Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/5da1e6-246f-4493-992e-22c79aea127c/1/y9wl6joKcp7Y5umnPaiW2E-VQ5w.mft
File:                     y9wl6joKcp7Y5umnPaiW2E-VQ5w.mft (raw, json)
Hash identifier:          i9oZ+3KphTA8h3fIO2HOjmgYESIRn/0yD5iLrhGQnMs=
Subject key identifier:   E1:C2:2B:BC:BE:F5:F2:28:E2:F7:EC:9F:90:9A:67:08:C9:C2:CA:09
Authority key identifier: CB:DC:25:EA:3A:0A:72:9E:D8:E6:E9:A7:3D:A8:96:D8:4F:95:43:9C
Certificate issuer:       /CN=cbdc25ea3a0a729ed8e6e9a73da896d84f95439c
Certificate serial:       019048671D704DBEC43F7CA1129BFCC24EC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y9wl6joKcp7Y5umnPaiW2E-VQ5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/5da1e6-246f-4493-992e-22c79aea127c/1/y9wl6joKcp7Y5umnPaiW2E-VQ5w.mft
Manifest number:          1234
Signing time:             Mon 24 Jun 2024 04:00:35 +0000
Manifest this update:     Mon 24 Jun 2024 04:00:35 +0000
Manifest next update:     Tue 25 Jun 2024 04:00:35 +0000
Files and hashes:         1: 29P0CKg1qEGCX2RJptIrYoSU-GM.roa (hash: Ljr4XS+AmQK8aVDdjDm+vSUSgXrRbuugHGP02mS0y7c=)
                          2: y9wl6joKcp7Y5umnPaiW2E-VQ5w.crl (hash: +RSyOtN9LdUygc+T+pVfe3vaffrC3EAAvgLktHhoNVU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/5da1e6-246f-4493-992e-22c79aea127c/1/y9wl6joKcp7Y5umnPaiW2E-VQ5w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/5da1e6-246f-4493-992e-22c79aea127c/1/y9wl6joKcp7Y5umnPaiW2E-VQ5w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y9wl6joKcp7Y5umnPaiW2E-VQ5w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 00:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:48:67:1d:70:4d:be:c4:3f:7c:a1:12:9b:fc:c2:4e:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbdc25ea3a0a729ed8e6e9a73da896d84f95439c
        Validity
            Not Before: Jun 24 04:00:35 2024 GMT
            Not After : Jun 25 04:00:35 2024 GMT
        Subject: CN=e1c22bbcbef5f228e2f7ec9f909a6708c9c2ca09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:14:d0:2b:7f:77:fd:db:e0:74:71:67:09:a8:
                    92:c6:72:1b:43:c8:3b:9a:55:0e:dd:49:a1:67:76:
                    45:3a:47:ae:b0:8f:9e:6c:89:9e:b4:b2:d5:2c:04:
                    6a:03:f3:70:66:ea:81:a8:a9:84:b0:7c:c4:65:0c:
                    fc:69:d3:73:71:68:56:2f:15:4d:d5:88:d3:f4:8b:
                    bd:18:df:22:39:8b:40:73:09:7b:0a:fa:b8:d7:c5:
                    3a:d2:85:2d:ce:4c:13:78:28:8b:4f:74:0d:88:14:
                    c4:fa:53:88:6d:7c:ac:8e:16:72:65:32:ba:fd:4b:
                    d0:64:1d:c4:46:19:3b:9e:62:37:0c:35:e1:6b:8e:
                    39:b3:25:65:27:aa:9c:32:a7:e2:f1:f4:b5:4a:65:
                    58:97:54:8a:75:47:a7:02:8a:e3:94:d8:94:08:2c:
                    28:7e:cd:a1:9f:37:c6:1e:50:21:13:72:e0:af:43:
                    12:03:eb:40:70:32:c3:ed:ce:d8:9e:ca:d4:0c:42:
                    bb:61:b4:c6:f9:a8:5b:e7:8e:e2:c5:c5:dc:8d:7a:
                    0f:d4:f7:ea:32:4a:10:97:eb:55:7e:38:3a:dd:6a:
                    1a:76:64:7d:5c:de:6e:25:65:10:0b:6f:26:07:e5:
                    7d:e3:2b:55:58:9f:d9:00:dd:b9:3c:60:4b:19:51:
                    1a:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:C2:2B:BC:BE:F5:F2:28:E2:F7:EC:9F:90:9A:67:08:C9:C2:CA:09
            X509v3 Authority Key Identifier:
                keyid:CB:DC:25:EA:3A:0A:72:9E:D8:E6:E9:A7:3D:A8:96:D8:4F:95:43:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9wl6joKcp7Y5umnPaiW2E-VQ5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/5da1e6-246f-4493-992e-22c79aea127c/1/y9wl6joKcp7Y5umnPaiW2E-VQ5w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/5da1e6-246f-4493-992e-22c79aea127c/1/y9wl6joKcp7Y5umnPaiW2E-VQ5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:d2:e7:83:2a:e3:3c:39:5f:63:11:fb:9e:90:ec:a7:ce:dd:
         10:7b:db:f4:c3:6f:a7:5f:d0:f7:2c:d9:2e:95:5d:25:b9:d8:
         1b:09:f8:14:1d:9a:41:19:bc:ca:ed:1b:93:c2:be:f9:cf:47:
         59:53:f4:6a:5c:c3:4a:2e:88:21:44:88:de:d9:a1:e6:16:ea:
         62:c9:70:15:df:dc:44:4a:27:ef:f9:c8:f4:c6:14:c5:18:dd:
         78:d6:08:83:38:d3:eb:ea:9a:01:81:89:7c:ba:f3:24:42:ac:
         e2:f0:b1:81:87:1a:34:6e:18:d4:5d:26:fc:4f:af:30:42:d7:
         e9:52:6a:85:61:84:de:69:6d:81:9f:32:09:6c:d2:f2:27:ba:
         e1:6e:ec:ec:fd:0d:77:ba:c0:0f:bc:da:04:8b:64:d1:80:4d:
         09:bd:cd:58:38:d9:ae:fe:dd:5f:bc:f9:eb:21:82:8d:27:f3:
         a9:61:88:45:bc:2e:16:79:e2:21:3c:1b:77:1e:85:79:58:53:
         ca:20:58:f1:40:8a:6b:ff:56:97:e9:15:1f:72:f1:7e:4c:fd:
         bc:ba:05:6f:61:a6:72:81:a6:4e:b0:0b:a3:80:e5:d6:9e:20:
         5e:33:4f:f7:c1:25:aa:8c:87:05:07:d5:e5:d4:37:88:36:ca:
         b0:3a:4f:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBIZx1wTb7EP3yhEpv8wk7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZGMyNWVhM2EwYTcyOWVkOGU2ZTlhNzNkYTg5NmQ4NGY5
NTQzOWMwHhcNMjQwNjI0MDQwMDM1WhcNMjQwNjI1MDQwMDM1WjAzMTEwLwYDVQQD
EyhlMWMyMmJiY2JlZjVmMjI4ZTJmN2VjOWY5MDlhNjcwOGM5YzJjYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhTQK393/dvgdHFnCaiSxnIbQ8g7
mlUO3UmhZ3ZFOkeusI+ebImetLLVLARqA/NwZuqBqKmEsHzEZQz8adNzcWhWLxVN
1YjT9Iu9GN8iOYtAcwl7Cvq418U60oUtzkwTeCiLT3QNiBTE+lOIbXysjhZyZTK6
/UvQZB3ERhk7nmI3DDXha445syVlJ6qcMqfi8fS1SmVYl1SKdUenAorjlNiUCCwo
fs2hnzfGHlAhE3Lgr0MSA+tAcDLD7c7YnsrUDEK7YbTG+ahb547ixcXcjXoP1Pfq
MkoQl+tVfjg63WoadmR9XN5uJWUQC28mB+V94ytVWJ/ZAN25PGBLGVEaGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOHCK7y+9fIo4vfsn5CaZwjJwsoJMB8GA1UdIwQY
MBaAFMvcJeo6CnKe2Obppz2olthPlUOcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTl3bDZqb0tjcDdZNXVtblBhaVcyRS1WUTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS81ZGExZTYtMjQ2Zi00NDkzLTk5MmUt
MjJjNzlhZWExMjdjLzEveTl3bDZqb0tjcDdZNXVtblBhaVcyRS1WUTV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS81ZGExZTYtMjQ2Zi00NDkzLTk5MmUtMjJjNzlhZWExMjdj
LzEveTl3bDZqb0tjcDdZNXVtblBhaVcyRS1WUTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXtLngyrj
PDlfYxH7npDsp87dEHvb9MNvp1/Q9yzZLpVdJbnYGwn4FB2aQRm8yu0bk8K++c9H
WVP0alzDSi6IIUSI3tmh5hbqYslwFd/cREon7/nI9MYUxRjdeNYIgzjT6+qaAYGJ
fLrzJEKs4vCxgYcaNG4Y1F0m/E+vMELX6VJqhWGE3mltgZ8yCWzS8ie64W7s7P0N
d7rAD7zaBItk0YBNCb3NWDjZrv7dX7z56yGCjSfzqWGIRbwuFnniITwbdx6FeVhT
yiBY8UCKa/9Wl+kVH3Lxfkz9vLoFb2GmcoGmTrALo4Dl1p4gXjNP98ElqoyHBQfV
5dQ3iDbKsDpPVQ==
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:28:34 2024 by rpki-client on console-fra.rpki-client.org