Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.mft
File:                     I3ikqcUjJahZIICboaTYniHALxc.mft (raw, json)
Hash identifier:          UVXmVzzsWqeHBW/iuh6XRzzcfP3Rit8FgbfwCG7xDd4=
Subject key identifier:   D7:96:AF:E0:9D:2B:B8:18:78:1E:6D:04:D5:A1:29:4E:B4:83:65:CF
Authority key identifier: 23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
Certificate issuer:       /CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Certificate serial:       01903B1964B639B91F413D8BE61114C81D84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.mft
Manifest number:          0F23
Signing time:             Fri 21 Jun 2024 14:00:38 +0000
Manifest this update:     Fri 21 Jun 2024 14:00:38 +0000
Manifest next update:     Sat 22 Jun 2024 14:00:38 +0000
Files and hashes:         1: I3ikqcUjJahZIICboaTYniHALxc.crl (hash: wfljznj/jpz30KiFKCFpjRS39rCKC8svcTStNNcpVr4=)
                          2: RXTtArR93Rerlpri9PWjeI-8kis.roa (hash: axDvwSJYg/G/W+09aQOKGsgNkaSO2gx0YVarpLt7F74=)
                          3: TSKXIl3B5M0kt9Mbo14NMbKNVpE.roa (hash: sCpjvm9AdXWMgiVU+ChgT2BrtfrjO9ma14rZIbGSgjM=)
                          4: V9mKfQuesGhFqG9kLm0TlWxMFNs.roa (hash: kCz/MHD5l+BKBNbCZS/7Pmw0Z5mXIFBiTqK65QEdCJg=)
                          5: qLX5pl0nHD9CtP61VlWI8P7V0BA.roa (hash: 8xg5DWHnPxE1h3CxQQRtDmjqiAE+sviUoH0K61D7svs=)
                          6: qpXhWP0ICLdV1tLHc8aqCcOXeVk.roa (hash: clRen8iz5xzf/iGrIAoUFbZTxn/8QK1L7hkXg1OUcVg=)
                          7: xoOavhKvnH_w5Z_4AOJmbnrvWT8.roa (hash: dPftbMUjcbTQaWcCcKFH7ovJ0ljScdiPpSc3WrYbnOA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 22 Jun 2024 09:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:3b:19:64:b6:39:b9:1f:41:3d:8b:e6:11:14:c8:1d:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
        Validity
            Not Before: Jun 21 14:00:38 2024 GMT
            Not After : Jun 22 14:00:38 2024 GMT
        Subject: CN=d796afe09d2bb818781e6d04d5a1294eb48365cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:1f:ad:dc:f2:a2:8d:71:9b:e7:14:88:30:78:
                    53:d8:bc:51:0b:73:ae:20:91:bc:78:b6:3d:74:35:
                    37:f5:cd:3e:24:7d:fc:da:e5:9d:25:39:45:7d:ba:
                    96:82:86:18:0f:59:d5:13:ef:00:08:12:a5:ae:c1:
                    86:05:76:e8:56:3d:f2:b8:e0:f4:fe:51:52:00:77:
                    0e:88:33:7e:d4:70:16:76:75:e2:1b:90:6f:f6:03:
                    fb:bf:19:f3:91:a6:db:91:a1:3b:39:02:e9:0c:70:
                    55:4e:d9:c0:b5:22:02:e1:33:ec:e5:0e:0f:ce:fb:
                    b2:be:3b:2b:9c:97:5b:76:e1:5f:cd:1c:97:6c:e5:
                    f0:e6:36:c3:ac:61:75:a9:08:62:83:4e:a1:5a:4a:
                    69:96:ae:fe:04:a6:c8:ba:ea:6c:5b:48:c0:6e:cd:
                    34:e0:06:3c:be:82:81:fd:e3:b8:72:27:29:c1:36:
                    c9:47:27:48:73:f1:33:f1:86:57:9a:60:d8:0d:b4:
                    b9:17:dd:47:05:b4:f8:15:fc:bb:e7:53:40:e3:dd:
                    a0:26:af:7c:17:a7:90:cc:0a:47:a7:6e:c1:4e:14:
                    08:9b:db:fa:e3:f5:95:1e:2d:d7:43:be:cd:7c:d2:
                    1b:dd:73:4d:08:62:36:da:1e:08:25:af:81:11:e0:
                    9d:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:96:AF:E0:9D:2B:B8:18:78:1E:6D:04:D5:A1:29:4E:B4:83:65:CF
            X509v3 Authority Key Identifier:
                keyid:23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:42:e1:33:d5:f4:50:b4:4a:a2:f5:10:00:7e:05:42:d5:33:
         61:2e:10:1e:c2:84:40:e8:fb:b2:e3:3d:04:55:7b:2d:52:9f:
         57:72:c1:50:72:ac:09:bf:6b:7d:3b:e1:2d:cb:8e:e0:39:60:
         63:19:43:35:9d:f1:e7:09:c3:59:14:3e:8a:ca:69:df:b7:71:
         87:71:b6:40:b6:c8:3a:c9:53:44:47:be:2d:75:87:fb:1e:6a:
         48:05:a3:21:f3:e2:ea:74:dd:91:a8:bb:09:2d:64:a0:2c:26:
         88:7a:0d:2d:c8:ae:b3:82:4f:bc:80:0d:19:17:78:14:d3:12:
         fe:63:c0:5e:f9:0f:71:8d:c9:9f:f0:06:6f:6a:fa:28:95:66:
         a1:1d:d0:c3:a5:a9:32:83:96:8b:79:03:9f:09:e9:76:24:fc:
         ea:5c:d8:77:14:1a:95:aa:56:88:96:21:54:e5:7a:65:31:46:
         76:70:8f:5f:fc:72:a0:e3:4b:e6:51:94:16:53:bd:63:cd:ef:
         3c:d0:09:4a:ad:b8:e0:50:a3:00:eb:89:bc:56:b3:63:92:7f:
         15:2c:8e:71:41:76:f3:d8:08:ef:d4:a3:41:97:f2:0f:f7:02:
         4e:0f:cc:eb:75:a6:f1:87:50:8f:74:1e:de:a5:b2:cf:09:8b:
         e8:a4:d6:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZA7GWS2ObkfQT2L5hEUyB2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzhhNGE5YzUyMzI1YTg1OTIwODA5YmExYTRkODllMjFj
MDJmMTcwHhcNMjQwNjIxMTQwMDM4WhcNMjQwNjIyMTQwMDM4WjAzMTEwLwYDVQQD
EyhkNzk2YWZlMDlkMmJiODE4NzgxZTZkMDRkNWExMjk0ZWI0ODM2NWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3R+t3PKijXGb5xSIMHhT2LxRC3Ou
IJG8eLY9dDU39c0+JH382uWdJTlFfbqWgoYYD1nVE+8ACBKlrsGGBXboVj3yuOD0
/lFSAHcOiDN+1HAWdnXiG5Bv9gP7vxnzkabbkaE7OQLpDHBVTtnAtSIC4TPs5Q4P
zvuyvjsrnJdbduFfzRyXbOXw5jbDrGF1qQhig06hWkpplq7+BKbIuupsW0jAbs00
4AY8voKB/eO4cicpwTbJRydIc/Ez8YZXmmDYDbS5F91HBbT4Ffy751NA492gJq98
F6eQzApHp27BThQIm9v64/WVHi3XQ77NfNIb3XNNCGI22h4IJa+BEeCduQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNeWr+CdK7gYeB5tBNWhKU60g2XPMB8GA1UdIwQY
MBaAFCN4pKnFIyWoWSCAm6Gk2J4hwC8XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmIt
OTM3ZTI3ZWUxYjViLzEvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmItOTM3ZTI3ZWUxYjVi
LzEvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwULhM9X0
ULRKovUQAH4FQtUzYS4QHsKEQOj7suM9BFV7LVKfV3LBUHKsCb9rfTvhLcuO4Dlg
YxlDNZ3x5wnDWRQ+ispp37dxh3G2QLbIOslTREe+LXWH+x5qSAWjIfPi6nTdkai7
CS1koCwmiHoNLcius4JPvIANGRd4FNMS/mPAXvkPcY3Jn/AGb2r6KJVmoR3Qw6Wp
MoOWi3kDnwnpdiT86lzYdxQalapWiJYhVOV6ZTFGdnCPX/xyoONL5lGUFlO9Y83v
PNAJSq244FCjAOuJvFazY5J/FSyOcUF289gI79SjQZfyD/cCTg/M63Wm8YdQj3Qe
3qWyzwmL6KTWHQ==
-----END CERTIFICATE-----
Generated at Fri Jun 21 17:00:28 2024 by rpki-client on console-ams.rpki-client.org