Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
File:                     zNHiiTDXen65iRtvq7spFe44hao.mft (raw, json)
Hash identifier:          M2oy1IJ8qXyxGewfjUm6gz9viljR8C46rmc0aKSjL9c=
Subject key identifier:   0A:B9:8B:72:22:9A:77:B3:29:ED:49:D6:3A:5D:8D:BF:8D:19:FF:69
Authority key identifier: CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
Certificate issuer:       /CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Certificate serial:       01901B20F530077C9DB598D9C9D773CCDAC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
Manifest number:          11C5
Signing time:             Sat 15 Jun 2024 09:01:02 +0000
Manifest this update:     Sat 15 Jun 2024 09:01:02 +0000
Manifest next update:     Sun 16 Jun 2024 09:01:02 +0000
Files and hashes:         1: HyNCxQlG4pU8sUEoFsYhLb1GzCY.roa (hash: G6il+trKEhoxsyl0BONyQUhAmxkiYuT6eiUBFu1sWZE=)
                          2: zNHiiTDXen65iRtvq7spFe44hao.crl (hash: myVGayrqkpJ5Ar84fGRthrNYQLylNK6H71FEUWeU9mg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1b:20:f5:30:07:7c:9d:b5:98:d9:c9:d7:73:cc:da:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
        Validity
            Not Before: Jun 15 09:01:02 2024 GMT
            Not After : Jun 16 09:01:02 2024 GMT
        Subject: CN=0ab98b72229a77b329ed49d63a5d8dbf8d19ff69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:da:c3:77:7b:1e:d6:0e:1e:63:5e:64:93:a9:
                    05:eb:7e:e9:25:27:a4:ac:53:1a:85:92:aa:21:b6:
                    a1:cb:94:b8:0e:e5:98:34:4f:fa:34:73:b7:fd:a1:
                    86:02:b7:68:ec:88:08:e0:75:d5:a7:22:b7:30:0d:
                    f5:d2:63:e8:11:4f:74:9e:b5:ee:d9:1b:2a:33:f2:
                    74:13:74:5d:bd:28:f8:d1:de:39:d7:ea:16:85:78:
                    9d:45:32:e8:78:72:a3:e2:90:78:68:99:10:77:60:
                    06:98:bb:c9:d8:f2:b5:86:11:e9:71:2a:77:de:2e:
                    43:86:03:5a:8e:4b:a2:b5:2c:0f:f6:26:44:db:5e:
                    7d:64:08:29:8f:87:c0:e7:90:e3:49:3e:b5:4e:74:
                    21:48:ee:cf:f1:af:27:62:75:84:dd:44:81:8f:d4:
                    75:d3:6e:af:9e:9a:1f:fe:1b:11:68:15:5b:36:e8:
                    ac:2e:ea:fb:3f:f5:5d:ef:aa:05:40:23:97:e8:e8:
                    99:48:5b:1e:d7:1d:c3:8c:7a:fd:f9:2f:67:18:a7:
                    f9:f7:8b:55:c3:ca:63:d9:a8:7b:fb:72:be:5f:d3:
                    17:e1:46:56:38:f7:89:8e:1d:c0:c0:11:1a:2d:e8:
                    91:f4:55:82:42:30:2f:37:22:a5:5d:93:01:b0:19:
                    fc:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:B9:8B:72:22:9A:77:B3:29:ED:49:D6:3A:5D:8D:BF:8D:19:FF:69
            X509v3 Authority Key Identifier:
                keyid:CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:ce:cf:65:f6:97:02:ad:13:d6:b4:b0:b1:03:4c:b2:ee:b4:
         b7:f0:97:46:2a:d8:35:8d:34:5d:21:ab:a6:16:26:a7:16:ac:
         64:70:bc:4f:f1:95:16:52:b8:3f:d4:22:62:10:52:0a:56:1e:
         45:93:29:18:c3:4b:23:e8:ff:5c:db:55:ff:4d:38:12:2d:da:
         00:34:e1:a6:fa:b0:e7:8b:69:1c:88:ad:79:a3:9a:be:89:a8:
         d9:ad:08:1d:a7:f0:00:8e:dc:29:60:63:14:2d:17:cb:58:9e:
         16:a4:22:83:fa:77:8b:f3:b4:72:43:48:3e:2f:0b:61:f0:f0:
         b8:16:3b:de:43:06:e8:a5:b8:83:99:c9:9d:33:fc:1c:57:37:
         91:f3:da:a5:76:e6:dc:ae:98:25:80:cb:de:2a:f8:b1:52:fa:
         b4:b4:9e:80:34:7c:05:44:5d:fb:ec:6d:78:c8:64:af:aa:2b:
         0f:c8:f2:1c:01:b8:a5:84:e3:2b:0e:7b:35:0a:92:8a:2f:92:
         f1:0f:6a:e4:4a:5f:c4:18:52:49:dc:f3:3c:c3:b6:4f:cb:8e:
         17:20:3b:03:28:0a:38:9d:8c:e3:f3:23:01:26:f8:28:c1:bd:
         3a:17:8b:9c:9c:e9:73:90:2e:8d:8a:3a:44:3a:2e:6d:49:57:
         31:11:20:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAbIPUwB3ydtZjZyddzzNrHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDFlMjg5MzBkNzdhN2ViOTg5MWI2ZmFiYmIyOTE1ZWUz
ODg1YWEwHhcNMjQwNjE1MDkwMTAyWhcNMjQwNjE2MDkwMTAyWjAzMTEwLwYDVQQD
EygwYWI5OGI3MjIyOWE3N2IzMjllZDQ5ZDYzYTVkOGRiZjhkMTlmZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NrDd3se1g4eY15kk6kF637pJSek
rFMahZKqIbahy5S4DuWYNE/6NHO3/aGGArdo7IgI4HXVpyK3MA310mPoEU90nrXu
2RsqM/J0E3RdvSj40d451+oWhXidRTLoeHKj4pB4aJkQd2AGmLvJ2PK1hhHpcSp3
3i5DhgNajkuitSwP9iZE2159ZAgpj4fA55DjST61TnQhSO7P8a8nYnWE3USBj9R1
026vnpof/hsRaBVbNuisLur7P/Vd76oFQCOX6OiZSFse1x3DjHr9+S9nGKf594tV
w8pj2ah7+3K+X9MX4UZWOPeJjh3AwBEaLeiR9FWCQjAvNyKlXZMBsBn89QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAq5i3IimnezKe1J1jpdjb+NGf9pMB8GA1UdIwQY
MBaAFMzR4okw13p+uYkbb6u7KRXuOIWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMt
YzEzYjFmOTc3ZDU3LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMtYzEzYjFmOTc3ZDU3
LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAc7PZfaX
Aq0T1rSwsQNMsu60t/CXRirYNY00XSGrphYmpxasZHC8T/GVFlK4P9QiYhBSClYe
RZMpGMNLI+j/XNtV/004Ei3aADThpvqw54tpHIiteaOavomo2a0IHafwAI7cKWBj
FC0Xy1ieFqQig/p3i/O0ckNIPi8LYfDwuBY73kMG6KW4g5nJnTP8HFc3kfPapXbm
3K6YJYDL3ir4sVL6tLSegDR8BURd++xteMhkr6orD8jyHAG4pYTjKw57NQqSii+S
8Q9q5EpfxBhSSdzzPMO2T8uOFyA7AygKOJ2M4/MjASb4KMG9OheLnJzpc5AujYo6
RDoubUlXMREgIA==
-----END CERTIFICATE-----
Generated at Sat Jun 15 13:58:27 2024 by rpki-client on console-ams.rpki-client.org