Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
File:                     2pa1va-ygzLa_oR87RT3pfrUXmk.mft (raw, json)
Hash identifier:          x+7AprZw/avA5wUJhe7+X8HxndwHAwU4yEpYxhA8gso=
Subject key identifier:   38:8E:45:FF:67:A4:E1:39:CE:D1:77:CE:A1:02:2F:40:32:95:63:81
Authority key identifier: DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69
Certificate issuer:       /CN=da96b5bdafb28332dafe847ced14f7a5fad45e69
Certificate serial:       0190494373ACF52D217C1FE376C74AE4E0BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
Manifest number:          11DB
Signing time:             Mon 24 Jun 2024 08:01:15 +0000
Manifest this update:     Mon 24 Jun 2024 08:01:15 +0000
Manifest next update:     Tue 25 Jun 2024 08:01:15 +0000
Files and hashes:         1: 2pa1va-ygzLa_oR87RT3pfrUXmk.crl (hash: kvO51iyfhegWLlE5LcVDWWVOKJA3uMRCukOgPZA3nnA=)
                          2: _VVt4OfdWGBs-jce3dtU-jGfKTY.roa (hash: fEnri8C9TJ4wmIOHMUbqYdb4TUqJNQunbXCa8VppDek=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 08:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:49:43:73:ac:f5:2d:21:7c:1f:e3:76:c7:4a:e4:e0:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da96b5bdafb28332dafe847ced14f7a5fad45e69
        Validity
            Not Before: Jun 24 08:01:15 2024 GMT
            Not After : Jun 25 08:01:15 2024 GMT
        Subject: CN=388e45ff67a4e139ced177cea1022f4032956381
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:01:61:b0:13:0f:45:3c:c8:18:aa:f4:0f:cd:
                    03:07:af:06:7c:81:c7:c2:f8:54:9b:64:59:66:59:
                    dd:62:3d:28:8f:83:3f:0c:2c:aa:2f:78:83:9f:85:
                    a9:66:eb:f5:d7:37:bf:1a:12:9c:e4:aa:e6:46:00:
                    03:44:b4:78:90:34:db:b6:27:2f:35:fd:86:20:28:
                    dc:f8:22:bf:97:62:86:6e:5a:5d:3e:eb:2f:40:e9:
                    2d:93:7f:9c:31:c9:95:b0:e1:e8:1b:07:65:ef:e1:
                    86:e5:a6:35:81:01:80:6f:61:e6:97:fe:ea:13:e1:
                    84:8c:a3:31:f5:85:b8:55:21:ca:6d:b0:94:60:44:
                    8a:ef:b0:82:e1:fa:55:be:a3:07:be:42:75:fe:95:
                    2e:20:06:61:3c:01:1b:82:ef:e5:29:ad:7a:86:74:
                    9a:3d:76:e3:2d:27:90:4f:d1:ec:b5:59:f6:c3:4d:
                    82:80:de:de:9e:7d:ae:be:6a:20:c6:5b:06:6a:f7:
                    c9:f7:87:19:f8:c6:e4:78:e5:85:64:90:30:d3:1c:
                    35:2e:7f:c8:27:51:69:a7:c8:72:2e:c4:8b:48:9e:
                    09:e6:e7:2a:f0:fe:08:c8:99:c6:0f:e9:4b:a4:14:
                    41:02:0f:0d:0f:a7:c7:92:bf:8a:16:c5:5c:4f:65:
                    a1:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:8E:45:FF:67:A4:E1:39:CE:D1:77:CE:A1:02:2F:40:32:95:63:81
            X509v3 Authority Key Identifier:
                keyid:DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:f9:16:60:01:cb:e7:e7:8b:43:e9:8d:98:ec:d8:c1:70:4b:
         6a:b7:ca:dc:fc:f3:f5:d6:c9:89:17:bc:17:79:4d:4b:1f:0f:
         fa:d6:02:b2:aa:56:60:65:8c:6e:8d:ac:f0:66:bf:d1:f1:70:
         eb:d3:07:90:ba:8a:03:72:f5:2c:e0:25:94:44:68:b2:83:ab:
         de:a6:99:1f:8a:a0:34:87:4c:9b:ea:42:c4:57:98:0f:26:4d:
         ac:6d:2c:49:e6:13:0c:bb:7e:3a:6f:04:0c:cd:db:a5:32:29:
         eb:15:8a:d2:37:5c:c2:bb:58:23:8c:ec:3b:c9:2f:32:04:23:
         e4:7e:89:07:42:a2:48:9e:fb:d8:a0:99:10:fe:d7:cc:a9:18:
         b6:16:35:a0:4d:74:5b:70:89:74:00:c3:c2:66:1a:d9:a4:0f:
         dd:82:a9:90:b9:a0:c7:16:64:e8:15:8a:83:66:c5:8e:56:ef:
         87:86:d8:fc:d9:f6:57:5e:da:b5:d0:47:8f:4f:b7:c0:9d:4a:
         eb:8e:7f:be:2b:68:ce:d0:c0:e7:98:f2:97:f5:82:bd:05:28:
         da:0f:7f:09:35:9f:4c:78:fc:2a:f0:b2:d7:a6:21:6a:cb:cf:
         e7:c1:09:ec:5f:57:ff:03:66:8e:86:ba:fd:94:7e:91:96:36:
         1c:5f:0c:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBJQ3Os9S0hfB/jdsdK5OC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOTZiNWJkYWZiMjgzMzJkYWZlODQ3Y2VkMTRmN2E1ZmFk
NDVlNjkwHhcNMjQwNjI0MDgwMTE1WhcNMjQwNjI1MDgwMTE1WjAzMTEwLwYDVQQD
EygzODhlNDVmZjY3YTRlMTM5Y2VkMTc3Y2VhMTAyMmY0MDMyOTU2MzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAFhsBMPRTzIGKr0D80DB68GfIHH
wvhUm2RZZlndYj0oj4M/DCyqL3iDn4WpZuv11ze/GhKc5KrmRgADRLR4kDTbticv
Nf2GICjc+CK/l2KGblpdPusvQOktk3+cMcmVsOHoGwdl7+GG5aY1gQGAb2Hml/7q
E+GEjKMx9YW4VSHKbbCUYESK77CC4fpVvqMHvkJ1/pUuIAZhPAEbgu/lKa16hnSa
PXbjLSeQT9HstVn2w02CgN7enn2uvmogxlsGavfJ94cZ+MbkeOWFZJAw0xw1Ln/I
J1Fpp8hyLsSLSJ4J5ucq8P4IyJnGD+lLpBRBAg8ND6fHkr+KFsVcT2WhBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiORf9npOE5ztF3zqECL0AylWOBMB8GA1UdIwQY
MBaAFNqWtb2vsoMy2v6EfO0U96X61F5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84MTkwODktNDczYi00NjNmLWI4N2It
NDI1Mzk1MGYxMTU1LzEvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC84MTkwODktNDczYi00NjNmLWI4N2ItNDI1Mzk1MGYxMTU1
LzEvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU/kWYAHL
5+eLQ+mNmOzYwXBLarfK3Pzz9dbJiRe8F3lNSx8P+tYCsqpWYGWMbo2s8Ga/0fFw
69MHkLqKA3L1LOAllERosoOr3qaZH4qgNIdMm+pCxFeYDyZNrG0sSeYTDLt+Om8E
DM3bpTIp6xWK0jdcwrtYI4zsO8kvMgQj5H6JB0KiSJ772KCZEP7XzKkYthY1oE10
W3CJdADDwmYa2aQP3YKpkLmgxxZk6BWKg2bFjlbvh4bY/Nn2V17atdBHj0+3wJ1K
645/vitoztDA55jyl/WCvQUo2g9/CTWfTHj8KvCy16YhasvP58EJ7F9X/wNmjoa6
/ZR+kZY2HF8MKg==
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:22:48 2024 by rpki-client on console-ams.rpki-client.org