Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
File:                     2iTzVyHKMag-L26TfhdAjm57LGE.mft (raw, json)
Hash identifier:          fb8zN8wez6x7vajrrrfZ7cMhay2pxVFlUILUqc3zj8E=
Subject key identifier:   6B:8F:0D:5A:00:96:C1:D7:56:E0:19:B0:AF:38:ED:37:05:F0:0A:6C
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Certificate issuer:       /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial:       01901DEC326C1A014DBBA46E29D9D1219CAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
Manifest number:          11C9
Signing time:             Sat 15 Jun 2024 22:02:16 +0000
Manifest this update:     Sat 15 Jun 2024 22:02:16 +0000
Manifest next update:     Sun 16 Jun 2024 22:02:16 +0000
Files and hashes:         1: 2iTzVyHKMag-L26TfhdAjm57LGE.crl (hash: rY0ovTx+GoJyL4Uq8IjdzM421jwI/ZTc1LIPs+wn/p4=)
                          2: NXAeb9IWUwyD7uJoDFhdlItryvQ.roa (hash: wnXj0dBxbPaa8Mn1Jw3F82zVQWHyblMHNktXthU6r5A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:02:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ec:32:6c:1a:01:4d:bb:a4:6e:29:d9:d1:21:9c:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
        Validity
            Not Before: Jun 15 22:02:16 2024 GMT
            Not After : Jun 16 22:02:16 2024 GMT
        Subject: CN=6b8f0d5a0096c1d756e019b0af38ed3705f00a6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:88:4a:1e:3c:7f:41:c5:05:43:63:0c:fd:5a:
                    6b:3a:d7:ba:86:06:14:29:07:a7:2b:9a:60:b7:79:
                    90:3b:49:72:30:f4:aa:36:59:d7:bb:2b:80:29:30:
                    cf:47:50:0d:ca:f0:fc:c0:d6:d5:84:7d:68:c8:33:
                    94:be:eb:c5:da:9b:d5:54:fa:5b:4d:70:03:e0:d8:
                    b2:f7:f1:4b:9b:9f:65:16:bb:70:42:33:11:74:ce:
                    fd:ab:ea:ba:68:cc:c2:ff:6e:dc:fd:5a:18:cc:7f:
                    22:47:5d:4e:e5:98:9e:2c:f2:7e:4a:5d:5c:e5:0d:
                    4b:0c:2b:60:90:c5:68:b8:7c:29:e1:90:c2:20:f9:
                    4f:be:74:c9:5a:cf:0a:a7:10:fe:c3:1a:28:59:04:
                    56:1b:68:03:93:10:48:04:a9:60:69:25:f8:b6:4e:
                    26:d4:98:6e:01:06:42:af:42:97:29:3e:6a:67:d4:
                    af:3d:29:ed:af:ac:8f:c7:8e:82:13:37:37:cc:a1:
                    03:57:a2:a6:27:7a:f9:8c:99:d7:2b:64:cc:10:e4:
                    7f:4c:b8:9a:d8:39:98:58:2f:bd:63:3f:c5:fb:10:
                    17:3b:89:88:98:bf:c0:fe:cd:93:bc:9b:9c:f4:6b:
                    4e:a2:3d:85:15:2d:ce:b6:1e:39:3b:04:7a:ac:95:
                    e9:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:8F:0D:5A:00:96:C1:D7:56:E0:19:B0:AF:38:ED:37:05:F0:0A:6C
            X509v3 Authority Key Identifier:
                keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:eb:fb:ce:2e:01:fa:65:25:2d:a8:98:79:03:f5:02:4e:cf:
         82:e0:d0:76:68:5b:df:22:5f:bc:bd:8d:61:5b:41:45:50:de:
         72:21:2d:94:b2:fd:55:9e:9f:7a:3f:f0:8c:b7:e7:58:a8:43:
         b2:9d:2c:1e:d5:3a:ba:b1:63:79:81:09:60:48:04:ca:3f:66:
         8d:68:6c:71:01:47:12:85:92:ed:40:e8:99:b2:d8:3e:03:eb:
         70:19:f2:9e:56:cd:33:79:74:39:7f:b6:b8:d2:52:dd:90:ba:
         9b:9e:c1:71:0a:9f:d1:25:78:76:6d:55:6e:49:df:84:b7:08:
         b4:df:d6:b4:02:fa:92:2a:d0:fd:c1:81:f8:06:1a:92:2a:dc:
         16:b6:99:f8:3f:e0:ba:d6:4b:a6:58:c1:d6:45:eb:74:b6:b7:
         38:ff:62:6c:df:30:94:7e:c1:a9:5e:20:6f:1b:77:db:21:e7:
         f2:86:be:c4:e7:eb:fb:74:e3:a5:d0:0c:b3:ac:87:17:dc:86:
         b2:63:3b:4d:46:b3:cf:36:c6:b0:17:11:02:f6:e9:f2:e0:8e:
         13:47:9e:8e:ed:76:0a:c9:91:e2:f1:dd:e3:9c:f8:3a:8a:dc:
         3a:2d:a9:7f:3e:36:a3:ad:aa:4d:98:79:37:c5:3e:a4:d2:b0:
         84:ce:fb:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd7DJsGgFNu6RuKdnRIZyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjQwNjE1MjIwMjE2WhcNMjQwNjE2MjIwMjE2WjAzMTEwLwYDVQQD
Eyg2YjhmMGQ1YTAwOTZjMWQ3NTZlMDE5YjBhZjM4ZWQzNzA1ZjAwYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4hKHjx/QcUFQ2MM/VprOte6hgYU
KQenK5pgt3mQO0lyMPSqNlnXuyuAKTDPR1ANyvD8wNbVhH1oyDOUvuvF2pvVVPpb
TXAD4Niy9/FLm59lFrtwQjMRdM79q+q6aMzC/27c/VoYzH8iR11O5ZieLPJ+Sl1c
5Q1LDCtgkMVouHwp4ZDCIPlPvnTJWs8KpxD+wxooWQRWG2gDkxBIBKlgaSX4tk4m
1JhuAQZCr0KXKT5qZ9SvPSntr6yPx46CEzc3zKEDV6KmJ3r5jJnXK2TMEOR/TLia
2DmYWC+9Yz/F+xAXO4mImL/A/s2TvJuc9GtOoj2FFS3Oth45OwR6rJXpsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGuPDVoAlsHXVuAZsK847TcF8ApsMB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXev7zi4B
+mUlLaiYeQP1Ak7PguDQdmhb3yJfvL2NYVtBRVDeciEtlLL9VZ6fej/wjLfnWKhD
sp0sHtU6urFjeYEJYEgEyj9mjWhscQFHEoWS7UDombLYPgPrcBnynlbNM3l0OX+2
uNJS3ZC6m57BcQqf0SV4dm1VbknfhLcItN/WtAL6kirQ/cGB+AYakircFraZ+D/g
utZLpljB1kXrdLa3OP9ibN8wlH7BqV4gbxt32yHn8oa+xOfr+3TjpdAMs6yHF9yG
smM7TUazzzbGsBcRAvbp8uCOE0eeju12CsmR4vHd45z4OorcOi2pfz42o62qTZh5
N8U+pNKwhM77Xw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:55:26 2024 by rpki-client on console-ams.rpki-client.org