Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
File:                     h1bSd2jhHZSgu837P7zXQNRaAPQ.mft (raw, json)
Hash identifier:          Ez1mFsgZVsyA7s0/eAI1VS+a2JLeWY0Cicgv974cRFg=
Subject key identifier:   E5:B2:3C:3F:49:6F:90:9C:B8:01:1F:04:43:5D:39:E6:79:29:77:28
Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
Certificate issuer:       /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Certificate serial:       01935207789835652F80F51696B88E6F4226
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
Manifest number:          0E50
Signing time:             Fri 22 Nov 2024 04:00:41 +0000
Manifest this update:     Fri 22 Nov 2024 04:00:41 +0000
Manifest next update:     Sat 23 Nov 2024 04:00:41 +0000
Files and hashes:         1: 1ngMZoyqPATcYMBTcABa7N3O-FE.roa (hash: x+TSr0PF2rE5m3mhjAJApUDor8V935/nBArwCEApblI=)
                          2: JCV4fAUCYJdFQC2H5lStqNbmqN8.roa (hash: 2/OKfpuds2t22ksoDH7zGC2pwsCGqWMqR0aAnld7smI=)
                          3: OqTHF20Ad9u0jMzjLBY9rId96Lc.roa (hash: 6effAF04otr4LdPLXLbuWR+hSIlJiBDxw04OnNvEWrg=)
                          4: VkP5aoUuegrjIi7sbxZR52eJl-o.roa (hash: 14SCTcZln+thSCMDTzdX5sneNdGbezT0xlF28zspxLQ=)
                          5: h1bSd2jhHZSgu837P7zXQNRaAPQ.crl (hash: y72OrhFeNXiolbf1/GxvrfGQg7DOxzB5jMWU0nIMVnw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:52:07:78:98:35:65:2f:80:f5:16:96:b8:8e:6f:42:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
        Validity
            Not Before: Nov 22 04:00:41 2024 GMT
            Not After : Nov 23 04:00:41 2024 GMT
        Subject: CN=e5b23c3f496f909cb8011f04435d39e679297728
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:79:2c:0a:61:62:0e:59:f9:68:33:3d:f0:8a:
                    da:c1:70:76:ac:d5:a6:45:82:57:2d:47:7e:e8:31:
                    0a:65:ef:0f:c1:5a:81:12:6b:9f:a5:22:dd:b0:cf:
                    eb:86:01:4e:a5:88:6d:35:a2:b3:41:6d:7e:bd:f7:
                    cb:c4:f6:84:bc:62:83:f2:6c:30:85:bc:7b:f7:94:
                    af:56:71:7a:93:de:dd:ec:9a:f2:4f:3d:cd:41:2e:
                    8e:69:04:c8:3a:49:a1:64:45:70:ee:18:a8:8b:5c:
                    95:ac:bc:ba:ef:87:88:04:35:42:22:a5:d6:9e:f1:
                    14:0c:cf:8d:89:f3:e5:6c:e1:a2:cc:8f:af:14:cf:
                    71:33:65:87:f9:1d:84:3d:94:54:19:a6:71:b5:7d:
                    b9:78:f7:c4:82:da:0e:16:c9:75:30:42:eb:a0:0c:
                    a0:c2:4e:4d:6d:81:95:73:f0:4b:62:56:f1:d3:93:
                    1b:76:d6:7e:b7:da:ca:b3:50:25:74:0f:ad:30:ca:
                    d7:9e:57:dc:04:dd:aa:eb:60:0e:5a:96:24:dd:4a:
                    93:e4:f1:72:7a:81:97:92:df:ed:69:e8:48:7c:ac:
                    e0:f4:00:d4:2d:2d:68:90:ed:a8:c2:0d:14:66:3e:
                    ba:52:99:ea:d9:bb:32:18:e8:90:82:f3:36:10:d7:
                    df:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:B2:3C:3F:49:6F:90:9C:B8:01:1F:04:43:5D:39:E6:79:29:77:28
            X509v3 Authority Key Identifier:
                keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:78:bc:84:db:29:1b:45:09:f2:68:ea:29:c8:6b:af:2d:ec:
         52:fc:b0:2f:63:c4:00:03:55:bb:42:99:73:72:d6:22:b6:3e:
         95:18:0f:ac:7f:41:6a:8e:cb:63:05:3a:2e:a4:82:2f:55:cd:
         74:fb:40:8f:54:a8:90:51:f9:97:f8:85:14:25:75:6e:eb:27:
         9d:1b:60:22:f8:11:82:71:1d:59:e8:69:74:b2:25:b7:7c:f9:
         1d:8f:43:34:69:6a:a6:cc:2c:be:7c:9e:08:8b:7c:26:9a:61:
         ee:da:ef:02:c7:75:79:d8:de:0e:79:7e:03:2f:e3:a2:5f:c3:
         fa:2f:10:47:33:51:5e:e7:01:c0:35:97:76:47:42:a3:df:23:
         31:f3:9b:17:f4:b9:ca:0d:bb:fa:b7:2d:1f:b0:7d:82:82:03:
         e5:fe:60:51:6c:0d:fd:d1:01:91:de:c0:23:c4:f3:31:ac:24:
         ed:f6:fd:64:1e:ed:11:6f:33:2e:15:f7:1d:f8:57:45:67:c3:
         b9:37:ac:22:13:88:30:0b:8d:ed:1e:3b:47:9f:b7:06:ed:eb:
         e2:64:64:fa:7a:e5:f3:8d:d7:df:92:f5:61:a6:80:86:41:f6:
         5e:18:c9:6f:f5:31:e8:fa:3a:77:8a:56:d6:ee:fb:63:b1:db:
         31:ce:cd:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNSB3iYNWUvgPUWlriOb0ImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1
YTAwZjQwHhcNMjQxMTIyMDQwMDQxWhcNMjQxMTIzMDQwMDQxWjAzMTEwLwYDVQQD
EyhlNWIyM2MzZjQ5NmY5MDljYjgwMTFmMDQ0MzVkMzllNjc5Mjk3NzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunksCmFiDln5aDM98IrawXB2rNWm
RYJXLUd+6DEKZe8PwVqBEmufpSLdsM/rhgFOpYhtNaKzQW1+vffLxPaEvGKD8mww
hbx795SvVnF6k97d7JryTz3NQS6OaQTIOkmhZEVw7hioi1yVrLy674eIBDVCIqXW
nvEUDM+NifPlbOGizI+vFM9xM2WH+R2EPZRUGaZxtX25ePfEgtoOFsl1MELroAyg
wk5NbYGVc/BLYlbx05MbdtZ+t9rKs1AldA+tMMrXnlfcBN2q62AOWpYk3UqT5PFy
eoGXkt/taehIfKzg9ADULS1okO2owg0UZj66Upnq2bsyGOiQgvM2ENffgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOWyPD9Jb5CcuAEfBENdOeZ5KXcoMB8GA1UdIwQY
MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt
YzNhMDJkN2MwNjk3LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3
LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWni8hNsp
G0UJ8mjqKchrry3sUvywL2PEAANVu0KZc3LWIrY+lRgPrH9Bao7LYwU6LqSCL1XN
dPtAj1SokFH5l/iFFCV1busnnRtgIvgRgnEdWehpdLIlt3z5HY9DNGlqpswsvnye
CIt8Jpph7trvAsd1edjeDnl+Ay/jol/D+i8QRzNRXucBwDWXdkdCo98jMfObF/S5
yg27+rctH7B9goID5f5gUWwN/dEBkd7AI8TzMawk7fb9ZB7tEW8zLhX3HfhXRWfD
uTesIhOIMAuN7R47R5+3Bu3r4mRk+nrl843X35L1YaaAhkH2XhjJb/Ux6Po6d4pW
1u77Y7HbMc7Nuw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:35:34 2024 by rpki-client on console-fra.rpki-client.org