Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/ec5ce4-5893-4a0e-98c5-69be2acbed8e/1/xHqPXpSR9hvSgZJTgKlRz39AssY.mft
File:                     xHqPXpSR9hvSgZJTgKlRz39AssY.mft (raw, json)
Hash identifier:          KeBj96Pv53dxAaRO2Wp9NZ86C7lPF2buo+9S/ITNODM=
Subject key identifier:   2D:0F:C9:28:FB:5C:EB:94:F9:08:DD:8F:EE:73:7D:79:A0:17:CF:F7
Authority key identifier: C4:7A:8F:5E:94:91:F6:1B:D2:81:92:53:80:A9:51:CF:7F:40:B2:C6
Certificate issuer:       /CN=c47a8f5e9491f61bd281925380a951cf7f40b2c6
Certificate serial:       0190448CB7DB98276AF1CAABC7CF73DD0C76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xHqPXpSR9hvSgZJTgKlRz39AssY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/ec5ce4-5893-4a0e-98c5-69be2acbed8e/1/xHqPXpSR9hvSgZJTgKlRz39AssY.mft
Manifest number:          0AAE
Signing time:             Sun 23 Jun 2024 10:03:11 +0000
Manifest this update:     Sun 23 Jun 2024 10:03:11 +0000
Manifest next update:     Mon 24 Jun 2024 10:03:11 +0000
Files and hashes:         1: 4BhWYI7VFCD6IljkMyhMGsAo-PM.roa (hash: KnCPZNh1eHhwVsp8r50f8AtVDZJCQfpipSMt2LPyWSo=)
                          2: xHqPXpSR9hvSgZJTgKlRz39AssY.crl (hash: 024kXueEEWn4CHpimIYEUdMCUTTgKXBOdlxUoDXqjN8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/ec5ce4-5893-4a0e-98c5-69be2acbed8e/1/xHqPXpSR9hvSgZJTgKlRz39AssY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/ec5ce4-5893-4a0e-98c5-69be2acbed8e/1/xHqPXpSR9hvSgZJTgKlRz39AssY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xHqPXpSR9hvSgZJTgKlRz39AssY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 10:03:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:44:8c:b7:db:98:27:6a:f1:ca:ab:c7:cf:73:dd:0c:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c47a8f5e9491f61bd281925380a951cf7f40b2c6
        Validity
            Not Before: Jun 23 10:03:11 2024 GMT
            Not After : Jun 24 10:03:11 2024 GMT
        Subject: CN=2d0fc928fb5ceb94f908dd8fee737d79a017cff7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:17:e1:aa:78:f3:ff:00:1a:29:57:ed:46:47:
                    e3:b3:ae:86:60:45:c7:ba:57:2d:5c:b4:e9:49:7f:
                    b5:cd:67:46:87:c8:dc:f1:d1:00:16:d2:ae:94:ad:
                    5c:e9:4a:9d:32:bb:74:79:a1:7d:b4:a3:31:9c:b1:
                    ea:5e:9e:48:1f:35:8b:ff:86:43:02:fd:f2:e5:81:
                    88:c0:3f:dd:f1:86:bd:7b:8a:54:df:e2:b4:90:09:
                    c2:05:da:6e:65:7f:ef:d9:05:72:3e:97:14:61:a9:
                    52:79:ee:e0:93:1e:01:63:a0:d0:94:fb:a9:eb:3a:
                    7e:21:67:6e:26:21:48:0b:05:c8:a5:9d:60:9e:ff:
                    8d:c0:7f:8b:03:77:a6:90:ff:b7:2d:5e:a6:0e:76:
                    59:df:96:54:21:ae:53:2d:f9:26:55:fb:de:a0:48:
                    cd:0b:23:38:3c:1b:33:3a:38:ec:0f:95:fd:d3:6b:
                    ab:e0:2a:f8:28:dc:c8:9b:6f:19:9b:c0:6a:8b:ac:
                    ba:3a:57:8c:ee:23:06:78:d8:b2:07:47:43:2c:69:
                    b8:9c:da:29:60:3a:c8:fa:0b:ac:da:8a:c0:dd:8a:
                    01:ee:ff:6f:69:97:69:1d:26:89:e7:65:7b:53:18:
                    bf:6a:9d:e9:bb:94:51:14:65:37:3e:25:25:e9:aa:
                    21:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:0F:C9:28:FB:5C:EB:94:F9:08:DD:8F:EE:73:7D:79:A0:17:CF:F7
            X509v3 Authority Key Identifier:
                keyid:C4:7A:8F:5E:94:91:F6:1B:D2:81:92:53:80:A9:51:CF:7F:40:B2:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHqPXpSR9hvSgZJTgKlRz39AssY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ec5ce4-5893-4a0e-98c5-69be2acbed8e/1/xHqPXpSR9hvSgZJTgKlRz39AssY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ec5ce4-5893-4a0e-98c5-69be2acbed8e/1/xHqPXpSR9hvSgZJTgKlRz39AssY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:8b:57:01:d4:3b:b0:b3:9d:ef:de:53:ef:3d:b0:95:df:44:
         f3:75:ce:09:8e:d3:b0:d6:68:bf:69:5b:f7:cc:08:17:a4:be:
         50:0c:00:40:ce:96:5d:ab:ce:e1:bf:a3:3f:08:25:bf:d2:d7:
         9b:29:7c:55:3f:78:bd:59:fd:da:05:03:dc:14:cf:10:93:67:
         b4:9d:bd:73:66:a4:c8:5e:9c:cd:13:5f:ba:0b:88:36:20:f5:
         15:06:bd:94:c2:69:70:42:7f:97:a8:c6:12:f4:d8:8f:e4:8d:
         d8:d4:19:be:27:a8:4f:ca:35:e9:ed:8f:e5:e3:83:49:48:12:
         b6:a2:80:9d:65:2b:6f:f4:84:0e:b1:eb:fa:c8:17:b5:c9:0e:
         5d:95:7f:44:d7:5b:54:0b:51:20:9d:ff:5d:eb:8f:86:e8:a4:
         a0:51:bb:b0:65:d3:0f:ce:8a:0a:86:bc:b6:ab:4b:b4:8a:17:
         0e:0b:d6:3d:1b:f3:a8:1d:fe:f7:31:6a:47:e8:02:17:83:ff:
         29:d2:c9:9e:29:05:da:8b:e9:26:3b:5b:28:8a:21:df:10:e9:
         84:b8:24:80:00:2a:df:fd:a1:ba:ea:3b:01:60:63:15:03:0a:
         0e:a7:1b:8e:9d:61:e8:76:ee:ba:5a:17:90:99:6f:3f:b8:0b:
         45:eb:30:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBEjLfbmCdq8cqrx89z3Qx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0N2E4ZjVlOTQ5MWY2MWJkMjgxOTI1MzgwYTk1MWNmN2Y0
MGIyYzYwHhcNMjQwNjIzMTAwMzExWhcNMjQwNjI0MTAwMzExWjAzMTEwLwYDVQQD
EygyZDBmYzkyOGZiNWNlYjk0ZjkwOGRkOGZlZTczN2Q3OWEwMTdjZmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRfhqnjz/wAaKVftRkfjs66GYEXH
ulctXLTpSX+1zWdGh8jc8dEAFtKulK1c6UqdMrt0eaF9tKMxnLHqXp5IHzWL/4ZD
Av3y5YGIwD/d8Ya9e4pU3+K0kAnCBdpuZX/v2QVyPpcUYalSee7gkx4BY6DQlPup
6zp+IWduJiFICwXIpZ1gnv+NwH+LA3emkP+3LV6mDnZZ35ZUIa5TLfkmVfveoEjN
CyM4PBszOjjsD5X902ur4Cr4KNzIm28Zm8Bqi6y6OleM7iMGeNiyB0dDLGm4nNop
YDrI+gus2orA3YoB7v9vaZdpHSaJ52V7Uxi/ap3pu5RRFGU3PiUl6aohNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC0PySj7XOuU+Qjdj+5zfXmgF8/3MB8GA1UdIwQY
MBaAFMR6j16UkfYb0oGSU4CpUc9/QLLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEhxUFhwU1I5aHZTZ1pKVGdLbFJ6MzlBc3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9lYzVjZTQtNTg5My00YTBlLTk4YzUt
NjliZTJhY2JlZDhlLzEveEhxUFhwU1I5aHZTZ1pKVGdLbFJ6MzlBc3NZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9lYzVjZTQtNTg5My00YTBlLTk4YzUtNjliZTJhY2JlZDhl
LzEveEhxUFhwU1I5aHZTZ1pKVGdLbFJ6MzlBc3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKItXAdQ7
sLOd795T7z2wld9E83XOCY7TsNZov2lb98wIF6S+UAwAQM6WXavO4b+jPwglv9LX
myl8VT94vVn92gUD3BTPEJNntJ29c2akyF6czRNfuguINiD1FQa9lMJpcEJ/l6jG
EvTYj+SN2NQZvieoT8o16e2P5eODSUgStqKAnWUrb/SEDrHr+sgXtckOXZV/RNdb
VAtRIJ3/XeuPhuikoFG7sGXTD86KCoa8tqtLtIoXDgvWPRvzqB3+9zFqR+gCF4P/
KdLJnikF2ovpJjtbKIoh3xDphLgkgAAq3/2huuo7AWBjFQMKDqcbjp1h6HbuuloX
kJlvP7gLReswHQ==
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:50:33 2024 by rpki-client on console-ams.rpki-client.org