Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
File:                     zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft (raw, json)
Hash identifier:          7HmDi8k1AgmOkzJUqG0Ab+mJARWVnSwhGg0NT3J0H8o=
Subject key identifier:   BE:2C:BB:C6:18:11:34:D8:E0:AA:2B:C9:C6:E0:44:A3:5D:8D:8F:86
Authority key identifier: CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C
Certificate issuer:       /CN=cdbc431b1c9886dc2b21008dccfde18db735371c
Certificate serial:       019A4D05CCA52E7523DDB68990832CF493ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
Manifest number:          0486
Signing time:             Tue 04 Nov 2025 04:00:16 +0000
Manifest this update:     Tue 04 Nov 2025 04:00:16 +0000
Manifest next update:     Wed 05 Nov 2025 04:00:16 +0000
Files and hashes:         1: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl (hash: 0ft3bDU6j0sYHbkx82Wo9OwtV2xZEd0lzh1IcGoC5B4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:05:cc:a5:2e:75:23:dd:b6:89:90:83:2c:f4:93:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbc431b1c9886dc2b21008dccfde18db735371c
        Validity
            Not Before: Nov  4 04:00:16 2025 GMT
            Not After : Nov  5 04:00:16 2025 GMT
        Subject: CN=be2cbbc6181134d8e0aa2bc9c6e044a35d8d8f86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:62:5a:03:67:00:e3:50:68:8d:4d:cd:a6:b9:
                    47:a3:c0:02:c6:b1:5b:56:89:d1:17:17:1e:2f:4a:
                    00:c5:48:7b:58:10:b4:26:5c:0d:ec:ec:0f:ca:1b:
                    07:ac:2a:3b:a3:b7:87:59:ab:54:78:0e:24:c9:e7:
                    76:9e:00:29:bc:8a:e6:5d:69:67:a9:8e:20:d3:f3:
                    2d:9b:c9:2c:70:2d:05:f0:dd:1a:55:74:df:6c:14:
                    1c:a8:90:12:8d:9c:c4:36:2b:5e:04:63:5d:be:39:
                    7b:32:2d:68:fd:15:d6:f0:d2:23:ae:76:ab:9c:f5:
                    6f:f0:7d:a5:57:ae:e7:9e:b6:a4:a0:42:ed:12:94:
                    d8:d4:2a:45:16:db:22:38:84:70:6d:fd:a4:32:e5:
                    50:96:8b:15:48:ec:cd:02:38:69:eb:7f:1a:9d:57:
                    92:4a:a5:b8:cd:fe:f3:74:55:2f:5f:96:27:dd:97:
                    f1:ef:a6:ab:99:57:da:4c:97:87:e4:1b:91:f5:72:
                    ba:33:a9:f8:cb:50:2f:91:55:fe:5c:ee:19:77:10:
                    db:e3:a9:39:ab:f3:fb:c6:1b:f9:d6:25:58:9b:5d:
                    b3:90:8e:20:54:3b:36:ff:0f:78:19:41:db:57:fa:
                    97:fd:aa:4c:d1:bb:48:22:90:2f:9f:36:63:c9:59:
                    9f:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:2C:BB:C6:18:11:34:D8:E0:AA:2B:C9:C6:E0:44:A3:5D:8D:8F:86
            X509v3 Authority Key Identifier:
                keyid:CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:ba:15:f3:d4:7d:51:19:84:1e:0f:78:c1:7e:d4:13:e9:b3:
         df:2f:5e:f8:11:2b:f6:c1:f4:29:03:ec:e8:ae:d3:4f:d8:37:
         8d:c8:5e:36:e6:04:db:4b:07:83:53:66:0e:18:df:dc:76:13:
         6c:e4:36:c7:62:11:cb:9f:a9:88:61:64:38:07:c6:3d:a7:90:
         d1:52:0b:9a:7a:bf:e9:05:45:20:9a:04:26:11:fb:26:90:a1:
         25:44:2f:45:58:80:c8:42:92:59:6d:d0:33:5d:bb:e5:46:86:
         88:e0:68:48:c0:51:a7:8a:c4:77:0b:d0:57:6c:0f:5f:7d:9c:
         d3:ed:fb:18:61:d9:fa:a4:a0:71:d4:02:81:d9:b5:4b:9e:c7:
         57:29:7d:a9:49:b7:f8:06:1d:55:90:74:ee:1e:2c:ec:d0:73:
         c7:6c:d5:c0:aa:38:db:64:58:71:a7:a3:c0:5a:87:2b:b7:2a:
         b1:22:69:e8:3b:e2:6e:5f:dc:4d:dd:dd:95:7a:7b:c7:5a:4c:
         16:9f:d8:03:8a:16:91:df:4b:b0:10:dd:61:cb:9f:cb:92:ed:
         1d:d0:27:be:ca:d6:3b:05:02:13:91:25:05:7f:4f:85:66:5b:
         4b:7d:56:88:bf:b6:3a:76:9c:b6:f8:b8:38:8f:8a:d8:a5:9a:
         50:e7:fc:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBcylLnUj3baJkIMs9JPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmM0MzFiMWM5ODg2ZGMyYjIxMDA4ZGNjZmRlMThkYjcz
NTM3MWMwHhcNMjUxMTA0MDQwMDE2WhcNMjUxMTA1MDQwMDE2WjAzMTEwLwYDVQQD
EyhiZTJjYmJjNjE4MTEzNGQ4ZTBhYTJiYzljNmUwNDRhMzVkOGQ4Zjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGJaA2cA41BojU3NprlHo8ACxrFb
VonRFxceL0oAxUh7WBC0JlwN7OwPyhsHrCo7o7eHWatUeA4kyed2ngApvIrmXWln
qY4g0/Mtm8kscC0F8N0aVXTfbBQcqJASjZzENiteBGNdvjl7Mi1o/RXW8NIjrnar
nPVv8H2lV67nnrakoELtEpTY1CpFFtsiOIRwbf2kMuVQlosVSOzNAjhp638anVeS
SqW4zf7zdFUvX5Yn3Zfx76armVfaTJeH5BuR9XK6M6n4y1AvkVX+XO4ZdxDb46k5
q/P7xhv51iVYm12zkI4gVDs2/w94GUHbV/qX/apM0btIIpAvnzZjyVmf4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4su8YYETTY4KorycbgRKNdjY+GMB8GA1UdIwQY
MBaAFM28QxscmIbcKyEAjcz94Y23NTccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYt
M2NkYTcxMzczZGM5LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYtM2NkYTcxMzczZGM5
LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZLoV89R9
URmEHg94wX7UE+mz3y9e+BEr9sH0KQPs6K7TT9g3jcheNuYE20sHg1NmDhjf3HYT
bOQ2x2IRy5+piGFkOAfGPaeQ0VILmnq/6QVFIJoEJhH7JpChJUQvRViAyEKSWW3Q
M1275UaGiOBoSMBRp4rEdwvQV2wPX32c0+37GGHZ+qSgcdQCgdm1S57HVyl9qUm3
+AYdVZB07h4s7NBzx2zVwKo422RYcaejwFqHK7cqsSJp6Dvibl/cTd3dlXp7x1pM
Fp/YA4oWkd9LsBDdYcufy5LtHdAnvsrWOwUCE5ElBX9PhWZbS31WiL+2Onactvi4
OI+K2KWaUOf8Aw==
-----END CERTIFICATE-----