Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/8c09b3-f6d8-4c9a-964c-8527c9b3e75f/1/uqI_dArVZMVpO3cJHHGzwDE2pYA.mft
File:                     uqI_dArVZMVpO3cJHHGzwDE2pYA.mft (raw, json)
Hash identifier:          +DtyqkdD2ul/RARXV51ohaKPYSnqn2o/1ftapJhiJOY=
Subject key identifier:   96:57:64:7C:E2:FE:6C:9D:C9:E0:04:05:39:D4:E6:A1:3D:F5:85:A3
Authority key identifier: BA:A2:3F:74:0A:D5:64:C5:69:3B:77:09:1C:71:B3:C0:31:36:A5:80
Certificate issuer:       /CN=baa23f740ad564c5693b77091c71b3c03136a580
Certificate serial:       019041C0CCC902BAACAFBD957EFCF746CCBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uqI_dArVZMVpO3cJHHGzwDE2pYA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/8c09b3-f6d8-4c9a-964c-8527c9b3e75f/1/uqI_dArVZMVpO3cJHHGzwDE2pYA.mft
Manifest number:          0650
Signing time:             Sat 22 Jun 2024 21:01:12 +0000
Manifest this update:     Sat 22 Jun 2024 21:01:12 +0000
Manifest next update:     Sun 23 Jun 2024 21:01:12 +0000
Files and hashes:         1: qLPR5OK0CBdJ9SXYZf73vnlyGgs.roa (hash: a97fHkOJsKN720YMSWWsjWA65Jb/MkVCy/H4OsG0+JQ=)
                          2: uqI_dArVZMVpO3cJHHGzwDE2pYA.crl (hash: zMisacQ1nbFOn/de5UANisyEiIrTmS9bMo1D8cY4USA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/8c09b3-f6d8-4c9a-964c-8527c9b3e75f/1/uqI_dArVZMVpO3cJHHGzwDE2pYA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/8c09b3-f6d8-4c9a-964c-8527c9b3e75f/1/uqI_dArVZMVpO3cJHHGzwDE2pYA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uqI_dArVZMVpO3cJHHGzwDE2pYA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 23 Jun 2024 21:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:41:c0:cc:c9:02:ba:ac:af:bd:95:7e:fc:f7:46:cc:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=baa23f740ad564c5693b77091c71b3c03136a580
        Validity
            Not Before: Jun 22 21:01:12 2024 GMT
            Not After : Jun 23 21:01:12 2024 GMT
        Subject: CN=9657647ce2fe6c9dc9e0040539d4e6a13df585a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:63:a7:94:80:9d:14:95:dd:aa:73:fe:71:a9:
                    2e:b0:eb:88:35:c5:23:d3:cf:77:c4:8c:1c:78:28:
                    e4:40:9b:35:3c:39:d5:c4:5a:3c:97:4f:3a:2a:ef:
                    44:89:c4:e5:e1:02:f3:06:44:7d:0b:6e:ae:4b:94:
                    87:50:cb:f9:83:30:13:a9:f5:f0:16:83:ec:fd:57:
                    e6:08:69:bc:e3:2d:49:7f:ba:68:b8:dd:79:52:c7:
                    67:b3:27:55:76:f2:4f:31:f7:9c:15:af:62:01:a8:
                    c8:ca:6d:19:35:11:3f:d9:26:30:b1:d8:96:23:3f:
                    6c:be:92:7e:50:3e:e1:da:78:34:e6:d2:aa:32:b9:
                    2c:2e:9a:39:7c:55:fa:87:77:f0:8b:1f:dd:50:61:
                    3e:ff:3d:c6:90:70:ed:55:f4:58:64:33:08:b7:17:
                    c2:c6:b4:e3:a5:24:b0:42:b2:5d:ec:52:cf:52:08:
                    c7:a5:7a:38:77:c6:7d:54:7f:04:02:55:f7:cb:36:
                    36:76:db:9c:71:be:b2:f6:f0:41:da:92:04:9a:b6:
                    ce:ef:04:a6:78:2c:70:bb:94:21:11:3e:1c:e7:fc:
                    4a:06:11:59:c5:34:81:8e:48:c0:0e:7e:c2:48:a1:
                    7d:f5:d8:ba:99:5f:e1:ff:86:db:e4:15:9a:43:a9:
                    d7:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:57:64:7C:E2:FE:6C:9D:C9:E0:04:05:39:D4:E6:A1:3D:F5:85:A3
            X509v3 Authority Key Identifier:
                keyid:BA:A2:3F:74:0A:D5:64:C5:69:3B:77:09:1C:71:B3:C0:31:36:A5:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqI_dArVZMVpO3cJHHGzwDE2pYA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/8c09b3-f6d8-4c9a-964c-8527c9b3e75f/1/uqI_dArVZMVpO3cJHHGzwDE2pYA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/8c09b3-f6d8-4c9a-964c-8527c9b3e75f/1/uqI_dArVZMVpO3cJHHGzwDE2pYA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:04:84:64:55:f0:85:78:c0:ff:1b:c8:71:2c:16:85:18:ee:
         86:94:c1:39:1b:43:2a:56:a6:5f:79:f4:a0:cd:62:ed:6f:be:
         4d:8b:4e:c1:53:cd:6f:7c:81:7c:18:09:3d:c1:3d:7b:33:db:
         8f:67:23:26:84:8e:1a:aa:68:e3:9c:d8:c3:99:2b:2c:8e:3c:
         a7:1d:78:f7:34:3c:29:ae:7a:f9:17:2a:69:66:c7:0f:57:82:
         e2:92:ac:f3:c2:64:81:af:4c:32:e7:b1:ee:66:a1:a7:b6:8b:
         03:a4:6c:08:cb:70:b2:06:8c:2d:b4:27:78:6f:df:65:96:bd:
         60:04:b8:4a:d6:a7:48:ff:97:3e:40:e8:c4:8c:c0:fe:62:a1:
         93:4b:ae:2d:ac:11:29:44:ef:50:76:4d:4b:bb:d5:6a:42:ca:
         25:a3:5d:ae:4b:d6:0f:7e:cb:cd:90:dd:3c:99:4f:c7:62:9a:
         df:a9:ee:ef:68:ee:e7:f2:6b:74:f8:ee:d4:2a:dc:d4:ab:89:
         1b:b5:38:68:84:63:9d:53:ca:83:34:c2:3d:14:a0:98:29:c0:
         51:b8:f4:d5:1e:27:ee:0e:cc:49:ba:e5:ea:4e:58:73:81:0a:
         1f:3c:6c:59:d5:6e:1b:ad:da:c8:07:64:ea:4d:4a:f9:13:6e:
         2a:72:67:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBBwMzJArqsr72Vfvz3Rsy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTIzZjc0MGFkNTY0YzU2OTNiNzcwOTFjNzFiM2MwMzEz
NmE1ODAwHhcNMjQwNjIyMjEwMTEyWhcNMjQwNjIzMjEwMTEyWjAzMTEwLwYDVQQD
Eyg5NjU3NjQ3Y2UyZmU2YzlkYzllMDA0MDUzOWQ0ZTZhMTNkZjU4NWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02OnlICdFJXdqnP+cakusOuINcUj
0893xIwceCjkQJs1PDnVxFo8l086Ku9EicTl4QLzBkR9C26uS5SHUMv5gzATqfXw
FoPs/VfmCGm84y1Jf7pouN15UsdnsydVdvJPMfecFa9iAajIym0ZNRE/2SYwsdiW
Iz9svpJ+UD7h2ng05tKqMrksLpo5fFX6h3fwix/dUGE+/z3GkHDtVfRYZDMItxfC
xrTjpSSwQrJd7FLPUgjHpXo4d8Z9VH8EAlX3yzY2dtuccb6y9vBB2pIEmrbO7wSm
eCxwu5QhET4c5/xKBhFZxTSBjkjADn7CSKF99di6mV/h/4bb5BWaQ6nXMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJZXZHzi/mydyeAEBTnU5qE99YWjMB8GA1UdIwQY
MBaAFLqiP3QK1WTFaTt3CRxxs8AxNqWAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFJX2RBclZaTVZwTzNjSkhIR3p3REUycFlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84YzA5YjMtZjZkOC00YzlhLTk2NGMt
ODUyN2M5YjNlNzVmLzEvdXFJX2RBclZaTVZwTzNjSkhIR3p3REUycFlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84YzA5YjMtZjZkOC00YzlhLTk2NGMtODUyN2M5YjNlNzVm
LzEvdXFJX2RBclZaTVZwTzNjSkhIR3p3REUycFlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAowSEZFXw
hXjA/xvIcSwWhRjuhpTBORtDKlamX3n0oM1i7W++TYtOwVPNb3yBfBgJPcE9ezPb
j2cjJoSOGqpo45zYw5krLI48px149zQ8Ka56+RcqaWbHD1eC4pKs88Jkga9MMuex
7mahp7aLA6RsCMtwsgaMLbQneG/fZZa9YAS4StanSP+XPkDoxIzA/mKhk0uuLawR
KUTvUHZNS7vVakLKJaNdrkvWD37LzZDdPJlPx2Ka36nu72ju5/JrdPju1Crc1KuJ
G7U4aIRjnVPKgzTCPRSgmCnAUbj01R4n7g7MSbrl6k5Yc4EKHzxsWdVuG63ayAdk
6k1K+RNuKnJn/g==
-----END CERTIFICATE-----
Generated at Sun Jun 23 00:51:59 2024 by rpki-client on console-fra.rpki-client.org