Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/484d54-f468-479f-9758-e1ff8638634b/1/qmffuIKufY5V0lhlF0L05s5DcBk.mft
File:                     qmffuIKufY5V0lhlF0L05s5DcBk.mft (raw, json)
Hash identifier:          semkc7ZoyEB1oWpC/XLyYdScRJenKpuW1P37tUp+VLE=
Subject key identifier:   5B:05:6D:B6:80:31:CA:43:6C:16:DC:BD:0F:3C:7B:31:73:31:17:99
Authority key identifier: AA:67:DF:B8:82:AE:7D:8E:55:D2:58:65:17:42:F4:E6:CE:43:70:19
Certificate issuer:       /CN=aa67dfb882ae7d8e55d258651742f4e6ce437019
Certificate serial:       01903AE47920C3DBDC45FBAE2343A8A00DEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qmffuIKufY5V0lhlF0L05s5DcBk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/484d54-f468-479f-9758-e1ff8638634b/1/qmffuIKufY5V0lhlF0L05s5DcBk.mft
Manifest number:          11D3
Signing time:             Fri 21 Jun 2024 13:02:49 +0000
Manifest this update:     Fri 21 Jun 2024 13:02:49 +0000
Manifest next update:     Sat 22 Jun 2024 13:02:49 +0000
Files and hashes:         1: R-nm7JlFGOLqZ7Qzb3lHnRCD0zM.roa (hash: SyZvvuADZCxbYSiEt/tYm8cL3fZLYslLzSPDGZyS53M=)
                          2: qmffuIKufY5V0lhlF0L05s5DcBk.crl (hash: +n71Gn4VpYWpa1vn54hOeKorsdv6kDNG2TxvbXrr6ss=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/484d54-f468-479f-9758-e1ff8638634b/1/qmffuIKufY5V0lhlF0L05s5DcBk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/484d54-f468-479f-9758-e1ff8638634b/1/qmffuIKufY5V0lhlF0L05s5DcBk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qmffuIKufY5V0lhlF0L05s5DcBk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 22 Jun 2024 09:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:3a:e4:79:20:c3:db:dc:45:fb:ae:23:43:a8:a0:0d:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa67dfb882ae7d8e55d258651742f4e6ce437019
        Validity
            Not Before: Jun 21 13:02:49 2024 GMT
            Not After : Jun 22 13:02:49 2024 GMT
        Subject: CN=5b056db68031ca436c16dcbd0f3c7b3173311799
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:cc:0c:6c:af:eb:6c:ef:c4:c0:1f:33:13:f0:
                    b6:44:5c:5e:55:b1:89:b9:f3:89:d9:fc:50:1b:71:
                    12:9e:37:c8:a7:9c:03:97:fe:35:dd:de:c9:19:3b:
                    70:10:ce:db:27:49:81:64:52:e1:46:87:0c:7f:e2:
                    7d:8a:6f:d3:55:d7:5f:c7:78:10:57:2b:5b:cb:b5:
                    2f:22:4f:46:f6:8f:e7:6b:c4:c4:44:70:a7:13:95:
                    ba:10:e0:86:a2:1c:c3:75:77:7c:3f:1b:dd:5d:41:
                    44:38:34:cd:4d:30:bc:10:81:11:74:e5:ee:bd:f2:
                    c1:81:cb:ee:e3:f5:48:ec:3c:31:d8:c2:2a:a3:e7:
                    27:69:a7:db:4a:dd:26:3e:4d:5d:11:b4:fb:6e:3c:
                    b8:5d:7e:d8:c5:d8:13:8f:1b:ca:db:a3:56:07:ca:
                    28:b9:94:20:85:58:6f:87:50:e7:62:5c:d1:00:73:
                    74:c9:5f:17:10:36:6c:2f:fb:c3:b9:df:60:18:9b:
                    1b:7d:87:f7:ee:cf:a5:47:e2:a3:2a:71:a0:e6:27:
                    bb:13:f1:5c:23:2d:31:d9:85:cc:57:26:90:ed:05:
                    26:7f:fb:31:c6:d8:5d:b5:3d:66:1f:b7:da:b0:fd:
                    33:4b:ee:b9:b9:84:e5:48:c7:f6:fc:c3:e2:f2:8a:
                    40:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:05:6D:B6:80:31:CA:43:6C:16:DC:BD:0F:3C:7B:31:73:31:17:99
            X509v3 Authority Key Identifier:
                keyid:AA:67:DF:B8:82:AE:7D:8E:55:D2:58:65:17:42:F4:E6:CE:43:70:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qmffuIKufY5V0lhlF0L05s5DcBk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/484d54-f468-479f-9758-e1ff8638634b/1/qmffuIKufY5V0lhlF0L05s5DcBk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/484d54-f468-479f-9758-e1ff8638634b/1/qmffuIKufY5V0lhlF0L05s5DcBk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:8a:66:57:dc:c1:74:1d:f4:37:17:ea:e0:c5:0e:bc:2c:1b:
         72:5e:17:a8:0d:b3:79:7f:2f:68:5e:20:0a:8c:f8:b5:fd:97:
         6c:4b:3c:70:ad:3b:5d:5f:ea:24:ae:e2:28:4c:58:ea:5e:66:
         dc:d9:6e:ad:2c:b2:32:c6:fd:37:40:8a:b6:47:73:77:aa:22:
         04:25:36:77:56:cf:bf:cb:3e:1b:ac:10:b0:26:40:ca:36:8f:
         5d:25:7e:40:f4:bd:a9:67:73:50:9c:f3:e1:ff:70:d0:db:4b:
         ee:d0:6a:f9:59:a4:8f:c2:cd:fc:70:0c:a3:0c:1b:e0:c3:f8:
         af:34:0c:47:0b:d7:12:fd:9c:6a:5f:22:02:46:11:c8:7b:66:
         f9:48:ac:00:d8:ca:72:a7:c0:5f:4e:bc:48:44:f0:22:f4:fb:
         51:d5:41:0a:fe:02:9d:71:a9:f9:84:23:2e:80:80:9e:84:cd:
         88:09:8d:52:20:e8:a2:27:28:dc:78:ae:9c:b3:0f:94:7f:fd:
         b2:95:f1:1f:08:08:ff:2d:8d:21:d1:94:8a:84:d3:c2:b7:82:
         b6:8c:a8:b2:76:3f:d8:ce:d4:1b:a2:38:b7:0d:08:8c:99:74:
         93:26:0d:55:6a:00:ea:a1:93:bf:87:60:c2:e0:12:59:36:d3:
         14:06:af:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZA65Hkgw9vcRfuuI0OooA3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNjdkZmI4ODJhZTdkOGU1NWQyNTg2NTE3NDJmNGU2Y2U0
MzcwMTkwHhcNMjQwNjIxMTMwMjQ5WhcNMjQwNjIyMTMwMjQ5WjAzMTEwLwYDVQQD
Eyg1YjA1NmRiNjgwMzFjYTQzNmMxNmRjYmQwZjNjN2IzMTczMzExNzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cwMbK/rbO/EwB8zE/C2RFxeVbGJ
ufOJ2fxQG3ESnjfIp5wDl/413d7JGTtwEM7bJ0mBZFLhRocMf+J9im/TVddfx3gQ
Vytby7UvIk9G9o/na8TERHCnE5W6EOCGohzDdXd8PxvdXUFEODTNTTC8EIERdOXu
vfLBgcvu4/VI7Dwx2MIqo+cnaafbSt0mPk1dEbT7bjy4XX7YxdgTjxvK26NWB8oo
uZQghVhvh1DnYlzRAHN0yV8XEDZsL/vDud9gGJsbfYf37s+lR+KjKnGg5ie7E/Fc
Iy0x2YXMVyaQ7QUmf/sxxthdtT1mH7fasP0zS+65uYTlSMf2/MPi8opA7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsFbbaAMcpDbBbcvQ88ezFzMReZMB8GA1UdIwQY
MBaAFKpn37iCrn2OVdJYZRdC9ObOQ3AZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW1mZnVJS3VmWTVWMGxobEYwTDA1czVEY0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC80ODRkNTQtZjQ2OC00NzlmLTk3NTgt
ZTFmZjg2Mzg2MzRiLzEvcW1mZnVJS3VmWTVWMGxobEYwTDA1czVEY0JrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC80ODRkNTQtZjQ2OC00NzlmLTk3NTgtZTFmZjg2Mzg2MzRi
LzEvcW1mZnVJS3VmWTVWMGxobEYwTDA1czVEY0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALopmV9zB
dB30Nxfq4MUOvCwbcl4XqA2zeX8vaF4gCoz4tf2XbEs8cK07XV/qJK7iKExY6l5m
3NlurSyyMsb9N0CKtkdzd6oiBCU2d1bPv8s+G6wQsCZAyjaPXSV+QPS9qWdzUJzz
4f9w0NtL7tBq+Vmkj8LN/HAMowwb4MP4rzQMRwvXEv2cal8iAkYRyHtm+UisANjK
cqfAX068SETwIvT7UdVBCv4CnXGp+YQjLoCAnoTNiAmNUiDooico3HiunLMPlH/9
spXxHwgI/y2NIdGUioTTwreCtoyosnY/2M7UG6I4tw0IjJl0kyYNVWoA6qGTv4dg
wuASWTbTFAavDw==
-----END CERTIFICATE-----
Generated at Fri Jun 21 16:19:06 2024 by rpki-client on console-ams.rpki-client.org