Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
File:                     OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft (raw, json)
Hash identifier:          +ZmB/ZJ324hyrnm9aoRxfQ++h/PBB7Hp2L+lAzySE6I=
Subject key identifier:   D3:CE:D6:CB:2D:7B:92:62:8D:7E:1D:79:E2:3A:CD:CF:FD:42:26:0B
Authority key identifier: 3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48
Certificate issuer:       /CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
Certificate serial:       0190343BFBEB76A22C976DE54E98D1FABC28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
Manifest number:          014D
Signing time:             Thu 20 Jun 2024 06:01:04 +0000
Manifest this update:     Thu 20 Jun 2024 06:01:04 +0000
Manifest next update:     Fri 21 Jun 2024 06:01:04 +0000
Files and hashes:         1: OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl (hash: hDnbZtIoJ4hq/MPelHUvB/px2MRzMaMb4iP90d3GWGc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 21 Jun 2024 03:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:34:3b:fb:eb:76:a2:2c:97:6d:e5:4e:98:d1:fa:bc:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
        Validity
            Not Before: Jun 20 06:01:04 2024 GMT
            Not After : Jun 21 06:01:04 2024 GMT
        Subject: CN=d3ced6cb2d7b92628d7e1d79e23acdcffd42260b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:84:b1:74:16:98:fd:d9:d4:0f:14:95:b4:02:
                    be:8a:af:8a:54:7c:f3:71:5f:c5:ed:e7:ed:23:18:
                    9c:ec:94:af:f2:8d:e6:9b:dc:52:fa:85:2d:5c:db:
                    b6:93:0a:56:2a:6c:0b:df:7e:a6:08:ca:ab:98:ae:
                    3f:9a:21:d8:4f:db:d9:6a:e2:99:28:8b:52:4d:aa:
                    7e:b0:06:0c:b3:cc:14:ac:e9:14:f2:a4:9b:4a:28:
                    f6:e9:dd:69:82:8b:84:eb:41:08:82:d9:82:16:ce:
                    b0:97:65:fe:3b:f4:96:30:e0:d4:0f:22:4e:6f:eb:
                    ec:96:d4:8e:bd:80:45:ce:eb:b9:7a:a6:a3:15:02:
                    1c:82:42:b1:94:bb:00:28:88:46:4e:2d:63:53:f9:
                    37:4d:b1:95:81:6a:54:e0:8e:70:0d:a8:68:8c:f3:
                    58:c7:65:c4:9b:e8:62:4a:ac:bb:5b:2c:f1:0b:82:
                    d0:d8:b2:7f:a1:56:1f:8f:88:e8:d9:1b:8b:f9:65:
                    da:71:09:f7:06:07:9f:db:59:e9:b5:cb:34:72:7a:
                    22:51:49:62:2c:0f:68:c9:c0:d0:10:c1:78:95:e2:
                    d7:f3:ad:aa:b5:85:a2:f2:46:a7:55:bf:df:9d:43:
                    6a:a6:58:61:ff:52:46:ac:53:86:ab:60:4a:c0:ba:
                    79:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:CE:D6:CB:2D:7B:92:62:8D:7E:1D:79:E2:3A:CD:CF:FD:42:26:0B
            X509v3 Authority Key Identifier:
                keyid:3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:ee:36:1c:08:e0:9a:15:a7:32:4f:80:b8:0d:f1:aa:cd:d7:
         ae:5a:d5:7c:43:ac:0d:db:3f:01:ad:08:23:a9:e2:9e:8d:75:
         9a:75:62:49:7e:87:5f:54:97:e0:da:88:76:ec:b4:b7:fd:4d:
         4d:9c:6f:e2:07:18:fc:e4:e6:44:d1:91:c4:21:09:aa:e7:f9:
         70:af:1b:f4:c4:69:58:c7:87:93:b2:94:2b:c9:f4:fd:9a:20:
         70:6d:99:18:99:27:ca:08:3d:94:0d:1e:70:f8:53:8f:21:38:
         cb:1c:1a:a5:1b:75:60:03:1b:ba:93:56:4e:02:2c:40:c7:cc:
         ef:8e:e5:5b:ec:06:04:8e:b0:90:ff:8c:fd:f8:7b:b6:10:1d:
         12:ae:02:66:4e:f5:fd:e1:90:55:4a:a6:04:16:5f:2c:30:92:
         2e:72:7e:e9:4e:5e:42:5f:d7:cc:e8:35:0c:1d:9f:d0:88:f1:
         7e:dc:ef:dd:be:f2:e0:60:14:2f:87:3c:29:65:f4:5b:b4:e8:
         21:c3:78:ed:5c:d9:a8:ac:00:a2:81:22:5d:74:39:a8:93:86:
         e6:25:ac:df:8c:65:00:1f:1e:fd:78:d6:5c:13:d6:1e:fc:3d:
         24:05:3f:82:15:b0:07:16:c6:aa:05:53:6c:e9:12:b8:58:cc:
         25:d5:aa:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZA0O/vrdqIsl23lTpjR+rwoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzRlMDdjMmRlZmNhMTRiZjJkNmM3YTE1ZDVhOTMzMGQw
OTM3NDgwHhcNMjQwNjIwMDYwMTA0WhcNMjQwNjIxMDYwMTA0WjAzMTEwLwYDVQQD
EyhkM2NlZDZjYjJkN2I5MjYyOGQ3ZTFkNzllMjNhY2RjZmZkNDIyNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4oSxdBaY/dnUDxSVtAK+iq+KVHzz
cV/F7eftIxic7JSv8o3mm9xS+oUtXNu2kwpWKmwL336mCMqrmK4/miHYT9vZauKZ
KItSTap+sAYMs8wUrOkU8qSbSij26d1pgouE60EIgtmCFs6wl2X+O/SWMODUDyJO
b+vsltSOvYBFzuu5eqajFQIcgkKxlLsAKIhGTi1jU/k3TbGVgWpU4I5wDahojPNY
x2XEm+hiSqy7WyzxC4LQ2LJ/oVYfj4jo2RuL+WXacQn3Bgef21nptcs0cnoiUUli
LA9oycDQEMF4leLX862qtYWi8kanVb/fnUNqplhh/1JGrFOGq2BKwLp5qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPO1sste5JijX4deeI6zc/9QiYLMB8GA1UdIwQY
MBaAFDp04Hwt78oUvy1sehXVqTMNCTdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMt
ZDY0MmU0YjA4MWJkLzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMtZDY0MmU0YjA4MWJk
LzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANe42HAjg
mhWnMk+AuA3xqs3XrlrVfEOsDds/Aa0II6nino11mnViSX6HX1SX4NqIduy0t/1N
TZxv4gcY/OTmRNGRxCEJquf5cK8b9MRpWMeHk7KUK8n0/ZogcG2ZGJknygg9lA0e
cPhTjyE4yxwapRt1YAMbupNWTgIsQMfM747lW+wGBI6wkP+M/fh7thAdEq4CZk71
/eGQVUqmBBZfLDCSLnJ+6U5eQl/XzOg1DB2f0Ijxftzv3b7y4GAUL4c8KWX0W7To
IcN47VzZqKwAooEiXXQ5qJOG5iWs34xlAB8e/XjWXBPWHvw9JAU/ghWwBxbGqgVT
bOkSuFjMJdWqFA==
-----END CERTIFICATE-----
Generated at Thu Jun 20 11:50:16 2024 by rpki-client on console-ams.rpki-client.org