Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.mft
File:                     dfrLB_LMuS7rqHhUyUJA5PWsj1I.mft (raw, json)
Hash identifier:          yBnYPxfpgdS14DhnERO6P1z06jGHuWFyfRW+eX6I2Eg=
Subject key identifier:   EB:1E:86:C7:64:6E:B9:3A:DB:A1:AF:DF:71:37:F5:28:F6:84:29:57
Authority key identifier: 75:FA:CB:07:F2:CC:B9:2E:EB:A8:78:54:C9:42:40:E4:F5:AC:8F:52
Certificate issuer:       /CN=75facb07f2ccb92eeba87854c94240e4f5ac8f52
Certificate serial:       0190448B8F024A1291D277A9915076185A20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.mft
Manifest number:          11DB
Signing time:             Sun 23 Jun 2024 10:01:54 +0000
Manifest this update:     Sun 23 Jun 2024 10:01:54 +0000
Manifest next update:     Mon 24 Jun 2024 10:01:54 +0000
Files and hashes:         1: dfrLB_LMuS7rqHhUyUJA5PWsj1I.crl (hash: lgPjYBW/plXWFQeklkMxTRw/X+PSEdQ4aqpwpBbj4vE=)
                          2: v8CF-Esc8JqWAWLIsqlkN5ao1sc.roa (hash: oX5EkoQvdA6g5NM+KBm6HYg1nIQ/EvmTIboQ5NAij8A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 10:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:44:8b:8f:02:4a:12:91:d2:77:a9:91:50:76:18:5a:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75facb07f2ccb92eeba87854c94240e4f5ac8f52
        Validity
            Not Before: Jun 23 10:01:54 2024 GMT
            Not After : Jun 24 10:01:54 2024 GMT
        Subject: CN=eb1e86c7646eb93adba1afdf7137f528f6842957
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:60:b3:8d:1b:0f:3c:fa:8e:82:57:1c:e7:aa:
                    00:52:a4:4e:36:59:13:58:85:5f:d7:10:25:26:c4:
                    83:d1:6e:b8:71:c4:f1:4d:78:2a:61:f1:12:2c:fd:
                    8a:2e:22:60:83:ec:28:f3:7d:80:a2:ed:fc:3c:2a:
                    33:5d:44:87:f3:9d:21:ab:50:bd:8c:52:b3:a5:db:
                    41:ec:7a:ba:af:8d:18:05:82:5e:15:72:87:0d:58:
                    08:77:ac:b9:ef:4b:ff:2c:e7:0a:54:85:6e:94:d6:
                    54:0e:06:40:80:6d:27:0a:09:46:9b:c2:f1:cc:b2:
                    e0:d4:0b:3a:13:2f:e2:b2:b3:9b:c1:b9:da:da:6b:
                    f5:43:44:49:f5:75:ad:d3:e9:51:bb:81:30:b5:28:
                    fc:92:72:19:0d:6b:1d:88:67:5e:b0:60:d9:89:88:
                    f2:c3:ec:eb:0f:58:64:36:fd:b6:78:70:da:14:e3:
                    08:6b:a7:1d:e4:eb:35:60:3d:6e:26:a7:a4:2c:73:
                    4b:98:70:61:fc:6e:4c:70:5d:0b:23:3a:53:15:52:
                    5e:f1:68:ec:61:dd:d0:8e:4f:0b:3f:3a:a7:28:61:
                    a8:64:4c:fe:b3:aa:6e:05:bc:7f:7a:a3:55:5d:d1:
                    ab:48:a5:29:56:54:75:f5:26:44:0f:c4:48:c4:8c:
                    c4:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:1E:86:C7:64:6E:B9:3A:DB:A1:AF:DF:71:37:F5:28:F6:84:29:57
            X509v3 Authority Key Identifier:
                keyid:75:FA:CB:07:F2:CC:B9:2E:EB:A8:78:54:C9:42:40:E4:F5:AC:8F:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:b3:15:f6:59:e5:6d:5d:a5:70:22:9d:12:07:5e:b1:42:e1:
         f0:f8:c6:a9:d4:4e:fa:40:b9:05:8e:eb:96:84:da:ed:52:bf:
         bd:61:39:9f:21:d6:03:4a:09:d8:3c:23:d1:27:a0:a9:c1:f3:
         02:8b:67:91:32:dd:da:71:09:05:24:7c:a1:f8:e8:97:f6:dd:
         06:35:45:8c:54:a2:84:b3:83:1e:58:9c:b3:98:0b:70:fe:1d:
         fc:8f:7c:bd:ff:f6:cf:52:06:f2:bb:74:58:50:75:ec:41:5f:
         d7:13:c5:4a:18:15:9c:96:4c:85:9d:df:dd:9c:25:f0:3d:75:
         29:b0:03:47:b8:48:4f:7a:3a:5e:6f:20:8e:2e:d1:e0:eb:04:
         0b:ba:15:f8:cb:1f:d7:88:35:86:ea:7a:75:3d:e3:80:02:d3:
         52:85:09:7d:4d:99:41:74:4a:3a:f2:6e:f7:99:3d:31:68:89:
         16:57:cd:cf:7a:fd:7b:c1:c2:33:25:b5:62:39:01:22:ea:57:
         9f:64:b0:13:0d:ea:24:8b:91:93:10:08:31:0e:09:30:60:0c:
         b7:f7:59:0a:78:1a:c8:25:37:92:c4:6a:0f:79:bf:9b:49:66:
         08:77:17:1c:00:47:22:6d:0f:c1:69:07:58:b4:e7:b1:75:15:
         67:67:e9:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBEi48CShKR0nepkVB2GFogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZmFjYjA3ZjJjY2I5MmVlYmE4Nzg1NGM5NDI0MGU0ZjVh
YzhmNTIwHhcNMjQwNjIzMTAwMTU0WhcNMjQwNjI0MTAwMTU0WjAzMTEwLwYDVQQD
EyhlYjFlODZjNzY0NmViOTNhZGJhMWFmZGY3MTM3ZjUyOGY2ODQyOTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWCzjRsPPPqOglcc56oAUqRONlkT
WIVf1xAlJsSD0W64ccTxTXgqYfESLP2KLiJgg+wo832Aou38PCozXUSH850hq1C9
jFKzpdtB7Hq6r40YBYJeFXKHDVgId6y570v/LOcKVIVulNZUDgZAgG0nCglGm8Lx
zLLg1As6Ey/isrObwbna2mv1Q0RJ9XWt0+lRu4EwtSj8knIZDWsdiGdesGDZiYjy
w+zrD1hkNv22eHDaFOMIa6cd5Os1YD1uJqekLHNLmHBh/G5McF0LIzpTFVJe8Wjs
Yd3Qjk8LPzqnKGGoZEz+s6puBbx/eqNVXdGrSKUpVlR19SZED8RIxIzEIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOsehsdkbrk626Gv33E39Sj2hClXMB8GA1UdIwQY
MBaAFHX6ywfyzLku66h4VMlCQOT1rI9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGZyTEJfTE11UzdycUhoVXlVSkE1UFdzajFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85MDBjYmYtNDc3Yi00NmJlLThmNWQt
YzkxMTQ4M2RhNzhjLzEvZGZyTEJfTE11UzdycUhoVXlVSkE1UFdzajFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85MDBjYmYtNDc3Yi00NmJlLThmNWQtYzkxMTQ4M2RhNzhj
LzEvZGZyTEJfTE11UzdycUhoVXlVSkE1UFdzajFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADbMV9lnl
bV2lcCKdEgdesULh8PjGqdRO+kC5BY7rloTa7VK/vWE5nyHWA0oJ2Dwj0SegqcHz
AotnkTLd2nEJBSR8ofjol/bdBjVFjFSihLODHlics5gLcP4d/I98vf/2z1IG8rt0
WFB17EFf1xPFShgVnJZMhZ3f3Zwl8D11KbADR7hIT3o6Xm8gji7R4OsEC7oV+Msf
14g1hup6dT3jgALTUoUJfU2ZQXRKOvJu95k9MWiJFlfNz3r9e8HCMyW1YjkBIupX
n2SwEw3qJIuRkxAIMQ4JMGAMt/dZCngayCU3ksRqD3m/m0lmCHcXHABHIm0PwWkH
WLTnsXUVZ2fpXQ==
-----END CERTIFICATE-----
Generated at Sun Jun 23 19:01:03 2024 by rpki-client on console-fra.rpki-client.org