Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File:                     oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier:          CtJ1zXSESNkCNrGN8C3zRV0Z/3dIbH9Or1N/8WjsYrU=
Subject key identifier:   4D:6C:51:DF:BE:0C:C9:14:A2:EF:AD:45:05:FA:30:ED:A2:A4:9E:2F
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer:       /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial:       019042653EBC875896C81A77E5C06DE13D76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number:          0A20
Signing time:             Sun 23 Jun 2024 00:00:49 +0000
Manifest this update:     Sun 23 Jun 2024 00:00:49 +0000
Manifest next update:     Mon 24 Jun 2024 00:00:49 +0000
Files and hashes:         1: 7aC58fjbj6yZcLhSe-jBFKi5Ygw.roa (hash: emJeLvCY98pSf6zqYorjPfIBbvArZDorw8+6gc/bxWU=)
                          2: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: C4LJ5EvDbLhyRjGQDEwKT5GDz9cD+AnWbMLxqhAF0ls=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 23 Jun 2024 21:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:42:65:3e:bc:87:58:96:c8:1a:77:e5:c0:6d:e1:3d:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
        Validity
            Not Before: Jun 23 00:00:49 2024 GMT
            Not After : Jun 24 00:00:49 2024 GMT
        Subject: CN=4d6c51dfbe0cc914a2efad4505fa30eda2a49e2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:23:1d:1a:3e:ec:40:50:43:6e:34:30:aa:66:
                    a5:cc:19:6f:f3:d2:ef:fb:6b:be:20:31:c4:22:13:
                    09:88:5b:54:e5:50:35:1f:9b:91:d8:cc:21:67:d0:
                    1b:24:e5:4a:bd:09:ec:3f:52:b2:92:80:0e:6c:ac:
                    27:a7:bf:0b:cf:8f:08:ab:94:af:f5:84:23:c9:ee:
                    5d:f7:c6:bf:4e:2f:e1:2d:ee:d9:60:79:d4:f0:59:
                    c8:6e:09:44:8d:d0:eb:6c:cb:14:3c:46:d5:4b:30:
                    dd:2d:f2:54:55:37:b4:a4:c4:f8:c1:7e:c1:4a:cf:
                    b7:95:d4:6d:f4:58:e5:af:36:9b:d8:ca:3c:61:26:
                    fa:93:05:02:a5:7a:0a:98:52:86:fe:b5:a9:91:95:
                    1e:9d:9f:bd:a2:a9:af:51:da:c6:bb:14:91:20:34:
                    87:5f:92:ad:38:83:7d:41:0c:6f:0f:7a:10:da:35:
                    2e:63:b3:6d:6f:f8:7c:2f:91:b7:6c:62:c9:f1:a4:
                    c8:50:49:f4:51:56:d1:62:27:f0:a8:40:ea:67:84:
                    45:bf:ad:32:8c:8e:33:51:d4:79:73:49:98:f5:25:
                    1b:c3:71:7b:c6:33:92:84:47:b8:1c:44:35:11:fa:
                    97:7a:af:cb:95:a3:33:61:45:6e:69:00:f1:18:99:
                    7c:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:6C:51:DF:BE:0C:C9:14:A2:EF:AD:45:05:FA:30:ED:A2:A4:9E:2F
            X509v3 Authority Key Identifier:
                keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:f7:19:ce:8f:ef:fe:00:bf:3e:b2:ef:78:ff:37:a4:96:16:
         55:5b:bf:62:0a:69:40:4c:7e:f9:be:ab:af:bd:a0:ab:9a:a1:
         4f:e9:12:6a:51:db:12:cc:7d:89:c0:50:10:1f:2c:7d:13:e9:
         d3:ff:16:73:d2:e5:21:de:2b:86:08:4a:81:b5:85:bf:fd:f4:
         7f:47:fa:c6:42:d6:59:a2:9b:9f:2d:90:cd:c4:dd:b4:9e:29:
         5c:e7:a8:6c:4a:a7:cb:6d:3a:c3:83:d7:e2:06:d3:6d:2c:32:
         86:5f:81:b0:32:30:b2:af:31:6d:96:fe:ed:84:f3:c4:55:59:
         c0:21:ab:a4:c6:8c:dd:db:ad:12:a9:b0:7c:59:a3:c1:d9:d4:
         41:6b:d6:4f:15:cf:a0:87:28:e5:fc:52:77:c7:43:90:59:05:
         e5:39:f0:d8:c4:9c:a9:44:0d:36:b8:17:56:8b:94:46:27:a4:
         b3:11:da:1b:ed:11:11:1d:b5:be:66:76:e4:4e:c8:86:53:b1:
         52:e8:f8:8b:e3:31:f4:ab:9e:cf:8e:cf:44:7f:ce:57:44:1c:
         e6:b0:6b:dc:25:17:89:95:4b:b7:d9:3f:f2:d0:41:c7:a5:dc:
         9d:24:be:03:45:a6:03:20:8c:5f:7e:32:c3:de:7e:e7:2d:19:
         7a:95:c8:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBCZT68h1iWyBp35cBt4T12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjQwNjIzMDAwMDQ5WhcNMjQwNjI0MDAwMDQ5WjAzMTEwLwYDVQQD
Eyg0ZDZjNTFkZmJlMGNjOTE0YTJlZmFkNDUwNWZhMzBlZGEyYTQ5ZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiMdGj7sQFBDbjQwqmalzBlv89Lv
+2u+IDHEIhMJiFtU5VA1H5uR2MwhZ9AbJOVKvQnsP1KykoAObKwnp78Lz48Iq5Sv
9YQjye5d98a/Ti/hLe7ZYHnU8FnIbglEjdDrbMsUPEbVSzDdLfJUVTe0pMT4wX7B
Ss+3ldRt9Fjlrzab2Mo8YSb6kwUCpXoKmFKG/rWpkZUenZ+9oqmvUdrGuxSRIDSH
X5KtOIN9QQxvD3oQ2jUuY7Ntb/h8L5G3bGLJ8aTIUEn0UVbRYifwqEDqZ4RFv60y
jI4zUdR5c0mY9SUbw3F7xjOShEe4HEQ1EfqXeq/LlaMzYUVuaQDxGJl8ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1sUd++DMkUou+tRQX6MO2ipJ4vMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcPcZzo/v
/gC/PrLveP83pJYWVVu/YgppQEx++b6rr72gq5qhT+kSalHbEsx9icBQEB8sfRPp
0/8Wc9LlId4rhghKgbWFv/30f0f6xkLWWaKbny2QzcTdtJ4pXOeobEqny206w4PX
4gbTbSwyhl+BsDIwsq8xbZb+7YTzxFVZwCGrpMaM3dutEqmwfFmjwdnUQWvWTxXP
oIco5fxSd8dDkFkF5Tnw2MScqUQNNrgXVouURieksxHaG+0RER21vmZ25E7IhlOx
Uuj4i+Mx9Kuez47PRH/OV0Qc5rBr3CUXiZVLt9k/8tBBx6XcnSS+A0WmAyCMX34y
w95+5y0ZepXITQ==
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:37:45 2024 by rpki-client on console-fra.rpki-client.org