Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.mft
File:                     vflgsO5rxdD2oMZKafL4Yln9zVg.mft (raw, json)
Hash identifier:          va5r1r7Mcgei4USmCVVwT5L0Y4mT5QPRxeUYjOHq/a4=
Subject key identifier:   25:8C:99:C0:A7:23:A8:BA:A0:5C:05:B7:42:F2:F4:19:5C:23:20:F2
Authority key identifier: BD:F9:60:B0:EE:6B:C5:D0:F6:A0:C6:4A:69:F2:F8:62:59:FD:CD:58
Certificate issuer:       /CN=bdf960b0ee6bc5d0f6a0c64a69f2f86259fdcd58
Certificate serial:       019048D54A28A66E4D24B83CBCECA1B7B75A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vflgsO5rxdD2oMZKafL4Yln9zVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.mft
Manifest number:          10B4
Signing time:             Mon 24 Jun 2024 06:00:56 +0000
Manifest this update:     Mon 24 Jun 2024 06:00:56 +0000
Manifest next update:     Tue 25 Jun 2024 06:00:56 +0000
Files and hashes:         1: oohi7G0i0sl4jQpOW68uQvSyQZ0.roa (hash: ZYFQMZTVFLYbMFU4PuByl5h1/9E9Ex1Y13v0IiHn0D8=)
                          2: vflgsO5rxdD2oMZKafL4Yln9zVg.crl (hash: KlxJ6b4bPacetoIj9OsQHWtpi4BuViH5Ld0twulG/78=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vflgsO5rxdD2oMZKafL4Yln9zVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 06:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:48:d5:4a:28:a6:6e:4d:24:b8:3c:bc:ec:a1:b7:b7:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdf960b0ee6bc5d0f6a0c64a69f2f86259fdcd58
        Validity
            Not Before: Jun 24 06:00:56 2024 GMT
            Not After : Jun 25 06:00:56 2024 GMT
        Subject: CN=258c99c0a723a8baa05c05b742f2f4195c2320f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:13:1f:98:09:66:81:09:d9:cb:ea:02:c6:78:
                    f4:de:dc:eb:96:1e:4a:b8:30:d6:f9:cf:9b:84:06:
                    4c:7a:5a:6a:df:e6:16:b8:77:a3:0a:6c:a3:8e:14:
                    59:cd:56:c5:75:f1:b9:bc:eb:f1:81:1b:a2:ab:73:
                    35:2b:0c:e8:26:3c:b9:7a:b0:ab:87:9a:77:26:69:
                    77:65:56:f3:8e:51:7c:9c:cf:61:2b:bd:d5:b4:be:
                    b9:73:bd:9e:77:48:93:30:40:f5:eb:ef:ab:ff:9e:
                    c8:99:d0:8d:f2:56:64:28:dc:de:37:3c:83:11:1c:
                    61:69:f5:61:bf:07:7b:2e:78:d5:22:5f:f2:56:f2:
                    97:9a:84:de:af:a3:84:2c:dc:07:c0:b4:11:f2:d3:
                    b7:5c:22:f9:c5:ad:7d:6a:6e:35:73:1b:a0:da:cf:
                    ab:62:f4:b4:5a:e2:ae:c1:40:8a:aa:00:92:ac:5f:
                    71:76:0f:8e:23:48:cd:19:b0:06:c4:fe:a2:0e:3f:
                    6c:1e:1a:72:42:50:a2:e0:e8:61:25:15:75:62:33:
                    02:78:7b:ce:f5:92:d0:21:3e:54:7c:71:fa:cb:42:
                    c0:15:cc:26:5f:a8:ed:0c:9c:a9:8c:23:15:85:a6:
                    15:8b:04:7c:a4:9f:80:5a:58:23:db:25:e9:1e:9b:
                    ad:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:8C:99:C0:A7:23:A8:BA:A0:5C:05:B7:42:F2:F4:19:5C:23:20:F2
            X509v3 Authority Key Identifier:
                keyid:BD:F9:60:B0:EE:6B:C5:D0:F6:A0:C6:4A:69:F2:F8:62:59:FD:CD:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vflgsO5rxdD2oMZKafL4Yln9zVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:71:e3:e2:ab:9d:43:53:f2:66:f2:97:c3:b8:71:9c:d9:5a:
         43:38:51:db:06:cf:58:67:be:4d:cd:62:13:1a:9b:1f:b7:72:
         59:c5:a3:ab:3e:61:e8:a6:b1:82:50:02:1c:86:76:74:f6:21:
         59:fb:3e:67:a2:48:c7:0c:93:63:8e:61:be:2e:b1:48:ad:84:
         63:11:2c:38:e5:33:51:8d:dc:42:c2:65:42:63:b2:38:72:dd:
         5b:72:47:6a:c1:76:54:0d:93:e0:34:69:75:a1:01:88:3f:d6:
         5a:f7:43:f2:72:56:f3:54:cd:f3:4f:0c:1a:7c:6b:0b:07:91:
         89:4e:b1:6e:c6:28:f3:df:04:80:32:13:81:19:36:f7:0b:e2:
         d0:4a:05:e4:0e:cd:ac:d0:9b:af:c0:7f:9d:9c:31:aa:97:de:
         9f:c6:0f:ec:de:d4:fe:a2:60:07:05:0e:7b:da:f3:07:2b:d7:
         96:90:60:e2:5f:05:b6:15:56:e9:c8:f6:bc:02:22:f4:da:fe:
         49:d8:8f:63:b8:a5:3e:28:fd:55:9c:f1:e3:c2:58:74:e5:a2:
         b3:23:02:3c:f2:28:6f:21:8c:70:5d:d8:ec:70:5b:06:2d:90:
         6f:ac:e4:01:01:85:b0:89:25:3f:cd:b5:99:f1:8e:5f:72:7f:
         cc:90:29:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBI1Uoopm5NJLg8vOyht7daMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZjk2MGIwZWU2YmM1ZDBmNmEwYzY0YTY5ZjJmODYyNTlm
ZGNkNTgwHhcNMjQwNjI0MDYwMDU2WhcNMjQwNjI1MDYwMDU2WjAzMTEwLwYDVQQD
EygyNThjOTljMGE3MjNhOGJhYTA1YzA1Yjc0MmYyZjQxOTVjMjMyMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxMfmAlmgQnZy+oCxnj03tzrlh5K
uDDW+c+bhAZMelpq3+YWuHejCmyjjhRZzVbFdfG5vOvxgRuiq3M1KwzoJjy5erCr
h5p3Jml3ZVbzjlF8nM9hK73VtL65c72ed0iTMED16++r/57ImdCN8lZkKNzeNzyD
ERxhafVhvwd7LnjVIl/yVvKXmoTer6OELNwHwLQR8tO3XCL5xa19am41cxug2s+r
YvS0WuKuwUCKqgCSrF9xdg+OI0jNGbAGxP6iDj9sHhpyQlCi4OhhJRV1YjMCeHvO
9ZLQIT5UfHH6y0LAFcwmX6jtDJypjCMVhaYViwR8pJ+AWlgj2yXpHputwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCWMmcCnI6i6oFwFt0Ly9BlcIyDyMB8GA1UdIwQY
MBaAFL35YLDua8XQ9qDGSmny+GJZ/c1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZsZ3NPNXJ4ZEQyb01aS2FmTDRZbG45elZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMzY4NGEtMTJjMi00MjNhLWJkM2Et
M2RkZmZkZWI5MjA3LzEvdmZsZ3NPNXJ4ZEQyb01aS2FmTDRZbG45elZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMzY4NGEtMTJjMi00MjNhLWJkM2EtM2RkZmZkZWI5MjA3
LzEvdmZsZ3NPNXJ4ZEQyb01aS2FmTDRZbG45elZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANXHj4qud
Q1PyZvKXw7hxnNlaQzhR2wbPWGe+Tc1iExqbH7dyWcWjqz5h6KaxglACHIZ2dPYh
Wfs+Z6JIxwyTY45hvi6xSK2EYxEsOOUzUY3cQsJlQmOyOHLdW3JHasF2VA2T4DRp
daEBiD/WWvdD8nJW81TN808MGnxrCweRiU6xbsYo898EgDITgRk29wvi0EoF5A7N
rNCbr8B/nZwxqpfen8YP7N7U/qJgBwUOe9rzByvXlpBg4l8FthVW6cj2vAIi9Nr+
SdiPY7ilPij9VZzx48JYdOWisyMCPPIobyGMcF3Y7HBbBi2Qb6zkAQGFsIklP821
mfGOX3J/zJAplg==
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:18:20 2024 by rpki-client on console-ams.rpki-client.org