Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2fbf83-b28b-4d36-b118-eb1086075167/1/aCfcIhVE_HQhURKlgS3hlqKHLoY.mft
File:                     aCfcIhVE_HQhURKlgS3hlqKHLoY.mft (raw, json)
Hash identifier:          AB3eJyZiRLgzEbv6IQiloyUyiClCD8PiTfL95NJ3pbs=
Subject key identifier:   BA:D4:58:7F:A9:DF:08:F2:D2:43:47:77:A9:14:B2:83:68:04:60:56
Authority key identifier: 68:27:DC:22:15:44:FC:74:21:51:12:A5:81:2D:E1:96:A2:87:2E:86
Certificate issuer:       /CN=6827dc221544fc74215112a5812de196a2872e86
Certificate serial:       019034E057A3A74EB03F5B3CF2FC0FF2DDAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aCfcIhVE_HQhURKlgS3hlqKHLoY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2fbf83-b28b-4d36-b118-eb1086075167/1/aCfcIhVE_HQhURKlgS3hlqKHLoY.mft
Manifest number:          11D1
Signing time:             Thu 20 Jun 2024 09:00:36 +0000
Manifest this update:     Thu 20 Jun 2024 09:00:36 +0000
Manifest next update:     Fri 21 Jun 2024 09:00:36 +0000
Files and hashes:         1: QrmyC4CIx2vv7Z-lUNdnjNCZypc.roa (hash: IKXQv/kemTMUqLb8i87zPHnPLw6tP7Q9dpNF+PZ6HJ0=)
                          2: aCfcIhVE_HQhURKlgS3hlqKHLoY.crl (hash: nrq6irGX8qqRHJcT7dHczvYNnTTZ1GRDXFD0a2tTFmk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/2fbf83-b28b-4d36-b118-eb1086075167/1/aCfcIhVE_HQhURKlgS3hlqKHLoY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/2fbf83-b28b-4d36-b118-eb1086075167/1/aCfcIhVE_HQhURKlgS3hlqKHLoY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aCfcIhVE_HQhURKlgS3hlqKHLoY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 21 Jun 2024 03:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:34:e0:57:a3:a7:4e:b0:3f:5b:3c:f2:fc:0f:f2:dd:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6827dc221544fc74215112a5812de196a2872e86
        Validity
            Not Before: Jun 20 09:00:36 2024 GMT
            Not After : Jun 21 09:00:36 2024 GMT
        Subject: CN=bad4587fa9df08f2d2434777a914b28368046056
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d3:c8:d5:15:17:31:6a:58:c7:a6:2c:cd:c1:
                    9f:33:d7:75:13:62:f2:e2:9d:8b:c8:ff:63:38:e4:
                    98:25:22:19:e4:5f:ee:fc:b0:89:7e:85:45:77:ef:
                    75:c6:3a:91:97:5c:bc:b0:31:9d:48:f3:37:37:96:
                    71:7b:04:20:a4:49:cd:ee:69:23:ea:43:de:14:dd:
                    91:55:f3:5d:6e:b4:7a:18:43:6f:f3:c1:06:f6:dd:
                    d9:25:c8:5c:7e:a3:9d:c6:81:1b:3e:fa:b7:b6:f7:
                    5d:81:26:2d:99:b5:a1:56:3f:88:62:cf:f8:cc:83:
                    c8:5e:b0:8a:a7:88:b9:f9:2a:7c:47:31:fc:30:6c:
                    32:3b:2b:84:75:62:72:cc:81:1d:63:5d:3a:87:81:
                    86:0e:93:40:72:97:19:9f:1d:67:09:75:99:2a:38:
                    36:b5:72:fd:33:80:19:1c:6f:b8:f7:09:a0:4b:f3:
                    e6:f8:b3:27:fc:b9:5d:56:b5:7b:d6:df:cf:77:a4:
                    68:4d:22:49:28:09:8c:d0:2c:73:54:76:13:07:71:
                    46:9a:eb:e5:e7:9f:1e:e5:55:2b:e3:2e:36:1d:c1:
                    21:7e:ee:70:bc:96:b8:66:df:ae:24:91:7a:7f:c4:
                    b3:67:bc:f3:c0:f2:34:ca:88:ba:e0:53:d5:31:2a:
                    3c:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:D4:58:7F:A9:DF:08:F2:D2:43:47:77:A9:14:B2:83:68:04:60:56
            X509v3 Authority Key Identifier:
                keyid:68:27:DC:22:15:44:FC:74:21:51:12:A5:81:2D:E1:96:A2:87:2E:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCfcIhVE_HQhURKlgS3hlqKHLoY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2fbf83-b28b-4d36-b118-eb1086075167/1/aCfcIhVE_HQhURKlgS3hlqKHLoY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2fbf83-b28b-4d36-b118-eb1086075167/1/aCfcIhVE_HQhURKlgS3hlqKHLoY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:0c:a4:40:23:37:de:3f:b3:15:15:db:ed:99:fe:0a:08:7e:
         07:bc:a5:7a:49:a2:58:8f:5e:91:6b:8d:b8:3b:c6:de:9c:44:
         98:b9:19:3c:da:d8:e7:1a:f4:93:42:9f:22:b7:9c:72:82:a1:
         20:d1:f8:cb:50:27:72:ca:73:8a:31:94:4b:dd:89:0d:88:5c:
         dc:c8:39:5c:c1:77:ac:c4:1b:da:c0:fc:fe:bc:d6:69:0a:52:
         17:3d:2a:d7:a2:33:98:cd:92:0c:ad:92:9d:35:1d:d5:39:33:
         1f:5c:7e:b8:60:c8:90:56:63:59:0a:19:bd:a6:93:c3:49:ae:
         f5:4b:f0:ae:3d:22:a9:c5:5c:78:1d:fc:cb:4b:51:44:ba:fb:
         35:1d:06:c1:56:f5:e3:a8:b9:67:30:b6:a6:6b:13:71:49:47:
         36:d1:49:66:f4:18:1d:bc:06:51:ec:44:6c:19:02:58:3b:e7:
         16:8c:7d:ed:7c:f0:25:81:05:d1:f9:24:82:b6:21:53:c9:91:
         79:bc:81:de:cd:cc:d8:5a:d0:a6:c9:c5:c0:ac:e0:0f:8a:50:
         9d:7d:76:38:80:60:ca:6b:f6:c7:8e:9f:8e:da:73:12:a1:61:
         6b:58:01:bb:9d:56:cd:ae:03:33:d8:ea:cd:eb:6c:c0:bf:c1:
         8c:35:79:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZA04Fejp06wP1s88vwP8t2tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MjdkYzIyMTU0NGZjNzQyMTUxMTJhNTgxMmRlMTk2YTI4
NzJlODYwHhcNMjQwNjIwMDkwMDM2WhcNMjQwNjIxMDkwMDM2WjAzMTEwLwYDVQQD
EyhiYWQ0NTg3ZmE5ZGYwOGYyZDI0MzQ3NzdhOTE0YjI4MzY4MDQ2MDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNPI1RUXMWpYx6YszcGfM9d1E2Ly
4p2LyP9jOOSYJSIZ5F/u/LCJfoVFd+91xjqRl1y8sDGdSPM3N5ZxewQgpEnN7mkj
6kPeFN2RVfNdbrR6GENv88EG9t3ZJchcfqOdxoEbPvq3tvddgSYtmbWhVj+IYs/4
zIPIXrCKp4i5+Sp8RzH8MGwyOyuEdWJyzIEdY106h4GGDpNAcpcZnx1nCXWZKjg2
tXL9M4AZHG+49wmgS/Pm+LMn/LldVrV71t/Pd6RoTSJJKAmM0CxzVHYTB3FGmuvl
558e5VUr4y42HcEhfu5wvJa4Zt+uJJF6f8SzZ7zzwPI0yoi64FPVMSo8FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrUWH+p3wjy0kNHd6kUsoNoBGBWMB8GA1UdIwQY
MBaAFGgn3CIVRPx0IVESpYEt4Zaihy6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUNmY0loVkVfSFFoVVJLbGdTM2hscUtITG9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZmJmODMtYjI4Yi00ZDM2LWIxMTgt
ZWIxMDg2MDc1MTY3LzEvYUNmY0loVkVfSFFoVVJLbGdTM2hscUtITG9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZmJmODMtYjI4Yi00ZDM2LWIxMTgtZWIxMDg2MDc1MTY3
LzEvYUNmY0loVkVfSFFoVVJLbGdTM2hscUtITG9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmAykQCM3
3j+zFRXb7Zn+Cgh+B7ylekmiWI9ekWuNuDvG3pxEmLkZPNrY5xr0k0KfIreccoKh
INH4y1AncspzijGUS92JDYhc3Mg5XMF3rMQb2sD8/rzWaQpSFz0q16IzmM2SDK2S
nTUd1TkzH1x+uGDIkFZjWQoZvaaTw0mu9Uvwrj0iqcVceB38y0tRRLr7NR0GwVb1
46i5ZzC2pmsTcUlHNtFJZvQYHbwGUexEbBkCWDvnFox97XzwJYEF0fkkgrYhU8mR
ebyB3s3M2FrQpsnFwKzgD4pQnX12OIBgymv2x46fjtpzEqFha1gBu51Wza4DM9jq
zetswL/BjDV5BA==
-----END CERTIFICATE-----
Generated at Thu Jun 20 10:21:50 2024 by rpki-client on console-ams.rpki-client.org