Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft
File:                     orEujfOr1VWfnPloCvZd0WWJ3oY.mft (raw, json)
Hash identifier:          ax+ilxo78oB3sx3z+dbP81u7Xx6pj0CjNQCxPHh8iz8=
Subject key identifier:   BD:BB:85:D2:84:48:D9:B0:39:DE:A4:14:12:2A:5B:06:6D:0B:CA:50
Authority key identifier: A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
Certificate issuer:       /CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Certificate serial:       01903A3E769F189289B63752422C47855E1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft
Manifest number:          11D5
Signing time:             Fri 21 Jun 2024 10:01:30 +0000
Manifest this update:     Fri 21 Jun 2024 10:01:30 +0000
Manifest next update:     Sat 22 Jun 2024 10:01:30 +0000
Files and hashes:         1: 2EB3S2UwJnkON7osqsPM0jaYtUY.roa (hash: J3C/eVoIt0b1nOUwNH27BivAd8Wkd1BejZEaqiCgDAY=)
                          2: XEtJeFdkjism6SpbVYheQ4pGw5o.roa (hash: EOAYeNZwF2WAc+Q/WFDNqpw5eovC3WR8S+hg0Cewls0=)
                          3: d2AQ3l_bs9Fyhv8WHOV-5bJ326w.roa (hash: WDeyxX+YSqMX4bpsv4YRs9nGPVShr/aU8HX41yvN8B8=)
                          4: kDO5E3nKCcXWjuz24aZxcaDYXtQ.roa (hash: yTWoZlP0pGuDrnHnxbcn7osYDNv7VUKKZXxBPRAbYbw=)
                          5: l3Dqhvzk2A1PNdMUBeKT-E5ofk8.roa (hash: 4zzSGY3DsTBW08un8lJfY23hsq3akXsHvqmqpacVGpo=)
                          6: orEujfOr1VWfnPloCvZd0WWJ3oY.crl (hash: MRIrWGe+9NkFIa17zFfUZAIm3VkO3i0zNpdNf+MCTSU=)
                          7: oylhCGOREsIo8jHEk5gk_LxHAhI.roa (hash: qkFmAooASJ9WLJEN+aOvuiiI6R3sk1+rQ1mYQ/xPAKM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 22 Jun 2024 09:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:3a:3e:76:9f:18:92:89:b6:37:52:42:2c:47:85:5e:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
        Validity
            Not Before: Jun 21 10:01:30 2024 GMT
            Not After : Jun 22 10:01:30 2024 GMT
        Subject: CN=bdbb85d28448d9b039dea414122a5b066d0bca50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:a8:f0:23:fc:cd:89:19:fc:85:a4:72:42:48:
                    78:88:2d:1d:3e:62:4b:62:c1:c6:56:c9:e8:05:a5:
                    41:4f:38:bc:a3:33:80:45:f6:88:26:37:bd:db:e3:
                    b0:61:97:66:0a:ec:56:54:17:3d:7e:00:16:85:7e:
                    82:69:d7:5e:b5:9d:94:db:14:a4:59:23:8b:c4:27:
                    e5:f8:6f:f0:3a:da:43:75:a0:31:27:95:87:dc:e0:
                    86:1f:93:6b:80:8e:08:a9:35:54:c3:2a:7a:f9:55:
                    2b:5b:a9:82:22:8a:1a:cc:31:51:71:c1:ed:01:69:
                    3b:37:3d:0c:b1:5f:04:d5:1f:5a:36:a5:df:38:86:
                    4c:c7:f6:fa:b0:03:5a:a0:9d:f1:7a:2a:d4:1a:3a:
                    73:31:8d:75:16:11:5c:d1:d0:81:da:17:a4:bc:dd:
                    b0:39:84:68:ab:bf:47:ad:21:32:61:90:0e:51:16:
                    87:cb:08:63:0f:b8:57:ef:ba:38:42:d4:ff:19:c4:
                    7b:66:50:09:1b:f4:34:ba:36:7e:d8:fa:26:56:88:
                    b6:68:b6:e5:e0:85:4b:f1:9a:94:59:5c:84:e6:9f:
                    51:8e:a1:59:5a:c0:37:e7:2c:83:2c:01:a2:e4:c1:
                    99:52:a4:05:92:d0:65:d0:d7:1e:08:3b:9b:d0:44:
                    b4:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:BB:85:D2:84:48:D9:B0:39:DE:A4:14:12:2A:5B:06:6D:0B:CA:50
            X509v3 Authority Key Identifier:
                keyid:A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:92:be:06:dd:4f:19:54:96:88:60:15:f6:f4:da:0a:99:d9:
         0a:d3:69:b1:d2:08:6e:f7:69:b3:58:7b:00:07:af:ae:cb:9d:
         1a:3f:b7:bb:9e:a4:0c:2b:a7:58:29:bd:61:01:9f:99:d0:f2:
         6e:15:2a:9a:1e:84:cf:5f:11:88:1e:0e:df:fd:34:28:d2:de:
         64:60:90:2b:ae:5f:65:24:0d:a4:31:a5:72:0c:af:62:32:52:
         24:17:83:82:03:45:9b:15:91:62:01:52:aa:7e:c6:95:88:56:
         a0:f4:2d:c1:c2:88:31:67:f2:8d:db:4d:cb:4c:a5:92:c6:d9:
         e2:ff:5f:71:f3:60:ab:ea:86:1b:16:e7:e4:18:a9:0f:8d:7c:
         a9:41:09:52:ca:48:30:1a:59:7b:1a:b4:f3:de:c1:ef:5b:6c:
         a0:ab:6a:ec:e5:e0:49:99:2f:6b:ca:88:cb:fe:04:19:b6:92:
         ee:6e:14:7d:0c:6e:68:f5:35:19:af:3e:66:ea:3b:4f:27:e9:
         2e:96:ad:6c:a4:b3:53:68:8d:38:83:69:1c:e7:8a:8b:41:25:
         47:57:52:c6:d1:b3:d6:53:7f:bc:ec:c1:0e:3f:7f:ef:a1:75:
         55:9e:89:a7:09:df:cd:8c:d3:0c:43:c4:a2:05:81:57:d2:8e:
         3c:09:2c:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZA6PnafGJKJtjdSQixHhV4cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjEyZThkZjNhYmQ1NTU5ZjljZjk2ODBhZjY1ZGQxNjU4
OWRlODYwHhcNMjQwNjIxMTAwMTMwWhcNMjQwNjIyMTAwMTMwWjAzMTEwLwYDVQQD
EyhiZGJiODVkMjg0NDhkOWIwMzlkZWE0MTQxMjJhNWIwNjZkMGJjYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ajwI/zNiRn8haRyQkh4iC0dPmJL
YsHGVsnoBaVBTzi8ozOARfaIJje92+OwYZdmCuxWVBc9fgAWhX6CaddetZ2U2xSk
WSOLxCfl+G/wOtpDdaAxJ5WH3OCGH5NrgI4IqTVUwyp6+VUrW6mCIooazDFRccHt
AWk7Nz0MsV8E1R9aNqXfOIZMx/b6sANaoJ3xeirUGjpzMY11FhFc0dCB2hekvN2w
OYRoq79HrSEyYZAOURaHywhjD7hX77o4QtT/GcR7ZlAJG/Q0ujZ+2PomVoi2aLbl
4IVL8ZqUWVyE5p9RjqFZWsA35yyDLAGi5MGZUqQFktBl0NceCDub0ES0XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL27hdKESNmwOd6kFBIqWwZtC8pQMB8GA1UdIwQY
MBaAFKKxLo3zq9VVn5z5aAr2XdFlid6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEt
YjRjYjYzN2RhOGMzLzEvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEtYjRjYjYzN2RhOGMz
LzEvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArJK+Bt1P
GVSWiGAV9vTaCpnZCtNpsdIIbvdps1h7AAevrsudGj+3u56kDCunWCm9YQGfmdDy
bhUqmh6Ez18RiB4O3/00KNLeZGCQK65fZSQNpDGlcgyvYjJSJBeDggNFmxWRYgFS
qn7GlYhWoPQtwcKIMWfyjdtNy0ylksbZ4v9fcfNgq+qGGxbn5BipD418qUEJUspI
MBpZexq0897B71tsoKtq7OXgSZkva8qIy/4EGbaS7m4UfQxuaPU1Ga8+Zuo7Tyfp
LpatbKSzU2iNOINpHOeKi0ElR1dSxtGz1lN/vOzBDj9/76F1VZ6JpwnfzYzTDEPE
ogWBV9KOPAks+A==
-----END CERTIFICATE-----
Generated at Fri Jun 21 16:39:13 2024 by rpki-client on console-fra.rpki-client.org