Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/393251-b488-40d3-be39-f8f08fe64838/1/s2dOgi84dtJ96u1fZtvpwaQi6xY.mft
File:                     s2dOgi84dtJ96u1fZtvpwaQi6xY.mft (raw, json)
Hash identifier:          IcQRIvppql/Do+9tx/RNv3k/lCX7hICLDbFQk7l3op4=
Subject key identifier:   52:B5:3A:34:20:D1:4B:B3:57:3A:79:52:81:18:E4:E2:36:27:5B:C2
Authority key identifier: B3:67:4E:82:2F:38:76:D2:7D:EA:ED:5F:66:DB:E9:C1:A4:22:EB:16
Certificate issuer:       /CN=b3674e822f3876d27deaed5f66dbe9c1a422eb16
Certificate serial:       0190497A5AE859E5A538B2699171809FB111
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s2dOgi84dtJ96u1fZtvpwaQi6xY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/393251-b488-40d3-be39-f8f08fe64838/1/s2dOgi84dtJ96u1fZtvpwaQi6xY.mft
Manifest number:          01AB
Signing time:             Mon 24 Jun 2024 09:01:13 +0000
Manifest this update:     Mon 24 Jun 2024 09:01:13 +0000
Manifest next update:     Tue 25 Jun 2024 09:01:13 +0000
Files and hashes:         1: DGensIxGf8XhnTgA6Zh5Xccheuo.roa (hash: n4LQZKgjWlJtsj9XBGINrSrdTHtIqF5pfsMkVasokpI=)
                          2: s2dOgi84dtJ96u1fZtvpwaQi6xY.crl (hash: B20z+Fq+gx4ZdMZbCae9WqTrgNcikQvOpArfJ3HNJd4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/393251-b488-40d3-be39-f8f08fe64838/1/s2dOgi84dtJ96u1fZtvpwaQi6xY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/393251-b488-40d3-be39-f8f08fe64838/1/s2dOgi84dtJ96u1fZtvpwaQi6xY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s2dOgi84dtJ96u1fZtvpwaQi6xY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 09:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:49:7a:5a:e8:59:e5:a5:38:b2:69:91:71:80:9f:b1:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3674e822f3876d27deaed5f66dbe9c1a422eb16
        Validity
            Not Before: Jun 24 09:01:13 2024 GMT
            Not After : Jun 25 09:01:13 2024 GMT
        Subject: CN=52b53a3420d14bb3573a79528118e4e236275bc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:fd:71:71:1f:a5:f3:30:11:9b:fa:df:50:61:
                    29:9e:3a:d8:44:58:0d:b8:60:55:a5:80:8f:f5:b5:
                    c5:d5:09:01:24:52:a8:91:d2:2a:06:9b:25:5b:82:
                    52:a4:d7:d4:4b:ad:9b:da:39:76:05:d7:12:79:28:
                    e8:e4:90:e5:f7:29:bb:e6:5e:3a:27:35:9b:c8:8b:
                    f6:06:d6:57:da:d0:04:44:1a:fd:93:8b:88:40:04:
                    d8:d7:b5:35:fa:73:48:0b:29:25:be:64:3a:64:35:
                    2c:12:66:06:3d:13:5b:e8:03:f0:d9:12:29:62:f8:
                    e8:b2:d1:82:7f:e4:84:ba:e1:63:bc:f0:ed:62:1c:
                    cc:5b:21:18:5a:3a:89:1f:44:e3:27:64:6e:70:0f:
                    0a:a5:6b:bf:83:ea:c9:a5:ca:0d:a7:13:1f:96:89:
                    2b:e6:f0:d7:fe:d5:63:87:a2:15:56:0d:19:55:7c:
                    cd:d5:67:d1:45:ab:30:7a:e0:d5:de:f9:5b:5b:af:
                    9b:e8:a4:24:b9:66:9b:be:7c:b6:56:96:94:58:a4:
                    af:ae:07:d2:ee:87:5c:a0:2a:4f:d5:66:06:17:38:
                    56:e9:57:fc:ce:ea:c7:e0:64:05:02:26:6f:9d:4d:
                    76:6f:22:37:b1:72:cc:be:e6:1d:65:bc:fd:4a:4f:
                    80:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:B5:3A:34:20:D1:4B:B3:57:3A:79:52:81:18:E4:E2:36:27:5B:C2
            X509v3 Authority Key Identifier:
                keyid:B3:67:4E:82:2F:38:76:D2:7D:EA:ED:5F:66:DB:E9:C1:A4:22:EB:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s2dOgi84dtJ96u1fZtvpwaQi6xY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/393251-b488-40d3-be39-f8f08fe64838/1/s2dOgi84dtJ96u1fZtvpwaQi6xY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/393251-b488-40d3-be39-f8f08fe64838/1/s2dOgi84dtJ96u1fZtvpwaQi6xY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:8a:9a:69:6a:b1:55:5f:56:10:6c:39:eb:63:84:6d:97:07:
         8b:52:f3:ba:06:20:df:ad:52:a6:50:14:49:62:2a:30:05:64:
         fc:48:aa:06:16:0f:5c:21:66:ea:dc:70:7a:4d:fb:a6:98:7f:
         7a:de:d8:ed:cc:61:98:05:86:cc:6f:2e:92:ca:34:1e:f8:61:
         87:7c:56:fd:b5:d9:35:f7:6c:f7:f6:d1:ed:9f:1f:ba:ec:1e:
         5d:25:95:63:b6:11:a3:02:ad:0d:13:00:d1:d7:70:01:b8:43:
         f3:9e:e2:7b:1f:07:aa:df:38:1b:c7:47:99:5b:53:9b:d3:1b:
         0c:cd:6b:d2:06:09:8f:23:e0:40:57:e8:ba:c7:5e:87:e2:db:
         6e:b5:da:3f:cb:cb:d8:39:96:4f:67:fb:bd:2c:fd:33:7c:40:
         08:ae:e3:25:01:05:a7:96:3f:fd:e6:b2:75:3f:58:13:3c:1b:
         8a:81:09:0a:88:97:96:b6:fc:1e:91:3f:fb:7b:94:da:a8:db:
         a5:f0:59:b0:a5:88:c8:7e:b7:fc:c4:f0:8f:f7:58:c7:e8:cd:
         bf:b1:18:da:3b:ba:44:61:3b:73:be:c4:28:ec:c6:bd:37:ab:
         fc:f3:ff:5d:44:83:77:d9:1d:7e:95:1e:47:06:97:d3:b8:5f:
         0a:8c:5f:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBJelroWeWlOLJpkXGAn7ERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNjc0ZTgyMmYzODc2ZDI3ZGVhZWQ1ZjY2ZGJlOWMxYTQy
MmViMTYwHhcNMjQwNjI0MDkwMTEzWhcNMjQwNjI1MDkwMTEzWjAzMTEwLwYDVQQD
Eyg1MmI1M2EzNDIwZDE0YmIzNTczYTc5NTI4MTE4ZTRlMjM2Mjc1YmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv1xcR+l8zARm/rfUGEpnjrYRFgN
uGBVpYCP9bXF1QkBJFKokdIqBpslW4JSpNfUS62b2jl2BdcSeSjo5JDl9ym75l46
JzWbyIv2BtZX2tAERBr9k4uIQATY17U1+nNICyklvmQ6ZDUsEmYGPRNb6APw2RIp
YvjostGCf+SEuuFjvPDtYhzMWyEYWjqJH0TjJ2RucA8KpWu/g+rJpcoNpxMflokr
5vDX/tVjh6IVVg0ZVXzN1WfRRasweuDV3vlbW6+b6KQkuWabvny2VpaUWKSvrgfS
7odcoCpP1WYGFzhW6Vf8zurH4GQFAiZvnU12byI3sXLMvuYdZbz9Sk+AHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFK1OjQg0UuzVzp5UoEY5OI2J1vCMB8GA1UdIwQY
MBaAFLNnToIvOHbSfertX2bb6cGkIusWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczJkT2dpODRkdEo5NnUxZlp0dnB3YVFpNnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zOTMyNTEtYjQ4OC00MGQzLWJlMzkt
ZjhmMDhmZTY0ODM4LzEvczJkT2dpODRkdEo5NnUxZlp0dnB3YVFpNnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zOTMyNTEtYjQ4OC00MGQzLWJlMzktZjhmMDhmZTY0ODM4
LzEvczJkT2dpODRkdEo5NnUxZlp0dnB3YVFpNnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc4qaaWqx
VV9WEGw562OEbZcHi1LzugYg361SplAUSWIqMAVk/EiqBhYPXCFm6txwek37pph/
et7Y7cxhmAWGzG8ukso0Hvhhh3xW/bXZNfds9/bR7Z8fuuweXSWVY7YRowKtDRMA
0ddwAbhD857iex8Hqt84G8dHmVtTm9MbDM1r0gYJjyPgQFfousdeh+LbbrXaP8vL
2DmWT2f7vSz9M3xACK7jJQEFp5Y//eaydT9YEzwbioEJCoiXlrb8HpE/+3uU2qjb
pfBZsKWIyH63/MTwj/dYx+jNv7EY2ju6RGE7c77EKOzGvTer/PP/XUSDd9kdfpUe
RwaX07hfCoxfLg==
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:34:07 2024 by rpki-client on console-ams.rpki-client.org