Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.mft
File:                     nRfZOI52MabRmvsrJkJ5WiTIQIE.mft (raw, json)
Hash identifier:          77zsQaWKfYfbGYiPUxf7/9snBCMY4FNwSRIik4FqU48=
Subject key identifier:   B9:04:D1:13:E5:E8:49:77:FE:CB:1D:71:C7:85:17:E7:29:5A:0A:AB
Authority key identifier: 9D:17:D9:38:8E:76:31:A6:D1:9A:FB:2B:26:42:79:5A:24:C8:40:81
Certificate issuer:       /CN=9d17d9388e7631a6d19afb2b2642795a24c84081
Certificate serial:       019044F8638E8C6C9E210DF4A881A17ADFAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nRfZOI52MabRmvsrJkJ5WiTIQIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.mft
Manifest number:          11DE
Signing time:             Sun 23 Jun 2024 12:00:47 +0000
Manifest this update:     Sun 23 Jun 2024 12:00:47 +0000
Manifest next update:     Mon 24 Jun 2024 12:00:47 +0000
Files and hashes:         1: AfUGdNix6Up009F8-QXtvXLae2k.roa (hash: qCVY+yYOexIzOGMoB1CuYA1zNQ3UHA1ezNz3vclywVY=)
                          2: nRfZOI52MabRmvsrJkJ5WiTIQIE.crl (hash: 1oif2UjfNtQR9wdrfOoQFp/8NPUTXmX6vMH/olFnjTA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nRfZOI52MabRmvsrJkJ5WiTIQIE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 12:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:44:f8:63:8e:8c:6c:9e:21:0d:f4:a8:81:a1:7a:df:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d17d9388e7631a6d19afb2b2642795a24c84081
        Validity
            Not Before: Jun 23 12:00:47 2024 GMT
            Not After : Jun 24 12:00:47 2024 GMT
        Subject: CN=b904d113e5e84977fecb1d71c78517e7295a0aab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:1c:84:a0:96:f5:30:b3:66:a9:2a:2f:4b:97:
                    ed:67:e4:64:25:96:af:8f:77:d5:ad:81:8d:c8:a3:
                    79:1a:3e:ed:60:78:36:b5:00:5c:85:bf:00:7f:aa:
                    f3:75:21:ac:b1:49:2f:6e:41:ce:08:a6:14:f6:bc:
                    a0:9d:aa:0b:7e:a2:a2:a1:ae:a8:a8:73:b3:6e:4a:
                    ea:91:73:c9:8e:79:ba:de:f6:04:82:11:68:39:2e:
                    61:af:de:30:d6:74:aa:ce:81:0b:52:37:d8:18:57:
                    f6:d9:d2:20:77:57:eb:6c:4f:b4:35:d9:21:1f:63:
                    23:1e:02:84:9f:8e:2c:83:57:e5:bc:35:42:18:8b:
                    04:2d:3e:f3:2d:88:a7:4a:4b:01:55:56:99:50:15:
                    7f:52:c6:fa:56:fa:87:47:98:be:c5:f4:c6:d7:8e:
                    e3:d9:52:fd:a4:a7:81:f3:0e:57:0d:f5:31:91:d5:
                    ce:ff:71:b7:0e:f6:ff:d9:a7:b6:07:e5:83:47:2e:
                    25:20:2a:8e:09:fa:8c:d1:97:7a:a1:f0:21:b6:16:
                    6e:ed:07:b0:df:d4:7d:c2:de:6d:2e:e3:7a:d6:b4:
                    86:31:f6:6e:52:2f:93:b2:1c:cf:cb:59:ad:fa:51:
                    a0:b1:76:97:e0:e7:97:c1:03:13:60:c2:12:41:97:
                    c1:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:04:D1:13:E5:E8:49:77:FE:CB:1D:71:C7:85:17:E7:29:5A:0A:AB
            X509v3 Authority Key Identifier:
                keyid:9D:17:D9:38:8E:76:31:A6:D1:9A:FB:2B:26:42:79:5A:24:C8:40:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nRfZOI52MabRmvsrJkJ5WiTIQIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:22:20:ce:91:40:94:c3:05:67:2d:6e:6c:be:03:b9:7f:c5:
         77:b7:95:f0:f7:71:79:ed:41:98:6a:85:b6:0b:df:44:7f:e3:
         c2:3c:33:b0:a9:d4:84:68:11:15:e6:59:16:4c:f6:27:12:04:
         0c:27:18:3b:45:9a:ac:44:69:0b:3f:be:de:95:80:32:a6:6a:
         ee:51:8f:0d:6e:b1:92:54:c1:13:e1:9a:13:2b:db:e6:ff:2c:
         9b:14:78:48:7c:6b:fe:71:9e:18:de:2e:46:8e:98:fd:b2:b3:
         69:d8:8c:ec:61:41:02:ce:52:c3:23:d4:ef:ab:27:a1:cb:7e:
         13:0b:27:86:1e:ac:43:74:7c:7a:5e:bb:a7:6b:59:20:a4:a9:
         23:8c:72:2a:00:71:95:44:0f:79:ee:44:c5:8b:6a:53:f8:bf:
         be:91:1f:ec:9b:31:43:14:a0:c8:e9:63:7c:32:95:dd:f2:0b:
         82:51:2f:d3:40:63:f0:fc:72:ab:fd:d7:11:50:ad:92:a9:27:
         45:f4:db:a1:d8:59:cd:76:a3:01:e5:93:67:54:68:88:2b:35:
         4a:f2:c7:aa:9b:6b:3a:d9:ff:ba:6d:9e:02:8b:7c:a4:64:f8:
         24:0c:35:58:d7:19:c6:92:b4:70:fa:b5:28:86:38:2e:26:18:
         3d:9f:2b:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBE+GOOjGyeIQ30qIGhet+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMTdkOTM4OGU3NjMxYTZkMTlhZmIyYjI2NDI3OTVhMjRj
ODQwODEwHhcNMjQwNjIzMTIwMDQ3WhcNMjQwNjI0MTIwMDQ3WjAzMTEwLwYDVQQD
EyhiOTA0ZDExM2U1ZTg0OTc3ZmVjYjFkNzFjNzg1MTdlNzI5NWEwYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxyEoJb1MLNmqSovS5ftZ+RkJZav
j3fVrYGNyKN5Gj7tYHg2tQBchb8Af6rzdSGssUkvbkHOCKYU9rygnaoLfqKioa6o
qHOzbkrqkXPJjnm63vYEghFoOS5hr94w1nSqzoELUjfYGFf22dIgd1frbE+0Ndkh
H2MjHgKEn44sg1flvDVCGIsELT7zLYinSksBVVaZUBV/Usb6VvqHR5i+xfTG147j
2VL9pKeB8w5XDfUxkdXO/3G3Dvb/2ae2B+WDRy4lICqOCfqM0Zd6ofAhthZu7Qew
39R9wt5tLuN61rSGMfZuUi+TshzPy1mt+lGgsXaX4OeXwQMTYMISQZfBBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLkE0RPl6El3/ssdcceFF+cpWgqrMB8GA1UdIwQY
MBaAFJ0X2TiOdjGm0Zr7KyZCeVokyECBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblJmWk9JNTJNYWJSbXZzckprSjVXaVRJUUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg0NDQtOGRhNS00NjZiLTg0MDAt
N2JkOTZkOWM2Mjg2LzEvblJmWk9JNTJNYWJSbXZzckprSjVXaVRJUUlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg0NDQtOGRhNS00NjZiLTg0MDAtN2JkOTZkOWM2Mjg2
LzEvblJmWk9JNTJNYWJSbXZzckprSjVXaVRJUUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiSIgzpFA
lMMFZy1ubL4DuX/Fd7eV8Pdxee1BmGqFtgvfRH/jwjwzsKnUhGgRFeZZFkz2JxIE
DCcYO0WarERpCz++3pWAMqZq7lGPDW6xklTBE+GaEyvb5v8smxR4SHxr/nGeGN4u
Ro6Y/bKzadiM7GFBAs5SwyPU76snoct+Ewsnhh6sQ3R8el67p2tZIKSpI4xyKgBx
lUQPee5ExYtqU/i/vpEf7JsxQxSgyOljfDKV3fILglEv00Bj8Pxyq/3XEVCtkqkn
RfTbodhZzXajAeWTZ1RoiCs1SvLHqptrOtn/um2eAot8pGT4JAw1WNcZxpK0cPq1
KIY4LiYYPZ8rJw==
-----END CERTIFICATE-----
Generated at Sun Jun 23 19:03:07 2024 by rpki-client on console-fra.rpki-client.org