Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/3f5154-63d8-4a4b-9a48-1c9c4a1bbd43/1/KBoLv1LY0tSFlDQ6VUCfwQu3txo.mft
File:                     KBoLv1LY0tSFlDQ6VUCfwQu3txo.mft (raw, json)
Hash identifier:          t4hjuO43tuK2F9szQa33Z1KVr2t4k8n4csmBYczEZDM=
Subject key identifier:   C2:71:D5:6D:29:19:1A:DB:55:C4:B6:69:B4:5B:45:92:D7:85:B8:48
Authority key identifier: 28:1A:0B:BF:52:D8:D2:D4:85:94:34:3A:55:40:9F:C1:0B:B7:B7:1A
Certificate issuer:       /CN=281a0bbf52d8d2d48594343a55409fc10bb7b71a
Certificate serial:       0190448CC14DDF7BBBB65A8EC1789A7A7654
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBoLv1LY0tSFlDQ6VUCfwQu3txo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/3f5154-63d8-4a4b-9a48-1c9c4a1bbd43/1/KBoLv1LY0tSFlDQ6VUCfwQu3txo.mft
Manifest number:          11DB
Signing time:             Sun 23 Jun 2024 10:03:13 +0000
Manifest this update:     Sun 23 Jun 2024 10:03:13 +0000
Manifest next update:     Mon 24 Jun 2024 10:03:13 +0000
Files and hashes:         1: HBlrISMkGjYErc-7bkPnAGvi9H0.roa (hash: WNcDvJWj9gxz/xIMjRChhjhgAuYZ+tJ5HQlgCFZAPUo=)
                          2: KBoLv1LY0tSFlDQ6VUCfwQu3txo.crl (hash: J1KLOM5q6okfbsFt0yozluSjaPUBZfM4P6dwHo62NOg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/3f5154-63d8-4a4b-9a48-1c9c4a1bbd43/1/KBoLv1LY0tSFlDQ6VUCfwQu3txo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/3f5154-63d8-4a4b-9a48-1c9c4a1bbd43/1/KBoLv1LY0tSFlDQ6VUCfwQu3txo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KBoLv1LY0tSFlDQ6VUCfwQu3txo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 10:03:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:44:8c:c1:4d:df:7b:bb:b6:5a:8e:c1:78:9a:7a:76:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=281a0bbf52d8d2d48594343a55409fc10bb7b71a
        Validity
            Not Before: Jun 23 10:03:13 2024 GMT
            Not After : Jun 24 10:03:13 2024 GMT
        Subject: CN=c271d56d29191adb55c4b669b45b4592d785b848
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e2:16:33:1a:25:de:ad:f2:e2:4a:ff:c5:d8:
                    83:43:8d:e9:ba:40:40:23:f8:8b:03:cf:25:cc:91:
                    8f:5d:2b:d1:79:14:b4:64:0e:18:29:2f:1c:1e:78:
                    a6:e9:bd:97:c4:d5:c3:2f:4c:f7:3c:ae:3b:e4:c8:
                    89:97:ce:06:b1:0c:93:5f:45:cc:77:bb:f8:f0:57:
                    93:01:d8:36:85:62:d8:27:0b:dd:00:e6:c9:61:e0:
                    ff:62:0e:4d:7c:83:48:14:32:0b:58:ac:c6:7e:6f:
                    db:27:d2:1d:ec:0e:c8:0b:9d:1e:0f:c0:64:58:f0:
                    47:48:fe:48:5a:c7:5c:a0:5b:75:d4:e8:c9:57:b3:
                    77:88:8a:8e:17:a3:71:db:68:17:19:f7:7f:38:6a:
                    b0:3f:b8:fc:1a:61:76:53:17:02:69:4c:09:96:52:
                    30:86:f7:8e:c5:d3:aa:19:b7:e2:95:a9:cd:05:25:
                    67:17:f5:a1:ee:f2:ca:74:28:b3:cf:a0:6f:44:e6:
                    19:89:ac:24:3f:6e:ab:1f:d3:94:90:ea:1d:27:7c:
                    7c:e5:67:3c:7f:d7:9e:79:29:f8:0b:df:d0:1e:e8:
                    01:b6:9d:98:46:79:31:61:d3:9b:44:c9:8e:40:b3:
                    73:99:d3:c4:1c:ff:17:47:43:cc:a7:5a:23:33:c9:
                    05:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:71:D5:6D:29:19:1A:DB:55:C4:B6:69:B4:5B:45:92:D7:85:B8:48
            X509v3 Authority Key Identifier:
                keyid:28:1A:0B:BF:52:D8:D2:D4:85:94:34:3A:55:40:9F:C1:0B:B7:B7:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBoLv1LY0tSFlDQ6VUCfwQu3txo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3f5154-63d8-4a4b-9a48-1c9c4a1bbd43/1/KBoLv1LY0tSFlDQ6VUCfwQu3txo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3f5154-63d8-4a4b-9a48-1c9c4a1bbd43/1/KBoLv1LY0tSFlDQ6VUCfwQu3txo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:7b:a1:ab:98:df:cd:c3:b3:8c:60:df:5e:c0:ae:77:d4:e7:
         64:13:9b:53:b8:f9:e1:1d:fd:0f:24:3c:ce:12:ff:cb:ff:00:
         83:cd:09:19:4f:18:24:4f:96:4e:95:5b:85:e8:62:64:16:f7:
         54:81:9f:ff:03:a9:e5:e4:e3:35:6b:ef:0c:b1:78:6d:9e:81:
         d2:e6:6d:4e:74:cd:9c:38:81:a6:1c:1d:85:03:2d:0d:7a:00:
         75:2d:f1:8a:18:64:04:17:37:44:9b:3a:e8:da:77:56:37:84:
         6d:18:91:b2:6e:ba:c2:9f:35:1a:87:42:c1:4f:74:e2:b8:72:
         17:7c:de:ce:e0:9d:eb:ac:43:d0:5e:8a:a2:64:d5:2b:c8:82:
         b9:de:91:7a:3f:48:1a:39:fa:a8:c7:59:cb:36:34:6a:98:09:
         24:15:fd:be:e7:58:84:7c:e2:a5:79:0e:4a:c3:1b:1c:2f:8a:
         a2:fc:e8:20:83:1d:f9:0b:60:7f:ea:1b:ca:06:e8:ac:6f:c8:
         bb:95:9e:ae:5d:b7:a0:48:f3:af:91:b2:96:cb:fb:04:86:0c:
         f5:e3:e4:e7:28:63:f0:1e:93:29:b5:ab:3e:6d:9d:46:f5:92:
         fd:0e:2b:a8:af:33:03:0c:98:bb:bd:a0:c8:65:c9:a5:1a:92:
         ac:36:34:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBEjMFN33u7tlqOwXiaenZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MWEwYmJmNTJkOGQyZDQ4NTk0MzQzYTU1NDA5ZmMxMGJi
N2I3MWEwHhcNMjQwNjIzMTAwMzEzWhcNMjQwNjI0MTAwMzEzWjAzMTEwLwYDVQQD
EyhjMjcxZDU2ZDI5MTkxYWRiNTVjNGI2NjliNDViNDU5MmQ3ODViODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOIWMxol3q3y4kr/xdiDQ43pukBA
I/iLA88lzJGPXSvReRS0ZA4YKS8cHnim6b2XxNXDL0z3PK475MiJl84GsQyTX0XM
d7v48FeTAdg2hWLYJwvdAObJYeD/Yg5NfINIFDILWKzGfm/bJ9Id7A7IC50eD8Bk
WPBHSP5IWsdcoFt11OjJV7N3iIqOF6Nx22gXGfd/OGqwP7j8GmF2UxcCaUwJllIw
hveOxdOqGbfilanNBSVnF/Wh7vLKdCizz6BvROYZiawkP26rH9OUkOodJ3x85Wc8
f9eeeSn4C9/QHugBtp2YRnkxYdObRMmOQLNzmdPEHP8XR0PMp1ojM8kFVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJx1W0pGRrbVcS2abRbRZLXhbhIMB8GA1UdIwQY
MBaAFCgaC79S2NLUhZQ0OlVAn8ELt7caMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JvTHYxTFkwdFNGbERRNlZVQ2Z3UXUzdHhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8zZjUxNTQtNjNkOC00YTRiLTlhNDgt
MWM5YzRhMWJiZDQzLzEvS0JvTHYxTFkwdFNGbERRNlZVQ2Z3UXUzdHhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8zZjUxNTQtNjNkOC00YTRiLTlhNDgtMWM5YzRhMWJiZDQz
LzEvS0JvTHYxTFkwdFNGbERRNlZVQ2Z3UXUzdHhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB3uhq5jf
zcOzjGDfXsCud9TnZBObU7j54R39DyQ8zhL/y/8Ag80JGU8YJE+WTpVbhehiZBb3
VIGf/wOp5eTjNWvvDLF4bZ6B0uZtTnTNnDiBphwdhQMtDXoAdS3xihhkBBc3RJs6
6Np3VjeEbRiRsm66wp81GodCwU904rhyF3zezuCd66xD0F6KomTVK8iCud6Rej9I
Gjn6qMdZyzY0apgJJBX9vudYhHzipXkOSsMbHC+KovzoIIMd+Qtgf+obygborG/I
u5Werl23oEjzr5Gylsv7BIYM9ePk5yhj8B6TKbWrPm2dRvWS/Q4rqK8zAwyYu72g
yGXJpRqSrDY0OQ==
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:02:31 2024 by rpki-client on console-fra.rpki-client.org