Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/0b647f-a6e5-46f3-b99c-b09b9385d727/1/J9BIQ8TzpOdmlNs8-_m-Optnxpk.mft
File:                     J9BIQ8TzpOdmlNs8-_m-Optnxpk.mft (raw, json)
Hash identifier:          PDdPi7rbyUNPzACq/6Mqh1IU18B80Xcq3DYoWb0NObk=
Subject key identifier:   50:4F:FE:E8:93:78:74:8E:8A:8A:D5:FB:6E:04:5D:39:95:38:4D:CC
Authority key identifier: 27:D0:48:43:C4:F3:A4:E7:66:94:DB:3C:FB:F9:BE:3A:9B:67:C6:99
Certificate issuer:       /CN=27d04843c4f3a4e76694db3cfbf9be3a9b67c699
Certificate serial:       01904868D0A9276A75ABBDE48E870FAA4CD2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J9BIQ8TzpOdmlNs8-_m-Optnxpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/0b647f-a6e5-46f3-b99c-b09b9385d727/1/J9BIQ8TzpOdmlNs8-_m-Optnxpk.mft
Manifest number:          11DA
Signing time:             Mon 24 Jun 2024 04:02:27 +0000
Manifest this update:     Mon 24 Jun 2024 04:02:27 +0000
Manifest next update:     Tue 25 Jun 2024 04:02:27 +0000
Files and hashes:         1: J9BIQ8TzpOdmlNs8-_m-Optnxpk.crl (hash: A6I3i8VyKrvi59ZgtcC71EtCCpbftL1dVBKPB8GiExA=)
                          2: jA_YwcBaS1MAlX8KaWaMFMNgrAE.roa (hash: gpW+nBhYyfdmW9+z/kEwhvOPwnDFd/3q8tgLoMu9qDk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/0b647f-a6e5-46f3-b99c-b09b9385d727/1/J9BIQ8TzpOdmlNs8-_m-Optnxpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/0b647f-a6e5-46f3-b99c-b09b9385d727/1/J9BIQ8TzpOdmlNs8-_m-Optnxpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J9BIQ8TzpOdmlNs8-_m-Optnxpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 04:02:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:48:68:d0:a9:27:6a:75:ab:bd:e4:8e:87:0f:aa:4c:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27d04843c4f3a4e76694db3cfbf9be3a9b67c699
        Validity
            Not Before: Jun 24 04:02:27 2024 GMT
            Not After : Jun 25 04:02:27 2024 GMT
        Subject: CN=504ffee89378748e8a8ad5fb6e045d3995384dcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:85:8d:3b:3f:a2:7b:3f:bc:9d:22:b2:62:28:
                    85:94:f7:07:3e:0b:c5:2a:2c:14:75:f7:7f:65:a9:
                    34:28:f3:6a:41:21:28:af:e1:8d:42:c7:31:eb:f1:
                    af:0a:b9:9f:e0:60:92:ab:2b:9b:7c:45:16:50:72:
                    8c:28:d0:23:3c:56:b0:95:a1:34:78:bb:92:0e:d4:
                    8c:cf:6d:54:5b:c9:cf:86:21:bf:28:75:6b:39:18:
                    d6:ec:d5:8b:16:c6:19:bd:22:51:aa:b2:06:9b:51:
                    2b:e6:fc:24:6e:9b:48:a3:d5:63:8d:f1:31:60:25:
                    9e:30:0d:10:2a:60:94:9f:24:0b:dd:ed:5b:0c:d2:
                    e6:72:80:2f:1e:73:0c:7f:bc:b3:11:62:b2:49:8c:
                    43:3f:a2:59:3d:a6:62:fb:e8:bc:81:e1:60:80:f8:
                    63:b1:28:82:17:32:a1:5c:f1:a6:cc:d5:0c:b0:de:
                    57:fe:9a:2d:4d:fd:9e:b4:eb:b0:8e:de:ab:26:b5:
                    9e:62:28:32:f6:b0:e5:9c:ee:c5:3f:68:35:22:6b:
                    29:f2:f7:03:af:51:a5:a5:10:24:8d:cc:78:e1:a9:
                    f1:a7:0b:9a:47:30:ce:68:b9:5a:46:9c:2c:98:5a:
                    5f:1c:c1:30:66:d5:53:67:c3:aa:dd:45:36:39:22:
                    57:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:4F:FE:E8:93:78:74:8E:8A:8A:D5:FB:6E:04:5D:39:95:38:4D:CC
            X509v3 Authority Key Identifier:
                keyid:27:D0:48:43:C4:F3:A4:E7:66:94:DB:3C:FB:F9:BE:3A:9B:67:C6:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J9BIQ8TzpOdmlNs8-_m-Optnxpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0b647f-a6e5-46f3-b99c-b09b9385d727/1/J9BIQ8TzpOdmlNs8-_m-Optnxpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0b647f-a6e5-46f3-b99c-b09b9385d727/1/J9BIQ8TzpOdmlNs8-_m-Optnxpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:be:64:db:1c:d1:f4:a5:47:21:7d:bd:99:23:0d:0c:4b:5e:
         0b:a8:99:24:81:31:35:9f:a7:29:51:04:81:b1:ed:cd:db:b7:
         b5:98:d5:1d:be:8c:07:d4:73:a5:37:54:77:71:b2:e4:34:c2:
         4b:20:5f:da:64:fa:d0:3f:8c:cc:fd:39:3f:2f:eb:83:9f:6b:
         61:b5:14:a3:00:1d:33:c2:df:05:69:ee:8b:a3:95:a6:9a:57:
         f4:70:0c:0f:ee:a5:4b:02:82:3c:66:94:6f:61:a0:ad:12:f8:
         ac:69:11:76:62:5d:a3:67:4a:b4:ea:32:79:e8:57:ac:9e:31:
         2f:b5:c6:49:27:d2:97:fd:b7:7f:e7:88:e5:76:a1:09:2d:0f:
         81:95:1a:f4:b8:79:82:bc:19:dc:9c:ac:09:c8:08:4b:65:c2:
         1f:fe:b8:63:42:57:d2:3a:f6:9d:1e:50:40:cb:2f:b5:29:37:
         f6:5d:94:a7:1e:d8:2d:e0:9d:8f:7d:8d:c4:09:92:3e:a2:5e:
         9d:12:61:fd:1d:c7:59:cc:e1:ef:e7:a3:9d:dc:a4:d9:da:eb:
         55:dc:bf:d4:7b:c2:10:4c:07:be:19:4b:c5:2b:91:7b:b0:d2:
         26:06:3b:f2:f5:57:2f:34:c6:7e:2b:e0:a5:24:eb:51:19:09:
         96:4e:03:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBIaNCpJ2p1q73kjocPqkzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZDA0ODQzYzRmM2E0ZTc2Njk0ZGIzY2ZiZjliZTNhOWI2
N2M2OTkwHhcNMjQwNjI0MDQwMjI3WhcNMjQwNjI1MDQwMjI3WjAzMTEwLwYDVQQD
Eyg1MDRmZmVlODkzNzg3NDhlOGE4YWQ1ZmI2ZTA0NWQzOTk1Mzg0ZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YWNOz+iez+8nSKyYiiFlPcHPgvF
KiwUdfd/Zak0KPNqQSEor+GNQscx6/GvCrmf4GCSqyubfEUWUHKMKNAjPFawlaE0
eLuSDtSMz21UW8nPhiG/KHVrORjW7NWLFsYZvSJRqrIGm1Er5vwkbptIo9VjjfEx
YCWeMA0QKmCUnyQL3e1bDNLmcoAvHnMMf7yzEWKySYxDP6JZPaZi++i8geFggPhj
sSiCFzKhXPGmzNUMsN5X/potTf2etOuwjt6rJrWeYigy9rDlnO7FP2g1Imsp8vcD
r1GlpRAkjcx44anxpwuaRzDOaLlaRpwsmFpfHMEwZtVTZ8Oq3UU2OSJX6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFBP/uiTeHSOiorV+24EXTmVOE3MMB8GA1UdIwQY
MBaAFCfQSEPE86TnZpTbPPv5vjqbZ8aZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjlCSVE4VHpwT2RtbE5zOC1fbS1PcHRueHBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wYjY0N2YtYTZlNS00NmYzLWI5OWMt
YjA5YjkzODVkNzI3LzEvSjlCSVE4VHpwT2RtbE5zOC1fbS1PcHRueHBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wYjY0N2YtYTZlNS00NmYzLWI5OWMtYjA5YjkzODVkNzI3
LzEvSjlCSVE4VHpwT2RtbE5zOC1fbS1PcHRueHBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm75k2xzR
9KVHIX29mSMNDEteC6iZJIExNZ+nKVEEgbHtzdu3tZjVHb6MB9RzpTdUd3Gy5DTC
SyBf2mT60D+MzP05Py/rg59rYbUUowAdM8LfBWnui6OVpppX9HAMD+6lSwKCPGaU
b2GgrRL4rGkRdmJdo2dKtOoyeehXrJ4xL7XGSSfSl/23f+eI5XahCS0PgZUa9Lh5
grwZ3JysCcgIS2XCH/64Y0JX0jr2nR5QQMsvtSk39l2Upx7YLeCdj32NxAmSPqJe
nRJh/R3HWczh7+ejndyk2drrVdy/1HvCEEwHvhlLxSuRe7DSJgY78vVXLzTGfivg
pSTrURkJlk4Dmw==
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:49:36 2024 by rpki-client on console-fra.rpki-client.org