Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.mft
File:                     S3CjpsSoVyUDdZizkT4hhp29040.mft (raw, json)
Hash identifier:          goOXVdU4omcj37SJysKvwN0EMhmCPSVqZWlkK+z78GU=
Subject key identifier:   17:74:A8:33:9F:6E:35:6A:50:B6:DC:72:FB:D7:D1:22:C7:F2:A0:07
Authority key identifier: 4B:70:A3:A6:C4:A8:57:25:03:75:98:B3:91:3E:21:86:9D:BD:D3:8D
Certificate issuer:       /CN=4b70a3a6c4a85725037598b3913e21869dbdd38d
Certificate serial:       01901FD9A655360738473E7C36FA8D8D2E42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.mft
Manifest number:          0624
Signing time:             Sun 16 Jun 2024 07:01:15 +0000
Manifest this update:     Sun 16 Jun 2024 07:01:15 +0000
Manifest next update:     Mon 17 Jun 2024 07:01:15 +0000
Files and hashes:         1: EUtGf4ZdLSBltz5fzVf4sDx0zlc.roa (hash: YARVyBFS2GBDJS7gddriG/FAPEWmansAPyUXExWVogo=)
                          2: S3CjpsSoVyUDdZizkT4hhp29040.crl (hash: YPR9XMtsiOSKuJ1EdZNc+bI/oFZ3WPDTkToVw6t0XGo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1f:d9:a6:55:36:07:38:47:3e:7c:36:fa:8d:8d:2e:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b70a3a6c4a85725037598b3913e21869dbdd38d
        Validity
            Not Before: Jun 16 07:01:15 2024 GMT
            Not After : Jun 17 07:01:15 2024 GMT
        Subject: CN=1774a8339f6e356a50b6dc72fbd7d122c7f2a007
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:f1:fd:95:d2:6d:23:bc:b0:32:9f:4b:ec:25:
                    d0:dd:1b:12:49:3f:57:e5:b8:a2:52:0d:65:39:b2:
                    0a:65:49:8b:24:83:20:00:de:88:3d:2d:92:5d:60:
                    9f:c7:5b:ee:a4:a4:22:8f:9e:8a:63:63:5b:f6:10:
                    5d:69:cd:c4:f0:4c:85:39:82:9e:34:99:ef:79:1e:
                    ce:6e:42:62:af:72:43:3d:5f:36:79:62:93:a9:5c:
                    0a:95:81:65:e8:59:2e:59:b8:56:5f:ed:84:13:93:
                    97:5f:06:c4:56:7c:25:47:87:47:23:d5:cd:0a:f0:
                    b4:e2:24:cd:7b:27:92:28:06:7d:cf:9c:da:93:df:
                    ed:cb:fa:a3:b7:d4:5a:31:a5:68:63:17:5f:2c:5c:
                    2f:b8:4c:a3:1b:d2:ab:5c:59:2b:5f:93:76:70:eb:
                    4d:3d:29:7e:8f:6f:21:88:8b:67:1e:14:a9:1c:a9:
                    a6:39:2b:03:96:00:3d:8b:80:8c:50:a5:1d:3b:f0:
                    ab:2e:87:32:b6:f5:64:47:b7:74:4f:94:78:36:3d:
                    85:b9:21:14:26:06:51:ea:ac:94:41:a6:74:8a:09:
                    eb:3e:f4:3d:f4:f4:45:3a:76:07:ce:7a:4d:40:8b:
                    ce:a4:18:e5:a3:4d:d2:c1:40:12:12:81:f4:6f:23:
                    71:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:74:A8:33:9F:6E:35:6A:50:B6:DC:72:FB:D7:D1:22:C7:F2:A0:07
            X509v3 Authority Key Identifier:
                keyid:4B:70:A3:A6:C4:A8:57:25:03:75:98:B3:91:3E:21:86:9D:BD:D3:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:2a:c2:15:5b:f6:0c:c5:b6:f5:7b:44:62:55:50:d2:70:c3:
         c4:77:c4:b1:4c:fc:16:f5:18:74:fe:8b:11:ee:1c:77:70:b1:
         00:8a:29:a8:b3:ef:e3:df:12:d4:72:97:3e:59:8c:b9:ba:a4:
         3a:c9:6b:ae:c7:93:0e:67:b3:5d:87:38:e0:d5:c4:fe:2e:ec:
         38:7f:f3:37:16:a6:bb:88:41:38:40:7b:62:94:62:8a:a0:bc:
         df:6c:0c:c3:6d:11:50:18:22:a6:1f:38:13:29:22:21:0b:5c:
         59:c5:8e:78:1a:5d:12:cb:58:e0:a9:40:f8:a3:bd:54:68:53:
         a7:de:48:26:75:e0:c9:ec:15:fd:d4:84:c2:4e:42:94:f5:1c:
         87:6b:d4:03:00:62:1d:ae:31:11:9d:e7:c1:b7:8c:1c:36:be:
         57:da:bd:4e:90:82:c3:02:9d:1f:16:cb:53:7d:24:e3:4d:5c:
         f5:6e:e6:89:3b:33:67:56:75:00:40:d9:e0:81:93:00:31:d7:
         7e:53:99:e3:6a:34:ca:fd:84:4d:bc:55:cb:92:35:37:73:e0:
         66:ba:16:cb:ad:cb:7e:62:0a:69:ad:ca:7c:70:47:25:57:f9:
         fb:7e:c2:c4:5f:6c:e9:08:13:94:e9:89:80:b0:01:98:c3:19:
         b3:f5:8d:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAf2aZVNgc4Rz58NvqNjS5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNzBhM2E2YzRhODU3MjUwMzc1OThiMzkxM2UyMTg2OWRi
ZGQzOGQwHhcNMjQwNjE2MDcwMTE1WhcNMjQwNjE3MDcwMTE1WjAzMTEwLwYDVQQD
EygxNzc0YTgzMzlmNmUzNTZhNTBiNmRjNzJmYmQ3ZDEyMmM3ZjJhMDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/H9ldJtI7ywMp9L7CXQ3RsSST9X
5biiUg1lObIKZUmLJIMgAN6IPS2SXWCfx1vupKQij56KY2Nb9hBdac3E8EyFOYKe
NJnveR7ObkJir3JDPV82eWKTqVwKlYFl6FkuWbhWX+2EE5OXXwbEVnwlR4dHI9XN
CvC04iTNeyeSKAZ9z5zak9/ty/qjt9RaMaVoYxdfLFwvuEyjG9KrXFkrX5N2cOtN
PSl+j28hiItnHhSpHKmmOSsDlgA9i4CMUKUdO/CrLocytvVkR7d0T5R4Nj2FuSEU
JgZR6qyUQaZ0ignrPvQ99PRFOnYHznpNQIvOpBjlo03SwUASEoH0byNxqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBd0qDOfbjVqULbccvvX0SLH8qAHMB8GA1UdIwQY
MBaAFEtwo6bEqFclA3WYs5E+IYadvdONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kYzcwMTAtMTlmOS00NzY4LWE2MTUt
NDgyNWIyOWRkNTcyLzEvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kYzcwMTAtMTlmOS00NzY4LWE2MTUtNDgyNWIyOWRkNTcy
LzEvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxCrCFVv2
DMW29XtEYlVQ0nDDxHfEsUz8FvUYdP6LEe4cd3CxAIopqLPv498S1HKXPlmMubqk
OslrrseTDmezXYc44NXE/i7sOH/zNxamu4hBOEB7YpRiiqC832wMw20RUBgiph84
EykiIQtcWcWOeBpdEstY4KlA+KO9VGhTp95IJnXgyewV/dSEwk5ClPUch2vUAwBi
Ha4xEZ3nwbeMHDa+V9q9TpCCwwKdHxbLU30k401c9W7miTszZ1Z1AEDZ4IGTADHX
flOZ42o0yv2ETbxVy5I1N3PgZroWy63LfmIKaa3KfHBHJVf5+37CxF9s6QgTlOmJ
gLABmMMZs/WN1Q==
-----END CERTIFICATE-----
Generated at Sun Jun 16 08:13:38 2024 by rpki-client on console-ams.rpki-client.org