Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
File:                     zNHiiTDXen65iRtvq7spFe44hao.mft (raw, json)
Hash identifier:          kIpPcfl1+j+vycqeG9aIvmKN1g/yv5Yf9Z91aCmnRxQ=
Subject key identifier:   5C:43:B8:26:97:CF:29:7D:3D:99:B0:DB:40:64:9B:30:C1:B0:70:BB
Authority key identifier: CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
Certificate issuer:       /CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Certificate serial:       01901D0F5C5CA0C224DDC226DC938E6FB977
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
Manifest number:          11C6
Signing time:             Sat 15 Jun 2024 18:01:04 +0000
Manifest this update:     Sat 15 Jun 2024 18:01:04 +0000
Manifest next update:     Sun 16 Jun 2024 18:01:04 +0000
Files and hashes:         1: HyNCxQlG4pU8sUEoFsYhLb1GzCY.roa (hash: G6il+trKEhoxsyl0BONyQUhAmxkiYuT6eiUBFu1sWZE=)
                          2: zNHiiTDXen65iRtvq7spFe44hao.crl (hash: ibV4fHsKmegmD3Az11pfzUO8ebf0IVDC6Endn42Z0xc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:0f:5c:5c:a0:c2:24:dd:c2:26:dc:93:8e:6f:b9:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
        Validity
            Not Before: Jun 15 18:01:04 2024 GMT
            Not After : Jun 16 18:01:04 2024 GMT
        Subject: CN=5c43b82697cf297d3d99b0db40649b30c1b070bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:23:dc:05:4f:b2:74:e7:b1:b4:85:a3:51:be:
                    40:2f:44:ab:e4:6b:09:3f:b6:83:2b:9e:11:a3:07:
                    5e:9f:aa:79:c1:e4:ae:99:39:aa:34:4f:cf:cf:ba:
                    12:1c:7e:03:70:4f:f5:50:81:a7:4f:a2:41:6a:8e:
                    28:87:a9:02:80:c1:b1:45:44:f7:e6:29:0b:31:71:
                    1f:ce:20:33:6d:58:86:33:1d:cc:42:69:76:c1:af:
                    17:9e:b6:d2:28:6c:24:1a:21:a4:79:12:5c:0b:91:
                    68:ce:46:74:15:01:d7:1b:e7:43:6c:4c:e9:82:92:
                    dd:a8:e7:6a:ce:17:83:7a:8e:82:c2:af:4d:dd:5f:
                    32:05:dd:fd:60:29:ec:61:2a:a7:15:0d:c6:7c:ef:
                    86:89:44:da:8f:44:b2:09:b6:ea:14:97:d4:46:b6:
                    02:aa:48:0a:8f:c7:19:24:1e:95:2e:76:c0:9a:41:
                    39:b7:f6:ab:7b:e4:49:13:bb:4c:0d:be:ed:44:98:
                    ac:fc:32:86:5a:f3:af:c4:6f:b8:65:1b:e2:b9:87:
                    7d:73:4d:ef:29:86:d9:ef:e9:85:19:62:8c:c6:ef:
                    ac:9d:64:1e:70:f0:a2:ac:89:ba:a3:75:36:fb:ff:
                    c9:c3:36:f9:6e:49:8a:60:ca:56:c5:0f:9c:59:37:
                    1c:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:43:B8:26:97:CF:29:7D:3D:99:B0:DB:40:64:9B:30:C1:B0:70:BB
            X509v3 Authority Key Identifier:
                keyid:CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:46:a4:c7:22:f3:8a:99:fa:05:15:23:8c:8e:fc:69:c6:95:
         ec:2a:13:2e:28:c3:da:f0:36:5e:d8:d4:c6:7a:95:e1:2b:c1:
         8e:e4:3b:1b:33:23:1a:07:94:e2:cc:4d:79:8a:fd:5c:d6:29:
         e5:14:e3:58:22:34:8b:14:e3:36:1a:89:85:a5:99:44:c5:9c:
         56:f6:28:e7:0d:b6:fa:8e:23:62:05:de:81:a1:fe:3c:fa:13:
         07:d3:40:f9:71:aa:aa:da:c2:de:e0:6e:66:55:78:14:e2:a1:
         4e:cb:9c:37:a1:cb:3b:db:b9:ba:bd:40:1d:73:c9:d0:4d:b2:
         a1:eb:27:a2:d3:80:17:fb:80:8f:4d:cb:14:e3:c0:75:9d:08:
         1e:d9:cb:d2:d3:90:35:c5:89:60:ff:14:90:27:95:54:b6:71:
         58:00:c4:c0:b9:06:4f:92:55:64:8a:a7:fd:e1:46:d3:b6:f7:
         d3:9d:0b:be:f4:e3:44:4c:d7:bd:ef:46:cc:d4:30:ca:3d:f5:
         36:af:ad:4c:fb:ed:37:86:19:d7:09:81:ba:ca:ea:54:e2:72:
         9a:e5:ab:59:c9:16:81:4a:bc:f6:7b:67:ed:a3:31:50:1f:10:
         35:a3:94:9c:a3:77:08:7d:4b:e8:ac:0e:30:9f:df:33:15:63:
         71:6e:45:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAdD1xcoMIk3cIm3JOOb7l3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDFlMjg5MzBkNzdhN2ViOTg5MWI2ZmFiYmIyOTE1ZWUz
ODg1YWEwHhcNMjQwNjE1MTgwMTA0WhcNMjQwNjE2MTgwMTA0WjAzMTEwLwYDVQQD
Eyg1YzQzYjgyNjk3Y2YyOTdkM2Q5OWIwZGI0MDY0OWIzMGMxYjA3MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCPcBU+ydOextIWjUb5AL0Sr5GsJ
P7aDK54Rowden6p5weSumTmqNE/Pz7oSHH4DcE/1UIGnT6JBao4oh6kCgMGxRUT3
5ikLMXEfziAzbViGMx3MQml2wa8XnrbSKGwkGiGkeRJcC5FozkZ0FQHXG+dDbEzp
gpLdqOdqzheDeo6Cwq9N3V8yBd39YCnsYSqnFQ3GfO+GiUTaj0SyCbbqFJfURrYC
qkgKj8cZJB6VLnbAmkE5t/are+RJE7tMDb7tRJis/DKGWvOvxG+4ZRviuYd9c03v
KYbZ7+mFGWKMxu+snWQecPCirIm6o3U2+//Jwzb5bkmKYMpWxQ+cWTccGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxDuCaXzyl9PZmw20BkmzDBsHC7MB8GA1UdIwQY
MBaAFMzR4okw13p+uYkbb6u7KRXuOIWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMt
YzEzYjFmOTc3ZDU3LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMtYzEzYjFmOTc3ZDU3
LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR0akxyLz
ipn6BRUjjI78acaV7CoTLijD2vA2XtjUxnqV4SvBjuQ7GzMjGgeU4sxNeYr9XNYp
5RTjWCI0ixTjNhqJhaWZRMWcVvYo5w22+o4jYgXegaH+PPoTB9NA+XGqqtrC3uBu
ZlV4FOKhTsucN6HLO9u5ur1AHXPJ0E2yoesnotOAF/uAj03LFOPAdZ0IHtnL0tOQ
NcWJYP8UkCeVVLZxWADEwLkGT5JVZIqn/eFG07b3050LvvTjREzXve9GzNQwyj31
Nq+tTPvtN4YZ1wmBusrqVOJymuWrWckWgUq89ntn7aMxUB8QNaOUnKN3CH1L6KwO
MJ/fMxVjcW5FjQ==
-----END CERTIFICATE-----
Generated at Sat Jun 15 19:46:20 2024 by rpki-client on console-fra.rpki-client.org