Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/df8b06-5d61-4ffd-a949-048b5f5bfa81/1/O8iOk9iVAzFkvO-XU52MidZxfas.mft
File:                     O8iOk9iVAzFkvO-XU52MidZxfas.mft (raw, json)
Hash identifier:          +UQiLSphkV6nb6a4yOZ+cWp+ju5koSBWKRX4IHAiiaY=
Subject key identifier:   8F:E1:8A:24:15:DC:B3:F1:64:28:4E:AA:D5:BE:62:7E:73:CA:B4:B4
Authority key identifier: 3B:C8:8E:93:D8:95:03:31:64:BC:EF:97:53:9D:8C:89:D6:71:7D:AB
Certificate issuer:       /CN=3bc88e93d895033164bcef97539d8c89d6717dab
Certificate serial:       0190448CDA5B7F2638AB752B3B9B83CD93C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O8iOk9iVAzFkvO-XU52MidZxfas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/df8b06-5d61-4ffd-a949-048b5f5bfa81/1/O8iOk9iVAzFkvO-XU52MidZxfas.mft
Manifest number:          11D8
Signing time:             Sun 23 Jun 2024 10:03:19 +0000
Manifest this update:     Sun 23 Jun 2024 10:03:19 +0000
Manifest next update:     Mon 24 Jun 2024 10:03:19 +0000
Files and hashes:         1: GqdYxxm-z9v5v0Yj8m-6Y9VXjjg.roa (hash: KYzjTpHmjuq4/Y/CcyOvng8tF2cucBkxu+/DmHWpgIE=)
                          2: O8iOk9iVAzFkvO-XU52MidZxfas.crl (hash: ohsngWyq0QjEyhUPUU1KLTpxZJySo0kjWcADNbaKlD8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/df8b06-5d61-4ffd-a949-048b5f5bfa81/1/O8iOk9iVAzFkvO-XU52MidZxfas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/df8b06-5d61-4ffd-a949-048b5f5bfa81/1/O8iOk9iVAzFkvO-XU52MidZxfas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O8iOk9iVAzFkvO-XU52MidZxfas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 10:03:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:44:8c:da:5b:7f:26:38:ab:75:2b:3b:9b:83:cd:93:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bc88e93d895033164bcef97539d8c89d6717dab
        Validity
            Not Before: Jun 23 10:03:19 2024 GMT
            Not After : Jun 24 10:03:19 2024 GMT
        Subject: CN=8fe18a2415dcb3f164284eaad5be627e73cab4b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e9:84:0f:5f:cb:be:79:a5:80:10:82:76:7f:
                    4c:a4:96:76:64:c4:2a:a1:c1:37:cb:31:ca:13:e1:
                    8e:7b:6e:c7:1f:be:6e:38:3b:f0:cb:2b:16:01:71:
                    ac:07:43:8c:bb:4d:a9:1e:94:61:26:e2:80:55:6e:
                    59:9b:6b:d9:cd:9e:b4:fe:69:91:e7:6d:cb:01:6e:
                    e3:6c:92:22:1f:3a:09:a2:5a:b7:09:39:04:95:56:
                    6f:1a:c2:91:bd:9c:96:4d:fb:05:3d:d1:03:bb:e5:
                    b0:8a:5d:74:a1:57:bd:64:87:fa:8f:9f:06:e7:04:
                    c6:53:bb:38:47:2a:5e:dd:81:4b:d5:0f:85:19:e5:
                    f1:db:a5:89:20:bb:b6:8c:65:26:86:18:a8:98:d0:
                    5e:2d:cc:b0:e8:f4:08:b8:03:ad:18:92:9c:da:dc:
                    fc:27:dc:e3:1b:87:33:5a:2a:96:9f:e0:24:ae:0a:
                    b7:bf:60:7f:5e:45:71:5d:f2:fa:d8:9a:a4:9f:a2:
                    02:63:46:06:d8:24:5f:a5:0f:95:ce:3f:a5:e6:5d:
                    a5:bf:89:70:97:3a:10:a2:65:5a:cd:c8:cf:a3:75:
                    eb:1c:c6:1c:bf:4d:56:65:fd:57:ea:e9:2d:5e:0f:
                    09:73:81:eb:d0:6e:6f:ca:ff:7c:bc:e2:df:fd:dd:
                    82:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:E1:8A:24:15:DC:B3:F1:64:28:4E:AA:D5:BE:62:7E:73:CA:B4:B4
            X509v3 Authority Key Identifier:
                keyid:3B:C8:8E:93:D8:95:03:31:64:BC:EF:97:53:9D:8C:89:D6:71:7D:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8iOk9iVAzFkvO-XU52MidZxfas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/df8b06-5d61-4ffd-a949-048b5f5bfa81/1/O8iOk9iVAzFkvO-XU52MidZxfas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/df8b06-5d61-4ffd-a949-048b5f5bfa81/1/O8iOk9iVAzFkvO-XU52MidZxfas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:2e:7e:e8:a2:04:97:dc:b7:7b:7d:d4:fc:7c:55:fd:42:d5:
         d8:aa:0e:75:75:f0:bf:5c:96:d7:e8:ef:b3:86:ec:6e:6c:2d:
         7c:35:1b:34:69:d9:6e:f1:60:b5:01:d4:e1:1e:e3:7a:b3:2c:
         3e:9a:b6:6d:1c:3e:19:24:b2:07:91:4b:bc:4a:31:43:d3:58:
         74:23:1d:f2:39:a7:2d:cb:22:9c:49:58:c7:52:3e:a6:70:65:
         2b:36:48:80:ff:37:08:f0:4a:b6:9a:40:a4:d7:77:75:db:d3:
         8c:ce:ed:ce:94:2a:e4:5e:fe:de:b6:05:29:3e:c2:87:aa:c0:
         0b:3c:97:c7:9d:6c:ca:c2:36:7a:8f:9e:df:b7:d3:fd:93:87:
         d6:8d:f6:06:b6:8d:8b:27:2e:f7:2c:28:4d:b2:dd:1e:27:83:
         6f:f5:e5:46:3e:d1:2e:7f:d5:49:77:73:87:b3:66:f6:54:1a:
         1b:24:c8:f1:27:49:01:5c:e7:95:5b:94:84:c4:d4:97:3d:9d:
         0f:ff:d5:14:12:8d:3d:b6:32:8b:0f:6e:11:ad:95:f1:63:51:
         6a:84:8f:35:97:72:be:d0:35:c6:b7:66:dd:a0:13:c7:b2:c2:
         38:97:ba:49:7c:5b:be:bc:81:cb:45:3f:c9:3a:cb:ce:11:3f:
         df:86:22:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBEjNpbfyY4q3UrO5uDzZPHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYzg4ZTkzZDg5NTAzMzE2NGJjZWY5NzUzOWQ4Yzg5ZDY3
MTdkYWIwHhcNMjQwNjIzMTAwMzE5WhcNMjQwNjI0MTAwMzE5WjAzMTEwLwYDVQQD
Eyg4ZmUxOGEyNDE1ZGNiM2YxNjQyODRlYWFkNWJlNjI3ZTczY2FiNGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+mED1/LvnmlgBCCdn9MpJZ2ZMQq
ocE3yzHKE+GOe27HH75uODvwyysWAXGsB0OMu02pHpRhJuKAVW5Zm2vZzZ60/mmR
523LAW7jbJIiHzoJolq3CTkElVZvGsKRvZyWTfsFPdEDu+Wwil10oVe9ZIf6j58G
5wTGU7s4Rype3YFL1Q+FGeXx26WJILu2jGUmhhiomNBeLcyw6PQIuAOtGJKc2tz8
J9zjG4czWiqWn+Akrgq3v2B/XkVxXfL62Jqkn6ICY0YG2CRfpQ+Vzj+l5l2lv4lw
lzoQomVazcjPo3XrHMYcv01WZf1X6uktXg8Jc4Hr0G5vyv98vOLf/d2CrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI/hiiQV3LPxZChOqtW+Yn5zyrS0MB8GA1UdIwQY
MBaAFDvIjpPYlQMxZLzvl1OdjInWcX2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzhpT2s5aVZBekZrdk8tWFU1Mk1pZFp4ZmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9kZjhiMDYtNWQ2MS00ZmZkLWE5NDkt
MDQ4YjVmNWJmYTgxLzEvTzhpT2s5aVZBekZrdk8tWFU1Mk1pZFp4ZmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9kZjhiMDYtNWQ2MS00ZmZkLWE5NDktMDQ4YjVmNWJmYTgx
LzEvTzhpT2s5aVZBekZrdk8tWFU1Mk1pZFp4ZmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiy5+6KIE
l9y3e33U/HxV/ULV2KoOdXXwv1yW1+jvs4bsbmwtfDUbNGnZbvFgtQHU4R7jerMs
Ppq2bRw+GSSyB5FLvEoxQ9NYdCMd8jmnLcsinElYx1I+pnBlKzZIgP83CPBKtppA
pNd3ddvTjM7tzpQq5F7+3rYFKT7Ch6rACzyXx51sysI2eo+e37fT/ZOH1o32BraN
iycu9ywoTbLdHieDb/XlRj7RLn/VSXdzh7Nm9lQaGyTI8SdJAVznlVuUhMTUlz2d
D//VFBKNPbYyiw9uEa2V8WNRaoSPNZdyvtA1xrdm3aATx7LCOJe6SXxbvryBy0U/
yTrLzhE/34YiKg==
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:51:34 2024 by rpki-client on console-ams.rpki-client.org