Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
File:                     bOl89NjQvBezrx1ixNcUiGYb0hI.mft (raw, json)
Hash identifier:          EQ8f+Ep2vm+Q3zv8ZsyMAQzXW+81zsXXwrvm0TegKxc=
Subject key identifier:   F7:C4:80:C2:A5:0A:7F:72:BA:E6:A4:C8:98:98:DE:81:1E:A4:DB:FC
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Certificate issuer:       /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial:       018F88C8C782050C76E02745BA562EFD5DBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
Manifest number:          1180
Signing time:             Fri 17 May 2024 23:00:10 +0000
Manifest this update:     Fri 17 May 2024 23:00:10 +0000
Manifest next update:     Sat 18 May 2024 23:00:10 +0000
Files and hashes:         1: 1NbrHWDxB9nx-WZIehALBx5tYMs.roa (hash: byr4cP5NgOmBJ5NmdnKLJkjMbbf+dUAjWaUlmK3o4CY=)
                          2: 4IksMn1VNkjLPKwVzdb8P1eAcwU.roa (hash: veoZaZVXEmzQBZQ/BDY+lEkyQJqK+Ml4l8NL5b7jVjY=)
                          3: BGFq6mXItjlOiyBcvGQWJ0-fX_c.roa (hash: nXAgFUb/2Gi0iPn9N30HSosczOix9Ur9UFsd2wCEwfo=)
                          4: DDSC7yu_ArGqLk0-ihlJmU1SWJw.roa (hash: KAaWww/euDluMCDNVakBB0bMY1+sqEJQO3TRwUj1HZA=)
                          5: EglGLNrgBUpDtEIjKNJLTPf7uug.roa (hash: wVOzhaJxYgdKk/0qPzCpHqJUbaM7hk+Xsgr/CRFP1L4=)
                          6: IxaR3wnnSdMRPGzdMdQoiGON4RY.roa (hash: FuoVNn2ZlNB30ISqy7VMWR13dGmP3YSONM/etCPrnHE=)
                          7: K-lpJ2fFe5K0L2P4pPMsy6pZhdY.roa (hash: vcLqv6YLqwWrxOoe+Pf1eBS6ZJUmboVFBDgjWAR8Q4M=)
                          8: KSBcUA_hEs-sNQMn752II5cD4Ws.roa (hash: scijqL9KhhrvNUgKzRDO/IgZOH9HZKaeRpNYU1U5/rc=)
                          9: SmSo9GGQlhazZYGqHzYJvDE5d34.roa (hash: IgwMZ9ee/83yR7/okeMCQ+fYGG0JeijKVyiZNyamPyg=)
                          10: YhGXlU4RBACXXw3aykCuyT2I4dM.roa (hash: Jxc+8DcghYnjSvPy3hZcZ0xqmuGKYbST5oc7j/ZKvWk=)
                          11: a0TwfQ9Qx5cy3vHubsSqyVNmLxs.roa (hash: eduZF2bHGInEREs+mvxIxWphMLdio9fFjK83ggHCwp4=)
                          12: bOl89NjQvBezrx1ixNcUiGYb0hI.crl (hash: KoheS3BNpovj0N01D2EEKcSnavb9pS9n8+GRQoSbeGI=)
                          13: gWoHJiZcurg8ZaFdaD4ilGA8aKE.roa (hash: m1PhSdtBB0BWJlkHyG2FMMnyrxxxCeOIC9Dc8lGXFuU=)
                          14: hX59_ynHOXFGVAj80lFXs_KvioQ.roa (hash: MO05Ez/e1tLP0rIJZ9WbjZDoXcPdg1+CUAy/YDviIbw=)
                          15: jNmcEGlij-JbNVxxDuucnQlCrcE.roa (hash: 7AYn/FqY4h0muoIe9pFM8fB9gjlmcue8ES5gRxc11Ec=)
                          16: mcJtpG7YOupodFY0SPO2LP7gQzU.roa (hash: msLO5kC4Sci96Lc9ryZ2YTdJYCT9/yydCJZ7yg9VtwE=)
                          17: npEpsqFcb-0hsZ0um-1TKUpqKW4.roa (hash: i2ZOe7Ddd8YcYuz6R1bUt10gldu9uIxTo6kCxdsDVbk=)
                          18: u5YmdIqOh1QMSxXcLf3-3Kk21Tw.roa (hash: Omhe9k1TFHAHycfmZUBvYvYMAzauAHon5PcpsG0tlvk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:c8:c7:82:05:0c:76:e0:27:45:ba:56:2e:fd:5d:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
        Validity
            Not Before: May 17 23:00:10 2024 GMT
            Not After : May 18 23:00:10 2024 GMT
        Subject: CN=f7c480c2a50a7f72bae6a4c89898de811ea4dbfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:81:77:ba:89:c7:5c:be:4d:8c:0e:6e:b7:e6:
                    28:f5:f3:05:a0:e1:4d:92:f0:9b:d9:fc:eb:2d:0c:
                    21:48:35:d9:9b:e6:3e:2a:1c:64:59:f4:eb:84:ca:
                    7b:7c:0b:38:8a:8c:30:fd:3b:a2:d6:07:32:92:06:
                    f4:8a:a1:a1:c9:ba:80:c5:ae:e9:0e:d1:c1:30:3c:
                    30:7d:36:74:55:4b:c0:c7:1d:f4:9c:05:bb:81:5b:
                    bf:55:8b:99:6e:64:80:ed:86:51:ed:21:e8:0c:20:
                    c1:79:ee:2b:cb:7e:c8:67:81:b4:ec:0e:1d:41:a3:
                    57:0b:4b:4c:74:b8:94:b0:df:37:10:66:d3:cf:ae:
                    09:35:5d:ae:0e:c8:3a:b2:69:8b:8d:5a:68:d7:19:
                    0a:03:d8:4b:1b:fe:2b:19:40:b0:67:04:b9:9f:2c:
                    d2:88:2e:4b:ba:78:c5:64:86:8d:8f:fa:b2:71:fe:
                    cb:75:e7:db:8f:6f:6f:2f:96:82:f3:fa:2e:7d:95:
                    06:ce:de:86:f3:c6:35:a1:26:41:a7:9e:7a:87:ba:
                    d8:76:2b:10:2b:87:5e:c2:f4:01:d5:81:64:33:1f:
                    96:77:2b:96:6b:64:10:2c:62:63:ad:4a:df:70:83:
                    23:84:82:a0:89:37:52:3c:09:cb:8c:4e:3b:07:e2:
                    32:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:C4:80:C2:A5:0A:7F:72:BA:E6:A4:C8:98:98:DE:81:1E:A4:DB:FC
            X509v3 Authority Key Identifier:
                keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:3c:e5:ff:98:39:61:87:71:81:ee:7f:75:65:12:ee:ee:a0:
         f8:3b:80:6e:41:fc:59:20:e4:e4:cd:23:cb:0a:90:2e:76:5f:
         49:01:40:22:0f:fd:84:df:03:4d:59:c8:fa:67:21:8b:86:2c:
         f4:46:42:38:18:b8:d5:03:6d:ce:f9:02:02:0e:91:db:00:68:
         73:49:fb:8c:a9:5e:7a:0f:11:ed:19:af:e3:25:aa:b4:98:1a:
         ea:9d:0c:0c:09:6c:e5:59:d6:76:f6:97:0b:6c:a3:c7:d9:38:
         77:f7:80:98:41:34:88:f9:13:5d:94:bc:0e:65:aa:a7:09:46:
         05:93:b5:c1:37:45:84:5a:c4:be:66:c9:f4:bb:e0:9d:fa:27:
         1f:04:8b:55:4a:c2:77:1d:1b:86:68:af:4f:76:b2:ff:86:0d:
         ae:82:07:7e:d5:12:7c:3e:ac:d1:d9:60:22:56:4c:62:29:f8:
         17:eb:53:57:61:9f:54:34:31:5c:d8:c9:06:9a:79:a0:f4:f5:
         5d:8f:74:3c:82:34:66:70:38:63:d5:f1:f8:5d:3b:a8:ab:27:
         a6:ba:7e:4b:77:b8:93:0f:71:ec:a7:74:04:f6:79:89:b7:f4:
         a7:08:89:d5:c1:c5:3e:c0:5f:a9:d8:09:2e:d8:03:86:59:8a:
         ec:99:e6:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IyMeCBQx24CdFulYu/V26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjQwNTE3MjMwMDEwWhcNMjQwNTE4MjMwMDEwWjAzMTEwLwYDVQQD
EyhmN2M0ODBjMmE1MGE3ZjcyYmFlNmE0Yzg5ODk4ZGU4MTFlYTRkYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoF3uonHXL5NjA5ut+Yo9fMFoOFN
kvCb2fzrLQwhSDXZm+Y+KhxkWfTrhMp7fAs4ioww/Tui1gcykgb0iqGhybqAxa7p
DtHBMDwwfTZ0VUvAxx30nAW7gVu/VYuZbmSA7YZR7SHoDCDBee4ry37IZ4G07A4d
QaNXC0tMdLiUsN83EGbTz64JNV2uDsg6smmLjVpo1xkKA9hLG/4rGUCwZwS5nyzS
iC5LunjFZIaNj/qycf7Ldefbj29vL5aC8/oufZUGzt6G88Y1oSZBp556h7rYdisQ
K4dewvQB1YFkMx+WdyuWa2QQLGJjrUrfcIMjhIKgiTdSPAnLjE47B+Iy0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPfEgMKlCn9yuuakyJiY3oEepNv8MB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlzzl/5g5
YYdxge5/dWUS7u6g+DuAbkH8WSDk5M0jywqQLnZfSQFAIg/9hN8DTVnI+mchi4Ys
9EZCOBi41QNtzvkCAg6R2wBoc0n7jKleeg8R7Rmv4yWqtJga6p0MDAls5VnWdvaX
C2yjx9k4d/eAmEE0iPkTXZS8DmWqpwlGBZO1wTdFhFrEvmbJ9LvgnfonHwSLVUrC
dx0bhmivT3ay/4YNroIHftUSfD6s0dlgIlZMYin4F+tTV2GfVDQxXNjJBpp5oPT1
XY90PII0ZnA4Y9Xx+F07qKsnprp+S3e4kw9x7Kd0BPZ5ibf0pwiJ1cHFPsBfqdgJ
LtgDhlmK7Jnmdg==
-----END CERTIFICATE-----