Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
File:                     zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft (raw, json)
Hash identifier:          4Y3jZr2pH3hM9vMHZFTK44HqfDNAq8uc9PkES4jwk4Q=
Subject key identifier:   F2:CE:C5:51:15:11:ED:E3:FF:2A:22:21:E8:C3:C1:34:39:86:F6:C7
Authority key identifier: CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C
Certificate issuer:       /CN=cdbc431b1c9886dc2b21008dccfde18db735371c
Certificate serial:       01989C71D0081A8581F520017C7097CF41CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
Manifest number:          03A6
Signing time:             Tue 12 Aug 2025 04:02:41 +0000
Manifest this update:     Tue 12 Aug 2025 04:02:41 +0000
Manifest next update:     Wed 13 Aug 2025 04:02:41 +0000
Files and hashes:         1: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl (hash: 9V+qi3WhVc3Zb10FE9JJV7peo+3xIXzuh7+QxCyRKhI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 04:02:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9c:71:d0:08:1a:85:81:f5:20:01:7c:70:97:cf:41:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbc431b1c9886dc2b21008dccfde18db735371c
        Validity
            Not Before: Aug 12 04:02:41 2025 GMT
            Not After : Aug 13 04:02:41 2025 GMT
        Subject: CN=f2cec5511511ede3ff2a2221e8c3c1343986f6c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:26:e9:bb:f3:1e:19:ad:02:00:09:1f:ce:9f:
                    5c:ab:4b:e6:82:01:b1:3f:9a:ac:e1:a3:fa:74:d6:
                    2e:32:c3:e7:8c:19:08:1c:ec:bc:31:99:bf:7c:44:
                    f9:9d:cd:37:ca:f9:e7:d8:ee:91:a9:2d:68:17:cf:
                    24:3c:c7:93:a5:f8:9a:99:e4:04:51:11:3d:6d:b8:
                    05:f2:69:a3:08:c6:58:90:d7:78:ad:9d:f3:52:de:
                    80:ab:b1:8d:75:34:31:51:9f:bc:ba:fc:6a:f7:93:
                    ba:fd:5e:a8:8d:03:2e:c4:cd:29:0e:47:d5:05:f7:
                    10:2b:e8:6e:08:6c:e8:23:43:0a:fa:a5:29:27:7b:
                    fd:a1:13:2a:8d:07:d4:96:ff:7c:3d:07:76:41:37:
                    e3:bc:42:ee:26:d0:67:84:b9:c3:30:e1:90:02:a3:
                    00:66:97:40:22:c1:25:14:ba:13:7b:cf:5b:e4:14:
                    09:eb:96:6f:43:77:2c:e2:c6:2c:6a:a2:72:40:c2:
                    24:65:39:9a:25:c9:17:d7:31:d3:06:f2:3b:9c:e8:
                    59:18:5d:0a:eb:b7:e5:58:67:08:c6:d2:c8:2d:5c:
                    62:a3:3c:ec:5d:24:9f:fd:c0:5d:d2:2f:d5:eb:70:
                    bb:4f:89:86:bb:79:85:14:92:f1:42:46:31:a8:c7:
                    f5:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:CE:C5:51:15:11:ED:E3:FF:2A:22:21:E8:C3:C1:34:39:86:F6:C7
            X509v3 Authority Key Identifier:
                keyid:CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:dd:7d:61:74:94:18:ac:35:f9:0f:c6:ac:b2:4f:37:c9:4c:
         ea:67:d5:56:d6:a1:37:2f:4b:ec:30:d2:04:48:63:73:a2:ac:
         ef:52:18:2c:6c:c8:c5:cf:6f:68:27:7c:85:74:21:6d:3e:f3:
         84:9c:09:e4:44:2a:73:9a:15:da:76:cb:7d:d3:df:04:e2:b2:
         f9:36:b6:4b:cd:72:4e:e7:94:45:6b:39:fe:80:dd:8d:60:f0:
         2f:75:0a:92:3f:f0:37:06:46:de:5e:60:3c:b3:4b:28:e9:bd:
         08:ac:aa:fd:11:79:4f:68:d8:6b:8b:ee:19:7a:28:7e:10:8f:
         ab:ac:f4:c2:c9:e3:c8:fc:22:74:94:22:52:53:8f:e7:68:90:
         64:a6:6d:75:6f:9c:77:9d:47:bc:ce:0a:81:00:03:44:f9:12:
         c0:c2:69:1d:13:fb:b4:41:33:ee:d4:01:e6:16:d0:e5:7b:87:
         8d:88:f6:58:c1:13:7b:96:18:26:9b:fa:54:c4:79:17:1c:59:
         78:b5:d4:92:7e:1d:5d:10:b2:a5:83:9a:e4:e9:6b:4b:ed:5a:
         4f:01:11:9e:c8:ea:99:01:3b:75:24:1c:f1:5d:94:1f:96:1c:
         57:ba:ca:1b:8f:2a:f1:fa:cc:ac:8f:1c:b6:2a:47:2e:d4:f2:
         a8:ae:1d:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiccdAIGoWB9SABfHCXz0HNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmM0MzFiMWM5ODg2ZGMyYjIxMDA4ZGNjZmRlMThkYjcz
NTM3MWMwHhcNMjUwODEyMDQwMjQxWhcNMjUwODEzMDQwMjQxWjAzMTEwLwYDVQQD
EyhmMmNlYzU1MTE1MTFlZGUzZmYyYTIyMjFlOGMzYzEzNDM5ODZmNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwybpu/MeGa0CAAkfzp9cq0vmggGx
P5qs4aP6dNYuMsPnjBkIHOy8MZm/fET5nc03yvnn2O6RqS1oF88kPMeTpfiameQE
URE9bbgF8mmjCMZYkNd4rZ3zUt6Aq7GNdTQxUZ+8uvxq95O6/V6ojQMuxM0pDkfV
BfcQK+huCGzoI0MK+qUpJ3v9oRMqjQfUlv98PQd2QTfjvELuJtBnhLnDMOGQAqMA
ZpdAIsElFLoTe89b5BQJ65ZvQ3cs4sYsaqJyQMIkZTmaJckX1zHTBvI7nOhZGF0K
67flWGcIxtLILVxiozzsXSSf/cBd0i/V63C7T4mGu3mFFJLxQkYxqMf1AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPLOxVEVEe3j/yoiIejDwTQ5hvbHMB8GA1UdIwQY
MBaAFM28QxscmIbcKyEAjcz94Y23NTccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYt
M2NkYTcxMzczZGM5LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYtM2NkYTcxMzczZGM5
LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALN19YXSU
GKw1+Q/GrLJPN8lM6mfVVtahNy9L7DDSBEhjc6Ks71IYLGzIxc9vaCd8hXQhbT7z
hJwJ5EQqc5oV2nbLfdPfBOKy+Ta2S81yTueURWs5/oDdjWDwL3UKkj/wNwZG3l5g
PLNLKOm9CKyq/RF5T2jYa4vuGXoofhCPq6z0wsnjyPwidJQiUlOP52iQZKZtdW+c
d51HvM4KgQADRPkSwMJpHRP7tEEz7tQB5hbQ5XuHjYj2WMETe5YYJpv6VMR5FxxZ
eLXUkn4dXRCypYOa5OlrS+1aTwERnsjqmQE7dSQc8V2UH5YcV7rKG48q8frMrI8c
tipHLtTyqK4dbA==
-----END CERTIFICATE-----