Manifest

$ rpki-client -vvf rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/3B86A4A45380C6D455CDE580DED1BC5612D0A578.mft
File:                     3B86A4A45380C6D455CDE580DED1BC5612D0A578.mft (raw, json)
Hash identifier:          hvhyramg1H25rcE/kblWL0IORQvGwgUMWXZUdNT69/8=
Subject key identifier:   8D:BA:D9:15:9C:6E:25:78:24:EA:9F:56:EE:30:57:63:45:D2:67:34
Authority key identifier: 3B:86:A4:A4:53:80:C6:D4:55:CD:E5:80:DE:D1:BC:56:12:D0:A5:78
Certificate issuer:       /CN=3B86A4A45380C6D455CDE580DED1BC5612D0A578
Certificate serial:       6CBCED9DCB47DE55D90CBFEE10A09DCAD92A6BCD
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/3B86A4A45380C6D455CDE580DED1BC5612D0A578.cer
Subject info access:      rsync://rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/3B86A4A45380C6D455CDE580DED1BC5612D0A578.mft
Manifest number:          BE
Signing time:             Sat 23 Nov 2024 05:59:17 +0000
Manifest this update:     Sat 23 Nov 2024 05:54:15 +0000
Manifest next update:     Sun 24 Nov 2024 06:55:15 +0000
Files and hashes:         1: 3B86A4A45380C6D455CDE580DED1BC5612D0A578.crl (hash: NRI2dDTiYuMZrE39IN4ajg2wTHjAyiae/isUgDu8gAI=)
                          2: 326131313a663263303a666664303a3a2f34382d3438203d3e20323135303639.roa (hash: i2iB6YVLT5JYbpw54S9VrpRYgnjxp0KAmu7VBiJDogE=)
                          3: 326131313a663263303a666664343a3a2f34362d3436203d3e20323135303639.roa (hash: peEWNd0YL6h2f+IuETNQmau2DbuDTFrugtWV/YFAw0I=)
                          4: 326131313a663263303a666664313a3a2f34382d3438203d3e20323135303639.roa (hash: JfPLPRAt2VAp3nl2F0n1tbo6w9Newb0Wr4PBuXgYvr8=)
                          5: 326131313a663263303a666664643a3a2f34382d3438203d3e20323135303639.roa (hash: bGVhhAjrSr3hrPp0uo7loREHTNsf8cdWrceDPcnFXQ8=)
                          6: 326131313a663263303a666664653a3a2f34382d3438203d3e20323135303639.roa (hash: ClVHvr7GojPar4zAMCD4eI2tBACybHPAaOLXDJDUg04=)
                          7: 326131313a663263303a666664633a3a2f34382d3438203d3e20323135303639.roa (hash: K9EknQecR357zyEbt4Ik18qSt5faBYxt5/KQfQFvBXQ=)

Validation:               OK
Signature path:           rsync://rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/3B86A4A45380C6D455CDE580DED1BC5612D0A578.crl
                          rsync://rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/3B86A4A45380C6D455CDE580DED1BC5612D0A578.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/3B86A4A45380C6D455CDE580DED1BC5612D0A578.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 17:45:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:bc:ed:9d:cb:47:de:55:d9:0c:bf:ee:10:a0:9d:ca:d9:2a:6b:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3B86A4A45380C6D455CDE580DED1BC5612D0A578
        Validity
            Not Before: Nov 23 05:54:15 2024 GMT
            Not After : Nov 24 06:55:15 2024 GMT
        Subject: CN=8DBAD9159C6E257824EA9F56EE30576345D26734
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f2:46:b8:b4:0a:6a:64:c1:d3:4e:5c:44:f5:
                    c4:2f:62:8e:85:2e:66:bd:11:7e:ad:ce:9e:af:31:
                    fb:2d:47:f6:81:ee:77:21:a6:94:c7:d0:92:fd:e4:
                    b2:c5:55:89:d0:5c:99:d5:5a:76:43:86:ed:d3:ae:
                    27:1d:22:c5:16:e6:b2:91:84:89:b7:b6:d9:38:dd:
                    3f:94:f8:bf:0f:11:22:42:84:9d:6a:d0:dc:07:00:
                    56:23:8b:d7:b1:39:5e:37:d6:6c:4b:c6:e2:29:d7:
                    c0:23:ae:be:98:84:dc:02:7b:08:3a:be:16:f7:5e:
                    d2:e1:9e:c6:d0:38:d8:83:5f:df:03:6f:9a:54:c5:
                    b2:3d:28:42:21:9c:2d:d2:87:51:45:c5:ea:03:1a:
                    38:13:04:04:ad:88:54:06:18:8e:54:8f:83:99:1e:
                    f5:ae:cf:f1:a7:ec:50:d2:2f:a9:e0:6f:7a:31:fb:
                    ea:35:89:ab:b9:83:5c:95:6e:a0:b8:83:d4:b4:0d:
                    62:e4:42:41:b1:30:85:36:18:e0:dc:42:0b:64:62:
                    a2:cf:00:b0:76:00:b6:ba:8f:cb:64:50:e7:aa:70:
                    34:f9:49:bd:1a:4c:7b:36:57:ed:ef:c7:e7:43:f5:
                    3a:5f:69:b1:b4:e7:fb:31:a7:2c:64:63:92:9c:c9:
                    5f:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:BA:D9:15:9C:6E:25:78:24:EA:9F:56:EE:30:57:63:45:D2:67:34
            X509v3 Authority Key Identifier:
                keyid:3B:86:A4:A4:53:80:C6:D4:55:CD:E5:80:DE:D1:BC:56:12:D0:A5:78

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/3B86A4A45380C6D455CDE580DED1BC5612D0A578.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/3B86A4A45380C6D455CDE580DED1BC5612D0A578.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/3B86A4A45380C6D455CDE580DED1BC5612D0A578.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:a6:22:c2:dd:3d:4e:6f:94:d3:d1:29:ea:93:9b:c3:55:a8:
         ef:a6:e2:02:fe:2c:b7:41:5f:1d:9a:96:8f:0c:c1:ea:01:a1:
         91:5e:ad:48:26:b8:a5:8b:3c:51:5f:2a:a0:c2:5e:c2:0b:d6:
         b4:a6:71:dd:6e:2c:9d:ac:53:d0:17:74:c0:bf:fd:e6:47:38:
         99:a9:4d:ac:0f:ca:9d:1f:71:36:f5:da:01:a0:ed:43:bc:14:
         45:dd:bf:52:fa:f5:64:0a:88:64:c3:80:0b:5b:89:fc:9f:53:
         2b:7b:0e:9a:59:04:7b:a1:e7:a2:ae:d8:6b:97:a0:6e:f3:ab:
         a3:42:8e:bd:dd:d6:e3:72:e1:46:01:5b:ab:a3:f7:39:5c:e9:
         58:bc:a5:6d:1b:06:2d:6e:36:eb:a5:6e:f8:7c:a7:0c:8e:b3:
         f0:60:ec:1c:6d:7e:fb:0b:65:1e:7f:09:1d:9a:3f:51:d2:e8:
         ea:cd:6e:94:da:b7:f5:6c:1a:f9:a7:33:c2:82:6a:a0:a2:0d:
         e9:aa:80:9c:f9:0a:41:47:ad:00:8b:c7:44:bc:da:9a:31:a8:
         ef:9c:5a:54:e0:c1:79:fe:cf:d3:67:9a:f3:25:8e:15:bb:a5:
         c9:1f:e7:12:dd:c5:57:26:5c:0d:05:51:3d:f3:71:b4:50:bd:
         e1:27:c1:51
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIUbLztnctH3lXZDL/uEKCdytkqa80wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0I4NkE0QTQ1MzgwQzZENDU1Q0RFNTgwREVEMUJDNTYx
MkQwQTU3ODAeFw0yNDExMjMwNTU0MTVaFw0yNDExMjQwNjU1MTVaMDMxMTAvBgNV
BAMTKDhEQkFEOTE1OUM2RTI1NzgyNEVBOUY1NkVFMzA1NzYzNDVEMjY3MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC58ka4tApqZMHTTlxE9cQvYo6F
Lma9EX6tzp6vMfstR/aB7nchppTH0JL95LLFVYnQXJnVWnZDhu3TricdIsUW5rKR
hIm3ttk43T+U+L8PESJChJ1q0NwHAFYji9exOV431mxLxuIp18Ajrr6YhNwCewg6
vhb3XtLhnsbQONiDX98Db5pUxbI9KEIhnC3Sh1FFxeoDGjgTBAStiFQGGI5Uj4OZ
HvWuz/Gn7FDSL6ngb3ox++o1iau5g1yVbqC4g9S0DWLkQkGxMIU2GODcQgtkYqLP
ALB2ALa6j8tkUOeqcDT5Sb0aTHs2V+3vx+dD9TpfabG05/sxpyxkY5KcyV9lAgMB
AAGjggJ4MIICdDAdBgNVHQ4EFgQUjbrZFZxuJXgk6p9W7jBXY0XSZzQwHwYDVR0j
BBgwFoAUO4akpFOAxtRVzeWA3tG8VhLQpXgwDgYDVR0PAQH/BAQDAgeAMIGPBgNV
HR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3Jwa2ktcmVwby5hczIwNzk2MC5uZXQv
cmVwby9ycGtpX2NhXzI1NDA1Yzc2YzdhMDQzYzg5YWNlMTY3ZTlkMmNmNzljLzAv
M0I4NkE0QTQ1MzgwQzZENDU1Q0RFNTgwREVEMUJDNTYxMkQwQTU3OC5jcmwwgZ4G
CCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3luYy5wYWFz
LnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9kZGU4MzdmYi02MzkwLTQxYjUtODJh
MC1mMGQwMmMwM2EyYzYvNy8zQjg2QTRBNDUzODBDNkQ0NTVDREU1ODBERUQxQkM1
NjEyRDBBNTc4LmNlcjCBmgYIKwYBBQUHAQsEgY0wgYowgYcGCCsGAQUFBzALhnty
c3luYzovL3Jwa2ktcmVwby5hczIwNzk2MC5uZXQvcmVwby9ycGtpX2NhXzI1NDA1
Yzc2YzdhMDQzYzg5YWNlMTY3ZTlkMmNmNzljLzAvM0I4NkE0QTQ1MzgwQzZENDU1
Q0RFNTgwREVEMUJDNTYxMkQwQTU3OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUF
BwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAImmIsLdPU5vlNPRKeqT
m8NVqO+m4gL+LLdBXx2alo8MweoBoZFerUgmuKWLPFFfKqDCXsIL1rSmcd1uLJ2s
U9AXdMC//eZHOJmpTawPyp0fcTb12gGg7UO8FEXdv1L69WQKiGTDgAtbifyfUyt7
DppZBHuh56Ku2GuXoG7zq6NCjr3d1uNy4UYBW6uj9zlc6Vi8pW0bBi1uNuulbvh8
pwyOs/Bg7BxtfvsLZR5/CR2aP1HS6OrNbpTat/VsGvmnM8KCaqCiDemqgJz5CkFH
rQCLx0S82poxqO+cWlTgwXn+z9NnmvMljhW7pckf5xLdxVcmXA0FUT3zcbRQveEn
wVE=
-----END CERTIFICATE-----