Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/8cfd73-1257-4dfa-8c59-76ae42356ce5/1/aTHX56mXSaOF6usn-FCridqPLuA.mft
File:                     aTHX56mXSaOF6usn-FCridqPLuA.mft (raw, json)
Hash identifier:          siNMx74b1msgJ6/ZLBTPgvOiPDEUUCNxz/4f081StcQ=
Subject key identifier:   AD:77:2C:70:ED:46:7F:EE:B4:E7:1D:A6:10:92:4F:67:A8:8A:BF:A6
Authority key identifier: 69:31:D7:E7:A9:97:49:A3:85:EA:EB:27:F8:50:AB:89:DA:8F:2E:E0
Certificate issuer:       /CN=6931d7e7a99749a385eaeb27f850ab89da8f2ee0
Certificate serial:       019045D3F9B6664352A38B50BF173F510393
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aTHX56mXSaOF6usn-FCridqPLuA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/8cfd73-1257-4dfa-8c59-76ae42356ce5/1/aTHX56mXSaOF6usn-FCridqPLuA.mft
Manifest number:          0117
Signing time:             Sun 23 Jun 2024 16:00:38 +0000
Manifest this update:     Sun 23 Jun 2024 16:00:38 +0000
Manifest next update:     Mon 24 Jun 2024 16:00:38 +0000
Files and hashes:         1: UiQZW6QcoicQe4BI-Bc5lyGvKiY.roa (hash: o4MgBvKE0yTyfmMDcoN/8/pl35BA2L91fB3GUUyVw5o=)
                          2: aTHX56mXSaOF6usn-FCridqPLuA.crl (hash: WKs8agl1jb/7w9Nr0wb1VU3RY7y1C/R37IR+YNsvizo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/8cfd73-1257-4dfa-8c59-76ae42356ce5/1/aTHX56mXSaOF6usn-FCridqPLuA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/8cfd73-1257-4dfa-8c59-76ae42356ce5/1/aTHX56mXSaOF6usn-FCridqPLuA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aTHX56mXSaOF6usn-FCridqPLuA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 14:49:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:45:d3:f9:b6:66:43:52:a3:8b:50:bf:17:3f:51:03:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6931d7e7a99749a385eaeb27f850ab89da8f2ee0
        Validity
            Not Before: Jun 23 16:00:38 2024 GMT
            Not After : Jun 24 16:00:38 2024 GMT
        Subject: CN=ad772c70ed467feeb4e71da610924f67a88abfa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:89:53:89:a9:7c:fe:1a:53:dc:8a:b6:7e:84:
                    2b:4a:2d:eb:d1:31:00:af:dd:24:55:e0:15:89:25:
                    e3:1b:70:86:fa:d6:29:67:ea:11:e7:8d:1f:6c:ca:
                    a4:c5:43:58:36:e8:de:53:a8:ef:cd:79:5b:46:e4:
                    a4:a5:87:2a:94:a5:88:1a:81:c9:64:71:63:db:4a:
                    be:cf:40:84:7e:c4:a6:da:77:ea:ac:6f:02:03:bd:
                    21:da:5c:76:56:6f:14:d1:8d:2f:17:3c:e7:e2:d1:
                    1e:e4:87:9c:fc:59:32:f1:6f:85:9f:48:3d:ea:63:
                    05:0c:04:e5:da:95:a1:3e:c8:5f:0d:f6:82:85:74:
                    55:d1:5f:cc:72:a1:f4:10:5a:84:09:3e:39:c2:db:
                    30:e4:52:c1:95:59:74:0a:b7:4d:7d:33:e2:92:56:
                    5c:3a:5d:cf:ce:52:ca:29:e2:f0:66:90:fe:b8:1c:
                    23:e7:60:e2:d1:53:92:ca:be:cb:a0:7f:c2:f7:fc:
                    ec:34:9e:2f:80:32:d9:bc:f6:b2:c4:8a:d8:31:dc:
                    12:86:6c:e2:96:a0:40:ea:95:a0:14:72:3d:09:73:
                    d2:a3:af:ec:86:43:c0:33:a5:30:35:96:fb:34:e8:
                    e0:f0:5d:03:72:00:76:16:0e:be:f8:9f:3f:a8:6f:
                    60:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:77:2C:70:ED:46:7F:EE:B4:E7:1D:A6:10:92:4F:67:A8:8A:BF:A6
            X509v3 Authority Key Identifier:
                keyid:69:31:D7:E7:A9:97:49:A3:85:EA:EB:27:F8:50:AB:89:DA:8F:2E:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aTHX56mXSaOF6usn-FCridqPLuA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/8cfd73-1257-4dfa-8c59-76ae42356ce5/1/aTHX56mXSaOF6usn-FCridqPLuA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/8cfd73-1257-4dfa-8c59-76ae42356ce5/1/aTHX56mXSaOF6usn-FCridqPLuA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:2f:23:66:d1:cd:79:62:8b:b1:5c:a1:65:f0:8a:4f:12:fe:
         6e:7e:7b:29:2b:28:26:94:74:06:20:9c:ca:23:9f:73:60:8c:
         89:02:98:1c:47:49:58:32:81:06:f7:1a:a9:2b:6f:51:50:85:
         e2:28:64:9b:95:7d:11:02:85:64:67:41:de:e2:d3:2f:1c:13:
         55:3f:ad:08:64:f5:7d:d8:0b:88:ea:50:87:57:ed:a0:67:d6:
         f3:56:94:64:5f:ff:c7:b4:e0:e2:ec:8e:bf:7b:67:2f:2c:84:
         02:4a:2a:13:44:99:ac:98:8d:4b:be:0a:9c:97:3a:8d:a5:19:
         c8:c9:4d:57:82:cd:a0:b8:6f:f5:f5:4c:bb:ad:9d:9c:0e:2d:
         38:bd:48:09:17:86:5c:99:80:3d:af:16:b6:73:5f:ce:48:e0:
         7a:dc:28:37:74:4a:50:e6:a0:cd:37:34:49:18:7e:85:5f:42:
         5d:b3:64:b4:ba:a1:93:80:c0:16:8e:7e:d9:17:40:4b:8c:e7:
         8e:92:5b:c5:96:34:a1:5b:a0:e6:0c:1c:22:77:a0:68:6f:81:
         55:e3:73:ce:e2:b9:86:be:2e:09:20:a6:dc:b6:f2:2c:46:59:
         1b:1d:92:6d:78:97:4d:47:19:63:56:cf:3f:fe:87:35:b3:6e:
         61:4f:c0:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBF0/m2ZkNSo4tQvxc/UQOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MzFkN2U3YTk5NzQ5YTM4NWVhZWIyN2Y4NTBhYjg5ZGE4
ZjJlZTAwHhcNMjQwNjIzMTYwMDM4WhcNMjQwNjI0MTYwMDM4WjAzMTEwLwYDVQQD
EyhhZDc3MmM3MGVkNDY3ZmVlYjRlNzFkYTYxMDkyNGY2N2E4OGFiZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IlTial8/hpT3Iq2foQrSi3r0TEA
r90kVeAViSXjG3CG+tYpZ+oR540fbMqkxUNYNujeU6jvzXlbRuSkpYcqlKWIGoHJ
ZHFj20q+z0CEfsSm2nfqrG8CA70h2lx2Vm8U0Y0vFzzn4tEe5Iec/Fky8W+Fn0g9
6mMFDATl2pWhPshfDfaChXRV0V/McqH0EFqECT45wtsw5FLBlVl0CrdNfTPiklZc
Ol3PzlLKKeLwZpD+uBwj52Di0VOSyr7LoH/C9/zsNJ4vgDLZvPayxIrYMdwShmzi
lqBA6pWgFHI9CXPSo6/shkPAM6UwNZb7NOjg8F0DcgB2Fg6++J8/qG9gvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK13LHDtRn/utOcdphCST2eoir+mMB8GA1UdIwQY
MBaAFGkx1+epl0mjherrJ/hQq4najy7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVRIWDU2bVhTYU9GNnVzbi1GQ3JpZHFQTHVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC84Y2ZkNzMtMTI1Ny00ZGZhLThjNTkt
NzZhZTQyMzU2Y2U1LzEvYVRIWDU2bVhTYU9GNnVzbi1GQ3JpZHFQTHVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC84Y2ZkNzMtMTI1Ny00ZGZhLThjNTktNzZhZTQyMzU2Y2U1
LzEvYVRIWDU2bVhTYU9GNnVzbi1GQ3JpZHFQTHVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAry8jZtHN
eWKLsVyhZfCKTxL+bn57KSsoJpR0BiCcyiOfc2CMiQKYHEdJWDKBBvcaqStvUVCF
4ihkm5V9EQKFZGdB3uLTLxwTVT+tCGT1fdgLiOpQh1ftoGfW81aUZF//x7Tg4uyO
v3tnLyyEAkoqE0SZrJiNS74KnJc6jaUZyMlNV4LNoLhv9fVMu62dnA4tOL1ICReG
XJmAPa8WtnNfzkjgetwoN3RKUOagzTc0SRh+hV9CXbNktLqhk4DAFo5+2RdAS4zn
jpJbxZY0oVug5gwcInegaG+BVeNzzuK5hr4uCSCm3LbyLEZZGx2SbXiXTUcZY1bP
P/6HNbNuYU/AQQ==
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:56:40 2024 by rpki-client on console-ams.rpki-client.org