Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.mft
File:                     o_GyKyBUUCv9OIkTgpEQPYO2pQ4.mft (raw, json)
Hash identifier:          64W1zTpzzW4j0QoG44xFR3MVP54g40P2wSANfvAYFCs=
Subject key identifier:   DD:99:A9:78:88:60:3A:7B:70:CD:8C:E1:00:17:84:E1:4A:4C:BE:FA
Authority key identifier: A3:F1:B2:2B:20:54:50:2B:FD:38:89:13:82:91:10:3D:83:B6:A5:0E
Certificate issuer:       /CN=a3f1b22b2054502bfd3889138291103d83b6a50e
Certificate serial:       01901EC65F91F82BC8D5DF839650772FF0CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.mft
Manifest number:          0101
Signing time:             Sun 16 Jun 2024 02:00:35 +0000
Manifest this update:     Sun 16 Jun 2024 02:00:35 +0000
Manifest next update:     Mon 17 Jun 2024 02:00:35 +0000
Files and hashes:         1: b_m9zZPukWU3nxRyS1fTJliQhN8.roa (hash: I6eJlnuSLUHMr8STy0Ufi4WiqQwQieCRudOds8B8sdc=)
                          2: o_GyKyBUUCv9OIkTgpEQPYO2pQ4.crl (hash: Ca9HTs2LbaMc1C9fSw5XUlARez7rYugW2ROd35MRVLQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1e:c6:5f:91:f8:2b:c8:d5:df:83:96:50:77:2f:f0:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3f1b22b2054502bfd3889138291103d83b6a50e
        Validity
            Not Before: Jun 16 02:00:35 2024 GMT
            Not After : Jun 17 02:00:35 2024 GMT
        Subject: CN=dd99a97888603a7b70cd8ce1001784e14a4cbefa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:d8:df:af:28:14:38:c9:72:08:2c:a9:2e:dc:
                    7a:85:7e:c7:27:c4:dc:6d:89:29:7d:1b:a6:ff:5c:
                    6b:b5:74:05:f2:2f:82:82:74:c4:2d:f7:c4:e3:44:
                    ee:0f:44:0f:e3:b3:ff:cd:6f:6a:81:ad:15:2f:2b:
                    8e:bf:c4:47:74:55:35:cd:73:27:e1:d6:9b:75:c0:
                    9d:61:18:1f:df:65:0d:da:81:30:20:0c:3a:e3:04:
                    45:c1:b6:b7:f7:48:5f:bb:ab:8a:7e:b0:31:f2:32:
                    40:a5:ab:b6:f7:5a:34:7c:b5:15:b4:e7:45:00:cf:
                    1e:e7:6c:13:c2:46:55:97:8f:f1:a5:df:92:5c:42:
                    53:71:2e:83:ad:5f:7b:57:28:f0:04:f9:2d:96:e7:
                    0b:9f:e5:1e:d7:b6:d8:d4:f4:8c:dc:24:9f:55:3e:
                    0f:2a:7d:9d:9b:e4:55:8f:c1:f3:4c:92:ab:24:d0:
                    22:8e:d8:19:f4:e4:9b:f3:17:70:34:67:5f:20:da:
                    d6:67:48:9e:b2:62:62:f0:07:a5:1d:ce:0e:9e:e8:
                    e5:f6:45:d3:ad:4d:1d:00:73:04:94:b3:91:23:bb:
                    15:e8:16:04:58:af:4b:ab:39:c5:6b:f0:52:97:48:
                    72:46:74:10:ed:60:6b:44:8c:32:80:f5:60:84:f1:
                    00:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:99:A9:78:88:60:3A:7B:70:CD:8C:E1:00:17:84:E1:4A:4C:BE:FA
            X509v3 Authority Key Identifier:
                keyid:A3:F1:B2:2B:20:54:50:2B:FD:38:89:13:82:91:10:3D:83:B6:A5:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:b9:e5:3d:ed:18:e2:8e:d5:15:1e:02:2f:16:68:6b:72:73:
         d1:ba:ed:af:ab:20:37:f2:ca:07:6a:02:4c:df:bb:f6:c8:60:
         4f:97:e0:7f:76:dd:ee:c0:99:7e:88:c8:8b:e3:f5:d0:4f:f2:
         d9:b8:33:0d:f8:64:91:a3:52:3e:9a:f2:f8:da:a2:2e:a6:b2:
         ac:f2:dd:57:81:eb:82:71:f3:29:51:39:be:18:3a:00:cd:6c:
         06:1b:e5:2d:f0:1f:81:ae:63:d4:98:db:58:c1:08:ff:8f:0b:
         ed:e8:ff:2f:f0:0f:5f:99:99:7d:b3:8d:0e:5d:9a:22:dc:2e:
         cb:ae:67:51:31:d3:e3:f9:11:98:05:6f:a3:45:b3:e8:d4:5d:
         84:8a:6d:d3:db:d1:0d:3b:ac:7e:89:bf:8f:8f:18:b2:49:b5:
         95:fb:0f:92:79:cc:6f:90:10:34:92:8f:22:e5:17:c5:03:92:
         5f:17:21:3c:4f:d6:95:8c:8a:b9:5b:a6:09:94:df:f9:8f:90:
         9b:ca:78:0e:d5:46:79:75:96:43:58:58:83:0d:29:15:ce:f2:
         1c:aa:1e:7f:e6:0e:05:09:bd:42:52:41:2b:de:fe:f2:69:46:
         08:45:ab:80:06:e0:e6:86:de:1a:24:3d:43:5d:06:9e:9b:69:
         e1:4c:82:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAexl+R+CvI1d+DllB3L/DMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZjFiMjJiMjA1NDUwMmJmZDM4ODkxMzgyOTExMDNkODNi
NmE1MGUwHhcNMjQwNjE2MDIwMDM1WhcNMjQwNjE3MDIwMDM1WjAzMTEwLwYDVQQD
EyhkZDk5YTk3ODg4NjAzYTdiNzBjZDhjZTEwMDE3ODRlMTRhNGNiZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9jfrygUOMlyCCypLtx6hX7HJ8Tc
bYkpfRum/1xrtXQF8i+CgnTELffE40TuD0QP47P/zW9qga0VLyuOv8RHdFU1zXMn
4dabdcCdYRgf32UN2oEwIAw64wRFwba390hfu6uKfrAx8jJApau291o0fLUVtOdF
AM8e52wTwkZVl4/xpd+SXEJTcS6DrV97VyjwBPktlucLn+Ue17bY1PSM3CSfVT4P
Kn2dm+RVj8HzTJKrJNAijtgZ9OSb8xdwNGdfINrWZ0iesmJi8AelHc4Onujl9kXT
rU0dAHMElLORI7sV6BYEWK9LqznFa/BSl0hyRnQQ7WBrRIwygPVghPEA0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN2ZqXiIYDp7cM2M4QAXhOFKTL76MB8GA1UdIwQY
MBaAFKPxsisgVFAr/TiJE4KRED2DtqUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb19HeUt5QlVVQ3Y5T0lrVGdwRVFQWU8ycFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9hOGFhZmYtMTJhMS00NjQxLThiOWQt
MjRkMjcyY2UxMWUzLzEvb19HeUt5QlVVQ3Y5T0lrVGdwRVFQWU8ycFE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9hOGFhZmYtMTJhMS00NjQxLThiOWQtMjRkMjcyY2UxMWUz
LzEvb19HeUt5QlVVQ3Y5T0lrVGdwRVFQWU8ycFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjbnlPe0Y
4o7VFR4CLxZoa3Jz0brtr6sgN/LKB2oCTN+79shgT5fgf3bd7sCZfojIi+P10E/y
2bgzDfhkkaNSPpry+NqiLqayrPLdV4HrgnHzKVE5vhg6AM1sBhvlLfAfga5j1Jjb
WMEI/48L7ej/L/APX5mZfbONDl2aItwuy65nUTHT4/kRmAVvo0Wz6NRdhIpt09vR
DTusfom/j48Yskm1lfsPknnMb5AQNJKPIuUXxQOSXxchPE/WlYyKuVumCZTf+Y+Q
m8p4DtVGeXWWQ1hYgw0pFc7yHKoef+YOBQm9QlJBK97+8mlGCEWrgAbg5obeGiQ9
Q10Gnptp4UyC6A==
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:10:55 2024 by rpki-client on console-ams.rpki-client.org