGLN4
KUCDrGQcroaJozphUxrZot0d3LB90xmAaFb/umqeva+eByBrjP9CAwkYcR69Gwfv
FZMpMmrXeBz2ug==
-----END CERTIFICATE-----
Generated at Wed Jun 11 07:40:32 2025 by rpki-client