Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/ec5ce4-5893-4a0e-98c5-69be2acbed8e/1/xHqPXpSR9hvSgZJTgKlRz39AssY.mft
File:                     xHqPXpSR9hvSgZJTgKlRz39AssY.mft (raw, json)
Hash identifier:          pHaETZ7rd+rKjn9nVNympdu/OSTnzV58Rhtcec/iBC8=
Subject key identifier:   20:34:0A:14:75:9F:F9:06:EF:49:30:D3:D0:5B:3B:29:AF:C4:B0:F7
Authority key identifier: C4:7A:8F:5E:94:91:F6:1B:D2:81:92:53:80:A9:51:CF:7F:40:B2:C6
Certificate issuer:       /CN=c47a8f5e9491f61bd281925380a951cf7f40b2c6
Certificate serial:       01901DEC01F1AE1A510E83C8337CA1DE0E28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xHqPXpSR9hvSgZJTgKlRz39AssY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/ec5ce4-5893-4a0e-98c5-69be2acbed8e/1/xHqPXpSR9hvSgZJTgKlRz39AssY.mft
Manifest number:          0A9A
Signing time:             Sat 15 Jun 2024 22:02:04 +0000
Manifest this update:     Sat 15 Jun 2024 22:02:04 +0000
Manifest next update:     Sun 16 Jun 2024 22:02:04 +0000
Files and hashes:         1: 4BhWYI7VFCD6IljkMyhMGsAo-PM.roa (hash: KnCPZNh1eHhwVsp8r50f8AtVDZJCQfpipSMt2LPyWSo=)
                          2: xHqPXpSR9hvSgZJTgKlRz39AssY.crl (hash: Q+oiDVLs+imih11rKMOQycxONNmHO9YPLnWPNcnbnHE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/ec5ce4-5893-4a0e-98c5-69be2acbed8e/1/xHqPXpSR9hvSgZJTgKlRz39AssY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/ec5ce4-5893-4a0e-98c5-69be2acbed8e/1/xHqPXpSR9hvSgZJTgKlRz39AssY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xHqPXpSR9hvSgZJTgKlRz39AssY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ec:01:f1:ae:1a:51:0e:83:c8:33:7c:a1:de:0e:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c47a8f5e9491f61bd281925380a951cf7f40b2c6
        Validity
            Not Before: Jun 15 22:02:04 2024 GMT
            Not After : Jun 16 22:02:04 2024 GMT
        Subject: CN=20340a14759ff906ef4930d3d05b3b29afc4b0f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:7e:16:8a:ae:95:73:96:41:fd:ba:63:e3:3e:
                    20:9c:4c:b0:f4:bd:fb:3f:f2:3e:b1:61:4b:98:b1:
                    cb:56:e6:3f:0e:83:60:9f:8b:f9:3e:26:23:37:8f:
                    93:f0:66:e5:35:72:38:d8:58:6f:97:92:76:d9:41:
                    e3:21:a2:7c:6c:92:15:1f:cf:a3:7e:e3:2d:68:87:
                    06:27:6e:2e:1c:69:4b:14:c6:f5:85:4c:a9:b7:ae:
                    19:25:4b:13:61:93:41:f7:ae:67:69:49:2f:46:b3:
                    ae:a0:56:73:97:38:e7:38:68:78:d5:31:e1:96:84:
                    e4:ee:87:c3:76:39:05:b0:73:e2:1d:59:6b:67:e5:
                    8d:8a:da:d3:d6:d1:d3:9f:47:44:90:50:5c:9a:c0:
                    87:2c:2c:55:44:50:43:b7:47:a0:48:9f:7a:9f:1c:
                    53:47:9b:bf:07:15:82:72:23:92:6d:de:82:14:ea:
                    a5:5c:79:f2:bf:08:97:7f:3d:9f:90:c7:fc:f6:33:
                    72:50:6e:61:cf:79:86:9f:09:e6:1c:28:b2:d4:77:
                    e9:6d:03:66:24:cb:25:d2:40:4d:00:bc:af:20:0c:
                    44:51:00:ea:15:be:d5:e4:c3:18:85:41:52:d6:b5:
                    09:a7:1d:b3:c0:df:08:b5:65:78:82:ed:eb:bd:eb:
                    3e:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:34:0A:14:75:9F:F9:06:EF:49:30:D3:D0:5B:3B:29:AF:C4:B0:F7
            X509v3 Authority Key Identifier:
                keyid:C4:7A:8F:5E:94:91:F6:1B:D2:81:92:53:80:A9:51:CF:7F:40:B2:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHqPXpSR9hvSgZJTgKlRz39AssY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ec5ce4-5893-4a0e-98c5-69be2acbed8e/1/xHqPXpSR9hvSgZJTgKlRz39AssY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ec5ce4-5893-4a0e-98c5-69be2acbed8e/1/xHqPXpSR9hvSgZJTgKlRz39AssY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:3f:09:f1:da:75:cb:af:37:0d:c4:08:53:cd:18:2a:27:26:
         d4:09:ae:a7:ed:fc:42:c0:3f:5f:a4:0e:be:51:72:4d:c8:3f:
         11:b9:ac:28:59:49:50:9f:b3:96:79:7c:ca:ad:4a:64:7b:bf:
         2f:ce:f1:75:20:d8:a1:bf:be:ae:7a:ca:91:ea:1f:26:84:50:
         d4:62:d3:9f:f6:9b:13:da:42:32:ad:60:26:08:c4:19:11:7a:
         a6:ed:17:dc:c0:06:28:dc:fa:42:ef:60:f0:f8:c2:5a:1e:84:
         19:2d:56:59:08:5a:b7:51:3c:ca:ce:1b:93:d4:77:44:74:41:
         ff:25:cf:62:8e:be:49:57:e0:35:6d:17:bf:f6:77:52:2d:db:
         01:5f:14:84:23:1c:65:a2:b3:ab:de:62:7c:ae:60:0a:68:c1:
         be:0d:57:e8:1e:ed:2d:d1:80:1f:2b:c5:47:c1:7c:03:ff:cc:
         a8:d9:c2:52:e0:d8:fc:0e:18:2a:11:70:6d:8b:8c:cc:63:79:
         2f:8f:c5:ac:4b:9c:e2:eb:9b:4c:fa:81:84:c8:9c:c1:99:7b:
         32:26:d5:25:c3:da:dc:b3:b5:17:ba:5c:51:69:8b:15:7c:20:
         56:47:17:fc:89:4d:11:29:04:30:92:a8:fd:91:16:63:4c:f2:
         3f:50:58:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd7AHxrhpRDoPIM3yh3g4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0N2E4ZjVlOTQ5MWY2MWJkMjgxOTI1MzgwYTk1MWNmN2Y0
MGIyYzYwHhcNMjQwNjE1MjIwMjA0WhcNMjQwNjE2MjIwMjA0WjAzMTEwLwYDVQQD
EygyMDM0MGExNDc1OWZmOTA2ZWY0OTMwZDNkMDViM2IyOWFmYzRiMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH4Wiq6Vc5ZB/bpj4z4gnEyw9L37
P/I+sWFLmLHLVuY/DoNgn4v5PiYjN4+T8GblNXI42Fhvl5J22UHjIaJ8bJIVH8+j
fuMtaIcGJ24uHGlLFMb1hUypt64ZJUsTYZNB965naUkvRrOuoFZzlzjnOGh41THh
loTk7ofDdjkFsHPiHVlrZ+WNitrT1tHTn0dEkFBcmsCHLCxVRFBDt0egSJ96nxxT
R5u/BxWCciOSbd6CFOqlXHnyvwiXfz2fkMf89jNyUG5hz3mGnwnmHCiy1HfpbQNm
JMsl0kBNALyvIAxEUQDqFb7V5MMYhUFS1rUJpx2zwN8ItWV4gu3rves+hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCA0ChR1n/kG70kw09BbOymvxLD3MB8GA1UdIwQY
MBaAFMR6j16UkfYb0oGSU4CpUc9/QLLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEhxUFhwU1I5aHZTZ1pKVGdLbFJ6MzlBc3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9lYzVjZTQtNTg5My00YTBlLTk4YzUt
NjliZTJhY2JlZDhlLzEveEhxUFhwU1I5aHZTZ1pKVGdLbFJ6MzlBc3NZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9lYzVjZTQtNTg5My00YTBlLTk4YzUtNjliZTJhY2JlZDhl
LzEveEhxUFhwU1I5aHZTZ1pKVGdLbFJ6MzlBc3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACj8J8dp1
y683DcQIU80YKicm1Amup+38QsA/X6QOvlFyTcg/EbmsKFlJUJ+zlnl8yq1KZHu/
L87xdSDYob++rnrKkeofJoRQ1GLTn/abE9pCMq1gJgjEGRF6pu0X3MAGKNz6Qu9g
8PjCWh6EGS1WWQhat1E8ys4bk9R3RHRB/yXPYo6+SVfgNW0Xv/Z3Ui3bAV8UhCMc
ZaKzq95ifK5gCmjBvg1X6B7tLdGAHyvFR8F8A//MqNnCUuDY/A4YKhFwbYuMzGN5
L4/FrEuc4uubTPqBhMicwZl7MibVJcPa3LO1F7pcUWmLFXwgVkcX/IlNESkEMJKo
/ZEWY0zyP1BYWw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:04:53 2024 by rpki-client on console-fra.rpki-client.org