Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ef25e5-fc90-427b-a849-3a158d1722dc/1/Hb2JgdcNHE4cTwU4vQT3AR-tw7k.mft
File:                     Hb2JgdcNHE4cTwU4vQT3AR-tw7k.mft (raw, json)
Hash identifier:          6HAizGns7AOGkmsczIp7SJUvZAKtoU6JJkrC3jYszlg=
Subject key identifier:   C8:38:E1:A9:68:1B:11:B0:35:8B:6A:6A:51:28:EB:4C:28:0B:44:ED
Authority key identifier: 1D:BD:89:81:D7:0D:1C:4E:1C:4F:05:38:BD:04:F7:01:1F:AD:C3:B9
Certificate issuer:       /CN=1dbd8981d70d1c4e1c4f0538bd04f7011fadc3b9
Certificate serial:       01901D464474E818AD1BF5895A9FEA555847
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hb2JgdcNHE4cTwU4vQT3AR-tw7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/ef25e5-fc90-427b-a849-3a158d1722dc/1/Hb2JgdcNHE4cTwU4vQT3AR-tw7k.mft
Manifest number:          0587
Signing time:             Sat 15 Jun 2024 19:01:02 +0000
Manifest this update:     Sat 15 Jun 2024 19:01:02 +0000
Manifest next update:     Sun 16 Jun 2024 19:01:02 +0000
Files and hashes:         1: 2A1M9twGPD1-4PIkttPdprW7aBM.roa (hash: pfzZjAP4oOXZVW16atseLgUkhdLMr4uAWy0Rj7f1Rr0=)
                          2: Hb2JgdcNHE4cTwU4vQT3AR-tw7k.crl (hash: fUgLS2QCcQVJb41A+/KwvG9FKCRbXM5ez/tmnnDTcq0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/ef25e5-fc90-427b-a849-3a158d1722dc/1/Hb2JgdcNHE4cTwU4vQT3AR-tw7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/ef25e5-fc90-427b-a849-3a158d1722dc/1/Hb2JgdcNHE4cTwU4vQT3AR-tw7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hb2JgdcNHE4cTwU4vQT3AR-tw7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:46:44:74:e8:18:ad:1b:f5:89:5a:9f:ea:55:58:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dbd8981d70d1c4e1c4f0538bd04f7011fadc3b9
        Validity
            Not Before: Jun 15 19:01:02 2024 GMT
            Not After : Jun 16 19:01:02 2024 GMT
        Subject: CN=c838e1a9681b11b0358b6a6a5128eb4c280b44ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:be:53:7b:53:cd:9b:cd:0d:79:34:cf:fa:32:
                    95:fc:97:57:56:50:dd:8e:ed:ad:d2:fc:f1:05:fc:
                    8c:ad:f8:c6:0e:79:fe:8b:76:8a:42:62:9d:3b:1d:
                    1d:42:2b:23:a0:1d:d6:e8:ea:99:12:c4:0f:20:97:
                    db:41:ea:e3:92:c7:b3:6a:a8:f8:91:60:e1:9e:ea:
                    a5:68:0b:34:e5:16:d6:1e:0d:eb:6d:8a:cd:4e:d3:
                    97:29:7b:af:b8:30:50:a5:09:d7:04:54:44:77:93:
                    b2:62:e3:f9:1f:0e:9a:fa:ba:d1:d9:27:94:55:f0:
                    ae:07:94:01:f3:15:bf:bd:7f:0f:0f:8d:29:48:e3:
                    65:52:e4:7b:87:eb:f3:19:1e:e0:a0:44:86:4e:a9:
                    f8:99:cd:6d:4d:80:af:f5:de:2e:2a:70:4a:b4:3d:
                    3e:1f:eb:3b:26:18:f8:62:46:17:4c:f6:46:2f:85:
                    04:6e:be:46:e2:cb:0b:7c:bf:4a:71:06:23:b3:69:
                    4f:e0:e5:49:2e:28:90:8c:1e:57:9b:22:d5:82:98:
                    1f:7d:96:1a:8a:84:54:fe:b0:cf:3a:37:ad:78:53:
                    11:6b:bd:7c:4c:5e:23:3d:2e:70:87:40:70:8c:4e:
                    ad:71:0a:60:d0:43:5a:4d:e9:e7:6d:fe:06:42:cf:
                    5c:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:38:E1:A9:68:1B:11:B0:35:8B:6A:6A:51:28:EB:4C:28:0B:44:ED
            X509v3 Authority Key Identifier:
                keyid:1D:BD:89:81:D7:0D:1C:4E:1C:4F:05:38:BD:04:F7:01:1F:AD:C3:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hb2JgdcNHE4cTwU4vQT3AR-tw7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ef25e5-fc90-427b-a849-3a158d1722dc/1/Hb2JgdcNHE4cTwU4vQT3AR-tw7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ef25e5-fc90-427b-a849-3a158d1722dc/1/Hb2JgdcNHE4cTwU4vQT3AR-tw7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:9a:fa:e7:90:cf:ac:e6:cd:9a:3a:47:8d:c7:c7:7b:f0:f9:
         ca:a2:e0:95:d0:ee:20:f7:bd:ca:c3:7b:06:3b:95:90:7e:20:
         81:15:a7:30:3a:52:0b:5c:51:25:2f:b3:1f:10:89:eb:01:09:
         b7:33:b8:ae:80:c6:35:a4:8e:f3:8f:a7:d2:9a:2c:f5:a8:e5:
         07:c3:51:93:c1:92:b4:81:3f:9e:c7:19:0d:32:77:dd:7a:92:
         b1:98:28:64:77:33:d5:29:95:95:69:c1:31:e5:5c:a6:99:6d:
         28:ac:4e:22:08:c4:43:10:d9:1a:ed:5c:1c:5d:48:71:c6:1c:
         28:41:02:9a:02:05:0b:71:89:38:41:94:01:bd:0a:c4:d4:ce:
         3a:f6:6d:f3:44:bd:96:20:ba:50:62:d6:65:5c:76:76:77:7e:
         f5:87:b5:ac:60:4a:21:18:90:7e:ca:d3:eb:13:78:bd:72:bd:
         3f:29:99:5e:34:d2:d8:61:48:88:ba:61:49:10:a9:82:c1:7a:
         74:fe:75:b0:6c:28:e4:4a:a5:9a:6a:13:45:ac:f0:25:e4:de:
         4f:48:ff:14:9e:fb:8b:e8:a4:f8:ed:0b:f0:69:e1:ab:df:8c:
         9f:99:92:4e:02:17:7e:6b:fd:53:49:5b:f7:64:ca:50:68:d6:
         49:ab:af:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAdRkR06BitG/WJWp/qVVhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYmQ4OTgxZDcwZDFjNGUxYzRmMDUzOGJkMDRmNzAxMWZh
ZGMzYjkwHhcNMjQwNjE1MTkwMTAyWhcNMjQwNjE2MTkwMTAyWjAzMTEwLwYDVQQD
EyhjODM4ZTFhOTY4MWIxMWIwMzU4YjZhNmE1MTI4ZWI0YzI4MGI0NGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL5Te1PNm80NeTTP+jKV/JdXVlDd
ju2t0vzxBfyMrfjGDnn+i3aKQmKdOx0dQisjoB3W6OqZEsQPIJfbQerjksezaqj4
kWDhnuqlaAs05RbWHg3rbYrNTtOXKXuvuDBQpQnXBFREd5OyYuP5Hw6a+rrR2SeU
VfCuB5QB8xW/vX8PD40pSONlUuR7h+vzGR7goESGTqn4mc1tTYCv9d4uKnBKtD0+
H+s7Jhj4YkYXTPZGL4UEbr5G4ssLfL9KcQYjs2lP4OVJLiiQjB5XmyLVgpgffZYa
ioRU/rDPOjeteFMRa718TF4jPS5wh0BwjE6tcQpg0ENaTennbf4GQs9c7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMg44aloGxGwNYtqalEo60woC0TtMB8GA1UdIwQY
MBaAFB29iYHXDRxOHE8FOL0E9wEfrcO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGIySmdkY05IRTRjVHdVNHZRVDNBUi10dzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lZjI1ZTUtZmM5MC00MjdiLWE4NDkt
M2ExNThkMTcyMmRjLzEvSGIySmdkY05IRTRjVHdVNHZRVDNBUi10dzdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lZjI1ZTUtZmM5MC00MjdiLWE4NDktM2ExNThkMTcyMmRj
LzEvSGIySmdkY05IRTRjVHdVNHZRVDNBUi10dzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEZr655DP
rObNmjpHjcfHe/D5yqLgldDuIPe9ysN7BjuVkH4ggRWnMDpSC1xRJS+zHxCJ6wEJ
tzO4roDGNaSO84+n0pos9ajlB8NRk8GStIE/nscZDTJ33XqSsZgoZHcz1SmVlWnB
MeVcppltKKxOIgjEQxDZGu1cHF1IccYcKEECmgIFC3GJOEGUAb0KxNTOOvZt80S9
liC6UGLWZVx2dnd+9Ye1rGBKIRiQfsrT6xN4vXK9PymZXjTS2GFIiLphSRCpgsF6
dP51sGwo5EqlmmoTRazwJeTeT0j/FJ77i+ik+O0L8Gnhq9+Mn5mSTgIXfmv9U0lb
92TKUGjWSauvDQ==
-----END CERTIFICATE-----
Generated at Sat Jun 15 20:26:26 2024 by rpki-client on console-fra.rpki-client.org