Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
File:                     i4gBVDgSBAR31HRCKUZshTfUUXE.mft (raw, json)
Hash identifier:          /pbms9LckN5kRIoLL8LRKlM3SS1u5+7B5kqkD3zpe28=
Subject key identifier:   41:32:47:FB:40:C5:D5:F4:83:64:12:22:D1:A6:B4:1F:9E:FB:32:54
Authority key identifier: 8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71
Certificate issuer:       /CN=8b8801543812040477d4744229466c8537d45171
Certificate serial:       019048D57D6C1ADA5EAC75FE92FAB9AF9600
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
Manifest number:          0924
Signing time:             Mon 24 Jun 2024 06:01:09 +0000
Manifest this update:     Mon 24 Jun 2024 06:01:09 +0000
Manifest next update:     Tue 25 Jun 2024 06:01:09 +0000
Files and hashes:         1: i4gBVDgSBAR31HRCKUZshTfUUXE.crl (hash: A7nJ0/CrgdfX5xlQRv8xJwYpShMiQIKVh0cBaV6hlS8=)
                          2: iv1X5_oDya1PShhaqe7eVpxAedQ.roa (hash: WFFNaEIdoqyKNntAnMIeqd6urftS0Xj65824vTaquVU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 06:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:48:d5:7d:6c:1a:da:5e:ac:75:fe:92:fa:b9:af:96:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b8801543812040477d4744229466c8537d45171
        Validity
            Not Before: Jun 24 06:01:09 2024 GMT
            Not After : Jun 25 06:01:09 2024 GMT
        Subject: CN=413247fb40c5d5f483641222d1a6b41f9efb3254
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:7d:74:2e:eb:d8:fc:01:25:12:66:cf:0b:d2:
                    cf:50:b0:9c:67:52:43:2a:b9:71:96:18:c9:39:e9:
                    79:4a:fe:3e:e2:01:12:57:30:ee:9e:02:24:c7:9e:
                    89:2c:da:7f:ea:6c:d4:5a:a8:e5:fd:ee:d2:7c:30:
                    11:88:a8:9d:96:1c:a5:aa:9e:2c:6e:89:67:35:e1:
                    05:e1:8d:83:40:73:43:0a:59:84:2d:24:bc:09:86:
                    02:cf:17:8e:85:a7:06:a3:7c:53:99:59:e8:da:61:
                    08:03:71:ea:83:05:ea:a7:4b:6a:55:2b:91:99:c6:
                    c7:61:a5:9d:63:96:c7:19:3e:aa:33:aa:d6:9b:5d:
                    5c:b2:0c:51:7c:62:f0:74:e2:e8:e5:9a:d3:93:e8:
                    fd:5c:84:ef:db:f4:d7:40:b6:2f:58:80:e0:66:3e:
                    d2:aa:64:de:0a:00:bd:0c:ee:40:18:30:c1:c9:b9:
                    e1:fa:f1:4f:24:d5:c9:c5:0f:90:83:87:6c:78:ff:
                    31:8e:66:58:af:78:67:e6:eb:d8:14:80:52:ea:cf:
                    5a:f0:c2:78:dc:42:87:e4:2e:74:18:13:8a:b1:17:
                    f7:78:5a:b9:07:6e:3c:83:d5:94:ed:d5:3e:9f:88:
                    c3:30:51:c5:88:b6:8c:d7:97:31:cb:bb:ab:97:30:
                    53:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:32:47:FB:40:C5:D5:F4:83:64:12:22:D1:A6:B4:1F:9E:FB:32:54
            X509v3 Authority Key Identifier:
                keyid:8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:a9:d9:d5:9b:75:4b:88:82:15:44:0a:8d:46:d6:c7:2d:f1:
         ff:e3:98:41:e0:15:42:f2:8d:a5:7e:2c:d9:ac:26:7c:6a:cd:
         f4:55:ee:aa:55:ee:10:bd:26:a0:3d:72:5a:92:02:fa:b5:be:
         06:7f:6b:b7:a8:80:f0:77:64:23:a3:03:c7:66:dd:5c:6c:7f:
         fe:9c:45:b9:a2:10:25:44:5e:e1:96:ae:c8:b8:74:e0:0d:21:
         66:cf:8e:c6:43:ee:ac:eb:92:ec:f8:69:32:39:d0:ec:fc:42:
         6a:ca:ea:11:f4:89:e7:72:1f:e7:3a:b1:8f:50:a8:d3:37:e6:
         34:37:76:0f:3d:d5:37:e6:2c:e6:ea:ee:b7:9e:2e:2f:84:8a:
         90:8b:ea:fe:4c:85:a1:78:74:48:33:6b:1c:d5:1c:d0:a7:ec:
         8c:07:59:10:c8:64:a7:40:b0:a6:41:91:03:a0:37:54:09:e7:
         9c:d0:6e:81:de:20:49:cd:42:bb:b5:86:a2:74:89:fe:55:64:
         d4:fa:25:fc:5d:99:34:70:cd:be:f3:c3:e8:a7:4d:80:03:ac:
         d7:df:18:44:ea:ea:99:43:64:41:80:b7:85:4e:20:40:73:3f:
         38:ba:8e:a0:78:16:31:59:7f:19:69:2e:43:0a:9c:45:11:73:
         7b:c5:63:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBI1X1sGtperHX+kvq5r5YAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiODgwMTU0MzgxMjA0MDQ3N2Q0NzQ0MjI5NDY2Yzg1Mzdk
NDUxNzEwHhcNMjQwNjI0MDYwMTA5WhcNMjQwNjI1MDYwMTA5WjAzMTEwLwYDVQQD
Eyg0MTMyNDdmYjQwYzVkNWY0ODM2NDEyMjJkMWE2YjQxZjllZmIzMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsX10LuvY/AElEmbPC9LPULCcZ1JD
KrlxlhjJOel5Sv4+4gESVzDungIkx56JLNp/6mzUWqjl/e7SfDARiKidlhylqp4s
bolnNeEF4Y2DQHNDClmELSS8CYYCzxeOhacGo3xTmVno2mEIA3HqgwXqp0tqVSuR
mcbHYaWdY5bHGT6qM6rWm11csgxRfGLwdOLo5ZrTk+j9XITv2/TXQLYvWIDgZj7S
qmTeCgC9DO5AGDDBybnh+vFPJNXJxQ+Qg4dseP8xjmZYr3hn5uvYFIBS6s9a8MJ4
3EKH5C50GBOKsRf3eFq5B248g9WU7dU+n4jDMFHFiLaM15cxy7urlzBThwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEEyR/tAxdX0g2QSItGmtB+e+zJUMB8GA1UdIwQY
MBaAFIuIAVQ4EgQEd9R0QilGbIU31FFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2It
MTNhZTk4YWE3ZDMzLzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2ItMTNhZTk4YWE3ZDMz
LzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoanZ1Zt1
S4iCFUQKjUbWxy3x/+OYQeAVQvKNpX4s2awmfGrN9FXuqlXuEL0moD1yWpIC+rW+
Bn9rt6iA8HdkI6MDx2bdXGx//pxFuaIQJURe4ZauyLh04A0hZs+OxkPurOuS7Php
MjnQ7PxCasrqEfSJ53If5zqxj1Co0zfmNDd2Dz3VN+Ys5urut54uL4SKkIvq/kyF
oXh0SDNrHNUc0KfsjAdZEMhkp0CwpkGRA6A3VAnnnNBugd4gSc1Cu7WGonSJ/lVk
1Pol/F2ZNHDNvvPD6KdNgAOs198YROrqmUNkQYC3hU4gQHM/OLqOoHgWMVl/GWku
QwqcRRFze8Vjjw==
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:26:09 2024 by rpki-client on console-ams.rpki-client.org