Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
File:                     OpL12TZ1K68tDfcTKZSZzs-p9I0.mft (raw, json)
Hash identifier:          DG+lsJE5ahW40eeBwDDGm/dCcgGyOV7aStzMfEGpZWo=
Subject key identifier:   32:B7:E9:10:BA:E4:F0:79:E2:11:7B:E4:E3:D8:7E:62:24:C6:58:30
Authority key identifier: 3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
Certificate issuer:       /CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Certificate serial:       0190490C2B4A40DBF24F8B485AAE741B7C2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
Manifest number:          11DF
Signing time:             Mon 24 Jun 2024 07:00:52 +0000
Manifest this update:     Mon 24 Jun 2024 07:00:52 +0000
Manifest next update:     Tue 25 Jun 2024 07:00:52 +0000
Files and hashes:         1: OpL12TZ1K68tDfcTKZSZzs-p9I0.crl (hash: X10QSqD3kN5Uqon7cuxF5LXCd2Ddn+ZGTRbR/g5iUDk=)
                          2: qnGMjAtEp4CZgXyTx8LyPrrXTBI.roa (hash: 0txBDG2KHO342XzT9v22DY4vX4KlGOIRvrY4etH88GA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 07:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:49:0c:2b:4a:40:db:f2:4f:8b:48:5a:ae:74:1b:7c:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a92f5d936752baf2d0df713299499cecfa9f48d
        Validity
            Not Before: Jun 24 07:00:52 2024 GMT
            Not After : Jun 25 07:00:52 2024 GMT
        Subject: CN=32b7e910bae4f079e2117be4e3d87e6224c65830
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:9a:06:e9:08:39:0b:e1:b0:78:0f:6f:8a:17:
                    69:24:a3:44:8d:5d:a5:0a:16:72:3a:dc:8c:6e:ac:
                    b8:7c:2b:67:cd:6c:01:67:d2:93:da:10:e3:52:14:
                    3d:5c:2c:68:05:7f:05:e2:24:a2:1f:ed:a1:0c:96:
                    9e:7c:5c:6e:fe:6b:22:3d:e5:cc:e6:7c:87:4f:25:
                    4a:88:fd:2b:ff:10:63:b4:e5:96:e2:4d:23:25:20:
                    46:cb:d8:44:39:52:b9:9f:9a:ae:a6:fd:ed:fe:e3:
                    1e:12:96:45:c8:4d:93:e0:3d:15:87:0a:d1:77:7b:
                    48:04:18:08:53:53:4c:7f:03:5a:36:e0:4c:85:90:
                    66:cf:7f:e2:c9:65:a0:04:03:07:84:c4:d9:dc:40:
                    17:99:60:7d:33:d4:ca:15:e6:7a:6b:f2:f5:c0:d1:
                    85:89:6b:2e:7c:70:8f:73:e4:16:ef:5d:33:81:34:
                    84:73:a2:ab:28:d4:00:0c:cf:45:9e:c0:c9:53:ae:
                    6d:f7:0e:e3:c8:74:a0:78:2c:58:c6:9f:e3:a4:5b:
                    01:06:b0:b5:2d:a7:0d:80:26:1e:57:c2:3c:67:93:
                    cf:f9:ca:4d:59:7e:95:6c:88:f5:5a:90:c1:5e:29:
                    1f:dd:90:ae:a4:41:01:f8:2d:75:23:ac:b2:f0:0e:
                    d6:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:B7:E9:10:BA:E4:F0:79:E2:11:7B:E4:E3:D8:7E:62:24:C6:58:30
            X509v3 Authority Key Identifier:
                keyid:3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:94:58:be:ae:b4:2e:cf:66:6b:c8:81:52:c9:5d:70:3f:4d:
         a8:66:6e:08:89:33:12:25:c8:45:ee:5f:39:d2:5a:09:63:e4:
         d0:d3:60:9d:4e:cf:2c:5f:bb:d0:02:2c:49:73:0a:e8:43:49:
         f7:f7:b6:68:58:82:96:43:d0:21:6a:d3:62:15:71:94:2f:92:
         84:e7:b7:de:24:f7:43:7e:2d:f2:ac:ae:09:17:08:f9:4c:d2:
         e9:15:60:34:8b:25:9b:84:b0:66:4a:20:6a:a0:5e:14:96:78:
         b7:ba:d0:14:95:18:5d:f7:bd:76:9f:0c:c6:31:09:4b:9d:75:
         96:cc:2e:31:de:f2:a1:bf:dd:27:12:a7:f4:dc:e4:97:ff:5b:
         34:30:e7:a3:bf:f8:0a:27:ec:87:95:fd:bf:fc:37:62:2d:30:
         0b:82:3b:88:cb:bd:6a:1c:22:a3:8a:69:9e:e2:2e:3e:1f:96:
         33:28:1e:c3:b1:b2:ac:e2:3d:fb:19:4b:f3:ea:75:c5:0c:86:
         80:f0:bd:2e:8f:dd:38:a0:1f:66:25:c4:83:68:4a:45:2f:ea:
         c4:5b:9a:a8:94:4c:f2:1b:8a:d1:a7:e9:73:e2:89:3c:77:d1:
         0e:a8:f6:54:50:d4:6b:f0:9d:67:76:2d:ad:f0:07:d6:87:22:
         3c:02:0f:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBJDCtKQNvyT4tIWq50G3wvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTJmNWQ5MzY3NTJiYWYyZDBkZjcxMzI5OTQ5OWNlY2Zh
OWY0OGQwHhcNMjQwNjI0MDcwMDUyWhcNMjQwNjI1MDcwMDUyWjAzMTEwLwYDVQQD
EygzMmI3ZTkxMGJhZTRmMDc5ZTIxMTdiZTRlM2Q4N2U2MjI0YzY1ODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZoG6Qg5C+GweA9vihdpJKNEjV2l
ChZyOtyMbqy4fCtnzWwBZ9KT2hDjUhQ9XCxoBX8F4iSiH+2hDJaefFxu/msiPeXM
5nyHTyVKiP0r/xBjtOWW4k0jJSBGy9hEOVK5n5qupv3t/uMeEpZFyE2T4D0VhwrR
d3tIBBgIU1NMfwNaNuBMhZBmz3/iyWWgBAMHhMTZ3EAXmWB9M9TKFeZ6a/L1wNGF
iWsufHCPc+QW710zgTSEc6KrKNQADM9FnsDJU65t9w7jyHSgeCxYxp/jpFsBBrC1
LacNgCYeV8I8Z5PP+cpNWX6VbIj1WpDBXikf3ZCupEEB+C11I6yy8A7WnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDK36RC65PB54hF75OPYfmIkxlgwMB8GA1UdIwQY
MBaAFDqS9dk2dSuvLQ33EymUmc7PqfSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTIt
MTY5NmIyNDZjZDUwLzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTItMTY5NmIyNDZjZDUw
LzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaZRYvq60
Ls9ma8iBUsldcD9NqGZuCIkzEiXIRe5fOdJaCWPk0NNgnU7PLF+70AIsSXMK6ENJ
9/e2aFiClkPQIWrTYhVxlC+ShOe33iT3Q34t8qyuCRcI+UzS6RVgNIslm4SwZkog
aqBeFJZ4t7rQFJUYXfe9dp8MxjEJS511lswuMd7yob/dJxKn9Nzkl/9bNDDno7/4
Cifsh5X9v/w3Yi0wC4I7iMu9ahwio4ppnuIuPh+WMygew7GyrOI9+xlL8+p1xQyG
gPC9Lo/dOKAfZiXEg2hKRS/qxFuaqJRM8huK0afpc+KJPHfRDqj2VFDUa/CdZ3Yt
rfAH1ociPAIP1A==
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:14:39 2024 by rpki-client on console-ams.rpki-client.org