Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft
File:                     pkHn9ngj7vUqGf4dyODmp_QclDM.mft (raw, json)
Hash identifier:          lcSts98htHX9IrnwwOo7tid6TbgdQGu2QLhT426GGIk=
Subject key identifier:   E4:71:09:37:44:65:FD:25:F7:F2:B2:E6:4B:03:24:F2:7F:94:D5:4A
Authority key identifier: A6:41:E7:F6:78:23:EE:F5:2A:19:FE:1D:C8:E0:E6:A7:F4:1C:94:33
Certificate issuer:       /CN=a641e7f67823eef52a19fe1dc8e0e6a7f41c9433
Certificate serial:       01935688E85C23D9761E2B16FB6A1D37AB93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft
Manifest number:          070D
Signing time:             Sat 23 Nov 2024 01:00:33 +0000
Manifest this update:     Sat 23 Nov 2024 01:00:33 +0000
Manifest next update:     Sun 24 Nov 2024 01:00:33 +0000
Files and hashes:         1: Ckv9KG2nf9K_EO-UzkYshDbT_Lk.roa (hash: SbVSz3drx1Bfl5NS5uyz56wfvS5jbkQj2bpd6kpHHp4=)
                          2: pkHn9ngj7vUqGf4dyODmp_QclDM.crl (hash: tE+/VLnXOIKGzzVPaj0y9jpWoj8tPA4+7epjvwMdoWI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:88:e8:5c:23:d9:76:1e:2b:16:fb:6a:1d:37:ab:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a641e7f67823eef52a19fe1dc8e0e6a7f41c9433
        Validity
            Not Before: Nov 23 01:00:33 2024 GMT
            Not After : Nov 24 01:00:33 2024 GMT
        Subject: CN=e47109374465fd25f7f2b2e64b0324f27f94d54a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:78:e0:dd:7a:86:af:42:f8:77:4d:bc:9c:b1:
                    17:07:0c:22:6f:02:a5:e9:c7:f4:e9:8c:24:53:7a:
                    33:b0:6d:dd:0b:da:17:10:2f:84:bd:2b:da:7e:09:
                    eb:d3:ea:7c:c0:87:ed:78:d3:a1:04:71:ed:d9:ce:
                    a3:ba:ea:95:f0:6f:63:7c:07:de:7a:a5:6e:7a:cd:
                    34:24:e9:4b:8f:4b:43:5c:82:a6:ee:74:c6:69:3f:
                    de:04:6f:8b:1b:d0:32:38:24:6c:de:0e:4f:f1:8f:
                    e1:eb:ba:84:28:fc:e6:4b:03:0b:c3:66:39:b6:31:
                    44:1d:da:34:2e:db:b9:38:29:31:47:66:c4:b9:7b:
                    14:47:40:ec:d7:3c:5d:e6:9e:fa:ee:e8:99:1f:58:
                    66:fd:ef:5b:a1:c6:75:a5:30:a5:82:64:b3:3c:a7:
                    46:07:cf:5f:8a:ec:90:b2:dd:29:c4:5c:f8:be:60:
                    bd:9a:09:9a:a0:06:8d:20:e9:59:ba:0d:3b:a6:f7:
                    5d:e0:69:7e:49:0d:d1:1d:3a:7d:42:86:fb:61:f1:
                    f4:7b:55:f1:38:98:90:e8:81:d0:7a:21:86:19:80:
                    87:38:3d:8a:ef:55:d4:5a:bc:94:2e:f6:ab:95:e1:
                    3c:b9:a5:eb:c3:d6:ee:90:56:e5:8d:34:0f:62:9e:
                    5e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:71:09:37:44:65:FD:25:F7:F2:B2:E6:4B:03:24:F2:7F:94:D5:4A
            X509v3 Authority Key Identifier:
                keyid:A6:41:E7:F6:78:23:EE:F5:2A:19:FE:1D:C8:E0:E6:A7:F4:1C:94:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:7f:f5:9e:ba:be:ea:a3:88:00:3b:7f:61:1c:65:8a:ab:71:
         b2:c8:b3:7c:b1:83:dd:91:51:8f:2c:ac:ee:03:52:c5:be:35:
         43:86:9a:c2:22:ef:de:c0:50:89:67:3a:95:52:25:6e:a7:34:
         ac:ed:53:46:d9:2f:81:12:a2:3e:67:5d:83:90:ce:5a:c6:33:
         1d:1e:7c:0c:3d:8b:89:85:a1:84:9c:43:4f:7a:31:d6:94:47:
         41:d2:4e:ae:cd:ff:02:4b:4b:56:b8:61:fa:dd:3c:37:76:f5:
         15:af:7d:54:97:e4:17:c3:01:29:be:ea:62:9b:66:6e:4b:d9:
         b7:ce:f7:60:f5:0c:41:32:53:65:7d:62:9d:9d:ef:81:0b:af:
         29:17:8f:59:a2:8b:b8:ee:1b:f2:cb:1a:78:64:6f:3c:f2:47:
         db:96:ae:7d:e9:13:ac:f5:17:a0:d3:0b:4b:e1:ee:11:f4:ae:
         0f:c6:4d:ef:ec:fb:9c:e5:38:5c:a2:59:ac:27:f2:09:d7:5a:
         07:3d:f5:a9:e9:b8:6d:80:df:9b:70:9a:ea:67:8d:77:b2:51:
         bf:cb:fa:04:5b:b0:73:33:23:d2:07:41:9c:72:01:4a:e3:b1:
         dc:40:0e:d3:2e:35:61:df:27:5a:a9:be:d1:b3:d2:97:54:2a:
         76:e0:d6:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiOhcI9l2HisW+2odN6uTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDFlN2Y2NzgyM2VlZjUyYTE5ZmUxZGM4ZTBlNmE3ZjQx
Yzk0MzMwHhcNMjQxMTIzMDEwMDMzWhcNMjQxMTI0MDEwMDMzWjAzMTEwLwYDVQQD
EyhlNDcxMDkzNzQ0NjVmZDI1ZjdmMmIyZTY0YjAzMjRmMjdmOTRkNTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonjg3XqGr0L4d028nLEXBwwibwKl
6cf06YwkU3ozsG3dC9oXEC+EvSvafgnr0+p8wIfteNOhBHHt2c6juuqV8G9jfAfe
eqVues00JOlLj0tDXIKm7nTGaT/eBG+LG9AyOCRs3g5P8Y/h67qEKPzmSwMLw2Y5
tjFEHdo0Ltu5OCkxR2bEuXsUR0Ds1zxd5p767uiZH1hm/e9bocZ1pTClgmSzPKdG
B89fiuyQst0pxFz4vmC9mgmaoAaNIOlZug07pvdd4Gl+SQ3RHTp9Qob7YfH0e1Xx
OJiQ6IHQeiGGGYCHOD2K71XUWryULvarleE8uaXrw9bukFbljTQPYp5eMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFORxCTdEZf0l9/Ky5ksDJPJ/lNVKMB8GA1UdIwQY
MBaAFKZB5/Z4I+71Khn+Hcjg5qf0HJQzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wYWMyMWMtYzcyYi00NzE5LWEwODUt
MDc4OGY3OTIxODUyLzEvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wYWMyMWMtYzcyYi00NzE5LWEwODUtMDc4OGY3OTIxODUy
LzEvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANH/1nrq+
6qOIADt/YRxliqtxssizfLGD3ZFRjyys7gNSxb41Q4aawiLv3sBQiWc6lVIlbqc0
rO1TRtkvgRKiPmddg5DOWsYzHR58DD2LiYWhhJxDT3ox1pRHQdJOrs3/AktLVrhh
+t08N3b1Fa99VJfkF8MBKb7qYptmbkvZt873YPUMQTJTZX1inZ3vgQuvKRePWaKL
uO4b8ssaeGRvPPJH25aufekTrPUXoNMLS+HuEfSuD8ZN7+z7nOU4XKJZrCfyCdda
Bz31qem4bYDfm3Ca6meNd7JRv8v6BFuwczMj0gdBnHIBSuOx3EAO0y41Yd8nWqm+
0bPSl1QqduDWVQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:16:10 2024 by rpki-client on console-fra.rpki-client.org