Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
File:                     Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft (raw, json)
Hash identifier:          QvuV5Z++UrSYYJMK3IyNTJWC2wADldV2El5nt8H9Ry8=
Subject key identifier:   4F:21:65:E6:1B:8F:DA:A9:C6:03:D1:1E:B6:04:A7:C6:C1:A3:58:77
Authority key identifier: 3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
Certificate issuer:       /CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Certificate serial:       01901D468CA0B0F97A073AFF818F3B60F784
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
Manifest number:          030B
Signing time:             Sat 15 Jun 2024 19:01:21 +0000
Manifest this update:     Sat 15 Jun 2024 19:01:21 +0000
Manifest next update:     Sun 16 Jun 2024 19:01:21 +0000
Files and hashes:         1: Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl (hash: +O0XHbfznOyJ+DHQRqYaylo8YUTIaYY1fJWRfUZze5k=)
                          2: _2midcNDWWX8VfuEA2XvawTfOeE.roa (hash: XbMC0BC0cB/ITFc4PAAsAqgTIaSMHrhZIpU0+J9skNs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 19:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:46:8c:a0:b0:f9:7a:07:3a:ff:81:8f:3b:60:f7:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
        Validity
            Not Before: Jun 15 19:01:21 2024 GMT
            Not After : Jun 16 19:01:21 2024 GMT
        Subject: CN=4f2165e61b8fdaa9c603d11eb604a7c6c1a35877
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:0b:70:47:b8:47:76:5b:e8:1c:13:e9:b5:80:
                    1a:9d:00:00:74:80:d1:75:41:2c:de:75:f2:d3:69:
                    2e:74:6d:e7:68:d4:82:ac:a8:80:28:f2:ba:4e:fa:
                    a8:05:81:1f:09:bb:32:54:73:c3:d2:3c:59:01:71:
                    93:68:2b:75:ff:c1:db:fb:3f:ae:fd:d1:12:04:fd:
                    da:e5:d7:be:10:79:c8:69:79:72:ba:dd:54:b7:90:
                    af:cc:3a:46:ca:70:32:9a:4d:40:b3:64:88:5d:74:
                    e6:92:86:fe:20:7a:c3:cd:1b:bc:c5:42:57:b1:df:
                    6d:c0:d0:ad:26:ed:08:dc:1a:f8:12:0a:ca:3e:31:
                    13:f3:a9:32:a0:98:dd:bc:e4:33:6c:a5:93:92:a2:
                    1e:8c:2d:ab:8d:5d:0b:9f:50:73:61:42:33:0d:ee:
                    04:13:f2:9d:44:ff:6e:bc:01:ed:5e:f0:bd:86:a2:
                    7b:e0:d5:9e:89:35:4f:1f:ce:44:a7:c7:50:1e:ca:
                    46:02:89:9d:92:91:f4:f5:be:78:a2:9a:98:bd:7c:
                    7e:df:03:f6:bf:aa:e9:f9:fd:36:80:a0:7c:26:b4:
                    c2:9b:52:ee:8d:59:57:72:ac:d4:5e:ef:55:d7:77:
                    c5:10:18:03:a6:fb:7f:49:d6:b9:32:2d:b8:f6:5d:
                    75:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:21:65:E6:1B:8F:DA:A9:C6:03:D1:1E:B6:04:A7:C6:C1:A3:58:77
            X509v3 Authority Key Identifier:
                keyid:3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:35:d0:5f:d0:82:57:f7:1b:1a:fa:3d:68:84:fb:1c:6e:59:
         67:ce:af:97:93:36:61:93:35:b5:29:d4:c0:ae:bf:26:19:d4:
         c2:d5:76:d0:45:46:a7:eb:01:c0:fe:77:63:ec:61:18:ca:66:
         c0:41:42:de:15:f8:57:3c:87:c4:bf:89:2c:f2:2e:c1:4c:b1:
         55:10:0c:9d:c5:a3:4e:3f:c3:8f:c8:10:74:e8:9d:06:25:af:
         36:df:0f:30:a8:56:24:2f:d1:45:aa:98:e7:c6:34:3d:f8:4c:
         f2:79:93:cc:a0:ff:0b:e4:72:fb:0c:0d:0f:0d:4a:b0:f0:c5:
         f0:84:df:5e:de:49:8f:ab:6c:89:af:b5:6b:89:a9:85:57:b4:
         7b:19:e4:52:30:33:ab:3e:37:48:83:e5:1b:27:0e:cb:5f:58:
         53:76:a5:0f:d0:8c:e7:89:e2:52:b6:86:b6:ab:d2:e8:8e:f8:
         88:79:58:06:6b:fc:d5:c1:f7:73:61:eb:c0:39:33:ed:71:db:
         ad:cf:ab:96:be:72:be:60:72:a7:f6:1a:06:4b:d6:af:d4:56:
         fc:3c:b4:bc:4d:e1:7b:c4:3d:64:1a:7c:8b:94:bb:0f:28:0a:
         ef:c1:95:04:e1:92:c5:6f:0e:82:b7:bb:f8:14:31:1c:bf:e8:
         97:35:21:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAdRoygsPl6Bzr/gY87YPeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMTkzNWIzY2JjMjUyN2VhZjE2N2Q2OWIyMDc4ZDMzZTRj
NGRhMjAwHhcNMjQwNjE1MTkwMTIxWhcNMjQwNjE2MTkwMTIxWjAzMTEwLwYDVQQD
Eyg0ZjIxNjVlNjFiOGZkYWE5YzYwM2QxMWViNjA0YTdjNmMxYTM1ODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgtwR7hHdlvoHBPptYAanQAAdIDR
dUEs3nXy02kudG3naNSCrKiAKPK6TvqoBYEfCbsyVHPD0jxZAXGTaCt1/8Hb+z+u
/dESBP3a5de+EHnIaXlyut1Ut5CvzDpGynAymk1As2SIXXTmkob+IHrDzRu8xUJX
sd9twNCtJu0I3Br4EgrKPjET86kyoJjdvOQzbKWTkqIejC2rjV0Ln1BzYUIzDe4E
E/KdRP9uvAHtXvC9hqJ74NWeiTVPH85Ep8dQHspGAomdkpH09b54opqYvXx+3wP2
v6rp+f02gKB8JrTCm1LujVlXcqzUXu9V13fFEBgDpvt/Sda5Mi249l11uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE8hZeYbj9qpxgPRHrYEp8bBo1h3MB8GA1UdIwQY
MBaAFDoZNbPLwlJ+rxZ9abIHjTPkxNogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYt
YWJmODM3YWNlOGU0LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYtYWJmODM3YWNlOGU0
LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKDXQX9CC
V/cbGvo9aIT7HG5ZZ86vl5M2YZM1tSnUwK6/JhnUwtV20EVGp+sBwP53Y+xhGMpm
wEFC3hX4VzyHxL+JLPIuwUyxVRAMncWjTj/Dj8gQdOidBiWvNt8PMKhWJC/RRaqY
58Y0PfhM8nmTzKD/C+Ry+wwNDw1KsPDF8ITfXt5Jj6tsia+1a4mphVe0exnkUjAz
qz43SIPlGycOy19YU3alD9CM54niUraGtqvS6I74iHlYBmv81cH3c2HrwDkz7XHb
rc+rlr5yvmByp/YaBkvWr9RW/Dy0vE3he8Q9ZBp8i5S7DygK78GVBOGSxW8Ogre7
+BQxHL/olzUhXw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:37:49 2024 by rpki-client on console-ams.rpki-client.org