Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/b87a0d-cc4c-4825-a7e4-e924ce5a75b3/1/om-n7jCto1qx_ATzQP7fZHqfgWI.mft
File:                     om-n7jCto1qx_ATzQP7fZHqfgWI.mft (raw, json)
Hash identifier:          3CbSam+4iGjwgypPNzgSIHUBsjZw/EcxETfEtp4abR4=
Subject key identifier:   BA:36:4F:B7:37:52:FC:51:A0:1D:1F:77:F8:51:31:13:05:DD:81:10
Authority key identifier: A2:6F:A7:EE:30:AD:A3:5A:B1:FC:04:F3:40:FE:DF:64:7A:9F:81:62
Certificate issuer:       /CN=a26fa7ee30ada35ab1fc04f340fedf647a9f8162
Certificate serial:       01901BFC92070747680D7AC30D83726C7274
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/om-n7jCto1qx_ATzQP7fZHqfgWI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/b87a0d-cc4c-4825-a7e4-e924ce5a75b3/1/om-n7jCto1qx_ATzQP7fZHqfgWI.mft
Manifest number:          1157
Signing time:             Sat 15 Jun 2024 13:00:55 +0000
Manifest this update:     Sat 15 Jun 2024 13:00:55 +0000
Manifest next update:     Sun 16 Jun 2024 13:00:55 +0000
Files and hashes:         1: om-n7jCto1qx_ATzQP7fZHqfgWI.crl (hash: SiCJG8yq+n86X6GAAkovE5SHrA1tLy6NeA0g9ZnHCHQ=)
                          2: t8AOqiiVLrqHOmbMV2EgnMXdJF0.roa (hash: uX4fzT84Go7utu7L4w2u81tugcSvjA5inHY211Hu2oA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/b87a0d-cc4c-4825-a7e4-e924ce5a75b3/1/om-n7jCto1qx_ATzQP7fZHqfgWI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/b87a0d-cc4c-4825-a7e4-e924ce5a75b3/1/om-n7jCto1qx_ATzQP7fZHqfgWI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/om-n7jCto1qx_ATzQP7fZHqfgWI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 13:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1b:fc:92:07:07:47:68:0d:7a:c3:0d:83:72:6c:72:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a26fa7ee30ada35ab1fc04f340fedf647a9f8162
        Validity
            Not Before: Jun 15 13:00:55 2024 GMT
            Not After : Jun 16 13:00:55 2024 GMT
        Subject: CN=ba364fb73752fc51a01d1f77f851311305dd8110
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:eb:0e:65:af:5d:8e:1f:9b:78:0c:96:b4:49:
                    dd:89:18:87:f0:09:34:b5:12:d8:10:f0:01:41:c8:
                    e1:ad:72:6d:28:57:69:84:c1:35:aa:aa:c0:e3:10:
                    52:27:42:0e:00:87:b8:f5:1a:63:10:8b:10:f9:e2:
                    b2:99:31:c9:77:fe:de:f4:36:d7:1d:dc:c5:0e:f8:
                    a8:1f:22:d8:38:21:84:86:73:e8:3b:d3:fc:1d:5d:
                    c9:77:71:19:91:78:fc:57:4d:94:ca:19:9f:35:d2:
                    76:ab:cc:43:6e:81:0c:c6:67:41:35:2d:99:b8:bc:
                    f5:79:8a:d5:07:bb:ec:2d:27:10:4b:b8:50:d5:e2:
                    30:49:ff:93:23:d1:c3:65:8c:b1:2f:78:b0:7b:2e:
                    1d:14:9c:41:b8:06:24:e5:95:72:b4:c5:0f:d1:fa:
                    54:22:b3:c3:7a:b5:1b:c5:9d:67:94:6a:55:fd:6a:
                    1c:75:82:2a:af:83:ef:d4:c4:f0:71:e1:2f:e3:67:
                    a9:1e:1a:76:91:82:74:97:d1:1e:2a:98:0f:c2:11:
                    1f:26:5b:c2:a4:a0:dc:b5:93:08:e6:61:61:05:87:
                    6a:74:b7:b7:65:11:85:76:97:ff:fd:82:4a:fd:e6:
                    6b:46:f6:bf:08:b4:6a:9d:aa:6f:43:06:e7:f2:dc:
                    26:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:36:4F:B7:37:52:FC:51:A0:1D:1F:77:F8:51:31:13:05:DD:81:10
            X509v3 Authority Key Identifier:
                keyid:A2:6F:A7:EE:30:AD:A3:5A:B1:FC:04:F3:40:FE:DF:64:7A:9F:81:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/om-n7jCto1qx_ATzQP7fZHqfgWI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/b87a0d-cc4c-4825-a7e4-e924ce5a75b3/1/om-n7jCto1qx_ATzQP7fZHqfgWI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/b87a0d-cc4c-4825-a7e4-e924ce5a75b3/1/om-n7jCto1qx_ATzQP7fZHqfgWI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:73:5e:79:02:f5:93:76:57:ef:37:fc:a3:d0:72:3b:62:73:
         cc:ab:6e:52:73:89:d7:8d:d5:20:36:e4:f1:a1:8c:18:d3:33:
         28:8e:da:2a:54:e6:57:9a:03:d3:06:ef:ad:8e:e3:c5:86:08:
         4e:30:e5:22:df:c1:60:55:f6:20:b0:eb:00:c9:1a:b2:ec:57:
         fd:5f:7a:a4:24:32:21:f6:7e:33:18:31:ae:67:24:a9:a8:fb:
         50:02:aa:ee:2d:49:99:b8:a8:2d:6b:52:8b:52:49:e4:e8:b4:
         be:80:2f:57:03:e6:29:0b:33:18:f1:0c:fd:a7:95:a1:32:c3:
         59:27:17:8a:16:cb:72:89:7f:a5:e3:e2:69:2e:fe:44:d4:09:
         71:cf:41:17:6f:42:31:3d:f4:8b:89:e2:e4:24:e2:da:0f:99:
         75:54:fa:b9:f8:63:04:12:ac:bd:21:71:a6:6a:02:d5:47:11:
         d6:c1:78:ed:eb:70:e2:4b:ed:30:54:00:03:ae:53:3e:13:88:
         be:1e:f0:22:67:0e:21:ae:90:a1:db:a9:e6:99:76:65:d4:b3:
         8b:f5:18:d8:e0:7e:d9:00:8b:bd:b3:e2:60:58:9e:1c:6e:65:
         84:55:48:46:57:c1:58:58:35:1a:7f:fe:7f:4c:a9:f4:10:17:
         c6:69:0a:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAb/JIHB0doDXrDDYNybHJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNmZhN2VlMzBhZGEzNWFiMWZjMDRmMzQwZmVkZjY0N2E5
ZjgxNjIwHhcNMjQwNjE1MTMwMDU1WhcNMjQwNjE2MTMwMDU1WjAzMTEwLwYDVQQD
EyhiYTM2NGZiNzM3NTJmYzUxYTAxZDFmNzdmODUxMzExMzA1ZGQ4MTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoesOZa9djh+beAyWtEndiRiH8Ak0
tRLYEPABQcjhrXJtKFdphME1qqrA4xBSJ0IOAIe49RpjEIsQ+eKymTHJd/7e9DbX
HdzFDvioHyLYOCGEhnPoO9P8HV3Jd3EZkXj8V02UyhmfNdJ2q8xDboEMxmdBNS2Z
uLz1eYrVB7vsLScQS7hQ1eIwSf+TI9HDZYyxL3iwey4dFJxBuAYk5ZVytMUP0fpU
IrPDerUbxZ1nlGpV/WocdYIqr4Pv1MTwceEv42epHhp2kYJ0l9EeKpgPwhEfJlvC
pKDctZMI5mFhBYdqdLe3ZRGFdpf//YJK/eZrRva/CLRqnapvQwbn8twmuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLo2T7c3UvxRoB0fd/hRMRMF3YEQMB8GA1UdIwQY
MBaAFKJvp+4wraNasfwE80D+32R6n4FiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb20tbjdqQ3RvMXF4X0FUelFQN2ZaSHFmZ1dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9iODdhMGQtY2M0Yy00ODI1LWE3ZTQt
ZTkyNGNlNWE3NWIzLzEvb20tbjdqQ3RvMXF4X0FUelFQN2ZaSHFmZ1dJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9iODdhMGQtY2M0Yy00ODI1LWE3ZTQtZTkyNGNlNWE3NWIz
LzEvb20tbjdqQ3RvMXF4X0FUelFQN2ZaSHFmZ1dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAenNeeQL1
k3ZX7zf8o9ByO2JzzKtuUnOJ143VIDbk8aGMGNMzKI7aKlTmV5oD0wbvrY7jxYYI
TjDlIt/BYFX2ILDrAMkasuxX/V96pCQyIfZ+Mxgxrmckqaj7UAKq7i1JmbioLWtS
i1JJ5Oi0voAvVwPmKQszGPEM/aeVoTLDWScXihbLcol/pePiaS7+RNQJcc9BF29C
MT30i4ni5CTi2g+ZdVT6ufhjBBKsvSFxpmoC1UcR1sF47etw4kvtMFQAA65TPhOI
vh7wImcOIa6Qodup5pl2ZdSzi/UY2OB+2QCLvbPiYFieHG5lhFVIRlfBWFg1Gn/+
f0yp9BAXxmkKIQ==
-----END CERTIFICATE-----
Generated at Sat Jun 15 19:47:08 2024 by rpki-client on console-fra.rpki-client.org