Manifest

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
File:                     0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft (raw, json)
Hash identifier:          wj+0Ebata2cjLVIGwC6G6/OKJKhUhBIMrBRXe1KdiMQ=
Subject key identifier:   6D:14:6A:0F:E0:3C:A8:AA:E5:5C:DF:04:2A:0A:94:35:9D:E9:7A:44
Authority key identifier: 0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32
Certificate issuer:       /CN=0d10e8a763bf8babe96be7ab47f9db59d9d95232
Certificate serial:       62EBA047BC867507011E57B8857BDB96342ECDD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
Manifest number:          02EA
Signing time:             Thu 21 Nov 2024 07:10:06 +0000
Manifest this update:     Thu 21 Nov 2024 07:05:06 +0000
Manifest next update:     Fri 22 Nov 2024 09:03:06 +0000
Files and hashes:         1: AS50555.asa (hash: 6Tb3JWAiG3HB18+QURZTnhnTtpjs1INvbgLT/78hSiM=)
                          2: 0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl (hash: TeyyoGdkBXf4riAv8Z/4nI3PiVeXcKEC3/GVjs7L0ys=)

Validation:               OK
Signature path:           rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl
                          rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:eb:a0:47:bc:86:75:07:01:1e:57:b8:85:7b:db:96:34:2e:cd:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d10e8a763bf8babe96be7ab47f9db59d9d95232
        Validity
            Not Before: Nov 21 07:05:06 2024 GMT
            Not After : Nov 22 09:03:06 2024 GMT
        Subject: CN=6D146A0FE03CA8AAE55CDF042A0A94359DE97A44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:0c:16:bb:e8:e0:24:8f:f7:17:98:24:07:5f:
                    c9:d3:55:ba:03:ee:9d:3c:3e:17:90:43:51:d1:37:
                    f1:8c:52:16:37:10:72:a0:e1:e8:7a:51:1d:2c:58:
                    99:5e:03:2a:90:3e:7b:b7:96:aa:3f:8b:be:1b:b1:
                    bc:e9:fe:95:f5:e0:73:d7:24:3a:d1:26:1a:0e:64:
                    a3:36:87:8b:c1:10:84:6a:9f:bd:3f:17:47:09:87:
                    31:04:bc:36:9c:5a:e1:82:80:81:db:e1:b5:7d:46:
                    5a:a3:44:5b:de:ed:06:a3:41:64:c6:40:c4:19:f4:
                    e3:c9:32:59:8a:54:13:07:49:96:5d:d6:4f:e9:c4:
                    f9:0f:dc:48:26:bf:9c:e5:61:b4:1b:95:17:a3:5d:
                    88:01:4e:bf:23:37:93:c4:e9:47:af:37:af:49:92:
                    cf:87:34:3f:99:a9:67:f9:ae:77:7e:f8:5e:a6:9f:
                    d8:b5:30:c7:af:08:f1:e1:6a:33:db:b7:3c:65:41:
                    8a:01:ee:f3:28:8b:8b:fc:84:d3:de:f8:10:0b:76:
                    a1:05:65:a8:64:dd:3b:e6:51:b8:9a:89:5c:f2:49:
                    ed:9a:1c:49:6d:ff:b4:93:11:1c:82:ec:66:26:a0:
                    fb:e3:61:a2:62:42:78:d0:4a:6d:5c:a2:6d:28:a2:
                    b3:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:14:6A:0F:E0:3C:A8:AA:E5:5C:DF:04:2A:0A:94:35:9D:E9:7A:44
            X509v3 Authority Key Identifier:
                keyid:0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:49:79:7d:00:aa:c4:c4:2d:01:df:aa:e8:11:f7:b1:4b:dc:
         18:3d:94:e6:5b:19:3a:33:9c:fb:77:ed:6a:ea:af:fa:3c:ac:
         8e:31:37:40:0a:2c:05:f2:81:36:e2:4e:38:6f:91:f6:50:59:
         30:c3:d4:a8:a6:ef:5f:ea:23:bf:9a:76:0f:f3:8b:16:68:6b:
         93:07:dd:c5:a5:02:da:19:f5:bd:94:8d:40:cc:fb:e7:66:bc:
         0e:64:28:a0:b3:49:df:40:b5:0a:b7:38:fe:94:17:ca:d7:f4:
         43:c8:8f:6a:37:03:21:c9:5c:fb:82:8c:ec:e0:d4:5a:ce:43:
         0b:1b:18:be:7e:e9:8d:3c:b7:4b:0f:a9:cb:98:0b:c0:c4:f1:
         c9:a0:6f:48:90:05:80:f0:e4:86:8c:2a:3f:df:a9:df:ad:9b:
         fc:f8:f8:16:3f:d8:76:27:92:70:1c:8a:2c:ca:bd:e0:ba:e9:
         36:6d:09:56:c3:e8:9b:e7:d6:db:3f:10:71:c7:20:39:47:85:
         e3:7e:37:cd:e9:b4:c7:0f:0d:8e:28:c5:95:2f:8d:cc:7d:28:
         a0:07:94:9a:bc:4f:00:b5:56:3b:26:ad:70:f9:20:0c:46:6a:
         f1:e9:e0:cb:93:19:da:19:ee:c6:da:68:40:ac:1c:d7:86:e4:
         b6:5d:b0:8e
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgIUYuugR7yGdQcBHle4hXvbljQuzdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQxMGU4YTc2M2JmOGJhYmU5NmJlN2FiNDdmOWRiNTlk
OWQ5NTIzMjAeFw0yNDExMjEwNzA1MDZaFw0yNDExMjIwOTAzMDZaMDMxMTAvBgNV
BAMTKDZEMTQ2QTBGRTAzQ0E4QUFFNTVDREYwNDJBMEE5NDM1OURFOTdBNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/DBa76OAkj/cXmCQHX8nTVboD
7p08PheQQ1HRN/GMUhY3EHKg4eh6UR0sWJleAyqQPnu3lqo/i74bsbzp/pX14HPX
JDrRJhoOZKM2h4vBEIRqn70/F0cJhzEEvDacWuGCgIHb4bV9RlqjRFve7QajQWTG
QMQZ9OPJMlmKVBMHSZZd1k/pxPkP3Egmv5zlYbQblRejXYgBTr8jN5PE6UevN69J
ks+HND+ZqWf5rnd++F6mn9i1MMevCPHhajPbtzxlQYoB7vMoi4v8hNPe+BALdqEF
Zahk3TvmUbiaiVzySe2aHElt/7STERyC7GYmoPvjYaJiQnjQSm1com0oorMjAgMB
AAGjggHzMIIB7zAdBgNVHQ4EFgQUbRRqD+A8qKrlXN8EKgqUNZ3pekQwHwYDVR0j
BBgwFoAUDRDop2O/i6vpa+erR/nbWdnZUjIwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMC8wRDEwRThBNzYzQkY4QkFCRTk2QkU3QUI0N0Y5REI1OUQ5RDk1
MjMyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvRFJEb3AyT19pNnZwYS1lclJf
bmJXZG5aVWpJLmNlcjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJzeW5j
Oi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMC8wRDEwRThB
NzYzQkY4QkFCRTk2QkU3QUI0N0Y5REI1OUQ5RDk1MjMyLm1mdDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb0l5
fQCqxMQtAd+q6BH3sUvcGD2U5lsZOjOc+3ftauqv+jysjjE3QAosBfKBNuJOOG+R
9lBZMMPUqKbvX+ojv5p2D/OLFmhrkwfdxaUC2hn1vZSNQMz752a8DmQooLNJ30C1
Crc4/pQXytf0Q8iPajcDIclc+4KM7ODUWs5DCxsYvn7pjTy3Sw+py5gLwMTxyaBv
SJAFgPDkhowqP9+p362b/Pj4Fj/YdieScByKLMq94LrpNm0JVsPom+fW2z8Qcccg
OUeF4343zem0xw8NjijFlS+NzH0ooAeUmrxPALVWOyatcPkgDEZq8engy5MZ2hnu
xtpoQKwc14bktl2wjg==
-----END CERTIFICATE-----