Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
File:                     H9CHXNAFHQwJJaygQQNOeECmdws.mft (raw, json)
Hash identifier:          WfZCrj+BWBk7VJq6FZpZeFCEmi9kBbXFCztqNy0gElk=
Subject key identifier:   72:8F:40:8D:50:BE:1C:97:83:22:AA:0B:34:58:11:71:07:07:00:7D
Authority key identifier: 1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
Certificate issuer:       /CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Certificate serial:       0190426543FBD0A480E54498EC7D2D4A1FA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
Manifest number:          01A3
Signing time:             Sun 23 Jun 2024 00:00:51 +0000
Manifest this update:     Sun 23 Jun 2024 00:00:51 +0000
Manifest next update:     Mon 24 Jun 2024 00:00:51 +0000
Files and hashes:         1: H9CHXNAFHQwJJaygQQNOeECmdws.crl (hash: BN8RNAsCciMB7MBzujZwH/EgLmElo6fiXyGR2ynMrwA=)
                          2: fAB4Lf1JAr3VBhTiojT8jO4v3Lw.roa (hash: fWlomx8K5UvPpE/STlqTzLBrKXPJPSQQwXceR8jU0is=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 23 Jun 2024 21:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:42:65:43:fb:d0:a4:80:e5:44:98:ec:7d:2d:4a:1f:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fd0875cd0051d0c0925aca041034e7840a6770b
        Validity
            Not Before: Jun 23 00:00:51 2024 GMT
            Not After : Jun 24 00:00:51 2024 GMT
        Subject: CN=728f408d50be1c978322aa0b345811710707007d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:92:e0:f7:ce:a9:bb:0a:83:0b:8b:d6:a6:ed:
                    65:6f:d6:ce:99:61:17:74:ae:ae:a4:76:d7:fe:16:
                    5f:74:b8:b2:49:c8:c5:df:08:70:6d:26:38:f1:e6:
                    a3:60:7e:6f:23:39:6f:91:c9:1b:d1:cc:1c:74:59:
                    3c:b8:46:b2:ef:5e:7b:5f:a3:a0:f8:45:4b:e4:cb:
                    ad:06:0a:4e:a5:c1:34:1f:99:e5:d6:94:f9:8a:31:
                    0b:a5:ca:a7:a8:1a:e7:57:86:51:04:c0:86:63:b4:
                    20:02:8b:62:5f:db:c5:a3:c9:ed:22:7c:f6:36:be:
                    f0:de:87:39:41:e5:f4:f0:4a:29:e7:af:9f:e5:e5:
                    ed:8d:14:93:e0:fa:ad:85:48:89:b4:92:4b:f0:a7:
                    dd:b2:8c:e7:44:2e:db:b1:60:f3:4e:0b:1a:c8:bd:
                    d6:92:c7:42:68:24:69:4b:c0:30:2e:4d:ab:10:94:
                    46:ba:f7:e5:9c:5a:47:3d:c8:bc:04:b7:a0:c3:44:
                    26:78:1e:5a:98:6f:2e:81:01:74:3c:5d:02:03:1f:
                    b8:19:d7:b4:f1:7b:b5:9d:41:1f:ee:cd:90:2f:1b:
                    08:d8:0a:4a:df:3e:ac:a0:b1:43:35:77:59:e5:f2:
                    20:39:74:fb:65:26:d3:14:91:40:f7:a4:26:eb:3c:
                    93:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:8F:40:8D:50:BE:1C:97:83:22:AA:0B:34:58:11:71:07:07:00:7D
            X509v3 Authority Key Identifier:
                keyid:1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:8e:8f:4d:66:6a:25:8b:84:7b:8a:c1:a5:bf:cb:0c:a5:23:
         d5:e4:50:90:b8:90:fc:42:73:59:95:31:ba:13:93:6c:4e:fd:
         cc:97:b9:42:75:c6:ec:bb:99:7b:36:91:0a:c0:c8:44:0f:fe:
         99:5b:49:ed:90:6a:d7:49:8f:9d:bb:9a:4f:8b:22:19:4b:5c:
         fc:a1:00:6e:65:e7:db:c7:cb:13:27:a5:94:3c:49:1e:48:09:
         6f:8f:fd:d8:56:e7:ed:5c:db:5f:b4:65:bd:c4:1a:ce:d6:75:
         cd:af:aa:09:0c:09:a5:9f:82:13:64:57:a3:24:81:a9:fd:19:
         6a:a3:5f:e2:cc:7a:08:8e:20:30:2f:cd:3e:58:4a:74:3c:62:
         08:a0:54:85:45:92:c6:15:4e:6e:7b:2c:8b:9e:7c:48:cc:50:
         30:47:3a:72:c4:48:de:74:ab:f5:aa:1a:29:63:d2:35:ae:22:
         1b:d7:de:c0:be:4d:84:b9:4a:5a:e7:e4:6e:7f:c0:02:ac:76:
         f9:0b:4f:a2:d3:9b:28:9e:73:87:3e:60:03:fd:89:b7:72:6c:
         f6:59:8b:86:b4:0d:a7:fd:0b:92:ff:06:2f:e2:9a:bf:36:2e:
         c3:72:20:94:21:93:ed:f3:6a:1a:38:51:4f:04:fd:15:44:fd:
         7d:11:8e:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBCZUP70KSA5USY7H0tSh+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDA4NzVjZDAwNTFkMGMwOTI1YWNhMDQxMDM0ZTc4NDBh
Njc3MGIwHhcNMjQwNjIzMDAwMDUxWhcNMjQwNjI0MDAwMDUxWjAzMTEwLwYDVQQD
Eyg3MjhmNDA4ZDUwYmUxYzk3ODMyMmFhMGIzNDU4MTE3MTA3MDcwMDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZLg986puwqDC4vWpu1lb9bOmWEX
dK6upHbX/hZfdLiyScjF3whwbSY48eajYH5vIzlvkckb0cwcdFk8uEay7157X6Og
+EVL5MutBgpOpcE0H5nl1pT5ijELpcqnqBrnV4ZRBMCGY7QgAotiX9vFo8ntInz2
Nr7w3oc5QeX08Eop56+f5eXtjRST4PqthUiJtJJL8KfdsoznRC7bsWDzTgsayL3W
ksdCaCRpS8AwLk2rEJRGuvflnFpHPci8BLegw0QmeB5amG8ugQF0PF0CAx+4Gde0
8Xu1nUEf7s2QLxsI2ApK3z6soLFDNXdZ5fIgOXT7ZSbTFJFA96Qm6zyTUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKPQI1QvhyXgyKqCzRYEXEHBwB9MB8GA1UdIwQY
MBaAFB/Qh1zQBR0MCSWsoEEDTnhApncLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMt
ZTA4MDJmNDc0NDQ0LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMtZTA4MDJmNDc0NDQ0
LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQI6PTWZq
JYuEe4rBpb/LDKUj1eRQkLiQ/EJzWZUxuhOTbE79zJe5QnXG7LuZezaRCsDIRA/+
mVtJ7ZBq10mPnbuaT4siGUtc/KEAbmXn28fLEyellDxJHkgJb4/92Fbn7VzbX7Rl
vcQaztZ1za+qCQwJpZ+CE2RXoySBqf0ZaqNf4sx6CI4gMC/NPlhKdDxiCKBUhUWS
xhVObnssi558SMxQMEc6csRI3nSr9aoaKWPSNa4iG9fewL5NhLlKWufkbn/AAqx2
+QtPotObKJ5zhz5gA/2Jt3Js9lmLhrQNp/0Lkv8GL+KavzYuw3IglCGT7fNqGjhR
TwT9FUT9fRGO8g==
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:47:30 2024 by rpki-client on console-fra.rpki-client.org