Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
File:                     KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft (raw, json)
Hash identifier:          Yq8bAFqnyHPFyEY9TYeBT6Iw0VgDckmFmrJL7t61Kmw=
Subject key identifier:   99:A0:0A:8B:28:F4:AF:3D:33:C2:2B:2E:E2:D6:1B:50:3D:1F:71:0A
Authority key identifier: 28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
Certificate issuer:       /CN=283624007f44dcaf568c370e7f71f950cb1940ef
Certificate serial:       0190459D4A72ED5ABE04AA361222A0885D03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
Manifest number:          0355
Signing time:             Sun 23 Jun 2024 15:00:54 +0000
Manifest this update:     Sun 23 Jun 2024 15:00:54 +0000
Manifest next update:     Mon 24 Jun 2024 15:00:54 +0000
Files and hashes:         1: KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl (hash: Cah6svg3Uu26ElUfCf9peR9lrMJ8wVOSuqwj0p2jWw0=)
                          2: PpquALWoevaAEas_ik0oKPWiWL8.roa (hash: DMtWb4HLB0ogDWPzafLlXP8tz8Xg4wcPh+6EDNLWeAM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 15:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:45:9d:4a:72:ed:5a:be:04:aa:36:12:22:a0:88:5d:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=283624007f44dcaf568c370e7f71f950cb1940ef
        Validity
            Not Before: Jun 23 15:00:54 2024 GMT
            Not After : Jun 24 15:00:54 2024 GMT
        Subject: CN=99a00a8b28f4af3d33c22b2ee2d61b503d1f710a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:88:1c:fe:5a:de:61:ca:85:f5:45:c4:19:0f:
                    88:54:0e:56:49:c4:9e:58:91:93:b6:95:3c:08:2a:
                    50:02:b6:7f:a3:ae:06:15:f2:8e:3d:23:bf:a7:b5:
                    d3:0e:f4:e9:12:85:23:db:7c:bf:d7:35:66:4b:64:
                    b1:81:2e:fa:cc:10:03:ae:da:91:6c:d8:aa:1a:56:
                    f2:b3:a5:5c:fb:8e:cc:54:7e:21:3f:bb:fc:b7:61:
                    69:ce:11:88:0c:d4:54:2e:28:3c:8c:43:de:b6:54:
                    17:8f:12:44:24:13:1c:1d:d5:a6:0c:0a:43:20:c9:
                    e7:db:e7:68:52:46:11:8e:d6:d0:ef:d5:c4:fc:f4:
                    d7:17:4f:b0:0b:9e:b9:9a:33:28:fc:0e:3d:4e:86:
                    b2:59:e5:63:d8:80:38:c7:93:8c:b6:63:a9:d2:47:
                    cb:53:a1:35:5e:73:90:23:a5:19:8d:5a:05:d4:de:
                    76:15:11:cf:e4:85:de:b3:0c:4c:d4:e6:b6:9f:4f:
                    1c:ee:d4:af:01:4d:a0:eb:b2:fc:f5:3e:9f:f2:70:
                    fe:f7:6a:7a:e9:0d:1d:21:41:31:83:ae:0d:be:33:
                    47:4c:54:d5:cb:22:c9:c1:20:a5:a8:3f:4e:a4:eb:
                    fb:70:5a:4d:c9:ca:52:a8:b4:27:72:e0:5f:e5:1c:
                    e9:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:A0:0A:8B:28:F4:AF:3D:33:C2:2B:2E:E2:D6:1B:50:3D:1F:71:0A
            X509v3 Authority Key Identifier:
                keyid:28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:af:83:50:83:30:da:54:f7:89:89:54:3c:10:44:4e:20:1a:
         56:e2:83:d0:54:70:7d:0c:09:ea:42:53:9a:77:38:81:f1:e0:
         c1:50:b4:4c:a0:fe:ee:4b:e4:67:c9:ee:7a:d7:0b:8b:52:ea:
         17:cc:49:55:35:23:03:5b:70:d6:16:a4:1c:35:c1:6e:e2:72:
         5c:f6:c8:c9:b2:9d:13:5c:81:63:d1:6e:68:c5:ce:07:02:ac:
         97:53:8b:98:dc:7b:77:d6:c2:c5:c2:0c:34:53:89:3e:a3:9b:
         0d:16:2d:67:f2:88:e5:ea:02:7f:ba:d7:ee:5a:2b:aa:1a:e5:
         76:a7:ca:6c:d1:a4:54:20:b0:b5:8a:b9:67:24:d1:be:13:5c:
         cb:9c:82:2d:cc:ee:a5:b6:c2:fb:2a:54:fe:97:23:86:db:57:
         15:1b:73:c8:ce:9a:c9:6c:bd:72:c7:e9:6f:d0:5f:b0:77:85:
         d8:96:09:d2:23:69:36:92:13:45:01:c6:09:e0:eb:be:da:4c:
         a8:be:a8:e3:cc:10:1f:40:8c:e2:fc:d5:19:96:f9:ce:b0:55:
         6f:4e:82:8b:0a:28:14:df:6a:18:a7:34:fa:87:f3:aa:bb:8c:
         19:30:b3:17:7a:f4:92:44:d6:72:cc:88:17:79:7c:46:be:fe:
         06:fe:88:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBFnUpy7Vq+BKo2EiKgiF0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MzYyNDAwN2Y0NGRjYWY1NjhjMzcwZTdmNzFmOTUwY2Ix
OTQwZWYwHhcNMjQwNjIzMTUwMDU0WhcNMjQwNjI0MTUwMDU0WjAzMTEwLwYDVQQD
Eyg5OWEwMGE4YjI4ZjRhZjNkMzNjMjJiMmVlMmQ2MWI1MDNkMWY3MTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIgc/lreYcqF9UXEGQ+IVA5WScSe
WJGTtpU8CCpQArZ/o64GFfKOPSO/p7XTDvTpEoUj23y/1zVmS2SxgS76zBADrtqR
bNiqGlbys6Vc+47MVH4hP7v8t2FpzhGIDNRULig8jEPetlQXjxJEJBMcHdWmDApD
IMnn2+doUkYRjtbQ79XE/PTXF0+wC565mjMo/A49ToayWeVj2IA4x5OMtmOp0kfL
U6E1XnOQI6UZjVoF1N52FRHP5IXeswxM1Oa2n08c7tSvAU2g67L89T6f8nD+92p6
6Q0dIUExg64NvjNHTFTVyyLJwSClqD9OpOv7cFpNycpSqLQncuBf5RzpjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmgCoso9K89M8IrLuLWG1A9H3EKMB8GA1UdIwQY
MBaAFCg2JAB/RNyvVow3Dn9x+VDLGUDvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTIt
MTZjZTMzOTAxNmEwLzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTItMTZjZTMzOTAxNmEw
LzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACK+DUIMw
2lT3iYlUPBBETiAaVuKD0FRwfQwJ6kJTmnc4gfHgwVC0TKD+7kvkZ8nuetcLi1Lq
F8xJVTUjA1tw1hakHDXBbuJyXPbIybKdE1yBY9FuaMXOBwKsl1OLmNx7d9bCxcIM
NFOJPqObDRYtZ/KI5eoCf7rX7lorqhrldqfKbNGkVCCwtYq5ZyTRvhNcy5yCLczu
pbbC+ypU/pcjhttXFRtzyM6ayWy9csfpb9BfsHeF2JYJ0iNpNpITRQHGCeDrvtpM
qL6o48wQH0CM4vzVGZb5zrBVb06CiwooFN9qGKc0+ofzqruMGTCzF3r0kkTWcsyI
F3l8Rr7+Bv6IQA==
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:08:21 2024 by rpki-client on console-fra.rpki-client.org