Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/5f3a02-0650-4e5c-b8d0-c701f279c6de/1/65Hpk6SkDOfl2chjJfGG3waeys0.mft
File:                     65Hpk6SkDOfl2chjJfGG3waeys0.mft (raw, json)
Hash identifier:          i2wx/Z5cXeGfhMCPT8lxmTpps6GwZWLQP/O6iRWc13A=
Subject key identifier:   85:7C:97:B9:CB:B2:D6:2F:D2:22:91:2E:6E:C7:E4:B0:7F:66:E2:A9
Authority key identifier: EB:91:E9:93:A4:A4:0C:E7:E5:D9:C8:63:25:F1:86:DF:06:9E:CA:CD
Certificate issuer:       /CN=eb91e993a4a40ce7e5d9c86325f186df069ecacd
Certificate serial:       019352AE21E592AD54D58FE7FF1441768EF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/65Hpk6SkDOfl2chjJfGG3waeys0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/5f3a02-0650-4e5c-b8d0-c701f279c6de/1/65Hpk6SkDOfl2chjJfGG3waeys0.mft
Manifest number:          0458
Signing time:             Fri 22 Nov 2024 07:02:43 +0000
Manifest this update:     Fri 22 Nov 2024 07:02:43 +0000
Manifest next update:     Sat 23 Nov 2024 07:02:43 +0000
Files and hashes:         1: 1cZQBNYM1LyIFNPwuC1563tkW0E.roa (hash: SNMmHisT+OZk98VlkRsyG6U2Fj7njMmvtyinhcZLtOQ=)
                          2: 65Hpk6SkDOfl2chjJfGG3waeys0.crl (hash: YXAb7bDBG4IOmRb53tPyWF41fqg5WIBMQXCqeQXcW+0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/5f3a02-0650-4e5c-b8d0-c701f279c6de/1/65Hpk6SkDOfl2chjJfGG3waeys0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/5f3a02-0650-4e5c-b8d0-c701f279c6de/1/65Hpk6SkDOfl2chjJfGG3waeys0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/65Hpk6SkDOfl2chjJfGG3waeys0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 07:02:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:52:ae:21:e5:92:ad:54:d5:8f:e7:ff:14:41:76:8e:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb91e993a4a40ce7e5d9c86325f186df069ecacd
        Validity
            Not Before: Nov 22 07:02:43 2024 GMT
            Not After : Nov 23 07:02:43 2024 GMT
        Subject: CN=857c97b9cbb2d62fd222912e6ec7e4b07f66e2a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:89:a0:a5:fc:4b:e7:ae:5b:b8:9b:d4:4d:0c:
                    79:be:ef:7e:63:52:24:31:97:b6:0a:69:7e:83:58:
                    64:cb:28:aa:14:67:c3:36:16:e6:8f:d3:a8:ce:e0:
                    e2:06:e6:59:1d:ae:e2:6a:74:32:0a:4d:dc:31:5f:
                    37:c5:10:93:f7:fe:62:48:b4:0d:e1:78:1b:f6:6f:
                    31:d9:56:28:c6:7d:0d:35:68:f2:39:36:cc:8f:b4:
                    31:d7:7c:49:9f:f3:99:08:46:6c:f9:4d:b0:9c:18:
                    ab:b5:b5:51:73:b1:61:cf:20:44:fb:7b:d5:f1:23:
                    5f:13:74:d7:9f:36:e1:46:43:92:c5:31:fb:29:92:
                    47:07:3b:60:2a:40:b8:a6:7e:c3:ed:14:e4:f7:76:
                    9c:5f:27:39:d7:1f:a5:b1:dd:a0:3a:15:f5:1b:25:
                    20:f3:10:e2:b8:27:10:2b:0f:32:de:1a:40:c7:bd:
                    bc:34:05:f2:74:e2:c5:59:a3:33:4d:51:6f:4d:b3:
                    78:83:d1:a1:ac:41:5c:20:69:e7:b8:44:f7:e8:0b:
                    ed:4a:82:bb:79:6a:ef:45:f9:c2:13:ca:3f:86:fd:
                    64:9c:82:15:8c:ae:c3:fd:91:a7:a4:08:d4:6b:48:
                    53:51:2e:c2:8b:a4:89:47:37:6f:a4:94:a7:e8:41:
                    79:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:7C:97:B9:CB:B2:D6:2F:D2:22:91:2E:6E:C7:E4:B0:7F:66:E2:A9
            X509v3 Authority Key Identifier:
                keyid:EB:91:E9:93:A4:A4:0C:E7:E5:D9:C8:63:25:F1:86:DF:06:9E:CA:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/65Hpk6SkDOfl2chjJfGG3waeys0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f3a02-0650-4e5c-b8d0-c701f279c6de/1/65Hpk6SkDOfl2chjJfGG3waeys0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f3a02-0650-4e5c-b8d0-c701f279c6de/1/65Hpk6SkDOfl2chjJfGG3waeys0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:7d:a1:09:9d:43:69:de:1e:97:7d:05:0d:2f:39:a8:63:76:
         f6:5b:53:c1:aa:69:4a:e2:07:18:64:bc:67:45:83:1b:b7:b4:
         65:8b:56:84:99:eb:b2:12:e4:8c:33:3a:ae:da:6d:c0:3c:a9:
         52:3f:63:37:a0:51:d1:bd:1c:75:d2:b3:12:8d:f2:4e:9d:9a:
         95:af:6a:33:4d:8e:33:a3:5c:8c:0d:5d:f2:5a:fa:ab:ef:95:
         92:81:1a:29:43:bc:5e:7c:5e:09:2b:b4:2f:f0:ab:5d:b2:e4:
         61:e1:0f:b5:c0:1b:f3:2c:b5:8d:e6:ff:75:3e:ff:53:63:d0:
         21:27:f4:a4:67:4a:fe:e1:40:76:42:1d:e1:cb:58:ba:28:89:
         89:ac:25:5c:0b:4e:6c:c6:8d:16:b3:8b:b3:29:49:86:52:57:
         9e:0d:98:c0:89:e1:ed:99:16:2d:26:1c:41:9b:34:97:1c:14:
         05:f3:af:5b:96:3e:4d:ca:09:ea:a4:47:76:3b:26:5c:46:87:
         35:cc:20:4b:47:e2:ad:ce:2d:94:c4:55:90:1b:f4:fe:5e:38:
         f7:cc:c0:d0:26:68:fe:b8:fb:26:53:fa:8a:1a:cb:3c:67:77:
         5c:4a:01:c7:5f:a1:a1:be:06:50:ce:68:5e:70:50:be:c5:ee:
         bc:e1:25:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNSriHlkq1U1Y/n/xRBdo7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViOTFlOTkzYTRhNDBjZTdlNWQ5Yzg2MzI1ZjE4NmRmMDY5
ZWNhY2QwHhcNMjQxMTIyMDcwMjQzWhcNMjQxMTIzMDcwMjQzWjAzMTEwLwYDVQQD
Eyg4NTdjOTdiOWNiYjJkNjJmZDIyMjkxMmU2ZWM3ZTRiMDdmNjZlMmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYmgpfxL565buJvUTQx5vu9+Y1Ik
MZe2Cml+g1hkyyiqFGfDNhbmj9OozuDiBuZZHa7ianQyCk3cMV83xRCT9/5iSLQN
4Xgb9m8x2VYoxn0NNWjyOTbMj7Qx13xJn/OZCEZs+U2wnBirtbVRc7FhzyBE+3vV
8SNfE3TXnzbhRkOSxTH7KZJHBztgKkC4pn7D7RTk93acXyc51x+lsd2gOhX1GyUg
8xDiuCcQKw8y3hpAx728NAXydOLFWaMzTVFvTbN4g9GhrEFcIGnnuET36AvtSoK7
eWrvRfnCE8o/hv1knIIVjK7D/ZGnpAjUa0hTUS7Ci6SJRzdvpJSn6EF5RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIV8l7nLstYv0iKRLm7H5LB/ZuKpMB8GA1UdIwQY
MBaAFOuR6ZOkpAzn5dnIYyXxht8GnsrNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjVIcGs2U2tET2ZsMmNoakpmR0czd2FleXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81ZjNhMDItMDY1MC00ZTVjLWI4ZDAt
YzcwMWYyNzljNmRlLzEvNjVIcGs2U2tET2ZsMmNoakpmR0czd2FleXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC81ZjNhMDItMDY1MC00ZTVjLWI4ZDAtYzcwMWYyNzljNmRl
LzEvNjVIcGs2U2tET2ZsMmNoakpmR0czd2FleXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWX2hCZ1D
ad4el30FDS85qGN29ltTwappSuIHGGS8Z0WDG7e0ZYtWhJnrshLkjDM6rtptwDyp
Uj9jN6BR0b0cddKzEo3yTp2ala9qM02OM6NcjA1d8lr6q++VkoEaKUO8XnxeCSu0
L/CrXbLkYeEPtcAb8yy1jeb/dT7/U2PQISf0pGdK/uFAdkId4ctYuiiJiawlXAtO
bMaNFrOLsylJhlJXng2YwInh7ZkWLSYcQZs0lxwUBfOvW5Y+TcoJ6qRHdjsmXEaH
NcwgS0firc4tlMRVkBv0/l4498zA0CZo/rj7JlP6ihrLPGd3XEoBx1+hob4GUM5o
XnBQvsXuvOEltw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:01:23 2024 by rpki-client on console-fra.rpki-client.org