Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e810cd-6497-4d8a-91a5-bf57387662a0/1/S_TZ-mawCKCMO47YLDgmfh0hJVA.mft
File:                     S_TZ-mawCKCMO47YLDgmfh0hJVA.mft (raw, json)
Hash identifier:          h8f8v0WdYLdZS/WRiW3loU7xoTJFOgqszCevau/wdJ0=
Subject key identifier:   58:C2:53:14:8A:F8:24:14:42:83:BB:A2:2F:63:79:49:F5:22:90:B9
Authority key identifier: 4B:F4:D9:FA:66:B0:08:A0:8C:3B:8E:D8:2C:38:26:7E:1D:21:25:50
Certificate issuer:       /CN=4bf4d9fa66b008a08c3b8ed82c38267e1d212550
Certificate serial:       019040ADE6A4853B350340124FEC5BF7B8CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S_TZ-mawCKCMO47YLDgmfh0hJVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/e810cd-6497-4d8a-91a5-bf57387662a0/1/S_TZ-mawCKCMO47YLDgmfh0hJVA.mft
Manifest number:          11D8
Signing time:             Sat 22 Jun 2024 16:00:56 +0000
Manifest this update:     Sat 22 Jun 2024 16:00:56 +0000
Manifest next update:     Sun 23 Jun 2024 16:00:56 +0000
Files and hashes:         1: Qbr2OvrBsGDIgumoilK8ivOYXbs.roa (hash: kB3zf4KNq7i9O/Hyodte5Mu8I1tyksxmYSz244xsDw8=)
                          2: S_TZ-mawCKCMO47YLDgmfh0hJVA.crl (hash: aORAAos1xU8ebtTyzUKNnvkNNDEoKKvkqSh2Whmr8Jc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/e810cd-6497-4d8a-91a5-bf57387662a0/1/S_TZ-mawCKCMO47YLDgmfh0hJVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/e810cd-6497-4d8a-91a5-bf57387662a0/1/S_TZ-mawCKCMO47YLDgmfh0hJVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S_TZ-mawCKCMO47YLDgmfh0hJVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 23 Jun 2024 16:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:40:ad:e6:a4:85:3b:35:03:40:12:4f:ec:5b:f7:b8:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4bf4d9fa66b008a08c3b8ed82c38267e1d212550
        Validity
            Not Before: Jun 22 16:00:56 2024 GMT
            Not After : Jun 23 16:00:56 2024 GMT
        Subject: CN=58c253148af824144283bba22f637949f52290b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:15:c2:50:c6:a0:af:eb:25:28:97:d9:10:05:
                    29:22:b9:b5:60:5c:36:49:25:1f:a4:66:60:d3:a8:
                    b2:ff:94:2c:f3:7a:99:84:27:6a:7a:5a:8f:ed:07:
                    10:03:8a:c4:2e:0d:52:d7:82:73:57:92:7c:79:e6:
                    9d:8e:f4:a3:5e:19:b6:9b:f8:ce:d0:72:c3:8c:bf:
                    22:db:0b:79:9f:bd:76:84:56:f0:69:e9:e8:0f:4d:
                    19:19:9b:d0:84:3b:6f:f7:bb:ae:97:4e:36:d8:4d:
                    ac:01:69:62:b7:d5:3f:b2:cd:47:dc:1a:c8:85:ff:
                    64:5c:d5:1a:86:47:58:0f:93:31:35:c4:50:a3:99:
                    ba:ab:42:9d:e5:f5:48:67:9b:8c:60:2e:56:04:e9:
                    d5:46:7a:2a:50:9e:8f:9d:2d:f7:9b:6c:61:55:f3:
                    6e:d0:32:eb:b8:ee:23:7f:f0:9c:03:12:4c:39:bf:
                    a0:b6:e0:c6:91:33:a2:73:58:6c:3b:4d:58:02:ed:
                    8a:f3:e7:88:26:b3:59:ef:52:9c:a8:dd:e1:88:17:
                    11:92:65:0f:db:c1:a6:8e:cf:06:6e:6d:56:b7:36:
                    96:b8:ef:72:ae:c4:73:76:56:b9:5a:5b:0b:7f:79:
                    10:a4:cd:a2:36:76:4c:2c:c0:8f:d9:f0:85:85:56:
                    8b:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:C2:53:14:8A:F8:24:14:42:83:BB:A2:2F:63:79:49:F5:22:90:B9
            X509v3 Authority Key Identifier:
                keyid:4B:F4:D9:FA:66:B0:08:A0:8C:3B:8E:D8:2C:38:26:7E:1D:21:25:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S_TZ-mawCKCMO47YLDgmfh0hJVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e810cd-6497-4d8a-91a5-bf57387662a0/1/S_TZ-mawCKCMO47YLDgmfh0hJVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e810cd-6497-4d8a-91a5-bf57387662a0/1/S_TZ-mawCKCMO47YLDgmfh0hJVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c9:2e:36:dc:5e:80:e2:f4:a6:da:62:03:13:a3:d7:c7:e2:1e:
         ce:4a:65:b8:85:20:3b:48:b8:20:31:dc:16:0f:79:3c:26:1f:
         bf:c0:31:57:c4:d6:45:3c:f4:4b:0e:87:cb:47:d7:2c:e2:03:
         ad:c4:8d:59:32:7a:df:52:b7:ba:2d:b0:00:52:00:8e:1d:f0:
         48:d9:03:14:73:d0:38:64:15:ec:da:e9:b4:c8:8d:cb:da:6a:
         45:57:fe:16:e4:71:44:7b:82:92:25:63:f9:41:90:9a:8e:7e:
         dd:e7:be:1a:5e:e0:ff:31:d9:c5:b2:ea:cb:d8:cc:6c:d7:96:
         1b:7f:41:a9:b9:83:87:30:ab:05:43:19:e9:ad:9e:b4:b5:c4:
         d0:58:85:f7:dc:13:46:28:85:4b:7c:63:86:8e:ec:b3:e9:22:
         fe:91:88:d5:fd:56:47:24:b4:f2:9a:ac:b2:6e:bd:98:d8:38:
         80:20:05:14:5d:c3:f2:32:ae:29:42:e1:0a:e5:38:59:a9:93:
         7c:18:31:ff:96:c6:fb:87:3b:ac:b4:b5:13:2a:72:3c:1d:6e:
         12:48:ea:7f:a3:eb:90:e2:44:66:d6:20:6a:4b:62:cc:6b:b0:
         dd:1e:e2:9d:2a:e6:e0:7a:1f:91:c4:4f:a5:91:9f:ce:2b:69:
         9e:08:52:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBAreakhTs1A0AST+xb97jKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZjRkOWZhNjZiMDA4YTA4YzNiOGVkODJjMzgyNjdlMWQy
MTI1NTAwHhcNMjQwNjIyMTYwMDU2WhcNMjQwNjIzMTYwMDU2WjAzMTEwLwYDVQQD
Eyg1OGMyNTMxNDhhZjgyNDE0NDI4M2JiYTIyZjYzNzk0OWY1MjI5MGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhXCUMagr+slKJfZEAUpIrm1YFw2
SSUfpGZg06iy/5Qs83qZhCdqelqP7QcQA4rELg1S14JzV5J8eeadjvSjXhm2m/jO
0HLDjL8i2wt5n712hFbwaenoD00ZGZvQhDtv97uul0422E2sAWlit9U/ss1H3BrI
hf9kXNUahkdYD5MxNcRQo5m6q0Kd5fVIZ5uMYC5WBOnVRnoqUJ6PnS33m2xhVfNu
0DLruO4jf/CcAxJMOb+gtuDGkTOic1hsO01YAu2K8+eIJrNZ71KcqN3hiBcRkmUP
28Gmjs8Gbm1WtzaWuO9yrsRzdla5WlsLf3kQpM2iNnZMLMCP2fCFhVaLUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjCUxSK+CQUQoO7oi9jeUn1IpC5MB8GA1UdIwQY
MBaAFEv02fpmsAigjDuO2Cw4Jn4dISVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU19UWi1tYXdDS0NNTzQ3WUxEZ21maDBoSlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lODEwY2QtNjQ5Ny00ZDhhLTkxYTUt
YmY1NzM4NzY2MmEwLzEvU19UWi1tYXdDS0NNTzQ3WUxEZ21maDBoSlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lODEwY2QtNjQ5Ny00ZDhhLTkxYTUtYmY1NzM4NzY2MmEw
LzEvU19UWi1tYXdDS0NNTzQ3WUxEZ21maDBoSlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyS423F6A
4vSm2mIDE6PXx+IezkpluIUgO0i4IDHcFg95PCYfv8AxV8TWRTz0Sw6Hy0fXLOID
rcSNWTJ631K3ui2wAFIAjh3wSNkDFHPQOGQV7NrptMiNy9pqRVf+FuRxRHuCkiVj
+UGQmo5+3ee+Gl7g/zHZxbLqy9jMbNeWG39BqbmDhzCrBUMZ6a2etLXE0FiF99wT
RiiFS3xjho7ss+ki/pGI1f1WRyS08pqssm69mNg4gCAFFF3D8jKuKULhCuU4WamT
fBgx/5bG+4c7rLS1EypyPB1uEkjqf6PrkOJEZtYgaktizGuw3R7inSrm4HofkcRP
pZGfzitpnghS/Q==
-----END CERTIFICATE-----
Generated at Sun Jun 23 02:23:42 2024 by rpki-client on console-ams.rpki-client.org