Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
File:                     bOl89NjQvBezrx1ixNcUiGYb0hI.mft (raw, json)
Hash identifier:          yP4AXbWmqtQETtXj/DXGPrQngmV/49WcD2orhg86Oac=
Subject key identifier:   A2:76:10:10:3E:0D:28:C8:E5:8B:D6:BC:62:5B:EF:85:12:CF:1F:5F
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Certificate issuer:       /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial:       0193666A24CE457819FC42E69DC9B2CAA4AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
Manifest number:          1381
Signing time:             Tue 26 Nov 2024 03:00:52 +0000
Manifest this update:     Tue 26 Nov 2024 03:00:52 +0000
Manifest next update:     Wed 27 Nov 2024 03:00:52 +0000
Files and hashes:         1: 1NbrHWDxB9nx-WZIehALBx5tYMs.roa (hash: byr4cP5NgOmBJ5NmdnKLJkjMbbf+dUAjWaUlmK3o4CY=)
                          2: BGFq6mXItjlOiyBcvGQWJ0-fX_c.roa (hash: nXAgFUb/2Gi0iPn9N30HSosczOix9Ur9UFsd2wCEwfo=)
                          3: DDSC7yu_ArGqLk0-ihlJmU1SWJw.roa (hash: KAaWww/euDluMCDNVakBB0bMY1+sqEJQO3TRwUj1HZA=)
                          4: EglGLNrgBUpDtEIjKNJLTPf7uug.roa (hash: wVOzhaJxYgdKk/0qPzCpHqJUbaM7hk+Xsgr/CRFP1L4=)
                          5: IxaR3wnnSdMRPGzdMdQoiGON4RY.roa (hash: FuoVNn2ZlNB30ISqy7VMWR13dGmP3YSONM/etCPrnHE=)
                          6: K-lpJ2fFe5K0L2P4pPMsy6pZhdY.roa (hash: vcLqv6YLqwWrxOoe+Pf1eBS6ZJUmboVFBDgjWAR8Q4M=)
                          7: R8CrJzoCcrjcAr9IBwKafsofric.roa (hash: m9WLKNIhXBay7PcGzD56enNEFiHGj2d2ZbGN8DYiUE8=)
                          8: SmSo9GGQlhazZYGqHzYJvDE5d34.roa (hash: IgwMZ9ee/83yR7/okeMCQ+fYGG0JeijKVyiZNyamPyg=)
                          9: YhGXlU4RBACXXw3aykCuyT2I4dM.roa (hash: Jxc+8DcghYnjSvPy3hZcZ0xqmuGKYbST5oc7j/ZKvWk=)
                          10: a0TwfQ9Qx5cy3vHubsSqyVNmLxs.roa (hash: eduZF2bHGInEREs+mvxIxWphMLdio9fFjK83ggHCwp4=)
                          11: bOl89NjQvBezrx1ixNcUiGYb0hI.crl (hash: oF+C+C5Do5lkJ5E68Q2M74E46/OL5Y596V4o+UZVFEg=)
                          12: gWoHJiZcurg8ZaFdaD4ilGA8aKE.roa (hash: m1PhSdtBB0BWJlkHyG2FMMnyrxxxCeOIC9Dc8lGXFuU=)
                          13: hX59_ynHOXFGVAj80lFXs_KvioQ.roa (hash: MO05Ez/e1tLP0rIJZ9WbjZDoXcPdg1+CUAy/YDviIbw=)
                          14: jNmcEGlij-JbNVxxDuucnQlCrcE.roa (hash: 7AYn/FqY4h0muoIe9pFM8fB9gjlmcue8ES5gRxc11Ec=)
                          15: mcJtpG7YOupodFY0SPO2LP7gQzU.roa (hash: msLO5kC4Sci96Lc9ryZ2YTdJYCT9/yydCJZ7yg9VtwE=)
                          16: npEpsqFcb-0hsZ0um-1TKUpqKW4.roa (hash: i2ZOe7Ddd8YcYuz6R1bUt10gldu9uIxTo6kCxdsDVbk=)
                          17: u5YmdIqOh1QMSxXcLf3-3Kk21Tw.roa (hash: Omhe9k1TFHAHycfmZUBvYvYMAzauAHon5PcpsG0tlvk=)
                          18: zec83eBAcszlF2bWanOpPmc4qfs.roa (hash: hjcBIIGOLtdKOyIjj8/8UyvO+bvMWH6BbMWJlJpKKwQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 23:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:66:6a:24:ce:45:78:19:fc:42:e6:9d:c9:b2:ca:a4:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
        Validity
            Not Before: Nov 26 03:00:52 2024 GMT
            Not After : Nov 27 03:00:52 2024 GMT
        Subject: CN=a27610103e0d28c8e58bd6bc625bef8512cf1f5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:28:64:b4:dd:7d:ec:55:78:9e:ed:92:f9:3c:
                    d4:f8:13:8f:f1:f9:ad:1c:ec:35:93:e1:32:28:46:
                    a9:a8:d3:5e:2d:23:6b:60:f6:75:9c:c3:3d:cc:16:
                    15:98:ac:39:f5:41:cd:92:cd:a3:6e:4b:64:a0:5c:
                    06:f4:38:85:5a:e8:f8:00:eb:ce:fc:25:61:4d:15:
                    c6:ac:60:c8:97:f1:05:ba:a4:3e:02:fa:42:8c:13:
                    a5:3b:2f:71:f5:9d:29:8c:d4:81:5d:56:e7:2f:9c:
                    e9:c0:ed:62:f6:91:31:09:c6:27:13:30:40:77:14:
                    b2:d8:fa:2b:35:8d:3e:45:09:73:61:1a:d8:0c:1d:
                    53:ba:44:77:41:34:45:c5:db:e3:8a:ca:be:bc:4d:
                    38:ff:49:45:56:49:e2:23:ad:d2:b6:e6:3a:60:a9:
                    0b:10:79:a6:2c:ab:4e:94:e8:2f:ea:c1:5f:b3:ab:
                    1c:12:98:53:5d:1c:c9:23:8e:13:c7:47:cb:71:68:
                    37:22:1d:e0:24:86:8f:b7:13:e7:b9:db:77:74:55:
                    28:31:1f:e7:10:3d:b5:8d:c0:20:2a:e9:03:6b:9b:
                    56:aa:fc:a2:b1:5b:93:73:69:13:fb:41:e9:6e:60:
                    5c:66:40:c0:11:a7:67:d2:6a:3f:4d:da:2d:d5:f6:
                    bf:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:76:10:10:3E:0D:28:C8:E5:8B:D6:BC:62:5B:EF:85:12:CF:1F:5F
            X509v3 Authority Key Identifier:
                keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:8c:42:1c:ac:92:4b:9b:b6:59:e5:fb:8a:2b:87:ac:e7:e8:
         28:af:52:bb:14:8d:4a:73:b7:c5:3e:17:78:aa:9c:3f:18:0a:
         61:ba:8c:a3:a8:71:d2:a0:2e:b9:58:7a:71:fb:20:e6:4a:03:
         53:44:d9:94:95:d6:e0:ba:10:65:1b:68:60:1d:96:8c:7d:5e:
         79:05:f5:f4:3b:47:80:52:8d:97:03:1e:09:9e:ab:b0:09:b6:
         c8:2f:62:2d:67:cb:2b:22:9a:a3:c6:60:2e:55:0b:e9:cd:f3:
         1f:a7:bd:e0:a5:b5:4e:ac:1f:43:e6:b6:b5:f2:0b:c4:1f:73:
         38:3d:1f:80:1c:71:2c:24:46:0b:90:7a:15:a9:f0:a3:f0:4b:
         07:e6:ad:16:35:99:f1:3c:08:5b:7f:6f:54:b9:23:af:21:52:
         c4:3d:ed:14:7a:cf:ce:17:af:44:8d:b6:c5:83:7c:02:21:75:
         4b:1e:cc:71:1e:09:0b:4c:44:c3:60:d9:dc:77:b0:c8:d6:43:
         8c:16:1e:68:4c:6c:29:68:b7:dc:6f:51:43:57:9a:9f:23:ec:
         b1:f8:79:4a:9c:61:da:49:d8:fe:22:10:81:f5:15:b2:13:40:
         ec:04:f3:df:ce:7e:cc:83:58:3f:5a:59:c4:4c:65:60:41:b5:
         8f:c7:70:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNmaiTORXgZ/ELmncmyyqSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjQxMTI2MDMwMDUyWhcNMjQxMTI3MDMwMDUyWjAzMTEwLwYDVQQD
EyhhMjc2MTAxMDNlMGQyOGM4ZTU4YmQ2YmM2MjViZWY4NTEyY2YxZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyhktN197FV4nu2S+TzU+BOP8fmt
HOw1k+EyKEapqNNeLSNrYPZ1nMM9zBYVmKw59UHNks2jbktkoFwG9DiFWuj4AOvO
/CVhTRXGrGDIl/EFuqQ+AvpCjBOlOy9x9Z0pjNSBXVbnL5zpwO1i9pExCcYnEzBA
dxSy2PorNY0+RQlzYRrYDB1TukR3QTRFxdvjisq+vE04/0lFVkniI63StuY6YKkL
EHmmLKtOlOgv6sFfs6scEphTXRzJI44Tx0fLcWg3Ih3gJIaPtxPnudt3dFUoMR/n
ED21jcAgKukDa5tWqvyisVuTc2kT+0HpbmBcZkDAEadn0mo/Tdot1fa/HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJ2EBA+DSjI5YvWvGJb74USzx9fMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYYxCHKyS
S5u2WeX7iiuHrOfoKK9SuxSNSnO3xT4XeKqcPxgKYbqMo6hx0qAuuVh6cfsg5koD
U0TZlJXW4LoQZRtoYB2WjH1eeQX19DtHgFKNlwMeCZ6rsAm2yC9iLWfLKyKao8Zg
LlUL6c3zH6e94KW1TqwfQ+a2tfILxB9zOD0fgBxxLCRGC5B6Fanwo/BLB+atFjWZ
8TwIW39vVLkjryFSxD3tFHrPzhevRI22xYN8AiF1Sx7McR4JC0xEw2DZ3HewyNZD
jBYeaExsKWi33G9RQ1eanyPssfh5Spxh2knY/iIQgfUVshNA7ATz385+zINYP1pZ
xExlYEG1j8dwIQ==
-----END CERTIFICATE-----