Manifest

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
File:                     0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft (raw, json)
Hash identifier:          upnJvSHTej5FJdnT+G9yTiiBjR0Y44h+Fui7vrJtYN4=
Subject key identifier:   F2:3F:D0:AE:3F:5F:A7:25:8C:87:EA:A1:5D:9E:FD:04:62:41:26:71
Authority key identifier: 0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32
Certificate issuer:       /CN=0d10e8a763bf8babe96be7ab47f9db59d9d95232
Certificate serial:       7A0B109056AE9336D6665514A2E761112F8F6EB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
Manifest number:          0231
Signing time:             Sat 15 Jun 2024 19:13:19 +0000
Manifest this update:     Sat 15 Jun 2024 19:08:19 +0000
Manifest next update:     Sun 16 Jun 2024 21:19:19 +0000
Files and hashes:         1: AS50555.asa (hash: ePbN1DlpdRtTCyHy7vKgv2r+VmvNe3gE71pPOx01D1U=)
                          2: 0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl (hash: 9PLfIBjQzypQGvdSHT8kWBoQevRzr4yeRG2ham/3/s0=)

Validation:               OK
Signature path:           rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl
                          rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:0b:10:90:56:ae:93:36:d6:66:55:14:a2:e7:61:11:2f:8f:6e:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d10e8a763bf8babe96be7ab47f9db59d9d95232
        Validity
            Not Before: Jun 15 19:08:19 2024 GMT
            Not After : Jun 16 21:19:19 2024 GMT
        Subject: CN=F23FD0AE3F5FA7258C87EAA15D9EFD0462412671
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:b6:7a:a0:5a:15:08:f4:9e:dd:e8:c4:2c:35:
                    3a:41:51:be:72:7f:f4:8c:73:fc:6d:aa:f9:14:ea:
                    7d:68:e3:2a:c0:da:68:c8:c0:f2:e8:b6:27:66:98:
                    16:3f:05:27:da:12:2f:cd:e7:06:f2:a3:bb:c0:cb:
                    40:09:54:66:68:7f:39:3a:21:ae:08:be:0c:24:ff:
                    35:d5:96:e9:30:e4:8c:50:c8:06:0c:93:db:a1:b3:
                    f5:ea:d8:de:67:ed:a3:df:3d:a6:67:cd:01:4c:a4:
                    4a:61:e6:05:ca:84:76:26:31:35:c3:d0:04:ee:2e:
                    d1:ae:c6:f9:ae:1b:d3:b2:df:d3:07:f9:40:39:e9:
                    b3:7b:f5:6a:af:c7:6e:72:e9:5a:54:e7:37:97:ab:
                    99:e3:0c:2c:40:46:b9:ea:4a:4c:8d:c9:0a:3d:28:
                    6d:b4:a2:f7:af:e6:9a:ed:cd:c9:fe:70:51:81:40:
                    14:ae:f1:91:31:74:61:b2:d6:a2:21:f5:0c:d2:c4:
                    23:a6:17:15:1f:68:48:af:b9:8e:c8:8a:d3:fb:c1:
                    b3:ea:e9:f1:7d:1c:ce:e9:05:da:f3:af:73:f5:a9:
                    fa:80:7c:dd:29:ac:b9:85:08:60:24:94:43:f2:13:
                    30:62:53:03:4c:95:14:90:a1:3d:a9:df:b9:62:08:
                    61:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:3F:D0:AE:3F:5F:A7:25:8C:87:EA:A1:5D:9E:FD:04:62:41:26:71
            X509v3 Authority Key Identifier:
                keyid:0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:15:eb:da:44:3d:b9:e0:1b:e3:44:fa:55:0e:7f:65:5f:6c:
         41:d3:79:19:b3:c9:02:b5:43:bc:97:0d:51:7a:10:2b:ce:a0:
         6e:11:ff:da:34:cc:4e:6a:e0:5c:e0:c4:1f:8e:ee:b5:fd:09:
         50:93:c0:e2:35:62:aa:99:86:7b:ef:d9:b7:33:51:4d:37:45:
         a7:0b:f7:4f:98:eb:a2:20:d5:f4:f8:46:8e:2a:9e:92:b6:87:
         3d:d2:69:9e:98:a0:21:eb:77:0c:71:d1:70:89:da:53:2f:e4:
         2d:d4:5b:a5:43:44:0e:37:e0:fe:e2:43:be:0e:70:ad:7a:4b:
         a3:e3:fd:30:20:85:76:e9:7e:a3:75:1d:0b:12:19:df:32:e3:
         6a:22:6b:a4:ff:d1:ac:34:28:81:3c:9f:4b:0c:8e:ba:66:52:
         15:53:46:06:b4:fa:26:58:dc:73:90:bb:4a:32:e9:ee:71:c4:
         a9:16:6c:1f:38:cc:66:c9:fc:44:8f:1f:ba:20:aa:2e:f0:52:
         2e:bd:95:92:12:4d:46:bd:06:74:a6:e3:85:b5:ab:b3:05:ec:
         37:6b:da:d6:6d:de:23:c0:de:f8:56:1e:13:48:f7:88:01:82:
         b1:30:72:29:e8:e0:cc:29:4a:e8:fd:eb:69:7d:06:ee:d6:ac:
         93:80:14:44
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgIUegsQkFaukzbWZlUUoudhES+PbrUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQxMGU4YTc2M2JmOGJhYmU5NmJlN2FiNDdmOWRiNTlk
OWQ5NTIzMjAeFw0yNDA2MTUxOTA4MTlaFw0yNDA2MTYyMTE5MTlaMDMxMTAvBgNV
BAMTKEYyM0ZEMEFFM0Y1RkE3MjU4Qzg3RUFBMTVEOUVGRDA0NjI0MTI2NzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjtnqgWhUI9J7d6MQsNTpBUb5y
f/SMc/xtqvkU6n1o4yrA2mjIwPLotidmmBY/BSfaEi/N5wbyo7vAy0AJVGZofzk6
Ia4Ivgwk/zXVlukw5IxQyAYMk9uhs/Xq2N5n7aPfPaZnzQFMpEph5gXKhHYmMTXD
0ATuLtGuxvmuG9Oy39MH+UA56bN79Wqvx25y6VpU5zeXq5njDCxARrnqSkyNyQo9
KG20ovev5prtzcn+cFGBQBSu8ZExdGGy1qIh9QzSxCOmFxUfaEivuY7IitP7wbPq
6fF9HM7pBdrzr3P1qfqAfN0prLmFCGAklEPyEzBiUwNMlRSQoT2p37liCGELAgMB
AAGjggHzMIIB7zAdBgNVHQ4EFgQU8j/Qrj9fpyWMh+qhXZ79BGJBJnEwHwYDVR0j
BBgwFoAUDRDop2O/i6vpa+erR/nbWdnZUjIwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMC8wRDEwRThBNzYzQkY4QkFCRTk2QkU3QUI0N0Y5REI1OUQ5RDk1
MjMyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvRFJEb3AyT19pNnZwYS1lclJf
bmJXZG5aVWpJLmNlcjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJzeW5j
Oi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMC8wRDEwRThB
NzYzQkY4QkFCRTk2QkU3QUI0N0Y5REI1OUQ5RDk1MjMyLm1mdDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeBXr
2kQ9ueAb40T6VQ5/ZV9sQdN5GbPJArVDvJcNUXoQK86gbhH/2jTMTmrgXODEH47u
tf0JUJPA4jViqpmGe+/ZtzNRTTdFpwv3T5jroiDV9PhGjiqekraHPdJpnpigIet3
DHHRcInaUy/kLdRbpUNEDjfg/uJDvg5wrXpLo+P9MCCFdul+o3UdCxIZ3zLjaiJr
pP/RrDQogTyfSwyOumZSFVNGBrT6Jljcc5C7SjLp7nHEqRZsHzjMZsn8RI8fuiCq
LvBSLr2VkhJNRr0GdKbjhbWrswXsN2va1m3eI8De+FYeE0j3iAGCsTByKejgzClK
6P3raX0G7task4AURA==
-----END CERTIFICATE-----