Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/5ec30c-2aef-47ab-b0ec-5b15523bfcbb/1/ZCurhFmUi3l0dkjhPpm50KWCUGo.mft
File:                     ZCurhFmUi3l0dkjhPpm50KWCUGo.mft (raw, json)
Hash identifier:          CNcxFTzbac2BcPobmVamrYRJMXklXD+qvXNryjaIa+0=
Subject key identifier:   72:2A:35:25:62:CE:52:CC:24:16:69:31:0B:2E:3A:1B:22:7A:06:A7
Authority key identifier: 64:2B:AB:84:59:94:8B:79:74:76:48:E1:3E:99:B9:D0:A5:82:50:6A
Certificate issuer:       /CN=642bab8459948b79747648e13e99b9d0a582506a
Certificate serial:       0190340541D85EEAF1DB5AF2E8E1E3690B90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZCurhFmUi3l0dkjhPpm50KWCUGo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/5ec30c-2aef-47ab-b0ec-5b15523bfcbb/1/ZCurhFmUi3l0dkjhPpm50KWCUGo.mft
Manifest number:          053A
Signing time:             Thu 20 Jun 2024 05:01:17 +0000
Manifest this update:     Thu 20 Jun 2024 05:01:17 +0000
Manifest next update:     Fri 21 Jun 2024 05:01:17 +0000
Files and hashes:         1: Vf9M-SczmQ3vZ3eeTgDHIENgmGc.roa (hash: QRL6YWCOIeLBde+vKvti2RnLZFuyn0+SUGW/y+qPjRA=)
                          2: ZCurhFmUi3l0dkjhPpm50KWCUGo.crl (hash: O12Vi0mr1LuKP+VXBI4N1e+MxR6+XZquSAWpHq85pbA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/5ec30c-2aef-47ab-b0ec-5b15523bfcbb/1/ZCurhFmUi3l0dkjhPpm50KWCUGo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/5ec30c-2aef-47ab-b0ec-5b15523bfcbb/1/ZCurhFmUi3l0dkjhPpm50KWCUGo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZCurhFmUi3l0dkjhPpm50KWCUGo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 21 Jun 2024 03:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:34:05:41:d8:5e:ea:f1:db:5a:f2:e8:e1:e3:69:0b:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=642bab8459948b79747648e13e99b9d0a582506a
        Validity
            Not Before: Jun 20 05:01:17 2024 GMT
            Not After : Jun 21 05:01:17 2024 GMT
        Subject: CN=722a352562ce52cc241669310b2e3a1b227a06a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:56:af:97:29:de:99:a4:0f:b2:d1:03:9d:a6:
                    1c:49:cd:2d:30:20:48:a3:2b:77:32:55:2e:c1:23:
                    aa:00:80:71:c1:a4:0f:3a:4e:5f:fa:fc:af:cb:94:
                    1e:2e:42:ae:5e:b1:45:e6:b4:a3:b3:9c:04:99:e8:
                    e4:8b:3c:55:eb:a0:27:08:5f:b5:7d:ad:f0:41:0d:
                    f2:a2:f0:58:18:3f:6d:28:de:d1:a5:42:9b:07:56:
                    b2:61:45:ba:80:b0:a8:98:74:29:d6:cd:47:a1:69:
                    c0:e4:bf:3a:78:e9:32:ca:5d:28:70:d7:be:6a:cb:
                    a6:90:aa:72:56:65:db:2f:ff:33:3e:03:14:9a:52:
                    99:e6:90:3e:5e:63:d6:ab:42:c6:db:95:ae:d7:9d:
                    1e:5e:73:ef:63:60:2b:9f:e4:3b:df:5a:ea:f0:84:
                    83:77:5b:2c:2f:d5:56:67:da:0a:be:45:c3:a7:b0:
                    3d:ea:17:79:7d:03:15:dc:99:14:9f:ad:c6:4d:85:
                    5c:36:ff:b4:3c:f6:29:02:53:52:db:e9:21:96:a7:
                    a3:6d:7f:61:f3:c8:d7:63:77:8d:4e:45:49:7b:fe:
                    dd:03:34:02:52:50:91:17:93:0d:1e:82:15:13:19:
                    1c:ed:83:ac:fe:e2:c9:56:bf:53:18:6e:e0:ac:d1:
                    6c:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:2A:35:25:62:CE:52:CC:24:16:69:31:0B:2E:3A:1B:22:7A:06:A7
            X509v3 Authority Key Identifier:
                keyid:64:2B:AB:84:59:94:8B:79:74:76:48:E1:3E:99:B9:D0:A5:82:50:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZCurhFmUi3l0dkjhPpm50KWCUGo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5ec30c-2aef-47ab-b0ec-5b15523bfcbb/1/ZCurhFmUi3l0dkjhPpm50KWCUGo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5ec30c-2aef-47ab-b0ec-5b15523bfcbb/1/ZCurhFmUi3l0dkjhPpm50KWCUGo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:8c:cf:99:79:7c:ed:e1:47:22:44:54:bf:32:18:8d:4f:54:
         3c:55:a8:48:34:b8:c8:29:1d:d4:b2:17:e4:c5:86:a1:9e:30:
         67:ec:46:d8:c5:f9:25:31:3c:93:4d:0a:90:a9:38:89:34:ce:
         cb:9e:36:d7:4c:1b:e4:7d:d5:8a:7c:b3:a6:9c:1d:0f:6e:d8:
         f7:5b:7f:50:69:9e:d1:1e:f7:5a:d7:1c:e0:1f:d2:fa:cf:34:
         a1:1c:0d:f3:6c:f1:b9:5d:53:e4:2e:89:cc:7f:65:1a:b7:14:
         7b:3a:3c:4d:12:af:9c:2c:f3:6d:02:61:8d:14:24:09:29:ee:
         ed:b8:23:13:a9:8e:5d:97:17:41:3a:fc:d0:46:63:86:af:24:
         ee:f0:58:6b:7a:a7:73:04:14:54:66:99:2a:cc:6b:28:f1:6e:
         bc:b3:6b:cf:26:99:80:3f:53:52:a1:e4:15:2a:3e:85:d8:96:
         30:11:17:95:2b:c5:70:cd:2d:8b:95:50:6c:39:4d:43:8a:b3:
         62:9e:ba:73:9b:1a:42:85:82:6a:9f:98:b1:16:78:0b:70:22:
         07:e4:3e:6a:04:f2:7d:75:61:e4:d1:77:db:7c:a2:e5:37:3e:
         50:d6:c0:bf:89:e4:e9:38:65:a5:98:d6:8f:15:4b:ec:ba:95:
         e5:9b:d4:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZA0BUHYXurx21ry6OHjaQuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MmJhYjg0NTk5NDhiNzk3NDc2NDhlMTNlOTliOWQwYTU4
MjUwNmEwHhcNMjQwNjIwMDUwMTE3WhcNMjQwNjIxMDUwMTE3WjAzMTEwLwYDVQQD
Eyg3MjJhMzUyNTYyY2U1MmNjMjQxNjY5MzEwYjJlM2ExYjIyN2EwNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA91avlynemaQPstEDnaYcSc0tMCBI
oyt3MlUuwSOqAIBxwaQPOk5f+vyvy5QeLkKuXrFF5rSjs5wEmejkizxV66AnCF+1
fa3wQQ3yovBYGD9tKN7RpUKbB1ayYUW6gLComHQp1s1HoWnA5L86eOkyyl0ocNe+
asumkKpyVmXbL/8zPgMUmlKZ5pA+XmPWq0LG25Wu150eXnPvY2Arn+Q731rq8ISD
d1ssL9VWZ9oKvkXDp7A96hd5fQMV3JkUn63GTYVcNv+0PPYpAlNS2+khlqejbX9h
88jXY3eNTkVJe/7dAzQCUlCRF5MNHoIVExkc7YOs/uLJVr9TGG7grNFsNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIqNSVizlLMJBZpMQsuOhsieganMB8GA1UdIwQY
MBaAFGQrq4RZlIt5dHZI4T6ZudClglBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkN1cmhGbVVpM2wwZGtqaFBwbTUwS1dDVUdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS81ZWMzMGMtMmFlZi00N2FiLWIwZWMt
NWIxNTUyM2JmY2JiLzEvWkN1cmhGbVVpM2wwZGtqaFBwbTUwS1dDVUdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS81ZWMzMGMtMmFlZi00N2FiLWIwZWMtNWIxNTUyM2JmY2Ji
LzEvWkN1cmhGbVVpM2wwZGtqaFBwbTUwS1dDVUdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMozPmXl8
7eFHIkRUvzIYjU9UPFWoSDS4yCkd1LIX5MWGoZ4wZ+xG2MX5JTE8k00KkKk4iTTO
y54210wb5H3VinyzppwdD27Y91t/UGme0R73Wtcc4B/S+s80oRwN82zxuV1T5C6J
zH9lGrcUezo8TRKvnCzzbQJhjRQkCSnu7bgjE6mOXZcXQTr80EZjhq8k7vBYa3qn
cwQUVGaZKsxrKPFuvLNrzyaZgD9TUqHkFSo+hdiWMBEXlSvFcM0ti5VQbDlNQ4qz
Yp66c5saQoWCap+YsRZ4C3AiB+Q+agTyfXVh5NF323yi5Tc+UNbAv4nk6ThlpZjW
jxVL7LqV5ZvUmg==
-----END CERTIFICATE-----
Generated at Thu Jun 20 11:53:06 2024 by rpki-client on console-ams.rpki-client.org