Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/1fe3d7-9214-4de3-8f1c-2c0abbd2e85d/1/apz1pXvHRW10C0Xh_gjjaamhcUo.mft
File:                     apz1pXvHRW10C0Xh_gjjaamhcUo.mft (raw, json)
Hash identifier:          KUi0QzbQ5RTawiLXTA9kPowhYRRn4Vf8QoH3ytvRAOI=
Subject key identifier:   CB:3E:73:16:7F:62:4D:45:1D:58:C3:FA:C2:BC:12:45:45:5D:AF:EF
Authority key identifier: 6A:9C:F5:A5:7B:C7:45:6D:74:0B:45:E1:FE:08:E3:69:A9:A1:71:4A
Certificate issuer:       /CN=6a9cf5a57bc7456d740b45e1fe08e369a9a1714a
Certificate serial:       0190448C2A81C18C50E90500C10716816BDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/apz1pXvHRW10C0Xh_gjjaamhcUo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/1fe3d7-9214-4de3-8f1c-2c0abbd2e85d/1/apz1pXvHRW10C0Xh_gjjaamhcUo.mft
Manifest number:          11DA
Signing time:             Sun 23 Jun 2024 10:02:34 +0000
Manifest this update:     Sun 23 Jun 2024 10:02:34 +0000
Manifest next update:     Mon 24 Jun 2024 10:02:34 +0000
Files and hashes:         1: 6PLJXBtU2gE271O6qfmIgRSfwpI.roa (hash: ZSkMQnUvi//VgXHaK0x+LxgfOW4LWoJMUZzYjht0r78=)
                          2: apz1pXvHRW10C0Xh_gjjaamhcUo.crl (hash: Byr3+5QD8g/bw4oV69PEg9+sa6b4mc1M5intcq3hj60=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/1fe3d7-9214-4de3-8f1c-2c0abbd2e85d/1/apz1pXvHRW10C0Xh_gjjaamhcUo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/1fe3d7-9214-4de3-8f1c-2c0abbd2e85d/1/apz1pXvHRW10C0Xh_gjjaamhcUo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/apz1pXvHRW10C0Xh_gjjaamhcUo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 10:02:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:44:8c:2a:81:c1:8c:50:e9:05:00:c1:07:16:81:6b:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a9cf5a57bc7456d740b45e1fe08e369a9a1714a
        Validity
            Not Before: Jun 23 10:02:34 2024 GMT
            Not After : Jun 24 10:02:34 2024 GMT
        Subject: CN=cb3e73167f624d451d58c3fac2bc1245455dafef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:bd:de:bf:e2:d6:83:f7:b0:79:d8:2e:79:94:
                    b5:8e:1b:2b:22:a1:a5:24:47:ee:19:9a:3a:59:b7:
                    03:58:9d:d1:45:b3:97:8e:2c:6b:bb:0d:e4:4e:0f:
                    98:10:37:2d:90:e2:cb:dd:a5:fe:fd:b7:70:e1:c2:
                    df:a9:e2:0b:65:bb:a0:b9:1d:ee:5e:de:04:87:a5:
                    33:eb:b5:85:d4:ae:65:42:94:25:10:d9:b6:fd:cd:
                    17:91:9f:ac:16:77:4b:e6:6b:73:96:0c:f1:49:d5:
                    e7:58:8a:1d:d9:ac:7f:7b:5a:c0:6e:7a:93:4e:74:
                    2a:a8:e6:51:66:71:85:e4:34:be:3d:4e:a9:22:ea:
                    36:8c:d5:7a:12:a8:1b:68:7a:ac:35:3c:23:e4:fe:
                    46:48:14:b9:bc:f2:ea:14:f5:07:92:d6:f8:02:38:
                    bb:ca:6c:86:3f:1c:81:49:97:c8:ec:c5:ca:23:c9:
                    6e:c6:4f:18:02:a9:30:2c:1b:ca:2f:e1:14:82:72:
                    2e:04:63:d5:b8:06:96:28:12:a8:10:2f:49:2c:f7:
                    ce:63:2e:d8:09:32:a3:55:ec:92:0c:57:01:cb:c4:
                    10:8b:05:e8:15:b1:b1:ef:13:83:cb:c0:f2:79:d6:
                    d0:06:93:86:38:65:5b:75:97:ba:5b:86:6a:ad:dd:
                    a7:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:3E:73:16:7F:62:4D:45:1D:58:C3:FA:C2:BC:12:45:45:5D:AF:EF
            X509v3 Authority Key Identifier:
                keyid:6A:9C:F5:A5:7B:C7:45:6D:74:0B:45:E1:FE:08:E3:69:A9:A1:71:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/apz1pXvHRW10C0Xh_gjjaamhcUo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/1fe3d7-9214-4de3-8f1c-2c0abbd2e85d/1/apz1pXvHRW10C0Xh_gjjaamhcUo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/1fe3d7-9214-4de3-8f1c-2c0abbd2e85d/1/apz1pXvHRW10C0Xh_gjjaamhcUo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:a2:98:9c:1e:72:f5:ea:ee:f3:93:b4:9b:bc:67:e5:cd:06:
         39:54:79:7a:f8:d7:bb:e0:65:a7:cd:ef:92:2d:07:41:02:61:
         9d:01:39:4a:bb:b5:af:bf:1a:b5:6e:5f:bc:47:d9:df:4f:7c:
         d0:b3:bd:8a:c0:50:78:f8:81:f7:05:3f:1a:ff:7c:13:d5:fd:
         37:53:27:90:9d:1b:7d:58:aa:bb:07:73:ff:73:76:d9:b3:fd:
         bd:97:57:d8:5d:86:09:6b:b5:88:0a:93:79:83:8f:7c:75:41:
         c1:32:0c:1a:8e:80:b4:cf:96:0a:92:65:9b:0c:bc:2a:8e:11:
         e1:b3:de:a7:0c:e5:6f:3e:22:9f:a2:65:a1:df:19:df:57:e1:
         a3:e1:28:09:37:12:91:4a:fc:a6:b9:84:d9:86:da:3d:59:d4:
         cc:de:b5:59:f5:64:08:b5:f0:18:bc:2e:d6:f1:73:5f:54:c0:
         fa:16:6a:b5:52:8d:57:9c:34:ae:89:44:7e:cc:6b:93:76:68:
         91:ae:38:ae:ee:e0:e9:2c:1e:c4:1b:91:87:f6:80:9e:8f:36:
         78:8c:b7:4e:98:80:87:e4:71:4d:4e:0a:d5:03:b4:f9:fa:0d:
         56:80:81:9c:0d:68:1d:54:b4:e6:bd:73:b7:0a:63:a6:a9:d6:
         b1:b4:5b:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBEjCqBwYxQ6QUAwQcWgWvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOWNmNWE1N2JjNzQ1NmQ3NDBiNDVlMWZlMDhlMzY5YTlh
MTcxNGEwHhcNMjQwNjIzMTAwMjM0WhcNMjQwNjI0MTAwMjM0WjAzMTEwLwYDVQQD
EyhjYjNlNzMxNjdmNjI0ZDQ1MWQ1OGMzZmFjMmJjMTI0NTQ1NWRhZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtr3ev+LWg/ewedgueZS1jhsrIqGl
JEfuGZo6WbcDWJ3RRbOXjixruw3kTg+YEDctkOLL3aX+/bdw4cLfqeILZbuguR3u
Xt4Eh6Uz67WF1K5lQpQlENm2/c0XkZ+sFndL5mtzlgzxSdXnWIod2ax/e1rAbnqT
TnQqqOZRZnGF5DS+PU6pIuo2jNV6EqgbaHqsNTwj5P5GSBS5vPLqFPUHktb4Aji7
ymyGPxyBSZfI7MXKI8luxk8YAqkwLBvKL+EUgnIuBGPVuAaWKBKoEC9JLPfOYy7Y
CTKjVeySDFcBy8QQiwXoFbGx7xODy8DyedbQBpOGOGVbdZe6W4Zqrd2nEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMs+cxZ/Yk1FHVjD+sK8EkVFXa/vMB8GA1UdIwQY
MBaAFGqc9aV7x0VtdAtF4f4I42mpoXFKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXB6MXBYdkhSVzEwQzBYaF9namphYW1oY1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xZmUzZDctOTIxNC00ZGUzLThmMWMt
MmMwYWJiZDJlODVkLzEvYXB6MXBYdkhSVzEwQzBYaF9namphYW1oY1VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xZmUzZDctOTIxNC00ZGUzLThmMWMtMmMwYWJiZDJlODVk
LzEvYXB6MXBYdkhSVzEwQzBYaF9namphYW1oY1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb6KYnB5y
9eru85O0m7xn5c0GOVR5evjXu+Blp83vki0HQQJhnQE5Sru1r78atW5fvEfZ3098
0LO9isBQePiB9wU/Gv98E9X9N1MnkJ0bfViquwdz/3N22bP9vZdX2F2GCWu1iAqT
eYOPfHVBwTIMGo6AtM+WCpJlmwy8Ko4R4bPepwzlbz4in6Jlod8Z31fho+EoCTcS
kUr8prmE2YbaPVnUzN61WfVkCLXwGLwu1vFzX1TA+hZqtVKNV5w0rolEfsxrk3Zo
ka44ru7g6SwexBuRh/aAno82eIy3TpiAh+RxTU4K1QO0+foNVoCBnA1oHVS05r1z
twpjpqnWsbRbCQ==
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:53:11 2024 by rpki-client on console-ams.rpki-client.org