Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.mft
File:                     nRfZOI52MabRmvsrJkJ5WiTIQIE.mft (raw, json)
Hash identifier:          +2J7geLl6xNKjaXh1u08xu8sjD8J2NBhsCcVbHLbrM8=
Subject key identifier:   7F:18:2A:C7:94:A1:56:C8:C6:AB:67:E7:39:B6:57:B6:79:5E:59:9E
Authority key identifier: 9D:17:D9:38:8E:76:31:A6:D1:9A:FB:2B:26:42:79:5A:24:C8:40:81
Certificate issuer:       /CN=9d17d9388e7631a6d19afb2b2642795a24c84081
Certificate serial:       01901E5902255C0FB9F0FF69182FF3D2FEF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nRfZOI52MabRmvsrJkJ5WiTIQIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.mft
Manifest number:          11CA
Signing time:             Sun 16 Jun 2024 00:01:08 +0000
Manifest this update:     Sun 16 Jun 2024 00:01:08 +0000
Manifest next update:     Mon 17 Jun 2024 00:01:08 +0000
Files and hashes:         1: AfUGdNix6Up009F8-QXtvXLae2k.roa (hash: qCVY+yYOexIzOGMoB1CuYA1zNQ3UHA1ezNz3vclywVY=)
                          2: nRfZOI52MabRmvsrJkJ5WiTIQIE.crl (hash: x5d8ZHT6fZ99ke4N5ar4RuH5luNnuxbEhrmpdFm+A5o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nRfZOI52MabRmvsrJkJ5WiTIQIE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1e:59:02:25:5c:0f:b9:f0:ff:69:18:2f:f3:d2:fe:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d17d9388e7631a6d19afb2b2642795a24c84081
        Validity
            Not Before: Jun 16 00:01:08 2024 GMT
            Not After : Jun 17 00:01:08 2024 GMT
        Subject: CN=7f182ac794a156c8c6ab67e739b657b6795e599e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:6c:1e:10:0c:ef:60:c8:47:68:66:b4:00:82:
                    6b:06:d3:f3:20:c7:37:f9:9e:70:a0:93:f3:a6:a0:
                    44:9d:fe:5c:26:5e:e1:d3:eb:19:8c:ac:3c:2c:da:
                    42:ca:a8:9d:2a:95:b6:d3:1d:05:65:66:77:41:5c:
                    1e:3b:9d:19:a3:08:ba:cc:dd:c6:57:55:23:24:37:
                    15:6c:06:f2:89:ba:88:89:74:26:1d:ae:3d:6c:35:
                    d1:47:c9:7a:62:d4:62:88:89:47:9d:34:3f:2a:cb:
                    d2:7d:9b:8a:92:68:fb:f3:4e:ba:4c:6c:34:c6:53:
                    2b:84:2e:9d:b8:c4:12:81:00:dd:f7:1f:97:84:33:
                    e9:5f:a4:05:af:b7:0a:ea:10:29:15:97:6e:e7:02:
                    71:d5:57:a7:23:3b:d0:fa:58:45:02:e8:e3:dc:d4:
                    0b:cc:d6:4f:a7:37:4b:6d:23:98:7b:73:64:01:4a:
                    9e:87:c0:bb:46:b3:24:11:6c:c9:3e:a7:67:a0:8c:
                    83:ae:ca:2b:5c:ad:47:63:a0:8a:77:4e:b2:6a:e0:
                    c3:db:17:6b:56:c9:12:40:1d:99:48:4c:42:c9:f7:
                    9a:1a:3e:89:77:bd:2d:2f:7c:c6:18:c4:19:6e:70:
                    42:e9:f6:18:eb:3f:f4:a1:f3:7c:b5:5f:dd:c6:6e:
                    68:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:18:2A:C7:94:A1:56:C8:C6:AB:67:E7:39:B6:57:B6:79:5E:59:9E
            X509v3 Authority Key Identifier:
                keyid:9D:17:D9:38:8E:76:31:A6:D1:9A:FB:2B:26:42:79:5A:24:C8:40:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nRfZOI52MabRmvsrJkJ5WiTIQIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:84:ee:3b:fd:7e:0f:d7:c2:c7:cb:b7:69:cb:0a:eb:ab:c5:
         ec:6d:65:23:7d:96:a0:c3:55:13:87:40:fb:f7:ec:f1:86:ff:
         58:a5:2e:c3:5f:87:c1:6d:72:0f:c4:fa:10:f2:b6:c4:ed:70:
         f4:74:3e:ec:95:33:ec:16:8d:7d:85:8e:86:80:9b:06:21:dd:
         5b:9c:0b:fe:bf:be:90:18:1a:d6:c2:e9:41:18:a4:6c:67:50:
         21:b8:37:53:0f:38:96:0e:3d:cf:84:10:b8:ae:a4:75:0d:78:
         7f:03:e0:3c:27:d4:44:a3:63:de:00:1c:f1:83:6a:b0:7d:a0:
         26:af:fd:af:d9:38:85:97:66:7f:07:3b:81:3b:ce:dc:45:e6:
         ca:98:70:bb:1b:51:32:64:4c:0d:16:4d:a6:9a:9a:97:46:a1:
         5b:1b:40:04:dc:9b:9f:05:2c:d7:eb:75:a8:5a:05:87:57:a4:
         36:bd:6f:25:83:b2:7a:e7:d5:4d:c2:ac:fe:0e:8d:0d:43:5f:
         9c:d5:fa:1f:f1:9f:46:91:cb:39:8a:93:a6:83:e4:03:e6:aa:
         d2:eb:01:47:79:69:59:e4:22:b1:68:ac:5b:ec:87:11:52:ca:
         f0:51:b9:52:c3:88:a0:fd:83:2e:d9:92:5f:d8:d5:fe:3b:7a:
         c5:0c:ca:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAeWQIlXA+58P9pGC/z0v73MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMTdkOTM4OGU3NjMxYTZkMTlhZmIyYjI2NDI3OTVhMjRj
ODQwODEwHhcNMjQwNjE2MDAwMTA4WhcNMjQwNjE3MDAwMTA4WjAzMTEwLwYDVQQD
Eyg3ZjE4MmFjNzk0YTE1NmM4YzZhYjY3ZTczOWI2NTdiNjc5NWU1OTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2weEAzvYMhHaGa0AIJrBtPzIMc3
+Z5woJPzpqBEnf5cJl7h0+sZjKw8LNpCyqidKpW20x0FZWZ3QVweO50Zowi6zN3G
V1UjJDcVbAbyibqIiXQmHa49bDXRR8l6YtRiiIlHnTQ/KsvSfZuKkmj78066TGw0
xlMrhC6duMQSgQDd9x+XhDPpX6QFr7cK6hApFZdu5wJx1VenIzvQ+lhFAujj3NQL
zNZPpzdLbSOYe3NkAUqeh8C7RrMkEWzJPqdnoIyDrsorXK1HY6CKd06yauDD2xdr
VskSQB2ZSExCyfeaGj6Jd70tL3zGGMQZbnBC6fYY6z/0ofN8tV/dxm5oswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8YKseUoVbIxqtn5zm2V7Z5XlmeMB8GA1UdIwQY
MBaAFJ0X2TiOdjGm0Zr7KyZCeVokyECBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblJmWk9JNTJNYWJSbXZzckprSjVXaVRJUUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg0NDQtOGRhNS00NjZiLTg0MDAt
N2JkOTZkOWM2Mjg2LzEvblJmWk9JNTJNYWJSbXZzckprSjVXaVRJUUlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg0NDQtOGRhNS00NjZiLTg0MDAtN2JkOTZkOWM2Mjg2
LzEvblJmWk9JNTJNYWJSbXZzckprSjVXaVRJUUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ4TuO/1+
D9fCx8u3acsK66vF7G1lI32WoMNVE4dA+/fs8Yb/WKUuw1+HwW1yD8T6EPK2xO1w
9HQ+7JUz7BaNfYWOhoCbBiHdW5wL/r++kBga1sLpQRikbGdQIbg3Uw84lg49z4QQ
uK6kdQ14fwPgPCfURKNj3gAc8YNqsH2gJq/9r9k4hZdmfwc7gTvO3EXmyphwuxtR
MmRMDRZNppqal0ahWxtABNybnwUs1+t1qFoFh1ekNr1vJYOyeufVTcKs/g6NDUNf
nNX6H/GfRpHLOYqTpoPkA+aq0usBR3lpWeQisWisW+yHEVLK8FG5UsOIoP2DLtmS
X9jV/jt6xQzKRA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 05:01:23 2024 by rpki-client on console-ams.rpki-client.org