Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
File:                     Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft (raw, json)
Hash identifier:          vrIoh1PDsv9EI69gKEN1s4EEQ+bX1/+GVAKwDMSMt+Q=
Subject key identifier:   14:DB:C2:A2:6A:A9:F2:FF:A3:6F:92:21:C8:36:D5:C2:01:5C:8F:06
Authority key identifier: 3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
Certificate issuer:       /CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Certificate serial:       019045D424D7F8946098BC830A532BE57347
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
Manifest number:          0320
Signing time:             Sun 23 Jun 2024 16:00:49 +0000
Manifest this update:     Sun 23 Jun 2024 16:00:49 +0000
Manifest next update:     Mon 24 Jun 2024 16:00:49 +0000
Files and hashes:         1: Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl (hash: 7sjr5uq8ql/GpwN1Nen+THRnaKlL0rTnq8SNu3HBeD4=)
                          2: _2midcNDWWX8VfuEA2XvawTfOeE.roa (hash: XbMC0BC0cB/ITFc4PAAsAqgTIaSMHrhZIpU0+J9skNs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 14:49:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:45:d4:24:d7:f8:94:60:98:bc:83:0a:53:2b:e5:73:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
        Validity
            Not Before: Jun 23 16:00:49 2024 GMT
            Not After : Jun 24 16:00:49 2024 GMT
        Subject: CN=14dbc2a26aa9f2ffa36f9221c836d5c2015c8f06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:f4:1b:97:57:01:cd:1b:c8:66:93:e8:4a:9a:
                    01:3a:92:37:ba:61:8f:19:e2:18:42:b3:88:4e:03:
                    89:f3:a2:b5:b6:3a:4b:4c:50:85:56:42:70:26:57:
                    60:18:78:95:e8:17:fd:17:27:91:aa:63:35:32:22:
                    5a:fa:28:3a:11:fa:6e:f3:4a:d2:68:6d:29:5e:7d:
                    36:f0:f7:cd:ad:3f:56:22:d7:f5:23:7e:30:b5:7b:
                    b6:26:25:47:0c:41:ac:02:49:d0:a2:2f:53:91:69:
                    e5:6a:e4:a5:6c:42:d2:50:ab:71:47:41:7f:8e:32:
                    a1:9e:66:2b:6e:85:f6:a6:72:78:cf:5b:ae:ce:7b:
                    77:e0:43:f8:c3:2b:8c:21:91:70:f3:4d:cf:b0:25:
                    24:2c:70:b9:11:f8:7b:c1:89:d6:fc:f3:65:22:13:
                    38:91:08:fe:a8:43:b6:d0:e4:18:6e:c4:90:12:9c:
                    26:03:d0:4f:77:20:a8:f1:6d:2a:99:74:91:c8:5e:
                    82:63:17:b0:90:a4:5d:4e:ff:d9:9a:6a:51:cd:1c:
                    2b:da:58:95:e2:a7:83:73:88:cf:cf:24:03:b4:33:
                    61:a3:30:21:b9:6d:3c:4a:65:71:01:ed:78:f4:27:
                    c3:94:0d:f2:b0:bb:a9:cd:34:6a:6c:26:e4:d4:5b:
                    23:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:DB:C2:A2:6A:A9:F2:FF:A3:6F:92:21:C8:36:D5:C2:01:5C:8F:06
            X509v3 Authority Key Identifier:
                keyid:3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:fc:5e:ee:80:78:b4:6a:31:75:d2:18:51:74:e0:0e:70:72:
         0a:4a:7d:e9:b9:21:bc:68:22:01:dc:57:f2:f9:06:f3:3f:a2:
         b3:fb:78:34:e7:52:ac:5d:a7:15:b7:58:f0:ab:c0:88:1b:af:
         11:3d:e6:d2:86:5c:2e:80:80:a8:53:ce:20:a2:2d:03:7c:02:
         94:53:f7:08:b9:bb:55:1c:4a:59:ee:d8:83:df:62:51:5e:f5:
         e8:c2:1d:b5:e2:2a:55:90:b1:eb:12:7f:e4:ba:54:28:21:ec:
         a7:f2:6a:19:37:01:41:6c:e8:1f:cb:bf:f0:c6:d5:4f:5c:e1:
         25:e3:d3:19:24:ae:4c:26:06:84:5e:eb:41:5d:28:5e:1e:f2:
         f6:2d:84:eb:86:a1:70:bc:9c:18:60:64:09:6b:2d:97:14:24:
         20:01:83:db:f3:f0:b2:e8:39:91:fd:e2:27:8f:2d:f4:ce:03:
         65:36:e5:75:47:d6:35:16:85:e1:e9:86:1a:83:87:ee:94:59:
         19:61:50:31:55:7e:49:e3:cc:d6:04:0d:f4:22:8b:ad:ef:a5:
         fb:72:0a:25:c5:a6:12:e7:fb:e8:72:47:ca:f2:53:8d:ee:c0:
         91:a4:68:10:f4:8d:d0:14:c5:d4:53:d0:b7:af:e4:36:b5:8d:
         7b:71:5f:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBF1CTX+JRgmLyDClMr5XNHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMTkzNWIzY2JjMjUyN2VhZjE2N2Q2OWIyMDc4ZDMzZTRj
NGRhMjAwHhcNMjQwNjIzMTYwMDQ5WhcNMjQwNjI0MTYwMDQ5WjAzMTEwLwYDVQQD
EygxNGRiYzJhMjZhYTlmMmZmYTM2ZjkyMjFjODM2ZDVjMjAxNWM4ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fQbl1cBzRvIZpPoSpoBOpI3umGP
GeIYQrOITgOJ86K1tjpLTFCFVkJwJldgGHiV6Bf9FyeRqmM1MiJa+ig6Efpu80rS
aG0pXn028PfNrT9WItf1I34wtXu2JiVHDEGsAknQoi9TkWnlauSlbELSUKtxR0F/
jjKhnmYrboX2pnJ4z1uuznt34EP4wyuMIZFw803PsCUkLHC5Efh7wYnW/PNlIhM4
kQj+qEO20OQYbsSQEpwmA9BPdyCo8W0qmXSRyF6CYxewkKRdTv/ZmmpRzRwr2liV
4qeDc4jPzyQDtDNhozAhuW08SmVxAe149CfDlA3ysLupzTRqbCbk1FsjzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTbwqJqqfL/o2+SIcg21cIBXI8GMB8GA1UdIwQY
MBaAFDoZNbPLwlJ+rxZ9abIHjTPkxNogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYt
YWJmODM3YWNlOGU0LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYtYWJmODM3YWNlOGU0
LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWvxe7oB4
tGoxddIYUXTgDnByCkp96bkhvGgiAdxX8vkG8z+is/t4NOdSrF2nFbdY8KvAiBuv
ET3m0oZcLoCAqFPOIKItA3wClFP3CLm7VRxKWe7Yg99iUV716MIdteIqVZCx6xJ/
5LpUKCHsp/JqGTcBQWzoH8u/8MbVT1zhJePTGSSuTCYGhF7rQV0oXh7y9i2E64ah
cLycGGBkCWstlxQkIAGD2/Pwsug5kf3iJ48t9M4DZTbldUfWNRaF4emGGoOH7pRZ
GWFQMVV+SePM1gQN9CKLre+l+3IKJcWmEuf76HJHyvJTje7AkaRoEPSN0BTF1FPQ
t6/kNrWNe3Ff9g==
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:26:34 2024 by rpki-client on console-ams.rpki-client.org