Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/058220-596e-480a-a058-0246868aa0ed/1/kkecrihHZdYoBEEZAJiA0op1YLE.mft
File:                     kkecrihHZdYoBEEZAJiA0op1YLE.mft (raw, json)
Hash identifier:          q2sGsUpJNNIntodJSxgrKre0dSmWcGzSZMSgc2riHWs=
Subject key identifier:   9A:29:15:01:40:A9:C3:D9:ED:53:5F:7A:8C:4B:A2:FB:A6:D5:C9:32
Authority key identifier: 92:47:9C:AE:28:47:65:D6:28:04:41:19:00:98:80:D2:8A:75:60:B1
Certificate issuer:       /CN=92479cae284765d628044119009880d28a7560b1
Certificate serial:       0190497A5170A472BDCCEBAB1EDB854AE166
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kkecrihHZdYoBEEZAJiA0op1YLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/058220-596e-480a-a058-0246868aa0ed/1/kkecrihHZdYoBEEZAJiA0op1YLE.mft
Manifest number:          11DB
Signing time:             Mon 24 Jun 2024 09:01:11 +0000
Manifest this update:     Mon 24 Jun 2024 09:01:11 +0000
Manifest next update:     Tue 25 Jun 2024 09:01:11 +0000
Files and hashes:         1: 2Qgx7oq4VD8_uihrhYGo5S_-d-w.roa (hash: v6DV21F0BPvstCYPM3OgqjUWCfxuP54LKWgIsqvBryA=)
                          2: kkecrihHZdYoBEEZAJiA0op1YLE.crl (hash: 14gwuTG0iKJ/+Uq10uTNymGzmerD6mqTCwmDAkuZYqc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/058220-596e-480a-a058-0246868aa0ed/1/kkecrihHZdYoBEEZAJiA0op1YLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/058220-596e-480a-a058-0246868aa0ed/1/kkecrihHZdYoBEEZAJiA0op1YLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kkecrihHZdYoBEEZAJiA0op1YLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 09:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:49:7a:51:70:a4:72:bd:cc:eb:ab:1e:db:85:4a:e1:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92479cae284765d628044119009880d28a7560b1
        Validity
            Not Before: Jun 24 09:01:11 2024 GMT
            Not After : Jun 25 09:01:11 2024 GMT
        Subject: CN=9a29150140a9c3d9ed535f7a8c4ba2fba6d5c932
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:52:5c:ac:3b:bc:90:ac:58:fc:2a:ae:4f:0a:
                    34:69:aa:9b:05:a8:10:0d:fe:66:f0:68:56:7e:f9:
                    ac:62:67:61:43:40:cb:22:0c:37:3f:3f:9e:ae:e0:
                    02:8a:79:5f:fa:39:36:ec:09:36:1d:9f:b1:2c:07:
                    8a:78:b7:f4:83:66:ae:72:27:84:98:a2:85:ec:d9:
                    a7:e7:e6:25:bf:51:de:20:d6:d5:58:c9:9e:90:4d:
                    82:14:4f:50:9e:89:fb:56:87:a7:ba:bc:9c:dc:25:
                    54:b0:da:e5:52:02:9c:8b:48:25:44:27:ab:a2:01:
                    e7:4d:b2:58:d3:c0:92:f0:30:d6:16:af:30:13:62:
                    23:26:42:0e:b4:f5:6e:75:2c:3b:6f:ce:00:e8:74:
                    d5:6d:46:83:5f:25:fc:e4:e3:fe:38:71:71:40:b6:
                    52:74:7f:4c:be:cc:10:b4:bc:45:76:89:ef:6d:4a:
                    1a:b1:c0:8f:7d:ce:e8:c0:10:43:42:73:0c:01:d4:
                    9c:51:87:5e:0b:8c:e5:bd:bf:73:05:2d:6a:ae:58:
                    a1:0c:db:9d:c0:fc:85:84:3a:1c:bb:29:9c:de:38:
                    c6:e3:78:61:aa:a7:f7:bb:58:f8:5f:45:02:c0:9d:
                    35:6f:3f:a5:ee:d7:44:45:69:55:e3:28:4e:14:d7:
                    cd:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:29:15:01:40:A9:C3:D9:ED:53:5F:7A:8C:4B:A2:FB:A6:D5:C9:32
            X509v3 Authority Key Identifier:
                keyid:92:47:9C:AE:28:47:65:D6:28:04:41:19:00:98:80:D2:8A:75:60:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kkecrihHZdYoBEEZAJiA0op1YLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/058220-596e-480a-a058-0246868aa0ed/1/kkecrihHZdYoBEEZAJiA0op1YLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/058220-596e-480a-a058-0246868aa0ed/1/kkecrihHZdYoBEEZAJiA0op1YLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:24:92:a6:b9:69:24:bb:61:3f:48:bc:a1:86:44:12:00:54:
         fe:a5:5a:83:23:c8:7f:24:58:1f:86:e6:cb:37:11:b2:58:9d:
         5c:50:af:55:b8:48:5b:ae:31:e1:93:4e:38:12:d4:32:61:46:
         51:b9:74:49:04:64:b8:a2:a2:92:8a:1b:7c:3a:5a:75:75:a4:
         fb:38:e5:fe:36:30:c8:88:f9:f3:ce:21:8e:17:88:53:34:a5:
         96:1d:f6:3a:10:d6:f5:56:b9:f4:cf:95:ba:82:a0:d5:b3:68:
         5d:9c:a0:10:d9:9e:3b:87:d1:35:0c:5e:1d:97:80:34:b6:cb:
         35:77:f6:00:03:24:9f:9e:5f:d4:36:71:09:12:09:45:aa:1b:
         b1:97:4a:3d:42:0e:26:29:28:72:07:1b:61:bc:f6:46:92:ec:
         fb:bf:4a:17:78:71:cf:20:e2:71:5c:e4:da:eb:71:74:74:7d:
         9c:27:9a:e7:17:07:f0:9b:91:d8:0b:78:12:25:cc:7d:0d:f5:
         a9:ec:13:bb:90:bd:1a:eb:6d:75:67:17:8b:74:a1:73:cc:f4:
         b2:3b:4b:77:7a:ca:06:85:a6:1a:dc:49:f1:61:5b:43:94:e1:
         90:30:89:bf:e7:ce:7c:30:dd:82:80:10:09:1e:c3:19:ef:c7:
         6c:1f:86:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBJelFwpHK9zOurHtuFSuFmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNDc5Y2FlMjg0NzY1ZDYyODA0NDExOTAwOTg4MGQyOGE3
NTYwYjEwHhcNMjQwNjI0MDkwMTExWhcNMjQwNjI1MDkwMTExWjAzMTEwLwYDVQQD
Eyg5YTI5MTUwMTQwYTljM2Q5ZWQ1MzVmN2E4YzRiYTJmYmE2ZDVjOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1JcrDu8kKxY/CquTwo0aaqbBagQ
Df5m8GhWfvmsYmdhQ0DLIgw3Pz+eruACinlf+jk27Ak2HZ+xLAeKeLf0g2aucieE
mKKF7Nmn5+Ylv1HeINbVWMmekE2CFE9Qnon7Voenuryc3CVUsNrlUgKci0glRCer
ogHnTbJY08CS8DDWFq8wE2IjJkIOtPVudSw7b84A6HTVbUaDXyX85OP+OHFxQLZS
dH9MvswQtLxFdonvbUoascCPfc7owBBDQnMMAdScUYdeC4zlvb9zBS1qrlihDNud
wPyFhDocuymc3jjG43hhqqf3u1j4X0UCwJ01bz+l7tdERWlV4yhOFNfNgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJopFQFAqcPZ7VNfeoxLovum1ckyMB8GA1UdIwQY
MBaAFJJHnK4oR2XWKARBGQCYgNKKdWCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2tlY3JpaEhaZFlvQkVFWkFKaUEwb3AxWUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8wNTgyMjAtNTk2ZS00ODBhLWEwNTgt
MDI0Njg2OGFhMGVkLzEva2tlY3JpaEhaZFlvQkVFWkFKaUEwb3AxWUxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8wNTgyMjAtNTk2ZS00ODBhLWEwNTgtMDI0Njg2OGFhMGVk
LzEva2tlY3JpaEhaZFlvQkVFWkFKaUEwb3AxWUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABiSSprlp
JLthP0i8oYZEEgBU/qVagyPIfyRYH4bmyzcRslidXFCvVbhIW64x4ZNOOBLUMmFG
Ubl0SQRkuKKikoobfDpadXWk+zjl/jYwyIj5884hjheIUzSllh32OhDW9Va59M+V
uoKg1bNoXZygENmeO4fRNQxeHZeANLbLNXf2AAMkn55f1DZxCRIJRaobsZdKPUIO
JikocgcbYbz2RpLs+79KF3hxzyDicVzk2utxdHR9nCea5xcH8JuR2At4EiXMfQ31
qewTu5C9GuttdWcXi3Shc8z0sjtLd3rKBoWmGtxJ8WFbQ5ThkDCJv+fOfDDdgoAQ
CR7DGe/HbB+GQg==
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:41:56 2024 by rpki-client on console-fra.rpki-client.org