Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
File:                     aPYGg7N3JXQn279uzjXixYWjsB0.mft (raw, json)
Hash identifier:          32rFQcMDefxVoU50x6riLtcJqsODytqaZPr39aZ9Cfc=
Subject key identifier:   DD:71:CB:4B:59:5E:1C:66:C2:14:AB:BD:0D:75:F0:28:26:2B:43:E3
Authority key identifier: 68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
Certificate issuer:       /CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Certificate serial:       019045D489614364EE3287A01CE07FA35A38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
Manifest number:          11DA
Signing time:             Sun 23 Jun 2024 16:01:14 +0000
Manifest this update:     Sun 23 Jun 2024 16:01:14 +0000
Manifest next update:     Mon 24 Jun 2024 16:01:14 +0000
Files and hashes:         1: aPYGg7N3JXQn279uzjXixYWjsB0.crl (hash: /+j7U6t4XgOo80zJbL5TbSi3UpZMyIAdPDv1FsZ3WzQ=)
                          2: nv5zmiI_HQYcesEtxbHLMJOVHRY.roa (hash: U8D5OVPBL0BY/JCRsxufmTTkUB6ai46Td6srvyNaVVI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 15:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:45:d4:89:61:43:64:ee:32:87:a0:1c:e0:7f:a3:5a:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68f60683b377257427dbbf6ece35e2c585a3b01d
        Validity
            Not Before: Jun 23 16:01:14 2024 GMT
            Not After : Jun 24 16:01:14 2024 GMT
        Subject: CN=dd71cb4b595e1c66c214abbd0d75f028262b43e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:86:d1:e0:e8:57:46:fa:85:4f:aa:f0:2e:c2:
                    d9:f4:14:11:06:b5:bd:4a:f7:99:9f:fe:08:0d:7f:
                    c9:c4:b4:26:80:a7:60:18:4d:5e:13:40:b6:6f:9b:
                    3f:c0:f8:39:17:6e:a4:b5:c0:88:b7:41:74:a3:7b:
                    6c:99:9a:34:f1:fb:99:a6:51:55:34:a2:53:ed:f0:
                    70:35:ea:f8:08:13:d1:16:e4:03:5c:a9:5e:91:50:
                    4a:45:db:96:84:30:15:5a:56:e3:01:30:1b:08:80:
                    ee:8f:b3:95:88:ae:73:00:8c:33:f8:1c:95:3a:e0:
                    61:91:ed:38:48:7f:8b:93:72:01:6e:55:b2:d9:0f:
                    50:77:e7:de:8a:26:57:71:14:cc:ff:ab:10:4e:0d:
                    ad:b6:a8:f5:6f:94:0b:5f:ed:6b:96:cc:4f:3a:ff:
                    f9:f4:40:c8:e3:b4:2c:a2:60:33:13:a0:e0:61:37:
                    44:c3:be:09:38:02:92:f1:e9:8c:0a:7b:77:ff:5b:
                    22:65:5b:f6:a4:c6:f7:a5:ce:ec:46:01:0c:eb:4d:
                    f3:dc:d5:28:c3:73:5b:12:f5:ab:c4:25:b6:5f:36:
                    75:2e:37:e0:b3:0f:42:7a:01:0d:f5:cd:bc:80:9e:
                    ed:43:00:c7:73:1b:84:6f:de:b7:b2:95:a5:f9:07:
                    a2:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:71:CB:4B:59:5E:1C:66:C2:14:AB:BD:0D:75:F0:28:26:2B:43:E3
            X509v3 Authority Key Identifier:
                keyid:68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:02:ed:55:ee:8d:81:5e:da:c4:88:da:f8:df:08:ff:22:63:
         d6:a1:b7:ba:82:45:2b:fb:45:e6:34:b3:d6:51:58:be:a7:31:
         23:85:8d:18:50:8d:03:87:dd:46:58:76:d4:20:3d:30:4d:6d:
         9e:34:36:12:45:b5:d0:91:54:a4:f0:a2:e2:d0:80:71:7d:9a:
         3f:d2:37:df:bc:73:41:f6:1e:1f:43:ce:fa:51:f0:70:9f:3e:
         f5:ab:6c:54:97:58:d5:e0:67:0c:4a:e1:cc:5d:e5:04:0c:23:
         1e:9c:ba:00:9a:56:16:bb:81:ea:fc:7e:94:48:69:04:0b:f3:
         fb:df:9c:d0:18:9d:af:d9:8d:73:98:a5:a6:4b:da:c1:94:c2:
         2e:bd:de:89:90:36:dc:23:17:fe:f9:70:be:22:17:b3:ca:b2:
         f1:23:ae:61:11:9e:a1:19:a0:04:0c:d1:4f:72:9e:14:d1:c9:
         11:b1:33:ca:29:b3:7f:c7:3d:ed:28:b5:af:57:05:60:71:95:
         75:a2:5f:fc:39:b7:82:15:19:11:3f:b0:bd:45:7e:73:57:2a:
         e3:eb:5b:d1:90:01:68:18:7b:eb:7e:01:07:1e:a6:5c:f7:6b:
         4e:30:c1:e5:b7:fd:18:9d:85:b5:5c:b0:79:0c:a3:db:91:d2:
         19:39:64:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBF1IlhQ2TuMoegHOB/o1o4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjYwNjgzYjM3NzI1NzQyN2RiYmY2ZWNlMzVlMmM1ODVh
M2IwMWQwHhcNMjQwNjIzMTYwMTE0WhcNMjQwNjI0MTYwMTE0WjAzMTEwLwYDVQQD
EyhkZDcxY2I0YjU5NWUxYzY2YzIxNGFiYmQwZDc1ZjAyODI2MmI0M2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvobR4OhXRvqFT6rwLsLZ9BQRBrW9
SveZn/4IDX/JxLQmgKdgGE1eE0C2b5s/wPg5F26ktcCIt0F0o3tsmZo08fuZplFV
NKJT7fBwNer4CBPRFuQDXKlekVBKRduWhDAVWlbjATAbCIDuj7OViK5zAIwz+ByV
OuBhke04SH+Lk3IBblWy2Q9Qd+feiiZXcRTM/6sQTg2ttqj1b5QLX+1rlsxPOv/5
9EDI47QsomAzE6DgYTdEw74JOAKS8emMCnt3/1siZVv2pMb3pc7sRgEM603z3NUo
w3NbEvWrxCW2XzZ1Ljfgsw9CegEN9c28gJ7tQwDHcxuEb963spWl+QeifwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1xy0tZXhxmwhSrvQ118CgmK0PjMB8GA1UdIwQY
MBaAFGj2BoOzdyV0J9u/bs414sWFo7AdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQt
MzU0NzQwMzZhOWQ3LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQtMzU0NzQwMzZhOWQ3
LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWQLtVe6N
gV7axIja+N8I/yJj1qG3uoJFK/tF5jSz1lFYvqcxI4WNGFCNA4fdRlh21CA9ME1t
njQ2EkW10JFUpPCi4tCAcX2aP9I337xzQfYeH0PO+lHwcJ8+9atsVJdY1eBnDErh
zF3lBAwjHpy6AJpWFruB6vx+lEhpBAvz+9+c0Bidr9mNc5ilpkvawZTCLr3eiZA2
3CMX/vlwviIXs8qy8SOuYRGeoRmgBAzRT3KeFNHJEbEzyimzf8c97Si1r1cFYHGV
daJf/Dm3ghUZET+wvUV+c1cq4+tb0ZABaBh7634BBx6mXPdrTjDB5bf9GJ2FtVyw
eQyj25HSGTlkiA==
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:07:09 2024 by rpki-client on console-fra.rpki-client.org