Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/kNPlNxtkq5QtbcugSt_yrnq3xxI.mft
File:                     kNPlNxtkq5QtbcugSt_yrnq3xxI.mft (raw, json)
Hash identifier:          QKPxi9IufwRtZMXPG65aLOCf8+1KMs6JN3nygXSGoIU=
Subject key identifier:   D2:AA:E2:8C:3F:64:7E:05:45:DC:53:04:4E:8F:07:40:82:A3:BD:55
Authority key identifier: 90:D3:E5:37:1B:64:AB:94:2D:6D:CB:A0:4A:DF:F2:AE:7A:B7:C7:12
Certificate issuer:       /CN=90d3e5371b64ab942d6dcba04adff2ae7ab7c712
Certificate serial:       019040AEC46546CB0BC7B018A0AC040EBB58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kNPlNxtkq5QtbcugSt_yrnq3xxI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/kNPlNxtkq5QtbcugSt_yrnq3xxI.mft
Manifest number:          11D6
Signing time:             Sat 22 Jun 2024 16:01:53 +0000
Manifest this update:     Sat 22 Jun 2024 16:01:53 +0000
Manifest next update:     Sun 23 Jun 2024 16:01:53 +0000
Files and hashes:         1: kNPlNxtkq5QtbcugSt_yrnq3xxI.crl (hash: Z1sSjHErktCy0hCLZJzHcBBYZrHJAqm+8H8xqQUWbQA=)
                          2: qAjfZNCoJ-vtgY1BdrteWBQJWcY.roa (hash: vZNqVy6I29QNE9cWvI73cZETZ2uE/okVEg0T5UcnkMo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/kNPlNxtkq5QtbcugSt_yrnq3xxI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/kNPlNxtkq5QtbcugSt_yrnq3xxI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kNPlNxtkq5QtbcugSt_yrnq3xxI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 23 Jun 2024 16:01:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:40:ae:c4:65:46:cb:0b:c7:b0:18:a0:ac:04:0e:bb:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90d3e5371b64ab942d6dcba04adff2ae7ab7c712
        Validity
            Not Before: Jun 22 16:01:53 2024 GMT
            Not After : Jun 23 16:01:53 2024 GMT
        Subject: CN=d2aae28c3f647e0545dc53044e8f074082a3bd55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c6:64:58:2d:8b:15:1d:c5:fc:31:b9:c9:05:
                    12:8f:0e:c6:d8:bd:7c:b4:84:8d:1f:69:c3:ff:59:
                    4c:21:f6:83:99:53:51:3b:e8:c0:e3:0e:64:d1:2e:
                    8a:4d:d3:c5:b5:06:33:5e:fa:09:bb:12:d1:1c:dd:
                    7c:cb:c5:f4:59:bb:84:a8:82:cc:03:73:bd:f2:3e:
                    ba:e9:3f:f0:fe:36:3b:37:bb:3e:6e:74:00:f6:e1:
                    4e:b7:05:95:f2:ab:5c:f8:1f:61:b3:ef:7c:87:60:
                    f8:ee:a4:fc:ac:c8:49:33:37:5b:7c:78:d2:47:b8:
                    d5:22:39:68:35:7c:d5:f4:5b:eb:8e:5e:f7:89:48:
                    ac:0a:59:d5:23:76:73:54:01:a8:bf:04:d6:af:c3:
                    88:8d:56:46:a3:26:65:17:cc:67:e3:dc:e3:1f:f3:
                    27:0c:eb:9c:b3:63:46:56:a3:8a:41:08:27:d7:df:
                    1b:d9:95:47:4e:71:49:4a:cc:8f:35:cc:04:ee:5c:
                    a2:49:c2:69:62:30:09:9b:0b:39:5d:59:75:25:a0:
                    7b:49:a4:df:06:a3:5c:23:46:47:35:10:9d:0b:b6:
                    a0:5b:62:89:73:c8:24:24:6c:2a:33:b7:71:13:52:
                    07:1b:e5:41:4f:24:d9:92:53:4a:99:16:b0:f6:bf:
                    0c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:AA:E2:8C:3F:64:7E:05:45:DC:53:04:4E:8F:07:40:82:A3:BD:55
            X509v3 Authority Key Identifier:
                keyid:90:D3:E5:37:1B:64:AB:94:2D:6D:CB:A0:4A:DF:F2:AE:7A:B7:C7:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNPlNxtkq5QtbcugSt_yrnq3xxI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/kNPlNxtkq5QtbcugSt_yrnq3xxI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/kNPlNxtkq5QtbcugSt_yrnq3xxI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:be:7c:80:f0:55:d9:77:f3:3c:ef:a7:5e:57:7a:0b:7a:7a:
         d5:c4:af:6a:ca:5a:e7:95:76:49:e0:f5:8e:fa:05:73:fe:ce:
         8f:d6:5e:6a:07:00:f2:b0:9d:9e:82:29:48:4c:7c:dc:68:f9:
         16:63:1c:e2:de:6e:39:11:01:f8:6b:a4:98:55:fe:ca:d3:e2:
         6e:fa:74:25:d5:8b:f6:20:ce:06:9d:59:44:d7:ec:9a:16:fc:
         4a:b1:58:0d:25:db:07:2d:4f:3f:e6:da:26:8c:e6:e6:9d:c2:
         39:14:c4:3f:4d:ed:b2:f8:b3:cb:4a:47:0a:5f:15:a0:30:ac:
         34:64:41:a5:11:26:92:2f:cd:d8:f2:70:bf:30:42:2a:5b:5e:
         9a:ef:09:7c:63:09:a0:47:ad:5f:2e:13:38:25:45:39:72:8f:
         20:16:b4:25:61:20:c4:ef:d3:84:8b:08:1c:6f:91:c6:12:7c:
         c7:76:e3:f5:29:82:f3:07:af:8a:de:01:44:fd:ae:cb:e2:ce:
         d7:15:aa:65:42:3d:18:a8:6a:3b:7a:06:6a:b1:16:61:20:a7:
         bc:35:4c:3f:93:96:8f:53:cf:07:24:1d:fe:04:11:96:b9:11:
         0c:17:89:0e:40:88:5f:bb:89:5a:9a:d1:eb:9b:5d:a5:43:49:
         d8:6e:b2:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBArsRlRssLx7AYoKwEDrtYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDNlNTM3MWI2NGFiOTQyZDZkY2JhMDRhZGZmMmFlN2Fi
N2M3MTIwHhcNMjQwNjIyMTYwMTUzWhcNMjQwNjIzMTYwMTUzWjAzMTEwLwYDVQQD
EyhkMmFhZTI4YzNmNjQ3ZTA1NDVkYzUzMDQ0ZThmMDc0MDgyYTNiZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcZkWC2LFR3F/DG5yQUSjw7G2L18
tISNH2nD/1lMIfaDmVNRO+jA4w5k0S6KTdPFtQYzXvoJuxLRHN18y8X0WbuEqILM
A3O98j666T/w/jY7N7s+bnQA9uFOtwWV8qtc+B9hs+98h2D47qT8rMhJMzdbfHjS
R7jVIjloNXzV9Fvrjl73iUisClnVI3ZzVAGovwTWr8OIjVZGoyZlF8xn49zjH/Mn
DOucs2NGVqOKQQgn198b2ZVHTnFJSsyPNcwE7lyiScJpYjAJmws5XVl1JaB7SaTf
BqNcI0ZHNRCdC7agW2KJc8gkJGwqM7dxE1IHG+VBTyTZklNKmRaw9r8MCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNKq4ow/ZH4FRdxTBE6PB0CCo71VMB8GA1UdIwQY
MBaAFJDT5TcbZKuULW3LoErf8q56t8cSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05QbE54dGtxNVF0YmN1Z1N0X3lybnEzeHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jMTM5YTQtNmRhMi00MzI5LWFhZTIt
YTE3ODgyYjkyNmEwLzEva05QbE54dGtxNVF0YmN1Z1N0X3lybnEzeHhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jMTM5YTQtNmRhMi00MzI5LWFhZTItYTE3ODgyYjkyNmEw
LzEva05QbE54dGtxNVF0YmN1Z1N0X3lybnEzeHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALr58gPBV
2XfzPO+nXld6C3p61cSvaspa55V2SeD1jvoFc/7Oj9ZeagcA8rCdnoIpSEx83Gj5
FmMc4t5uOREB+GukmFX+ytPibvp0JdWL9iDOBp1ZRNfsmhb8SrFYDSXbBy1PP+ba
Jozm5p3CORTEP03tsvizy0pHCl8VoDCsNGRBpREmki/N2PJwvzBCKltemu8JfGMJ
oEetXy4TOCVFOXKPIBa0JWEgxO/ThIsIHG+RxhJ8x3bj9SmC8wevit4BRP2uy+LO
1xWqZUI9GKhqO3oGarEWYSCnvDVMP5OWj1PPByQd/gQRlrkRDBeJDkCIX7uJWprR
65tdpUNJ2G6yxA==
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:30:17 2024 by rpki-client on console-ams.rpki-client.org