Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft
File:                     hw4qIH9pdyFKlXqOFI0fi1pc0II.mft (raw, json)
Hash identifier:          ucAGp5R2fEa+CRJT5nmwb7OLW32zmJvZTSDHUGnn4vo=
Subject key identifier:   95:52:36:A8:9C:B1:68:C0:FB:96:D9:65:21:51:43:35:8D:AE:34:CD
Authority key identifier: 87:0E:2A:20:7F:69:77:21:4A:95:7A:8E:14:8D:1F:8B:5A:5C:D0:82
Certificate issuer:       /CN=870e2a207f6977214a957a8e148d1f8b5a5cd082
Certificate serial:       019356BFB24398C04AC432AD1219347A6645
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft
Manifest number:          4D
Signing time:             Sat 23 Nov 2024 02:00:23 +0000
Manifest this update:     Sat 23 Nov 2024 02:00:23 +0000
Manifest next update:     Sun 24 Nov 2024 02:00:23 +0000
Files and hashes:         1: Mq4x6HF35jXwmtjCWRLCThxUGrk.roa (hash: V0SoKeffcN28lWBsq4rumlvquEzfQ17qh2pj1kyQutg=)
                          2: hw4qIH9pdyFKlXqOFI0fi1pc0II.crl (hash: shXs4BdyRKbRV+IUPzCzJK6bcMGRmsNjHY0mfQBXl6A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 02:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:bf:b2:43:98:c0:4a:c4:32:ad:12:19:34:7a:66:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=870e2a207f6977214a957a8e148d1f8b5a5cd082
        Validity
            Not Before: Nov 23 02:00:23 2024 GMT
            Not After : Nov 24 02:00:23 2024 GMT
        Subject: CN=955236a89cb168c0fb96d965215143358dae34cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:a8:fe:3f:fc:ef:23:72:5c:3a:a9:a3:b3:b5:
                    d5:ad:e5:24:89:79:ae:ac:00:1c:cc:f9:a2:1f:75:
                    cc:ad:d6:b0:8f:86:ed:32:b8:a5:7b:4b:da:a8:e0:
                    bd:78:1d:84:4c:7e:b3:48:24:23:b2:39:e1:54:40:
                    91:8c:e3:1d:2e:bd:8a:c8:61:67:36:5d:fb:89:dd:
                    e4:a0:2d:b3:d8:00:bd:6d:91:62:1b:d7:9a:ac:bd:
                    d6:15:04:ca:6a:26:a9:0b:aa:a3:de:7c:ee:fd:4b:
                    d9:74:9a:7e:aa:87:49:ce:17:66:4d:30:a0:a4:e9:
                    8c:8e:6a:43:7f:3a:e3:e1:5f:5b:65:56:91:76:cb:
                    5d:37:61:7a:5f:03:ad:43:fb:b7:a7:62:bf:1a:1c:
                    3f:89:90:3e:27:96:fb:71:88:b2:8c:f5:45:ee:05:
                    00:64:6f:9e:d2:4a:c3:ef:12:dc:6b:fa:ea:7a:28:
                    c4:e6:3c:23:03:b7:05:d1:83:64:45:43:1c:09:ef:
                    7d:ac:7e:67:26:7d:e1:bf:f0:aa:70:c5:6d:36:14:
                    11:36:24:f9:de:74:2d:58:c1:51:c6:5a:b4:8a:f6:
                    02:98:21:c2:a6:56:e3:bc:5b:af:74:1a:f9:63:88:
                    ce:8f:0e:cd:af:ae:9a:1d:7d:da:5b:f5:bf:ff:18:
                    45:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:52:36:A8:9C:B1:68:C0:FB:96:D9:65:21:51:43:35:8D:AE:34:CD
            X509v3 Authority Key Identifier:
                keyid:87:0E:2A:20:7F:69:77:21:4A:95:7A:8E:14:8D:1F:8B:5A:5C:D0:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:54:8c:17:47:ec:8d:7d:68:d9:5a:bc:f2:31:8e:e1:6f:03:
         9a:fd:e1:ab:d1:19:8b:75:75:4f:ae:6f:5e:b4:b4:8b:78:84:
         45:db:17:d4:43:b7:5a:e9:68:c8:5e:f1:cc:25:b7:00:a8:9a:
         79:70:0d:a6:8f:4c:08:49:3d:ac:4d:ff:a5:6b:6a:a0:c1:c2:
         08:69:83:c3:99:e4:8f:a6:a1:01:6a:b0:aa:ac:b8:7d:8e:c5:
         71:e9:70:dd:64:92:77:60:4c:65:cb:ac:50:51:91:d7:e0:aa:
         9b:5f:69:b3:45:f7:e5:6e:05:67:68:1b:29:9f:6c:3f:8b:55:
         ba:75:8b:b2:96:47:1f:ec:3a:41:51:6b:c8:b3:2b:67:25:f8:
         3a:ba:0a:b6:85:f0:ff:64:75:61:f4:e0:e1:ff:20:d3:27:4e:
         8f:ce:e4:89:bc:00:fa:93:d1:23:5d:12:f5:c1:8f:97:61:25:
         97:0e:a9:f5:c7:3d:1c:44:c4:d6:fa:8f:0c:92:48:3c:36:71:
         e4:4c:66:c0:7d:f8:e4:88:0e:4d:80:11:7d:0e:59:98:a9:b1:
         25:72:62:76:a7:e1:1a:1f:ca:ff:2f:e7:bc:d9:f3:83:cc:41:
         b9:1f:59:63:e2:c0:66:20:8b:d7:46:2d:01:ba:ac:d2:91:43:
         d0:18:04:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWv7JDmMBKxDKtEhk0emZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGUyYTIwN2Y2OTc3MjE0YTk1N2E4ZTE0OGQxZjhiNWE1
Y2QwODIwHhcNMjQxMTIzMDIwMDIzWhcNMjQxMTI0MDIwMDIzWjAzMTEwLwYDVQQD
Eyg5NTUyMzZhODljYjE2OGMwZmI5NmQ5NjUyMTUxNDMzNThkYWUzNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6j+P/zvI3JcOqmjs7XVreUkiXmu
rAAczPmiH3XMrdawj4btMrile0vaqOC9eB2ETH6zSCQjsjnhVECRjOMdLr2KyGFn
Nl37id3koC2z2AC9bZFiG9earL3WFQTKaiapC6qj3nzu/UvZdJp+qodJzhdmTTCg
pOmMjmpDfzrj4V9bZVaRdstdN2F6XwOtQ/u3p2K/Ghw/iZA+J5b7cYiyjPVF7gUA
ZG+e0krD7xLca/rqeijE5jwjA7cF0YNkRUMcCe99rH5nJn3hv/CqcMVtNhQRNiT5
3nQtWMFRxlq0ivYCmCHCplbjvFuvdBr5Y4jOjw7Nr66aHX3aW/W//xhFYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJVSNqicsWjA+5bZZSFRQzWNrjTNMB8GA1UdIwQY
MBaAFIcOKiB/aXchSpV6jhSNH4taXNCCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHc0cUlIOXBkeUZLbFhxT0ZJMGZpMXBjMElJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi80MjExNTgtZjBjNi00NjE5LWFmYTUt
OGE5NDY4N2RiYTZmLzEvaHc0cUlIOXBkeUZLbFhxT0ZJMGZpMXBjMElJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi80MjExNTgtZjBjNi00NjE5LWFmYTUtOGE5NDY4N2RiYTZm
LzEvaHc0cUlIOXBkeUZLbFhxT0ZJMGZpMXBjMElJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOFSMF0fs
jX1o2Vq88jGO4W8Dmv3hq9EZi3V1T65vXrS0i3iERdsX1EO3WuloyF7xzCW3AKia
eXANpo9MCEk9rE3/pWtqoMHCCGmDw5nkj6ahAWqwqqy4fY7Fcelw3WSSd2BMZcus
UFGR1+Cqm19ps0X35W4FZ2gbKZ9sP4tVunWLspZHH+w6QVFryLMrZyX4OroKtoXw
/2R1YfTg4f8g0ydOj87kibwA+pPRI10S9cGPl2Ellw6p9cc9HETE1vqPDJJIPDZx
5ExmwH345IgOTYARfQ5ZmKmxJXJidqfhGh/K/y/nvNnzg8xBuR9ZY+LAZiCL10Yt
Abqs0pFD0BgEZQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:03 2024 by rpki-client on console-ams.rpki-client.org