Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
File:                     9kixVYLTS9UXCp3RO4EyW6uuXjo.mft (raw, json)
Hash identifier:          NS5x++VoU0hdKHBRaWw4g9Vb0l5RLA5ZLl4qE9uMTVI=
Subject key identifier:   1F:40:E5:55:1D:1F:46:89:29:FF:C4:80:3D:04:A1:1B:95:35:4D:C5
Authority key identifier: F6:48:B1:55:82:D3:4B:D5:17:0A:9D:D1:3B:81:32:5B:AB:AE:5E:3A
Certificate issuer:       /CN=f648b15582d34bd5170a9dd13b81325babae5e3a
Certificate serial:       01901D4647E5C1FB9EEA563D76838F772314
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
Manifest number:          11C5
Signing time:             Sat 15 Jun 2024 19:01:03 +0000
Manifest this update:     Sat 15 Jun 2024 19:01:03 +0000
Manifest next update:     Sun 16 Jun 2024 19:01:03 +0000
Files and hashes:         1: 9kixVYLTS9UXCp3RO4EyW6uuXjo.crl (hash: 06WU4fzqX11jowryRAwBJMC7FtvC71uFgkMLfV/e12o=)
                          2: ptBNIMLNqAlCqzDfFjBsH3iCrog.roa (hash: 4ruDzpAEWBEx5du+fJI3d8Mdnthq4YE0usrSZf5XXfk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:46:47:e5:c1:fb:9e:ea:56:3d:76:83:8f:77:23:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f648b15582d34bd5170a9dd13b81325babae5e3a
        Validity
            Not Before: Jun 15 19:01:03 2024 GMT
            Not After : Jun 16 19:01:03 2024 GMT
        Subject: CN=1f40e5551d1f468929ffc4803d04a11b95354dc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:3b:b0:99:1f:33:68:f5:46:7a:c5:de:8f:aa:
                    92:86:1f:1b:6f:51:c7:6b:44:84:15:d5:2c:79:4d:
                    1e:ae:67:61:9a:33:64:6e:d9:64:90:8e:66:b2:58:
                    88:76:2c:61:c2:b9:f8:7c:cc:c0:77:47:24:16:5c:
                    4a:1c:34:ce:ee:d1:73:23:2d:dc:16:11:dc:55:e1:
                    03:07:55:ce:1d:0b:6e:d7:13:e5:61:be:24:4a:10:
                    9d:36:a6:d6:a4:0a:6b:4e:b4:78:79:47:1f:4d:54:
                    12:93:9a:4c:02:12:72:84:a9:da:6a:81:08:99:7a:
                    83:3e:43:6d:08:d4:9c:0f:25:99:05:a9:c3:a0:1f:
                    bb:85:53:c9:20:47:31:0d:74:25:7e:b3:aa:96:25:
                    93:5c:6e:79:6c:77:73:bb:3d:c4:c7:20:de:0b:e7:
                    db:d3:10:32:29:a8:83:d6:fd:2c:36:c1:1c:6c:29:
                    2b:45:e3:9a:0b:c1:ae:01:ed:ac:08:48:d2:c8:c1:
                    02:db:67:59:a4:19:7a:32:75:af:e2:6d:5f:aa:88:
                    f4:20:00:95:e1:4a:59:f2:e1:39:0e:84:88:8b:13:
                    26:48:e5:a7:bf:0d:c3:3d:38:77:48:60:95:e8:77:
                    3b:97:a6:50:9b:84:68:9d:e4:5f:33:fd:34:e1:4d:
                    21:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:40:E5:55:1D:1F:46:89:29:FF:C4:80:3D:04:A1:1B:95:35:4D:C5
            X509v3 Authority Key Identifier:
                keyid:F6:48:B1:55:82:D3:4B:D5:17:0A:9D:D1:3B:81:32:5B:AB:AE:5E:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:d7:41:e3:55:a3:e8:ea:7a:68:7a:bb:25:1a:61:f1:c2:43:
         18:99:5f:c3:8e:14:5c:3f:37:86:ba:af:3a:ae:9e:25:2e:a4:
         7b:c5:ae:b9:94:f2:23:d7:1a:50:d6:ee:94:61:2f:c4:09:e4:
         01:66:55:10:98:d6:54:11:c5:29:ed:76:2e:11:21:f1:e3:6f:
         9f:77:1b:0c:01:b3:4c:9d:99:6a:ae:ab:c8:d7:4b:28:93:d3:
         35:2d:64:73:b5:8e:5b:2e:48:ec:f9:11:e8:8e:08:ad:db:c5:
         b9:ff:20:51:22:3d:ea:fd:ff:4c:79:ec:ac:9f:31:ad:dd:1a:
         dc:a3:76:d6:1c:b1:a1:34:b8:e8:2a:11:6d:2a:50:69:29:27:
         11:f6:a9:0f:3d:fc:12:e6:d2:af:f4:95:86:3a:d1:eb:d5:be:
         9c:f2:01:ba:83:31:a0:dc:a2:7e:72:7b:b3:fa:fc:dc:54:ed:
         53:5f:17:11:46:30:5e:a0:15:fb:23:f3:bb:43:63:65:3d:a3:
         6b:b5:a4:92:27:a2:7a:36:63:13:13:7f:d8:44:b8:a7:c1:af:
         12:c5:2f:30:59:46:2d:b8:2a:f1:73:fe:ac:c0:36:80:c8:b5:
         76:91:cd:7a:d1:ee:d6:53:1b:c0:ef:c4:b1:2f:17:bd:8b:e0:
         65:0a:44:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAdRkflwfue6lY9doOPdyMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NDhiMTU1ODJkMzRiZDUxNzBhOWRkMTNiODEzMjViYWJh
ZTVlM2EwHhcNMjQwNjE1MTkwMTAzWhcNMjQwNjE2MTkwMTAzWjAzMTEwLwYDVQQD
EygxZjQwZTU1NTFkMWY0Njg5MjlmZmM0ODAzZDA0YTExYjk1MzU0ZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zuwmR8zaPVGesXej6qShh8bb1HH
a0SEFdUseU0ermdhmjNkbtlkkI5msliIdixhwrn4fMzAd0ckFlxKHDTO7tFzIy3c
FhHcVeEDB1XOHQtu1xPlYb4kShCdNqbWpAprTrR4eUcfTVQSk5pMAhJyhKnaaoEI
mXqDPkNtCNScDyWZBanDoB+7hVPJIEcxDXQlfrOqliWTXG55bHdzuz3ExyDeC+fb
0xAyKaiD1v0sNsEcbCkrReOaC8GuAe2sCEjSyMEC22dZpBl6MnWv4m1fqoj0IACV
4UpZ8uE5DoSIixMmSOWnvw3DPTh3SGCV6Hc7l6ZQm4RoneRfM/004U0hIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB9A5VUdH0aJKf/EgD0EoRuVNU3FMB8GA1UdIwQY
MBaAFPZIsVWC00vVFwqd0TuBMlurrl46MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kOGY2NzItNTM5Zi00MDFkLTlkYzct
NjI3OTliOTAyMzFiLzEvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kOGY2NzItNTM5Zi00MDFkLTlkYzctNjI3OTliOTAyMzFi
LzEvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM9dB41Wj
6Op6aHq7JRph8cJDGJlfw44UXD83hrqvOq6eJS6ke8WuuZTyI9caUNbulGEvxAnk
AWZVEJjWVBHFKe12LhEh8eNvn3cbDAGzTJ2Zaq6ryNdLKJPTNS1kc7WOWy5I7PkR
6I4IrdvFuf8gUSI96v3/THnsrJ8xrd0a3KN21hyxoTS46CoRbSpQaSknEfapDz38
EubSr/SVhjrR69W+nPIBuoMxoNyifnJ7s/r83FTtU18XEUYwXqAV+yPzu0NjZT2j
a7WkkieiejZjExN/2ES4p8GvEsUvMFlGLbgq8XP+rMA2gMi1dpHNetHu1lMbwO/E
sS8XvYvgZQpEsw==
-----END CERTIFICATE-----
Generated at Sat Jun 15 21:13:45 2024 by rpki-client on console-ams.rpki-client.org