Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
File:                     zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft (raw, json)
Hash identifier:          M4qKJTGnzvgSleh/w2o1NLienIJSOUUN/vVTmjWhxNo=
Subject key identifier:   37:04:30:4D:5A:C1:D9:C5:24:1B:E9:23:F4:89:25:AB:DF:D5:18:37
Authority key identifier: CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C
Certificate issuer:       /CN=cdbc431b1c9886dc2b21008dccfde18db735371c
Certificate serial:       019770E34F01A1DFC9BFF19E5D4934A5C52D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
Manifest number:          030B
Signing time:             Sun 15 Jun 2025 00:00:34 +0000
Manifest this update:     Sun 15 Jun 2025 00:00:34 +0000
Manifest next update:     Mon 16 Jun 2025 00:00:34 +0000
Files and hashes:         1: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl (hash: DHJocnRBoR8HYMd8NISxp/EWQVV+8tMH+FQGCsSGsVk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 00:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:e3:4f:01:a1:df:c9:bf:f1:9e:5d:49:34:a5:c5:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbc431b1c9886dc2b21008dccfde18db735371c
        Validity
            Not Before: Jun 15 00:00:34 2025 GMT
            Not After : Jun 16 00:00:34 2025 GMT
        Subject: CN=3704304d5ac1d9c5241be923f48925abdfd51837
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:2c:a9:ff:47:52:0a:74:76:c9:86:89:49:2d:
                    1b:2f:d1:57:ae:b8:3b:6f:a1:8f:35:7f:b5:47:dd:
                    fc:71:c4:c6:e5:3b:27:2e:7e:3d:af:29:51:0c:d3:
                    e7:65:61:97:6e:11:6a:0f:4d:03:fe:19:d2:e5:24:
                    bc:bd:b4:33:06:fe:17:f6:e4:c3:a6:5b:af:56:05:
                    36:cb:f2:7b:41:7c:72:95:1e:ad:26:45:b1:f9:ec:
                    1a:13:cd:26:4b:34:e2:e0:05:1f:56:67:83:f7:b1:
                    9a:e2:b6:7a:51:c3:06:8e:47:a5:9f:e1:b0:32:6c:
                    d2:9e:5a:b6:78:74:0a:0d:0d:08:39:d4:b6:ea:86:
                    6e:1c:66:16:75:f3:b4:b1:e5:3f:1c:97:f2:95:31:
                    b6:a7:a9:98:2c:9f:54:21:4a:c4:7a:a7:f0:25:f3:
                    16:30:f1:95:f0:41:ab:5f:cd:16:28:e8:95:b9:f8:
                    b9:14:d1:bc:4c:3f:69:b7:5c:79:28:2f:89:2c:4c:
                    a7:12:ad:33:c2:11:89:32:2b:4a:91:50:c8:09:12:
                    20:f1:77:4d:7c:0d:98:9e:de:36:51:7d:bf:96:b8:
                    90:d1:d6:5c:78:c4:9a:a0:ed:7d:56:55:5a:99:c5:
                    c5:38:b0:f6:ee:a7:36:da:6a:b8:85:ca:17:fe:eb:
                    7b:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:04:30:4D:5A:C1:D9:C5:24:1B:E9:23:F4:89:25:AB:DF:D5:18:37
            X509v3 Authority Key Identifier:
                keyid:CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:1c:45:2b:d6:69:82:ee:5b:08:9b:df:69:87:3e:59:df:49:
         a4:c9:9d:e9:3d:d0:4e:e7:57:7b:a0:d1:6a:39:92:ea:12:19:
         32:55:6c:a2:37:54:c6:02:b1:9f:3b:60:4c:a8:7c:8c:3a:a2:
         6b:18:44:8f:6e:eb:76:dd:af:f2:8c:58:b4:a4:b0:47:77:93:
         ca:f7:5e:c2:84:fd:a3:5e:8c:ae:f2:e5:2b:89:3c:98:b6:e5:
         c3:86:17:5a:aa:3a:26:74:ff:a5:b1:6e:76:ce:e6:c2:9a:2d:
         27:58:a7:59:c8:a0:21:1d:02:ad:80:62:1e:8b:e8:ce:a2:d5:
         3b:7f:cf:4e:ee:7b:a4:38:ea:b2:f5:29:9e:e4:a5:60:64:30:
         06:6c:a3:d1:c7:96:dd:a9:d0:df:5c:42:28:63:5d:66:1d:7f:
         68:5a:27:5a:81:90:f4:10:b8:17:a2:54:38:fc:fc:f2:c3:70:
         9a:f8:7a:38:d9:1e:b5:1b:47:62:74:bb:c3:00:84:7e:73:f6:
         f7:91:18:bc:94:5b:26:ff:cb:19:0d:ab:2d:c2:45:9b:74:dc:
         d0:78:e9:22:1e:43:b2:e8:eb:88:c5:89:6e:21:25:cb:b4:44:
         78:56:7c:70:88:30:78:ea:3d:8c:a6:29:33:c5:8a:59:ef:04:
         54:d3:43:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdw408Bod/Jv/GeXUk0pcUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmM0MzFiMWM5ODg2ZGMyYjIxMDA4ZGNjZmRlMThkYjcz
NTM3MWMwHhcNMjUwNjE1MDAwMDM0WhcNMjUwNjE2MDAwMDM0WjAzMTEwLwYDVQQD
EygzNzA0MzA0ZDVhYzFkOWM1MjQxYmU5MjNmNDg5MjVhYmRmZDUxODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSyp/0dSCnR2yYaJSS0bL9FXrrg7
b6GPNX+1R938ccTG5TsnLn49rylRDNPnZWGXbhFqD00D/hnS5SS8vbQzBv4X9uTD
pluvVgU2y/J7QXxylR6tJkWx+ewaE80mSzTi4AUfVmeD97Ga4rZ6UcMGjkeln+Gw
MmzSnlq2eHQKDQ0IOdS26oZuHGYWdfO0seU/HJfylTG2p6mYLJ9UIUrEeqfwJfMW
MPGV8EGrX80WKOiVufi5FNG8TD9pt1x5KC+JLEynEq0zwhGJMitKkVDICRIg8XdN
fA2Ynt42UX2/lriQ0dZceMSaoO19VlVamcXFOLD27qc22mq4hcoX/ut75QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDcEME1awdnFJBvpI/SJJavf1Rg3MB8GA1UdIwQY
MBaAFM28QxscmIbcKyEAjcz94Y23NTccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYt
M2NkYTcxMzczZGM5LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYtM2NkYTcxMzczZGM5
LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANRxFK9Zp
gu5bCJvfaYc+Wd9JpMmd6T3QTudXe6DRajmS6hIZMlVsojdUxgKxnztgTKh8jDqi
axhEj27rdt2v8oxYtKSwR3eTyvdewoT9o16MrvLlK4k8mLblw4YXWqo6JnT/pbFu
ds7mwpotJ1inWcigIR0CrYBiHovozqLVO3/PTu57pDjqsvUpnuSlYGQwBmyj0ceW
3anQ31xCKGNdZh1/aFonWoGQ9BC4F6JUOPz88sNwmvh6ONketRtHYnS7wwCEfnP2
95EYvJRbJv/LGQ2rLcJFm3Tc0HjpIh5DsujriMWJbiEly7REeFZ8cIgweOo9jKYp
M8WKWe8EVNNDgA==
-----END CERTIFICATE-----