Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
File:                     kdfs8XFCs7CTX443uPfZwlPw7hk.mft (raw, json)
Hash identifier:          2TEK6o67/8dsjwOzAhfk1YsHOzt2J9K/9k3vicDDhdA=
Subject key identifier:   EE:3D:49:AA:D2:07:16:B5:11:B0:7E:18:57:10:9E:BC:6B:96:4A:E6
Authority key identifier: 91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
Certificate issuer:       /CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Certificate serial:       019041527F40CB7C414B25694C246783CF52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
Manifest number:          11DC
Signing time:             Sat 22 Jun 2024 19:00:43 +0000
Manifest this update:     Sat 22 Jun 2024 19:00:43 +0000
Manifest next update:     Sun 23 Jun 2024 19:00:43 +0000
Files and hashes:         1: EQpHEcQ0XQTOnGfqpjy43ROg81M.roa (hash: v99H4FfAlEXZ4dtZ2Bm6EyptcevGo81bKd8YuzGeZRk=)
                          2: kdfs8XFCs7CTX443uPfZwlPw7hk.crl (hash: X0bvjEP+JwUVQR+oku4X1mu/xsYO9vR4NSXJVGysc/M=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 23 Jun 2024 19:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:41:52:7f:40:cb:7c:41:4b:25:69:4c:24:67:83:cf:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
        Validity
            Not Before: Jun 22 19:00:43 2024 GMT
            Not After : Jun 23 19:00:43 2024 GMT
        Subject: CN=ee3d49aad20716b511b07e1857109ebc6b964ae6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:a2:8a:90:96:4e:22:42:0a:91:b5:84:e6:d2:
                    fe:28:eb:21:f8:11:99:f1:be:1f:1f:72:24:79:bd:
                    28:26:da:65:55:74:d0:3d:d8:bb:18:46:0a:5c:64:
                    fa:cd:9c:08:2c:0e:36:e7:cb:84:82:97:10:b0:da:
                    d2:7d:9e:ae:b9:0f:51:e0:53:03:c4:b6:2c:93:0f:
                    14:36:89:f7:20:f2:f9:db:9b:5e:6b:39:6a:f4:96:
                    c3:8e:a4:35:74:63:2c:8c:c3:e9:42:a1:b9:99:b5:
                    f4:94:a1:3b:95:b8:e9:89:ab:a0:f5:94:e9:32:cc:
                    d5:c3:4e:f0:d2:2a:4b:2d:cb:24:df:05:d2:aa:53:
                    3a:18:1b:50:6d:cf:7b:df:a5:9c:db:d6:7e:99:a2:
                    af:cf:17:ee:35:de:43:ca:f5:b2:56:ad:6e:1c:a2:
                    d5:4a:bb:a5:c2:56:16:4e:93:43:42:58:93:13:b0:
                    c1:90:4d:3e:f6:65:df:ee:36:78:67:c5:c3:55:fd:
                    5c:ec:0e:ea:84:a6:c5:25:a4:a3:4c:ce:2c:d1:93:
                    2f:61:50:07:b0:be:07:8e:c5:e0:31:b8:b1:59:6d:
                    7c:20:07:64:e9:4b:67:ec:96:e8:cc:6b:0d:6c:4e:
                    8a:76:30:c8:4a:d6:a6:e7:2c:98:0b:24:cd:09:48:
                    3a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:3D:49:AA:D2:07:16:B5:11:B0:7E:18:57:10:9E:BC:6B:96:4A:E6
            X509v3 Authority Key Identifier:
                keyid:91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:c6:e9:c1:92:04:2f:05:67:b9:64:18:fb:ef:e5:43:7f:44:
         3c:19:02:a7:f7:73:7f:2a:95:ec:ea:db:91:14:23:c2:dc:b3:
         c4:ef:e3:10:35:4d:8a:4a:bb:bf:b8:5f:59:e9:e0:d2:1e:4b:
         19:98:48:1a:8a:dc:67:55:63:76:d7:7d:de:13:ee:1d:99:e8:
         d4:78:95:e7:78:a6:50:58:14:2b:61:44:58:9e:be:94:dc:35:
         89:09:30:b7:9b:90:c8:cb:b4:7a:6f:62:dd:88:50:3d:42:c1:
         26:00:25:95:35:22:05:8f:9a:8b:ab:73:98:85:e8:95:6f:75:
         30:78:45:30:ce:58:1f:78:71:69:96:02:5b:ad:0b:3f:39:ec:
         93:8b:3b:0b:b5:b2:40:92:3e:38:b9:3c:25:c0:25:69:c9:96:
         29:d8:41:62:19:cc:b5:12:de:32:3e:dd:af:7f:25:ec:5d:58:
         de:ed:e3:c6:20:aa:cb:58:24:60:d6:92:b1:2f:74:00:b8:3d:
         28:ce:33:ca:0f:51:b4:93:87:90:89:6d:51:a2:2a:02:54:f6:
         c7:11:f6:ca:96:fb:1b:ca:fb:f3:66:35:dc:ed:15:d6:48:47:
         8d:12:65:9b:33:4e:88:ab:16:ea:75:e6:32:56:80:cc:47:b3:
         45:fe:36:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBBUn9Ay3xBSyVpTCRng89SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDdlY2YxNzE0MmIzYjA5MzVmOGUzN2I4ZjdkOWMyNTNm
MGVlMTkwHhcNMjQwNjIyMTkwMDQzWhcNMjQwNjIzMTkwMDQzWjAzMTEwLwYDVQQD
EyhlZTNkNDlhYWQyMDcxNmI1MTFiMDdlMTg1NzEwOWViYzZiOTY0YWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qKKkJZOIkIKkbWE5tL+KOsh+BGZ
8b4fH3Ikeb0oJtplVXTQPdi7GEYKXGT6zZwILA4258uEgpcQsNrSfZ6uuQ9R4FMD
xLYskw8UNon3IPL525teazlq9JbDjqQ1dGMsjMPpQqG5mbX0lKE7lbjpiaug9ZTp
MszVw07w0ipLLcsk3wXSqlM6GBtQbc9736Wc29Z+maKvzxfuNd5DyvWyVq1uHKLV
SrulwlYWTpNDQliTE7DBkE0+9mXf7jZ4Z8XDVf1c7A7qhKbFJaSjTM4s0ZMvYVAH
sL4HjsXgMbixWW18IAdk6Utn7JbozGsNbE6KdjDIStam5yyYCyTNCUg6owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO49SarSBxa1EbB+GFcQnrxrlkrmMB8GA1UdIwQY
MBaAFJHX7PFxQrOwk1+ON7j32cJT8O4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGIt
YTZiMWFkMzRlMDhjLzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGItYTZiMWFkMzRlMDhj
LzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdcbpwZIE
LwVnuWQY++/lQ39EPBkCp/dzfyqV7OrbkRQjwtyzxO/jEDVNikq7v7hfWeng0h5L
GZhIGorcZ1Vjdtd93hPuHZno1HiV53imUFgUK2FEWJ6+lNw1iQkwt5uQyMu0em9i
3YhQPULBJgAllTUiBY+ai6tzmIXolW91MHhFMM5YH3hxaZYCW60LPznsk4s7C7Wy
QJI+OLk8JcAlacmWKdhBYhnMtRLeMj7dr38l7F1Y3u3jxiCqy1gkYNaSsS90ALg9
KM4zyg9RtJOHkIltUaIqAlT2xxH2ypb7G8r782Y13O0V1khHjRJlmzNOiKsW6nXm
MlaAzEezRf42XQ==
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:38:05 2024 by rpki-client on console-fra.rpki-client.org