Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/8e44e3-1b54-479e-a54c-47ead5372bfb/1/68jEoGbiwVAxPuHAh0cfPIsN4FQ.mft
File:                     68jEoGbiwVAxPuHAh0cfPIsN4FQ.mft (raw, json)
Hash identifier:          TyVFBJKUQaj1wFrT6mWQpO9IyS4Ul8s1o7b89mzbyk8=
Subject key identifier:   CA:20:71:0B:2C:76:8A:81:A6:F6:9F:D8:F6:A0:11:55:A2:81:39:3D
Authority key identifier: EB:C8:C4:A0:66:E2:C1:50:31:3E:E1:C0:87:47:1F:3C:8B:0D:E0:54
Certificate issuer:       /CN=ebc8c4a066e2c150313ee1c087471f3c8b0de054
Certificate serial:       01901DEACAFBCF5434E88712C50D82D39EBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/68jEoGbiwVAxPuHAh0cfPIsN4FQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/8e44e3-1b54-479e-a54c-47ead5372bfb/1/68jEoGbiwVAxPuHAh0cfPIsN4FQ.mft
Manifest number:          0AD2
Signing time:             Sat 15 Jun 2024 22:00:44 +0000
Manifest this update:     Sat 15 Jun 2024 22:00:44 +0000
Manifest next update:     Sun 16 Jun 2024 22:00:44 +0000
Files and hashes:         1: 68jEoGbiwVAxPuHAh0cfPIsN4FQ.crl (hash: R7WZZyk0Qf2EGOHqftFL3E+qOtBJxoVD7x59S8cMiSw=)
                          2: rXYAsgpop4FJnePlGJv5Vaz1SR8.roa (hash: /+MrVQeGg9NyhozDwBDr6CNIwsovR2RGxqLjplAyURo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/8e44e3-1b54-479e-a54c-47ead5372bfb/1/68jEoGbiwVAxPuHAh0cfPIsN4FQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/8e44e3-1b54-479e-a54c-47ead5372bfb/1/68jEoGbiwVAxPuHAh0cfPIsN4FQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/68jEoGbiwVAxPuHAh0cfPIsN4FQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ea:ca:fb:cf:54:34:e8:87:12:c5:0d:82:d3:9e:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebc8c4a066e2c150313ee1c087471f3c8b0de054
        Validity
            Not Before: Jun 15 22:00:44 2024 GMT
            Not After : Jun 16 22:00:44 2024 GMT
        Subject: CN=ca20710b2c768a81a6f69fd8f6a01155a281393d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:ac:5b:5c:e6:b2:01:df:69:68:a1:d8:8c:6f:
                    9b:7c:f2:db:b1:37:c1:04:5e:52:24:e5:e3:70:d5:
                    f8:8c:a4:e9:1a:7d:5c:32:87:49:7e:f9:85:fb:b6:
                    6d:55:31:fa:17:e8:f8:0e:82:a8:6d:0a:2e:e7:41:
                    1e:1d:2f:fc:35:46:70:15:59:65:2e:5f:5a:22:27:
                    76:59:ee:6d:70:90:5d:cd:ef:74:23:da:70:85:e7:
                    e9:8f:dd:18:a1:01:11:ce:88:cc:13:3f:9a:2a:2e:
                    b3:20:f2:cd:ee:2e:68:ca:2a:9c:9c:f4:17:f1:a1:
                    04:cb:9d:ee:75:2c:4c:cc:05:43:7c:92:99:03:00:
                    6d:6b:da:fb:30:b1:b4:33:8b:9e:7d:81:e7:55:fc:
                    b7:fd:47:2b:94:59:61:c9:5e:b1:73:85:73:0d:37:
                    d6:b5:aa:67:70:ee:fa:86:3a:b9:7c:f0:94:12:24:
                    c3:9a:d2:53:b6:b5:24:09:8b:d6:d9:05:a0:11:54:
                    48:e6:94:06:c4:fc:ad:72:06:40:5d:6e:fd:fe:84:
                    48:78:5d:17:bb:8e:23:88:1d:0f:be:ee:11:e6:d3:
                    cd:d3:dd:a6:f9:2d:83:8c:24:f6:ec:7e:d1:ef:76:
                    e1:0b:7b:69:12:64:de:2a:3b:e3:9d:64:ab:88:5b:
                    f3:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:20:71:0B:2C:76:8A:81:A6:F6:9F:D8:F6:A0:11:55:A2:81:39:3D
            X509v3 Authority Key Identifier:
                keyid:EB:C8:C4:A0:66:E2:C1:50:31:3E:E1:C0:87:47:1F:3C:8B:0D:E0:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/68jEoGbiwVAxPuHAh0cfPIsN4FQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8e44e3-1b54-479e-a54c-47ead5372bfb/1/68jEoGbiwVAxPuHAh0cfPIsN4FQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8e44e3-1b54-479e-a54c-47ead5372bfb/1/68jEoGbiwVAxPuHAh0cfPIsN4FQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:0c:77:f3:fe:6b:f5:1a:34:45:fc:c4:5a:00:70:3b:75:9e:
         69:40:d8:75:35:b1:14:36:8f:d1:07:26:12:2f:59:ca:72:67:
         b2:e9:dc:19:2f:2a:61:56:8b:84:e3:a3:c2:77:35:f7:59:b6:
         5e:3a:db:be:c9:14:96:b1:53:7d:77:8b:61:23:38:a9:73:3a:
         cb:33:3b:56:e1:b4:dd:26:0f:4e:e3:52:0d:c2:75:be:a0:17:
         05:da:6e:cb:26:87:e8:68:fb:2b:e7:22:0b:82:75:0c:ce:40:
         1e:b3:8c:47:fc:0a:92:b2:ae:8c:e1:10:8b:e7:34:ef:9d:17:
         db:da:a1:8a:bf:36:50:3a:b2:7c:9e:98:46:4b:2e:59:72:47:
         fa:4a:c1:60:43:dc:b3:5c:0f:6b:d4:28:a1:28:e2:42:cd:cc:
         ab:d3:f2:d2:9d:41:1d:3f:10:1e:38:20:80:9a:87:f3:ec:d6:
         af:12:21:69:1f:63:3a:cf:e9:03:86:4d:99:c4:5d:ce:f4:1f:
         95:86:6b:ab:0f:69:fe:e3:cb:3c:38:2e:15:cf:da:c7:19:61:
         54:01:3a:39:c9:63:d2:5e:6b:76:15:a8:d8:0f:31:f2:0e:27:
         69:17:5d:a4:ba:55:e4:85:2f:b7:73:51:27:9f:74:9d:03:d1:
         79:54:75:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd6sr7z1Q06IcSxQ2C0569MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYzhjNGEwNjZlMmMxNTAzMTNlZTFjMDg3NDcxZjNjOGIw
ZGUwNTQwHhcNMjQwNjE1MjIwMDQ0WhcNMjQwNjE2MjIwMDQ0WjAzMTEwLwYDVQQD
EyhjYTIwNzEwYjJjNzY4YTgxYTZmNjlmZDhmNmEwMTE1NWEyODEzOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqxbXOayAd9paKHYjG+bfPLbsTfB
BF5SJOXjcNX4jKTpGn1cModJfvmF+7ZtVTH6F+j4DoKobQou50EeHS/8NUZwFVll
Ll9aIid2We5tcJBdze90I9pwhefpj90YoQERzojMEz+aKi6zIPLN7i5oyiqcnPQX
8aEEy53udSxMzAVDfJKZAwBta9r7MLG0M4uefYHnVfy3/UcrlFlhyV6xc4VzDTfW
tapncO76hjq5fPCUEiTDmtJTtrUkCYvW2QWgEVRI5pQGxPytcgZAXW79/oRIeF0X
u44jiB0Pvu4R5tPN092m+S2DjCT27H7R73bhC3tpEmTeKjvjnWSriFvzCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMogcQssdoqBpvaf2PagEVWigTk9MB8GA1UdIwQY
MBaAFOvIxKBm4sFQMT7hwIdHHzyLDeBUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjhqRW9HYml3VkF4UHVIQWgwY2ZQSXNONEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84ZTQ0ZTMtMWI1NC00NzllLWE1NGMt
NDdlYWQ1MzcyYmZiLzEvNjhqRW9HYml3VkF4UHVIQWgwY2ZQSXNONEZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84ZTQ0ZTMtMWI1NC00NzllLWE1NGMtNDdlYWQ1MzcyYmZi
LzEvNjhqRW9HYml3VkF4UHVIQWgwY2ZQSXNONEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjwx38/5r
9Ro0RfzEWgBwO3WeaUDYdTWxFDaP0QcmEi9ZynJnsuncGS8qYVaLhOOjwnc191m2
XjrbvskUlrFTfXeLYSM4qXM6yzM7VuG03SYPTuNSDcJ1vqAXBdpuyyaH6Gj7K+ci
C4J1DM5AHrOMR/wKkrKujOEQi+c0750X29qhir82UDqyfJ6YRksuWXJH+krBYEPc
s1wPa9QooSjiQs3Mq9Py0p1BHT8QHjgggJqH8+zWrxIhaR9jOs/pA4ZNmcRdzvQf
lYZrqw9p/uPLPDguFc/axxlhVAE6Oclj0l5rdhWo2A8x8g4naRddpLpV5IUvt3NR
J590nQPReVR1PQ==
-----END CERTIFICATE-----
Generated at Sat Jun 15 23:48:47 2024 by rpki-client on console-ams.rpki-client.org