Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/7d6f2f-984d-4961-a63b-495c6f2c5173/1/bOLuhMz1bNwA_CyqWSknna4UiIo.mft
File:                     bOLuhMz1bNwA_CyqWSknna4UiIo.mft (raw, json)
Hash identifier:          1cKCF6MbYA0q6Xt022xRXMoibKwG12vldYUWuWZWDXU=
Subject key identifier:   BB:EA:AC:A6:CA:53:8D:DD:B5:D8:AF:60:7B:6F:E2:0B:0B:4D:9B:A9
Authority key identifier: 6C:E2:EE:84:CC:F5:6C:DC:00:FC:2C:AA:59:29:27:9D:AE:14:88:8A
Certificate issuer:       /CN=6ce2ee84ccf56cdc00fc2caa5929279dae14888a
Certificate serial:       01903A3DE4FCDB446704F6F350BEB8A1AFDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bOLuhMz1bNwA_CyqWSknna4UiIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/7d6f2f-984d-4961-a63b-495c6f2c5173/1/bOLuhMz1bNwA_CyqWSknna4UiIo.mft
Manifest number:          0D17
Signing time:             Fri 21 Jun 2024 10:00:53 +0000
Manifest this update:     Fri 21 Jun 2024 10:00:53 +0000
Manifest next update:     Sat 22 Jun 2024 10:00:53 +0000
Files and hashes:         1: Xp3_D7f9lF3bWgfowU74SzcjIEk.roa (hash: oGOtRi7HB9ZvQCvGulOonkcSy0IcHCOlR2mNF6iNjoY=)
                          2: bOLuhMz1bNwA_CyqWSknna4UiIo.crl (hash: cVTgkSxP4rBURA7SlTB3+3nerk99fkWn1l360njtYIg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/7d6f2f-984d-4961-a63b-495c6f2c5173/1/bOLuhMz1bNwA_CyqWSknna4UiIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/7d6f2f-984d-4961-a63b-495c6f2c5173/1/bOLuhMz1bNwA_CyqWSknna4UiIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bOLuhMz1bNwA_CyqWSknna4UiIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 22 Jun 2024 09:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:3a:3d:e4:fc:db:44:67:04:f6:f3:50:be:b8:a1:af:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ce2ee84ccf56cdc00fc2caa5929279dae14888a
        Validity
            Not Before: Jun 21 10:00:53 2024 GMT
            Not After : Jun 22 10:00:53 2024 GMT
        Subject: CN=bbeaaca6ca538dddb5d8af607b6fe20b0b4d9ba9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d5:51:c7:58:9a:0d:99:e9:be:c7:11:ef:1b:
                    a9:13:42:c4:d9:69:82:87:3b:47:86:25:60:bf:44:
                    11:2a:a3:84:45:ed:a9:e0:10:e1:2c:0e:13:c9:d6:
                    f9:4c:84:0d:f5:19:66:9f:d6:40:0e:60:7b:ee:98:
                    5f:09:b8:4f:74:da:92:bc:7b:ad:d8:4a:74:ac:6b:
                    a1:e7:74:67:58:e7:42:0d:b9:e9:8a:99:95:b9:31:
                    64:dd:20:5b:72:6a:0b:6a:72:bc:49:b8:97:31:d6:
                    e6:7b:1d:14:2f:9e:9f:58:87:11:79:56:41:84:42:
                    33:6f:8d:0a:69:57:e1:c9:bd:6d:ed:90:fe:ef:9d:
                    4f:41:85:96:80:a8:df:dd:fd:2d:9d:65:05:9a:d3:
                    25:8a:6e:64:89:8a:9f:4c:68:e5:a6:96:7d:24:38:
                    20:6e:f7:02:b1:5b:b5:70:ca:20:27:bf:8d:7f:e1:
                    2e:1e:bb:98:f3:e2:95:07:f1:f7:6b:37:ce:99:46:
                    d4:f3:6b:cb:57:f8:c9:c6:93:72:79:55:7c:75:c1:
                    1f:be:aa:24:29:d6:cc:18:00:b9:99:7f:52:83:b1:
                    e6:bb:e8:c8:2e:60:18:d9:05:9c:92:25:a8:29:46:
                    b7:67:d0:c6:82:cf:ed:f6:92:08:35:1d:ed:2a:0d:
                    ea:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:EA:AC:A6:CA:53:8D:DD:B5:D8:AF:60:7B:6F:E2:0B:0B:4D:9B:A9
            X509v3 Authority Key Identifier:
                keyid:6C:E2:EE:84:CC:F5:6C:DC:00:FC:2C:AA:59:29:27:9D:AE:14:88:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOLuhMz1bNwA_CyqWSknna4UiIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/7d6f2f-984d-4961-a63b-495c6f2c5173/1/bOLuhMz1bNwA_CyqWSknna4UiIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/7d6f2f-984d-4961-a63b-495c6f2c5173/1/bOLuhMz1bNwA_CyqWSknna4UiIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:a7:4b:4c:f7:66:73:06:26:ab:d1:a8:1c:5e:c4:79:d5:4f:
         3f:bc:e2:0d:51:e5:60:65:e9:ae:1e:0d:ac:37:20:1f:90:91:
         cf:b6:1f:48:a5:8a:bd:32:0b:6d:58:6e:23:2b:40:14:b9:1d:
         5e:7c:68:fd:7c:ba:54:73:f9:6e:d4:2a:79:70:01:a1:b2:75:
         16:1f:a8:38:7e:bb:af:5f:95:e0:61:f9:85:fa:de:a0:c2:2f:
         85:8f:7e:07:d0:5e:de:a5:f1:4b:d1:51:81:19:59:91:c2:f6:
         38:d4:8e:b0:11:bf:50:68:f0:cd:1a:f3:74:f5:18:00:1e:e5:
         0e:f0:74:88:3e:89:7b:0a:3f:f3:0a:67:c0:e5:9d:41:71:b1:
         72:de:c7:fa:4d:61:40:30:07:40:f9:3f:1b:16:ab:a4:3e:01:
         8f:69:9e:e8:d9:5e:d2:1d:af:21:06:e4:bd:99:92:d9:70:fe:
         b8:03:ba:e9:1c:4b:68:d3:48:e8:14:27:f5:80:54:70:ba:15:
         47:5f:c5:38:55:ac:a5:27:32:53:ad:c5:70:15:cd:3f:48:4c:
         ca:fb:98:ad:fb:59:11:53:e3:24:d7:d2:1f:5a:26:29:9a:de:
         a4:9b:32:be:b4:5a:28:79:37:ba:4d:a8:4a:94:a2:00:ba:a7:
         99:ef:4e:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZA6PeT820RnBPbzUL64oa/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTJlZTg0Y2NmNTZjZGMwMGZjMmNhYTU5MjkyNzlkYWUx
NDg4OGEwHhcNMjQwNjIxMTAwMDUzWhcNMjQwNjIyMTAwMDUzWjAzMTEwLwYDVQQD
EyhiYmVhYWNhNmNhNTM4ZGRkYjVkOGFmNjA3YjZmZTIwYjBiNGQ5YmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9VRx1iaDZnpvscR7xupE0LE2WmC
hztHhiVgv0QRKqOERe2p4BDhLA4Tydb5TIQN9Rlmn9ZADmB77phfCbhPdNqSvHut
2Ep0rGuh53RnWOdCDbnpipmVuTFk3SBbcmoLanK8SbiXMdbmex0UL56fWIcReVZB
hEIzb40KaVfhyb1t7ZD+751PQYWWgKjf3f0tnWUFmtMlim5kiYqfTGjlppZ9JDgg
bvcCsVu1cMogJ7+Nf+EuHruY8+KVB/H3azfOmUbU82vLV/jJxpNyeVV8dcEfvqok
KdbMGAC5mX9Sg7Hmu+jILmAY2QWckiWoKUa3Z9DGgs/t9pIINR3tKg3q7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLvqrKbKU43dtdivYHtv4gsLTZupMB8GA1UdIwQY
MBaAFGzi7oTM9WzcAPwsqlkpJ52uFIiKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9MdWhNejFiTndBX0N5cVdTa25uYTRVaUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83ZDZmMmYtOTg0ZC00OTYxLWE2M2It
NDk1YzZmMmM1MTczLzEvYk9MdWhNejFiTndBX0N5cVdTa25uYTRVaUlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83ZDZmMmYtOTg0ZC00OTYxLWE2M2ItNDk1YzZmMmM1MTcz
LzEvYk9MdWhNejFiTndBX0N5cVdTa25uYTRVaUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJqdLTPdm
cwYmq9GoHF7EedVPP7ziDVHlYGXprh4NrDcgH5CRz7YfSKWKvTILbVhuIytAFLkd
Xnxo/Xy6VHP5btQqeXABobJ1Fh+oOH67r1+V4GH5hfreoMIvhY9+B9Be3qXxS9FR
gRlZkcL2ONSOsBG/UGjwzRrzdPUYAB7lDvB0iD6Jewo/8wpnwOWdQXGxct7H+k1h
QDAHQPk/GxarpD4Bj2me6Nle0h2vIQbkvZmS2XD+uAO66RxLaNNI6BQn9YBUcLoV
R1/FOFWspScyU63FcBXNP0hMyvuYrftZEVPjJNfSH1omKZrepJsyvrRaKHk3uk2o
SpSiALqnme9OYA==
-----END CERTIFICATE-----
Generated at Fri Jun 21 17:41:58 2024 by rpki-client on console-fra.rpki-client.org