Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/df8b06-5d61-4ffd-a949-048b5f5bfa81/1/O8iOk9iVAzFkvO-XU52MidZxfas.mft
File:                     O8iOk9iVAzFkvO-XU52MidZxfas.mft (raw, json)
Hash identifier:          Ntzz7ipiOiuzcg/pnQUR7ZabwPgrUyHdll52ipr4DKg=
Subject key identifier:   DD:9A:9E:BC:61:C0:68:7A:DB:4A:CC:EC:BE:E6:58:8B:3B:97:99:3C
Authority key identifier: 3B:C8:8E:93:D8:95:03:31:64:BC:EF:97:53:9D:8C:89:D6:71:7D:AB
Certificate issuer:       /CN=3bc88e93d895033164bcef97539d8c89d6717dab
Certificate serial:       01901DEC0CD7121752CCB80DFC65491CDB79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O8iOk9iVAzFkvO-XU52MidZxfas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/df8b06-5d61-4ffd-a949-048b5f5bfa81/1/O8iOk9iVAzFkvO-XU52MidZxfas.mft
Manifest number:          11C4
Signing time:             Sat 15 Jun 2024 22:02:07 +0000
Manifest this update:     Sat 15 Jun 2024 22:02:07 +0000
Manifest next update:     Sun 16 Jun 2024 22:02:07 +0000
Files and hashes:         1: GqdYxxm-z9v5v0Yj8m-6Y9VXjjg.roa (hash: KYzjTpHmjuq4/Y/CcyOvng8tF2cucBkxu+/DmHWpgIE=)
                          2: O8iOk9iVAzFkvO-XU52MidZxfas.crl (hash: aZJQMK3gCtpitWfvZPpZGCVbaAWsJTfv7Ebhdl+O46A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/df8b06-5d61-4ffd-a949-048b5f5bfa81/1/O8iOk9iVAzFkvO-XU52MidZxfas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/df8b06-5d61-4ffd-a949-048b5f5bfa81/1/O8iOk9iVAzFkvO-XU52MidZxfas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O8iOk9iVAzFkvO-XU52MidZxfas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:02:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ec:0c:d7:12:17:52:cc:b8:0d:fc:65:49:1c:db:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bc88e93d895033164bcef97539d8c89d6717dab
        Validity
            Not Before: Jun 15 22:02:07 2024 GMT
            Not After : Jun 16 22:02:07 2024 GMT
        Subject: CN=dd9a9ebc61c0687adb4accecbee6588b3b97993c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:5a:c9:7f:07:29:b3:16:19:4f:e5:1f:a7:39:
                    02:04:d6:3c:7b:54:87:d0:87:ca:56:dc:ec:a9:38:
                    1c:dc:86:e2:15:67:13:32:88:db:cb:52:72:0f:70:
                    7a:06:95:1a:bf:35:93:27:ca:62:9b:11:5e:b7:5d:
                    f9:e3:da:b0:db:3b:dc:5a:f4:ea:05:2f:22:d8:9c:
                    6b:cf:26:72:24:da:30:15:6e:ad:2a:f4:f3:a7:27:
                    20:13:53:a7:06:2f:56:b0:10:a0:dd:eb:41:9c:68:
                    2d:42:d5:78:42:4c:a7:8e:41:8a:55:95:2b:90:fc:
                    56:d7:58:c2:e6:78:ca:12:ee:d0:56:1b:e8:80:f9:
                    9b:9d:f6:a7:2a:d5:bf:c1:7f:60:a7:57:5e:3e:76:
                    ed:05:7c:f3:68:aa:4b:94:23:3b:91:79:57:22:82:
                    63:91:8b:d9:97:da:e7:16:a2:69:0b:2a:fa:b9:70:
                    ab:17:de:de:d6:df:11:03:fc:29:a8:cc:92:20:31:
                    50:ca:86:04:2c:91:7a:45:66:b8:46:f3:03:8a:3e:
                    de:9f:ab:36:83:b1:ee:ab:ac:a7:42:e2:36:ab:fd:
                    09:c4:d4:0e:d2:81:67:d9:bc:12:e2:68:1b:e4:f7:
                    50:ec:78:7e:11:9c:48:08:61:3a:ee:1a:fe:dc:36:
                    19:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:9A:9E:BC:61:C0:68:7A:DB:4A:CC:EC:BE:E6:58:8B:3B:97:99:3C
            X509v3 Authority Key Identifier:
                keyid:3B:C8:8E:93:D8:95:03:31:64:BC:EF:97:53:9D:8C:89:D6:71:7D:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8iOk9iVAzFkvO-XU52MidZxfas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/df8b06-5d61-4ffd-a949-048b5f5bfa81/1/O8iOk9iVAzFkvO-XU52MidZxfas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/df8b06-5d61-4ffd-a949-048b5f5bfa81/1/O8iOk9iVAzFkvO-XU52MidZxfas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:d8:6e:a4:6d:2b:9e:b5:2e:8d:11:d3:2a:91:42:1c:76:82:
         b5:ce:d6:af:8c:ab:4a:f1:ee:da:88:f7:d1:5c:bd:8b:02:91:
         70:03:b0:76:be:93:de:e7:e9:85:dd:a7:95:4e:3a:68:be:06:
         f0:2a:8a:1d:d8:b8:9e:8b:53:8c:03:e2:8c:2d:9e:13:5e:44:
         59:e3:dc:fb:31:ed:da:9f:a7:dc:6c:6a:01:13:ea:a5:5e:cc:
         15:b9:7e:ac:05:20:b0:30:ae:79:45:34:ad:6b:97:b7:96:5c:
         85:24:78:44:31:fe:e0:c6:8e:05:9b:8a:b6:5e:18:fc:02:8b:
         ed:2e:45:4e:2a:76:b0:dc:b1:a0:67:a7:d7:1e:20:36:95:f2:
         9b:31:38:4d:fc:66:c9:b1:17:36:96:63:67:32:b7:ae:9d:fd:
         e4:4c:50:12:45:70:27:45:a6:a8:dd:91:3b:70:b3:4c:ec:d6:
         57:0f:d6:73:e4:5e:ac:cb:3e:e1:0c:7d:ab:4f:b4:97:30:3f:
         7c:63:09:03:04:1d:dc:d8:54:4a:e6:7d:78:48:51:d1:c0:33:
         58:92:dc:6d:f0:de:52:22:11:c3:d0:b3:50:f6:3e:60:cb:1d:
         20:78:d8:0b:ab:d2:36:46:02:1b:58:4d:a9:75:de:b4:b6:8b:
         b6:71:34:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd7AzXEhdSzLgN/GVJHNt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYzg4ZTkzZDg5NTAzMzE2NGJjZWY5NzUzOWQ4Yzg5ZDY3
MTdkYWIwHhcNMjQwNjE1MjIwMjA3WhcNMjQwNjE2MjIwMjA3WjAzMTEwLwYDVQQD
EyhkZDlhOWViYzYxYzA2ODdhZGI0YWNjZWNiZWU2NTg4YjNiOTc5OTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1rJfwcpsxYZT+UfpzkCBNY8e1SH
0IfKVtzsqTgc3IbiFWcTMojby1JyD3B6BpUavzWTJ8pimxFet13549qw2zvcWvTq
BS8i2JxrzyZyJNowFW6tKvTzpycgE1OnBi9WsBCg3etBnGgtQtV4QkynjkGKVZUr
kPxW11jC5njKEu7QVhvogPmbnfanKtW/wX9gp1dePnbtBXzzaKpLlCM7kXlXIoJj
kYvZl9rnFqJpCyr6uXCrF97e1t8RA/wpqMySIDFQyoYELJF6RWa4RvMDij7en6s2
g7Huq6ynQuI2q/0JxNQO0oFn2bwS4mgb5PdQ7Hh+EZxICGE67hr+3DYZzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN2anrxhwGh620rM7L7mWIs7l5k8MB8GA1UdIwQY
MBaAFDvIjpPYlQMxZLzvl1OdjInWcX2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzhpT2s5aVZBekZrdk8tWFU1Mk1pZFp4ZmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9kZjhiMDYtNWQ2MS00ZmZkLWE5NDkt
MDQ4YjVmNWJmYTgxLzEvTzhpT2s5aVZBekZrdk8tWFU1Mk1pZFp4ZmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9kZjhiMDYtNWQ2MS00ZmZkLWE5NDktMDQ4YjVmNWJmYTgx
LzEvTzhpT2s5aVZBekZrdk8tWFU1Mk1pZFp4ZmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgNhupG0r
nrUujRHTKpFCHHaCtc7Wr4yrSvHu2oj30Vy9iwKRcAOwdr6T3ufphd2nlU46aL4G
8CqKHdi4notTjAPijC2eE15EWePc+zHt2p+n3GxqARPqpV7MFbl+rAUgsDCueUU0
rWuXt5ZchSR4RDH+4MaOBZuKtl4Y/AKL7S5FTip2sNyxoGen1x4gNpXymzE4Tfxm
ybEXNpZjZzK3rp395ExQEkVwJ0WmqN2RO3CzTOzWVw/Wc+RerMs+4Qx9q0+0lzA/
fGMJAwQd3NhUSuZ9eEhR0cAzWJLcbfDeUiIRw9CzUPY+YMsdIHjYC6vSNkYCG1hN
qXXetLaLtnE04g==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:05:34 2024 by rpki-client on console-fra.rpki-client.org