Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/2f67b9-490b-43ef-b088-4ab3973502fb/1/YC8n-tkkUqJUswoGDtODsTx1jtY.mft
File:                     YC8n-tkkUqJUswoGDtODsTx1jtY.mft (raw, json)
Hash identifier:          WAIoUO6C3RANThxJ3di1fmiDM4iDv33nxJX1VLy6xXI=
Subject key identifier:   D9:68:B3:FA:3B:2D:AC:A4:7C:86:BA:8D:09:7D:58:62:7C:69:42:B7
Authority key identifier: 60:2F:27:FA:D9:24:52:A2:54:B3:0A:06:0E:D3:83:B1:3C:75:8E:D6
Certificate issuer:       /CN=602f27fad92452a254b30a060ed383b13c758ed6
Certificate serial:       0190486A20AD3DCC6D54758A72F454F7224F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YC8n-tkkUqJUswoGDtODsTx1jtY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/2f67b9-490b-43ef-b088-4ab3973502fb/1/YC8n-tkkUqJUswoGDtODsTx1jtY.mft
Manifest number:          0440
Signing time:             Mon 24 Jun 2024 04:03:53 +0000
Manifest this update:     Mon 24 Jun 2024 04:03:53 +0000
Manifest next update:     Tue 25 Jun 2024 04:03:53 +0000
Files and hashes:         1: SNODBlce-8709vD03pVEd30K-jU.roa (hash: 2qJtSEDXaXwFLyZfr1aLFlOhGqKtJXUR87TGdDlVjPw=)
                          2: YC8n-tkkUqJUswoGDtODsTx1jtY.crl (hash: QmQSkUE6/TFIEAbVkw+LX/gTwz0/Jhog3oQ1G0h5S/I=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/2f67b9-490b-43ef-b088-4ab3973502fb/1/YC8n-tkkUqJUswoGDtODsTx1jtY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/2f67b9-490b-43ef-b088-4ab3973502fb/1/YC8n-tkkUqJUswoGDtODsTx1jtY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YC8n-tkkUqJUswoGDtODsTx1jtY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 00:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:48:6a:20:ad:3d:cc:6d:54:75:8a:72:f4:54:f7:22:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=602f27fad92452a254b30a060ed383b13c758ed6
        Validity
            Not Before: Jun 24 04:03:53 2024 GMT
            Not After : Jun 25 04:03:53 2024 GMT
        Subject: CN=d968b3fa3b2daca47c86ba8d097d58627c6942b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:2e:4b:28:ac:85:92:1d:e5:aa:fa:5f:0d:24:
                    9d:a3:f4:ae:24:f9:0d:c3:e0:ef:35:d4:84:f5:eb:
                    7c:19:09:33:d4:92:78:a0:ca:3d:67:04:35:93:a6:
                    8d:55:65:52:21:cb:46:d1:7b:2e:1f:70:56:e2:e8:
                    20:c9:cb:0f:74:d1:2a:08:d5:f1:b9:87:02:1a:5f:
                    85:b0:e4:95:ab:c6:40:33:43:e9:80:4c:fa:dd:8a:
                    8a:89:a1:21:3d:fd:fd:0a:a6:63:57:45:77:e3:20:
                    44:13:ce:4c:d6:31:49:4e:67:5b:52:f1:3c:8f:34:
                    2a:1d:59:0a:c2:a0:e4:60:03:67:04:58:49:29:dc:
                    3c:68:46:2d:04:3d:2c:ce:95:73:5b:0e:d3:7f:29:
                    72:d7:9e:82:81:b5:10:1f:0e:60:3c:d3:f7:70:e4:
                    f7:0f:57:65:28:73:ae:20:b0:68:c8:fb:cf:2e:7c:
                    0d:03:bf:59:cd:89:26:33:12:13:a7:e7:95:36:68:
                    08:be:14:f1:d7:c2:20:19:53:84:31:c3:ec:7d:0e:
                    9e:03:5b:e0:85:eb:78:40:fd:cf:bb:de:ce:67:96:
                    2a:fe:d1:36:a4:b9:3a:d1:44:58:49:bc:7a:06:15:
                    2e:b5:3e:8e:13:e2:7a:9b:9b:46:17:41:c9:a7:90:
                    9c:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:68:B3:FA:3B:2D:AC:A4:7C:86:BA:8D:09:7D:58:62:7C:69:42:B7
            X509v3 Authority Key Identifier:
                keyid:60:2F:27:FA:D9:24:52:A2:54:B3:0A:06:0E:D3:83:B1:3C:75:8E:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YC8n-tkkUqJUswoGDtODsTx1jtY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2f67b9-490b-43ef-b088-4ab3973502fb/1/YC8n-tkkUqJUswoGDtODsTx1jtY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2f67b9-490b-43ef-b088-4ab3973502fb/1/YC8n-tkkUqJUswoGDtODsTx1jtY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:30:6e:76:e5:ee:b3:41:4b:d0:d0:c6:0f:e3:0b:42:e4:76:
         4c:08:d1:d0:27:3a:d0:f9:5e:1d:bd:23:e1:6f:78:1e:25:66:
         5e:14:2d:99:f2:6c:f1:9a:94:c5:7c:5a:68:5a:77:00:2c:bb:
         e1:6f:13:88:98:06:cb:9d:bd:07:07:56:30:76:be:e2:45:6d:
         ff:03:66:18:61:55:90:a7:c7:77:6c:b6:8a:72:96:99:37:cc:
         9c:cb:a0:44:2f:c9:78:c8:43:4c:f3:93:98:af:f1:f2:38:d2:
         db:6d:11:d6:d1:9f:f8:96:ea:e3:60:83:c6:77:92:94:2d:be:
         dd:4a:ef:3b:2a:ed:c5:46:54:bc:32:d0:ab:c0:48:4d:59:16:
         29:d5:c0:87:51:98:5d:a5:1c:35:ad:5b:99:55:5c:d5:80:ce:
         a3:4d:2b:1e:97:01:42:91:23:d9:34:3d:9c:e0:21:ef:74:7b:
         80:bf:2e:a3:fe:10:9a:b5:31:ab:ee:ec:cf:50:51:45:94:42:
         7a:16:0a:0d:84:9e:47:77:c9:bd:d3:52:ee:83:45:50:e1:30:
         de:6f:61:88:80:c8:34:5d:23:27:ab:bc:b6:0f:a5:93:36:bc:
         a6:77:e6:1b:89:a5:84:30:db:32:77:33:b5:f0:5a:8f:8a:73:
         db:6a:f6:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBIaiCtPcxtVHWKcvRU9yJPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMmYyN2ZhZDkyNDUyYTI1NGIzMGEwNjBlZDM4M2IxM2M3
NThlZDYwHhcNMjQwNjI0MDQwMzUzWhcNMjQwNjI1MDQwMzUzWjAzMTEwLwYDVQQD
EyhkOTY4YjNmYTNiMmRhY2E0N2M4NmJhOGQwOTdkNTg2MjdjNjk0MmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy5LKKyFkh3lqvpfDSSdo/SuJPkN
w+DvNdSE9et8GQkz1JJ4oMo9ZwQ1k6aNVWVSIctG0XsuH3BW4uggycsPdNEqCNXx
uYcCGl+FsOSVq8ZAM0PpgEz63YqKiaEhPf39CqZjV0V34yBEE85M1jFJTmdbUvE8
jzQqHVkKwqDkYANnBFhJKdw8aEYtBD0szpVzWw7Tfyly156CgbUQHw5gPNP3cOT3
D1dlKHOuILBoyPvPLnwNA79ZzYkmMxITp+eVNmgIvhTx18IgGVOEMcPsfQ6eA1vg
het4QP3Pu97OZ5Yq/tE2pLk60URYSbx6BhUutT6OE+J6m5tGF0HJp5Cc1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNlos/o7LaykfIa6jQl9WGJ8aUK3MB8GA1UdIwQY
MBaAFGAvJ/rZJFKiVLMKBg7Tg7E8dY7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUM4bi10a2tVcUpVc3dvR0R0T0RzVHgxanRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yZjY3YjktNDkwYi00M2VmLWIwODgt
NGFiMzk3MzUwMmZiLzEvWUM4bi10a2tVcUpVc3dvR0R0T0RzVHgxanRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8yZjY3YjktNDkwYi00M2VmLWIwODgtNGFiMzk3MzUwMmZi
LzEvWUM4bi10a2tVcUpVc3dvR0R0T0RzVHgxanRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASjBuduXu
s0FL0NDGD+MLQuR2TAjR0Cc60PleHb0j4W94HiVmXhQtmfJs8ZqUxXxaaFp3ACy7
4W8TiJgGy529BwdWMHa+4kVt/wNmGGFVkKfHd2y2inKWmTfMnMugRC/JeMhDTPOT
mK/x8jjS220R1tGf+Jbq42CDxneSlC2+3UrvOyrtxUZUvDLQq8BITVkWKdXAh1GY
XaUcNa1bmVVc1YDOo00rHpcBQpEj2TQ9nOAh73R7gL8uo/4QmrUxq+7sz1BRRZRC
ehYKDYSeR3fJvdNS7oNFUOEw3m9hiIDINF0jJ6u8tg+lkza8pnfmG4mlhDDbMncz
tfBaj4pz22r2rw==
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:21:08 2024 by rpki-client on console-fra.rpki-client.org