Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d1791d-1c94-42e6-9e3c-67acd2c88051/1/NhfAZZZmmF4YXYQSHowgo2ROqY0.mft
File:                     NhfAZZZmmF4YXYQSHowgo2ROqY0.mft (raw, json)
Hash identifier:          Y8rBoRbrPdZ2e8EK3C9RhLqUU4be9s/MAj9i4Yra4JQ=
Subject key identifier:   CE:C2:2A:A2:CE:CE:DD:11:9F:AF:61:34:AD:CB:95:A6:25:3B:31:EC
Authority key identifier: 36:17:C0:65:96:66:98:5E:18:5D:84:12:1E:8C:20:A3:64:4E:A9:8D
Certificate issuer:       /CN=3617c0659666985e185d84121e8c20a3644ea98d
Certificate serial:       01904868034043B9D081D149F525463EC328
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NhfAZZZmmF4YXYQSHowgo2ROqY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/d1791d-1c94-42e6-9e3c-67acd2c88051/1/NhfAZZZmmF4YXYQSHowgo2ROqY0.mft
Manifest number:          0A60
Signing time:             Mon 24 Jun 2024 04:01:34 +0000
Manifest this update:     Mon 24 Jun 2024 04:01:34 +0000
Manifest next update:     Tue 25 Jun 2024 04:01:34 +0000
Files and hashes:         1: NhfAZZZmmF4YXYQSHowgo2ROqY0.crl (hash: Q8CikIrvTVpHb9dDxxoBDU8RwmlCNoqc+nV0AWU5C0Y=)
                          2: mSexcdv3THphjss5gs2IMjhKK7Q.roa (hash: YntZtWxXwZ22DeBEbrX9imY10T1i8wOzOIBLiJPftZ8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/d1791d-1c94-42e6-9e3c-67acd2c88051/1/NhfAZZZmmF4YXYQSHowgo2ROqY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/d1791d-1c94-42e6-9e3c-67acd2c88051/1/NhfAZZZmmF4YXYQSHowgo2ROqY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NhfAZZZmmF4YXYQSHowgo2ROqY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 04:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:48:68:03:40:43:b9:d0:81:d1:49:f5:25:46:3e:c3:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3617c0659666985e185d84121e8c20a3644ea98d
        Validity
            Not Before: Jun 24 04:01:34 2024 GMT
            Not After : Jun 25 04:01:34 2024 GMT
        Subject: CN=cec22aa2cecedd119faf6134adcb95a6253b31ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:58:d1:f8:2d:10:b0:4c:93:98:50:f7:64:18:
                    5f:fa:67:e4:4e:78:b9:5f:87:d7:c4:b8:04:c0:0b:
                    e0:0a:7f:80:0f:63:33:19:ca:e5:66:71:b3:f0:6b:
                    59:f6:f9:89:59:90:b7:46:9f:b7:d7:c9:ea:6e:46:
                    26:37:76:45:a0:0d:29:f9:ce:ec:59:2a:fd:bc:a4:
                    91:53:aa:35:68:bd:30:fc:da:99:8c:8e:9d:9e:e0:
                    68:a2:30:72:19:0f:a1:c7:20:69:ec:66:7d:c0:e1:
                    f1:81:d2:e3:32:70:c4:39:b3:e8:f8:b9:79:8d:2c:
                    9b:f9:41:3f:a9:39:ec:a6:39:0d:4c:40:7f:6a:37:
                    e7:12:24:7e:de:f2:94:e7:1f:3d:28:4e:40:99:d1:
                    e4:c1:89:1b:ba:0a:4c:e7:e3:a2:6c:f4:6d:c2:98:
                    ea:cd:08:0e:29:54:af:13:ac:58:a0:ac:01:a8:06:
                    61:ab:27:ff:30:fa:28:6a:38:dd:e7:e9:fe:ee:2e:
                    df:c2:98:3b:6e:18:2c:15:50:bb:8e:b2:0e:99:f9:
                    9b:40:54:22:5d:80:59:0f:56:3b:96:99:17:13:50:
                    a9:95:f1:8c:6f:fd:1f:f0:0a:e1:14:f3:bb:96:f3:
                    b1:1d:35:5c:22:84:8f:25:0e:ea:46:82:1b:95:0c:
                    32:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:C2:2A:A2:CE:CE:DD:11:9F:AF:61:34:AD:CB:95:A6:25:3B:31:EC
            X509v3 Authority Key Identifier:
                keyid:36:17:C0:65:96:66:98:5E:18:5D:84:12:1E:8C:20:A3:64:4E:A9:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NhfAZZZmmF4YXYQSHowgo2ROqY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d1791d-1c94-42e6-9e3c-67acd2c88051/1/NhfAZZZmmF4YXYQSHowgo2ROqY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d1791d-1c94-42e6-9e3c-67acd2c88051/1/NhfAZZZmmF4YXYQSHowgo2ROqY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:45:df:88:59:bc:1b:79:45:5b:33:e3:97:fe:12:e2:b3:5a:
         89:76:e8:1d:99:74:30:b6:f9:32:9b:a5:81:47:bb:9a:28:b6:
         dc:aa:88:50:df:06:dc:72:bf:09:56:9e:17:f3:f7:fc:c9:cb:
         87:24:04:7f:df:8c:ba:46:93:c5:2d:36:71:2a:d7:36:8e:63:
         51:0c:10:f9:a3:f6:36:4e:f6:cf:2a:a6:fb:6e:3c:d9:2c:bf:
         43:1b:f3:87:7a:c0:e0:87:64:42:4b:4a:82:f3:fe:f9:cf:59:
         2e:96:ce:7b:60:2c:8a:2c:56:85:1b:c5:7a:97:4c:dd:95:73:
         b9:b6:24:45:4b:5d:b6:f4:5d:22:26:d2:4c:25:1d:60:82:4f:
         2c:ef:c1:aa:12:4c:a0:55:5f:b5:1b:e0:4f:5d:49:73:a5:58:
         81:95:f8:7c:2c:6d:dd:dc:96:61:9b:53:55:c1:a0:f2:51:d4:
         9d:ef:e9:70:d7:58:94:f4:73:a7:6f:27:31:bd:ca:b4:4e:16:
         b0:48:04:9e:6b:58:85:64:e6:d1:af:c0:07:e9:5f:f2:20:26:
         cb:35:b2:7e:ad:7c:d3:e7:a9:78:ca:f2:bc:d5:c6:13:4d:29:
         7f:b1:f5:21:35:76:e1:2b:fb:76:e1:b2:09:2e:1a:82:66:7e:
         09:60:f5:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBIaANAQ7nQgdFJ9SVGPsMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MTdjMDY1OTY2Njk4NWUxODVkODQxMjFlOGMyMGEzNjQ0
ZWE5OGQwHhcNMjQwNjI0MDQwMTM0WhcNMjQwNjI1MDQwMTM0WjAzMTEwLwYDVQQD
EyhjZWMyMmFhMmNlY2VkZDExOWZhZjYxMzRhZGNiOTVhNjI1M2IzMWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFjR+C0QsEyTmFD3ZBhf+mfkTni5
X4fXxLgEwAvgCn+AD2MzGcrlZnGz8GtZ9vmJWZC3Rp+318nqbkYmN3ZFoA0p+c7s
WSr9vKSRU6o1aL0w/NqZjI6dnuBoojByGQ+hxyBp7GZ9wOHxgdLjMnDEObPo+Ll5
jSyb+UE/qTnspjkNTEB/ajfnEiR+3vKU5x89KE5AmdHkwYkbugpM5+OibPRtwpjq
zQgOKVSvE6xYoKwBqAZhqyf/MPooajjd5+n+7i7fwpg7bhgsFVC7jrIOmfmbQFQi
XYBZD1Y7lpkXE1CplfGMb/0f8ArhFPO7lvOxHTVcIoSPJQ7qRoIblQwy3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM7CKqLOzt0Rn69hNK3LlaYlOzHsMB8GA1UdIwQY
MBaAFDYXwGWWZpheGF2EEh6MIKNkTqmNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmhmQVpaWm1tRjRZWFlRU0hvd2dvMlJPcVkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kMTc5MWQtMWM5NC00MmU2LTllM2Mt
NjdhY2QyYzg4MDUxLzEvTmhmQVpaWm1tRjRZWFlRU0hvd2dvMlJPcVkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kMTc5MWQtMWM5NC00MmU2LTllM2MtNjdhY2QyYzg4MDUx
LzEvTmhmQVpaWm1tRjRZWFlRU0hvd2dvMlJPcVkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiEXfiFm8
G3lFWzPjl/4S4rNaiXboHZl0MLb5MpulgUe7mii23KqIUN8G3HK/CVaeF/P3/MnL
hyQEf9+MukaTxS02cSrXNo5jUQwQ+aP2Nk72zyqm+2482Sy/Qxvzh3rA4IdkQktK
gvP++c9ZLpbOe2AsiixWhRvFepdM3ZVzubYkRUtdtvRdIibSTCUdYIJPLO/BqhJM
oFVftRvgT11Jc6VYgZX4fCxt3dyWYZtTVcGg8lHUne/pcNdYlPRzp28nMb3KtE4W
sEgEnmtYhWTm0a/AB+lf8iAmyzWyfq180+epeMryvNXGE00pf7H1ITV24Sv7duGy
CS4agmZ+CWD1tA==
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:37:04 2024 by rpki-client on console-ams.rpki-client.org