Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.mft
File:                     Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.mft (raw, json)
Hash identifier:          KzFVp1nwA0DmI2QjAan9vUHfYuRjK9wYVp7IHkXji60=
Subject key identifier:   FF:D3:1A:14:B1:21:3F:10:69:93:D4:92:A6:B2:FB:45:A5:48:B7:0E
Authority key identifier: 67:5F:BE:4B:1F:00:23:3E:D7:67:99:00:71:F0:45:90:C9:0C:88:7D
Certificate issuer:       /CN=675fbe4b1f00233ed767990071f04590c90c887d
Certificate serial:       01904868F05BB3063ACBACFB990447A80AC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.mft
Manifest number:          0A74
Signing time:             Mon 24 Jun 2024 04:02:35 +0000
Manifest this update:     Mon 24 Jun 2024 04:02:35 +0000
Manifest next update:     Tue 25 Jun 2024 04:02:35 +0000
Files and hashes:         1: XnxB6U2DT6BCca0TL3Jjs5kATME.roa (hash: 5FUxuObBzGPTBBVZnOLxOzE1m2/HtTv/nB/LCGGO8mo=)
                          2: Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.crl (hash: 2zILThehJmATvkletvXogS6WOujruxQ8BAbFUCkUylo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 04:02:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:48:68:f0:5b:b3:06:3a:cb:ac:fb:99:04:47:a8:0a:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=675fbe4b1f00233ed767990071f04590c90c887d
        Validity
            Not Before: Jun 24 04:02:35 2024 GMT
            Not After : Jun 25 04:02:35 2024 GMT
        Subject: CN=ffd31a14b1213f106993d492a6b2fb45a548b70e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6c:36:96:62:a9:ba:18:dc:b4:09:22:8c:56:
                    bb:bc:80:58:fa:1c:8c:00:58:a2:7d:cc:6f:6f:f1:
                    0d:bd:20:90:67:b4:c9:6a:da:bf:55:e6:09:81:68:
                    6c:07:36:22:ed:f4:46:d6:09:32:2a:b0:61:63:d5:
                    51:17:08:9f:4a:ae:5a:af:35:75:d8:94:fc:35:61:
                    90:aa:c9:49:02:4f:68:91:34:e9:e0:8a:71:54:19:
                    a3:c2:ff:17:3e:7b:6b:f7:10:10:a7:47:a3:11:1c:
                    ab:bc:54:b8:c0:aa:2a:e5:cf:3e:46:be:2e:8f:67:
                    a6:72:93:74:3d:ed:6e:fc:0c:30:9a:a1:e2:e9:90:
                    b9:9d:9b:e6:cb:5c:f1:eb:81:9e:60:39:be:2f:5a:
                    c5:44:67:2f:40:f2:d0:c6:53:fa:84:de:bf:55:a3:
                    45:1d:b0:28:55:85:35:a5:e1:c0:0c:d5:3d:21:c1:
                    71:18:66:76:3f:a2:0b:f2:2a:84:ee:dc:3a:11:40:
                    d8:a9:4f:d0:e1:4b:64:83:3d:ba:f7:15:66:2e:38:
                    ae:a2:d2:69:95:9b:25:2f:12:36:19:04:0d:f8:2c:
                    74:70:18:78:dd:a6:72:49:51:26:62:10:c8:67:e3:
                    0a:2a:a3:e7:35:7e:d6:ec:5d:cb:30:63:1f:4d:ef:
                    f2:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:D3:1A:14:B1:21:3F:10:69:93:D4:92:A6:B2:FB:45:A5:48:B7:0E
            X509v3 Authority Key Identifier:
                keyid:67:5F:BE:4B:1F:00:23:3E:D7:67:99:00:71:F0:45:90:C9:0C:88:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:5f:d0:8f:e1:8e:7d:3c:2b:0e:34:00:92:16:52:a3:44:47:
         4f:5d:ab:a1:f4:eb:4d:40:85:e5:f3:1b:db:86:c0:4e:97:68:
         2e:60:3b:cb:a7:2d:36:6d:ab:09:ae:b5:07:73:20:e6:47:a6:
         da:ab:15:f6:0c:0e:cd:46:0e:b9:2f:29:16:33:ae:85:d4:7f:
         c5:47:84:c7:a5:5e:19:8a:21:57:8d:cb:04:11:7d:8c:01:40:
         7a:6c:16:ff:d2:e0:21:05:68:95:2e:99:e2:17:35:d8:d9:78:
         7f:18:ab:d9:27:eb:66:a7:71:99:3b:b6:c7:df:b0:6b:cb:8f:
         08:a1:d7:fe:5b:e5:cc:91:3a:56:b9:6d:8f:f9:c9:f2:41:ed:
         ab:3d:c6:4b:da:66:22:b1:3b:b6:c4:39:d1:d0:7b:c8:dc:95:
         04:00:d5:91:1e:6c:a7:9d:0c:68:dd:1c:c2:52:51:32:ba:f4:
         9b:64:dc:a6:78:7f:c3:08:5a:c0:cd:46:e1:3d:23:7f:2e:bd:
         45:b0:66:59:e6:84:ed:cb:f3:1e:d5:f3:7c:20:4c:5e:bf:bd:
         ce:ab:28:da:e9:61:d8:3b:fa:9f:e7:8b:f5:45:b9:19:06:e0:
         f0:32:c2:a2:ed:80:bb:b0:82:08:37:8d:1a:7f:e6:14:52:53:
         22:18:20:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBIaPBbswY6y6z7mQRHqArAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NWZiZTRiMWYwMDIzM2VkNzY3OTkwMDcxZjA0NTkwYzkw
Yzg4N2QwHhcNMjQwNjI0MDQwMjM1WhcNMjQwNjI1MDQwMjM1WjAzMTEwLwYDVQQD
EyhmZmQzMWExNGIxMjEzZjEwNjk5M2Q0OTJhNmIyZmI0NWE1NDhiNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWw2lmKpuhjctAkijFa7vIBY+hyM
AFiifcxvb/ENvSCQZ7TJatq/VeYJgWhsBzYi7fRG1gkyKrBhY9VRFwifSq5arzV1
2JT8NWGQqslJAk9okTTp4IpxVBmjwv8XPntr9xAQp0ejERyrvFS4wKoq5c8+Rr4u
j2emcpN0Pe1u/AwwmqHi6ZC5nZvmy1zx64GeYDm+L1rFRGcvQPLQxlP6hN6/VaNF
HbAoVYU1peHADNU9IcFxGGZ2P6IL8iqE7tw6EUDYqU/Q4Utkgz269xVmLjiuotJp
lZslLxI2GQQN+Cx0cBh43aZySVEmYhDIZ+MKKqPnNX7W7F3LMGMfTe/yDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/TGhSxIT8QaZPUkqay+0WlSLcOMB8GA1UdIwQY
MBaAFGdfvksfACM+12eZAHHwRZDJDIh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjEtLVN4OEFJejdYWjVrQWNmQkZrTWtNaUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81NWMyYTAtNDlkZi00ZDk2LTk4OGYt
NGY5ZDA0MDEwNzEwLzEvWjEtLVN4OEFJejdYWjVrQWNmQkZrTWtNaUgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81NWMyYTAtNDlkZi00ZDk2LTk4OGYtNGY5ZDA0MDEwNzEw
LzEvWjEtLVN4OEFJejdYWjVrQWNmQkZrTWtNaUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj1/Qj+GO
fTwrDjQAkhZSo0RHT12rofTrTUCF5fMb24bATpdoLmA7y6ctNm2rCa61B3Mg5kem
2qsV9gwOzUYOuS8pFjOuhdR/xUeEx6VeGYohV43LBBF9jAFAemwW/9LgIQVolS6Z
4hc12Nl4fxir2SfrZqdxmTu2x9+wa8uPCKHX/lvlzJE6Vrltj/nJ8kHtqz3GS9pm
IrE7tsQ50dB7yNyVBADVkR5sp50MaN0cwlJRMrr0m2Tcpnh/wwhawM1G4T0jfy69
RbBmWeaE7cvzHtXzfCBMXr+9zqso2ulh2Dv6n+eL9UW5GQbg8DLCou2Au7CCCDeN
Gn/mFFJTIhggcw==
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:14:36 2024 by rpki-client on console-ams.rpki-client.org