Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.mft
File:                     t1oFZtC2Oh-GLYNFjk8upv2PfSE.mft (raw, json)
Hash identifier:          WX22VnZokLy+kSG4btbgaqItKrI/9kSQ4gsvlHl/r6w=
Subject key identifier:   9D:05:43:BE:F9:90:0B:7E:BC:30:48:03:84:CD:6C:BE:37:2F:37:01
Authority key identifier: B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
Certificate issuer:       /CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Certificate serial:       018DDD90B595B78087020320DFA4838F5F29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.mft
Manifest number:          109F
Signing time:             Sun 25 Feb 2024 00:01:04 +0000
Manifest this update:     Sun 25 Feb 2024 00:01:04 +0000
Manifest next update:     Mon 26 Feb 2024 00:01:04 +0000
Files and hashes:         1: OuOBCYSSPCNK-LIQuu7JFI-SmCk.roa (hash: XB3AHKUGzdVmmgT5L2Wt836t/O/Cg7ZNzb1JZKMzzxY=)
                          2: cpKXOzn76B-M7aAZhhP89m2AH5w.roa (hash: T8KXUzbWNdvirwpnZ02/qyJWwMzxkbhEHCPCe9SDuIU=)
                          3: m8pNJFaEV-A7Kq-qSXN1kTxuO24.roa (hash: qqS1sxybHHlJ6ZlRsyl8Xz9TMyKgTg29tuvKHyRbB6s=)
                          4: qjXZ4nLPhHlaxFoRb5vNlR8VsqA.roa (hash: 82k+3DdkBYMzk1a8vgCgp4aWIUun9tBmP38rYTWSyDg=)
                          5: t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl (hash: wjTdrofixQZ6XPXCTurwf4TaXcxUfXFwM3Nv8N/66Bk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Feb 2024 19:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:dd:90:b5:95:b7:80:87:02:03:20:df:a4:83:8f:5f:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
        Validity
            Not Before: Feb 25 00:01:04 2024 GMT
            Not After : Feb 26 00:01:04 2024 GMT
        Subject: CN=9d0543bef9900b7ebc30480384cd6cbe372f3701
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:41:10:02:58:db:ee:be:6d:14:f7:33:67:82:
                    ae:8c:c2:41:39:15:29:f6:b6:8f:10:43:6b:4f:f1:
                    5d:74:56:f4:1b:b3:e9:69:61:a4:d6:d4:00:e9:26:
                    64:c6:85:91:1d:d2:cd:9a:91:6b:55:e9:2e:35:05:
                    68:83:88:ec:23:69:4f:d5:36:a7:a6:78:f3:8c:90:
                    59:36:76:87:80:8d:e0:fd:9a:5a:05:ee:ca:d0:01:
                    43:f7:f7:33:69:df:04:6e:17:e1:cd:3c:59:5c:9f:
                    e2:0e:12:26:37:c4:7b:ee:cb:ae:4d:07:5f:5f:e3:
                    f8:a0:68:69:df:e3:28:3b:71:55:61:2e:c0:5a:df:
                    eb:65:8d:55:60:7e:df:84:a5:72:db:c8:74:37:af:
                    e9:7e:4d:8b:38:ca:fa:5e:3c:7b:42:4a:49:79:e4:
                    ee:ae:3d:a1:e0:50:bd:d0:86:3d:b3:e6:aa:ca:e6:
                    0b:9c:dd:56:75:5f:2c:8a:fe:87:a5:5e:80:6d:bc:
                    83:59:d1:53:aa:8d:94:d9:c4:4a:78:52:d5:d4:d8:
                    c7:f3:ef:94:6e:bb:bd:40:3b:5f:13:a5:7c:2e:d1:
                    e2:fe:11:1d:18:fd:f7:18:ef:ac:23:f3:03:84:f3:
                    55:02:c2:b9:d9:94:2f:ce:7d:15:bc:37:69:9d:ce:
                    8e:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:05:43:BE:F9:90:0B:7E:BC:30:48:03:84:CD:6C:BE:37:2F:37:01
            X509v3 Authority Key Identifier:
                keyid:B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:52:85:3c:91:90:10:9d:b6:cc:58:43:56:3b:81:c1:6a:c0:
         88:53:35:4a:85:93:b7:1b:ce:2f:0d:90:42:60:56:8f:28:ef:
         47:2e:7a:b8:a7:9d:37:04:4b:15:a1:c8:78:82:3c:aa:8d:fd:
         42:9c:a7:22:19:9b:1c:f3:64:d6:b0:60:24:bc:45:ac:23:80:
         f3:cb:8e:56:e1:49:a6:90:75:fb:67:d8:f2:38:2b:28:af:b9:
         0f:89:01:a9:34:dc:ba:2e:65:39:d9:03:36:4f:38:c2:39:04:
         44:20:24:9a:31:db:8c:11:3b:bb:47:03:6a:77:0f:1e:80:38:
         a9:46:95:ce:01:c3:0d:59:61:30:ff:27:d5:56:8c:13:8f:3d:
         08:a3:8f:9a:4e:9d:2d:18:ed:d9:48:d7:d2:03:7c:c6:1b:34:
         50:b3:24:8c:93:8b:fe:9e:81:a2:28:f9:d7:b1:81:11:36:e1:
         9e:5b:9a:61:80:74:b5:11:20:be:48:1e:2c:24:a8:19:db:80:
         8c:38:71:af:72:cf:3e:14:87:19:87:da:4d:20:a3:0b:e1:90:
         da:90:30:56:8d:49:89:3b:b9:fc:c1:0c:7d:cf:1f:78:2c:c4:
         66:2b:23:2c:29:fb:42:6b:e5:85:a2:83:52:51:44:a4:2a:f9:
         db:a0:bc:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY3dkLWVt4CHAgMg36SDj18pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NWEwNTY2ZDBiNjNhMWY4NjJkODM0NThlNGYyZWE2ZmQ4
ZjdkMjEwHhcNMjQwMjI1MDAwMTA0WhcNMjQwMjI2MDAwMTA0WjAzMTEwLwYDVQQD
Eyg5ZDA1NDNiZWY5OTAwYjdlYmMzMDQ4MDM4NGNkNmNiZTM3MmYzNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkEQAljb7r5tFPczZ4KujMJBORUp
9raPEENrT/FddFb0G7PpaWGk1tQA6SZkxoWRHdLNmpFrVekuNQVog4jsI2lP1Tan
pnjzjJBZNnaHgI3g/ZpaBe7K0AFD9/czad8EbhfhzTxZXJ/iDhImN8R77suuTQdf
X+P4oGhp3+MoO3FVYS7AWt/rZY1VYH7fhKVy28h0N6/pfk2LOMr6Xjx7QkpJeeTu
rj2h4FC90IY9s+aqyuYLnN1WdV8siv6HpV6AbbyDWdFTqo2U2cRKeFLV1NjH8++U
bru9QDtfE6V8LtHi/hEdGP33GO+sI/MDhPNVAsK52ZQvzn0VvDdpnc6OuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ0FQ775kAt+vDBIA4TNbL43LzcBMB8GA1UdIwQY
MBaAFLdaBWbQtjofhi2DRY5PLqb9j30hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQt
ODNmNjAxYzNmYjU5LzEvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQtODNmNjAxYzNmYjU5
LzEvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL1KFPJGQ
EJ22zFhDVjuBwWrAiFM1SoWTtxvOLw2QQmBWjyjvRy56uKedNwRLFaHIeII8qo39
QpynIhmbHPNk1rBgJLxFrCOA88uOVuFJppB1+2fY8jgrKK+5D4kBqTTcui5lOdkD
Nk84wjkERCAkmjHbjBE7u0cDancPHoA4qUaVzgHDDVlhMP8n1VaME489CKOPmk6d
LRjt2UjX0gN8xhs0ULMkjJOL/p6Boij517GBETbhnluaYYB0tREgvkgeLCSoGduA
jDhxr3LPPhSHGYfaTSCjC+GQ2pAwVo1JiTu5/MEMfc8feCzEZisjLCn7QmvlhaKD
UlFEpCr526C8wA==
-----END CERTIFICATE-----
Generated at Sun Feb 25 03:43:48 2024 by rpki-client on console-fra.rpki-client.org