Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/965826-eb93-470e-b67a-64e52b9dd8d1/1/hUu3qjkIyZjePEL34YSVOLBZJhc.mft
File:                     hUu3qjkIyZjePEL34YSVOLBZJhc.mft (raw, json)
Hash identifier:          m+9Ua9jlsrvUsB0F16fFWDT1uN4tJ/2YcqHFBL+vcwI=
Subject key identifier:   11:7D:5E:6F:2D:1E:99:2E:98:2F:81:25:73:D3:B1:1E:31:D1:F2:BD
Authority key identifier: 85:4B:B7:AA:39:08:C9:98:DE:3C:42:F7:E1:84:95:38:B0:59:26:17
Certificate issuer:       /CN=854bb7aa3908c998de3c42f7e1849538b0592617
Certificate serial:       01935879473DCCB04FF5AB580520A26847E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUu3qjkIyZjePEL34YSVOLBZJhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/965826-eb93-470e-b67a-64e52b9dd8d1/1/hUu3qjkIyZjePEL34YSVOLBZJhc.mft
Manifest number:          0BF3
Signing time:             Sat 23 Nov 2024 10:02:43 +0000
Manifest this update:     Sat 23 Nov 2024 10:02:43 +0000
Manifest next update:     Sun 24 Nov 2024 10:02:43 +0000
Files and hashes:         1: Zo8ERzX9y6TGIwHrGRkqQZa2jKg.roa (hash: dIqMv5ttUNk3zenowgSDrnwSOYxqrsH2GGyNYGLHYh0=)
                          2: hUu3qjkIyZjePEL34YSVOLBZJhc.crl (hash: HoO0vmPgwsQMtppvobgcHs0jXezhip+cAelAWiWcNf8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/965826-eb93-470e-b67a-64e52b9dd8d1/1/hUu3qjkIyZjePEL34YSVOLBZJhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/965826-eb93-470e-b67a-64e52b9dd8d1/1/hUu3qjkIyZjePEL34YSVOLBZJhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hUu3qjkIyZjePEL34YSVOLBZJhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:79:47:3d:cc:b0:4f:f5:ab:58:05:20:a2:68:47:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=854bb7aa3908c998de3c42f7e1849538b0592617
        Validity
            Not Before: Nov 23 10:02:43 2024 GMT
            Not After : Nov 24 10:02:43 2024 GMT
        Subject: CN=117d5e6f2d1e992e982f812573d3b11e31d1f2bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f4:c7:cf:40:0a:39:12:04:0c:f6:b4:b8:4a:
                    dc:4d:10:cf:1f:e8:4b:c1:d8:cf:e9:e0:75:da:66:
                    33:8a:66:f9:09:44:2d:62:39:67:b8:4d:ba:4b:28:
                    1b:76:d6:b6:7f:49:db:fd:7d:a7:be:f4:49:bb:db:
                    3e:99:2a:de:ae:6d:49:0d:a6:cd:70:31:55:81:c6:
                    d2:bf:29:58:50:3b:1d:60:42:c2:df:3a:b3:c2:fc:
                    e3:7f:d4:0f:09:04:48:90:94:04:fb:45:bf:7f:2b:
                    c6:8e:98:15:43:b6:b0:78:7a:9a:39:49:73:c6:bf:
                    4c:5c:51:29:ec:7d:b2:46:29:bb:6e:93:6c:18:d7:
                    f4:42:45:9d:56:95:4a:b7:e9:71:c1:da:8b:96:7a:
                    2b:6a:a0:09:aa:ef:32:8d:51:60:ae:ea:36:53:b4:
                    4a:2f:cb:f7:ef:02:bd:87:4d:d6:e8:e7:e4:63:ca:
                    a9:93:5d:19:ab:a4:a0:71:9f:9d:36:99:e5:d6:3c:
                    71:97:8e:54:71:50:d0:30:7a:7b:4d:6c:12:bc:fa:
                    f7:9d:ea:1c:00:86:47:d9:c1:ca:58:70:3d:ef:77:
                    ac:eb:bd:ab:23:ee:46:bd:ec:89:82:e8:87:04:e8:
                    7d:99:49:46:19:d0:d6:1f:1b:4e:04:70:fb:4d:89:
                    7a:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:7D:5E:6F:2D:1E:99:2E:98:2F:81:25:73:D3:B1:1E:31:D1:F2:BD
            X509v3 Authority Key Identifier:
                keyid:85:4B:B7:AA:39:08:C9:98:DE:3C:42:F7:E1:84:95:38:B0:59:26:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUu3qjkIyZjePEL34YSVOLBZJhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/965826-eb93-470e-b67a-64e52b9dd8d1/1/hUu3qjkIyZjePEL34YSVOLBZJhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/965826-eb93-470e-b67a-64e52b9dd8d1/1/hUu3qjkIyZjePEL34YSVOLBZJhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:19:90:fe:af:67:1a:28:99:24:72:ff:16:72:34:4a:fd:7a:
         39:d8:5a:1a:09:7e:9c:a0:eb:3f:9d:7c:a0:85:83:20:27:e8:
         93:a0:28:2a:a1:64:91:de:fb:00:d8:f9:f8:73:8c:d7:70:06:
         60:6c:a5:6f:d5:a2:fa:df:aa:ba:0c:2a:76:c5:6d:e1:e2:ef:
         f4:d5:ed:ec:94:db:c3:0b:ff:91:e1:d3:ba:2f:be:53:00:2d:
         fe:cb:f0:7f:29:85:84:85:d2:04:3d:f6:ae:21:50:20:94:3c:
         fc:39:dc:d3:54:05:f5:94:18:83:64:0d:c6:de:75:f0:d9:99:
         63:83:f6:38:34:33:1c:d9:c3:29:73:45:4e:cc:ff:86:aa:e1:
         92:02:d5:8b:16:f8:2c:4a:fc:d5:f1:15:ba:0a:90:7d:67:8a:
         ad:ee:76:53:68:49:09:83:81:5d:a7:9d:1f:e4:76:c7:f8:09:
         24:84:1d:92:8e:43:a2:98:d2:be:b2:68:7d:b9:4d:fd:99:22:
         33:dc:b8:d9:2f:e1:45:60:bb:d1:26:4e:1f:4b:20:77:35:ea:
         bf:22:f4:a6:f6:7d:02:4e:5c:b8:e7:e0:4c:eb:9a:ab:82:34:
         c1:26:9b:d9:e6:6b:eb:05:4b:0c:04:45:26:94:da:01:90:49:
         67:09:02:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYeUc9zLBP9atYBSCiaEfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGJiN2FhMzkwOGM5OThkZTNjNDJmN2UxODQ5NTM4YjA1
OTI2MTcwHhcNMjQxMTIzMTAwMjQzWhcNMjQxMTI0MTAwMjQzWjAzMTEwLwYDVQQD
EygxMTdkNWU2ZjJkMWU5OTJlOTgyZjgxMjU3M2QzYjExZTMxZDFmMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvTHz0AKORIEDPa0uErcTRDPH+hL
wdjP6eB12mYzimb5CUQtYjlnuE26Sygbdta2f0nb/X2nvvRJu9s+mSrerm1JDabN
cDFVgcbSvylYUDsdYELC3zqzwvzjf9QPCQRIkJQE+0W/fyvGjpgVQ7aweHqaOUlz
xr9MXFEp7H2yRim7bpNsGNf0QkWdVpVKt+lxwdqLlnoraqAJqu8yjVFgruo2U7RK
L8v37wK9h03W6OfkY8qpk10Zq6SgcZ+dNpnl1jxxl45UcVDQMHp7TWwSvPr3neoc
AIZH2cHKWHA973es672rI+5GveyJguiHBOh9mUlGGdDWHxtOBHD7TYl6nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBF9Xm8tHpkumC+BJXPTsR4x0fK9MB8GA1UdIwQY
MBaAFIVLt6o5CMmY3jxC9+GElTiwWSYXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV1M3Fqa0l5WmplUEVMMzRZU1ZPTEJaSmhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NjU4MjYtZWI5My00NzBlLWI2N2Et
NjRlNTJiOWRkOGQxLzEvaFV1M3Fqa0l5WmplUEVMMzRZU1ZPTEJaSmhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NjU4MjYtZWI5My00NzBlLWI2N2EtNjRlNTJiOWRkOGQx
LzEvaFV1M3Fqa0l5WmplUEVMMzRZU1ZPTEJaSmhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAxmQ/q9n
GiiZJHL/FnI0Sv16OdhaGgl+nKDrP518oIWDICfok6AoKqFkkd77ANj5+HOM13AG
YGylb9Wi+t+qugwqdsVt4eLv9NXt7JTbwwv/keHTui++UwAt/svwfymFhIXSBD32
riFQIJQ8/Dnc01QF9ZQYg2QNxt518NmZY4P2ODQzHNnDKXNFTsz/hqrhkgLVixb4
LEr81fEVugqQfWeKre52U2hJCYOBXaedH+R2x/gJJIQdko5DopjSvrJofblN/Zki
M9y42S/hRWC70SZOH0sgdzXqvyL0pvZ9Ak5cuOfgTOuaq4I0wSab2eZr6wVLDARF
JpTaAZBJZwkCEA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:03:51 2024 by rpki-client on console-fra.rpki-client.org