Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File:                     oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier:          +Ln7IxvMlLJUNW9rxVEibFSSXZsUbSZjdIZk2UgzuDI=
Subject key identifier:   1D:EB:7B:41:59:37:D1:F9:A0:55:00:AB:6C:48:E0:0E:9B:84:A2:2E
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer:       /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial:       01901DB3CD53EC7400F648EA2226EC1CEF9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number:          0A0D
Signing time:             Sat 15 Jun 2024 21:00:40 +0000
Manifest this update:     Sat 15 Jun 2024 21:00:40 +0000
Manifest next update:     Sun 16 Jun 2024 21:00:40 +0000
Files and hashes:         1: 7aC58fjbj6yZcLhSe-jBFKi5Ygw.roa (hash: emJeLvCY98pSf6zqYorjPfIBbvArZDorw8+6gc/bxWU=)
                          2: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: Xmi6IZy9uFLwJwyHseeMfMk3fTHDnIlqvbTjHPE35bQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:b3:cd:53:ec:74:00:f6:48:ea:22:26:ec:1c:ef:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
        Validity
            Not Before: Jun 15 21:00:40 2024 GMT
            Not After : Jun 16 21:00:40 2024 GMT
        Subject: CN=1deb7b415937d1f9a05500ab6c48e00e9b84a22e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f4:41:a5:a9:8e:b2:c9:27:52:51:08:87:21:
                    70:5e:a4:1f:ba:47:eb:da:27:fb:e7:bf:08:db:96:
                    df:98:f3:cd:12:86:a6:c3:d5:b4:0b:a5:63:f6:46:
                    a3:e3:bf:c5:06:6a:cf:f6:c6:77:03:c9:44:45:99:
                    d9:be:52:14:c3:5e:cc:d9:ce:64:55:da:dc:b5:ee:
                    cf:84:ba:98:e4:1a:66:67:f7:c3:ef:2d:69:54:1d:
                    e6:fc:c9:14:57:bf:17:6b:be:c4:46:e2:b1:15:f3:
                    2a:9f:5a:c6:5a:2d:cb:9b:bf:58:b3:f3:68:cc:01:
                    6a:0c:7e:f6:81:de:5d:12:60:eb:36:42:c1:37:c4:
                    e0:b3:a2:5d:60:5c:0e:ce:0d:c1:0d:4d:60:49:e5:
                    ff:1e:9e:16:a2:93:a1:fd:17:54:fd:f7:b3:15:6d:
                    36:3a:28:1d:54:6a:07:67:f0:2f:00:ea:39:56:1b:
                    44:04:ac:b8:e4:24:d0:4c:e0:a1:93:2f:4e:02:4b:
                    56:f0:73:e4:6a:9c:d6:79:fd:8b:48:9b:ce:b5:99:
                    b6:2f:0a:77:25:c7:84:27:16:9f:2b:c5:fc:97:85:
                    37:0e:ad:34:4c:1b:ea:b2:8c:fe:bf:89:29:7f:9d:
                    0e:d1:28:dd:77:94:ad:5f:1e:99:64:14:c9:19:8f:
                    74:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:EB:7B:41:59:37:D1:F9:A0:55:00:AB:6C:48:E0:0E:9B:84:A2:2E
            X509v3 Authority Key Identifier:
                keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:7b:1d:bf:79:58:89:47:f5:4d:80:3d:b2:e8:a6:b9:fb:db:
         1e:5d:d4:c4:83:15:26:8e:bd:2a:e4:99:02:0e:fd:21:1b:d7:
         c0:5a:b6:38:e9:ae:4c:af:f5:81:bf:f6:00:bf:b7:f1:f8:fd:
         e1:a8:7a:3c:01:48:14:65:ae:dd:e7:71:f9:05:b0:0b:71:fb:
         6c:fe:89:b0:a9:9c:71:17:a1:e6:35:dd:be:d2:50:c7:23:a5:
         4a:2e:a1:c2:74:fc:f7:0b:bd:dc:b4:f6:53:19:f3:58:5b:c8:
         f4:de:1d:78:f5:8f:2b:42:96:ec:59:b9:02:b3:b3:62:65:6a:
         0a:e0:87:bc:df:06:d7:57:33:5b:12:6d:52:b4:9b:69:5e:77:
         82:0a:3d:57:d3:e7:96:df:0e:c9:3a:a7:4d:b6:89:2e:ff:49:
         94:c3:08:37:43:9f:4c:61:9e:e4:e3:24:32:2a:54:34:7b:85:
         1a:b9:20:be:71:d7:ff:71:8f:5c:21:0d:9b:1c:4d:df:ee:c8:
         dc:78:c3:f3:ef:b6:b0:99:ca:8d:72:38:ab:aa:c7:0d:98:ef:
         9b:31:08:a8:20:67:55:db:63:6d:1f:55:77:7e:b7:16:32:6c:
         68:d6:52:f4:46:75:fb:fb:fb:7c:fa:a1:a3:77:02:f3:ab:43:
         7d:1f:7a:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAds81T7HQA9kjqIibsHO+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjQwNjE1MjEwMDQwWhcNMjQwNjE2MjEwMDQwWjAzMTEwLwYDVQQD
EygxZGViN2I0MTU5MzdkMWY5YTA1NTAwYWI2YzQ4ZTAwZTliODRhMjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPRBpamOssknUlEIhyFwXqQfukfr
2if7578I25bfmPPNEoamw9W0C6Vj9kaj47/FBmrP9sZ3A8lERZnZvlIUw17M2c5k
Vdrcte7PhLqY5BpmZ/fD7y1pVB3m/MkUV78Xa77ERuKxFfMqn1rGWi3Lm79Ys/No
zAFqDH72gd5dEmDrNkLBN8Tgs6JdYFwOzg3BDU1gSeX/Hp4WopOh/RdU/fezFW02
OigdVGoHZ/AvAOo5VhtEBKy45CTQTOChky9OAktW8HPkapzWef2LSJvOtZm2Lwp3
JceEJxafK8X8l4U3Dq00TBvqsoz+v4kpf50O0Sjdd5StXx6ZZBTJGY902wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3re0FZN9H5oFUAq2xI4A6bhKIuMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApXsdv3lY
iUf1TYA9suimufvbHl3UxIMVJo69KuSZAg79IRvXwFq2OOmuTK/1gb/2AL+38fj9
4ah6PAFIFGWu3edx+QWwC3H7bP6JsKmccReh5jXdvtJQxyOlSi6hwnT89wu93LT2
UxnzWFvI9N4dePWPK0KW7Fm5ArOzYmVqCuCHvN8G11czWxJtUrSbaV53ggo9V9Pn
lt8OyTqnTbaJLv9JlMMIN0OfTGGe5OMkMipUNHuFGrkgvnHX/3GPXCENmxxN3+7I
3HjD8++2sJnKjXI4q6rHDZjvmzEIqCBnVdtjbR9Vd363FjJsaNZS9EZ1+/v7fPqh
o3cC86tDfR96sA==
-----END CERTIFICATE-----
Generated at Sat Jun 15 23:46:17 2024 by rpki-client on console-ams.rpki-client.org