Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9566443b-dff4-4d13-bb81-72c8630d6df6/1/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.mft
File:                     1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.mft (raw, json)
Hash identifier:          dM4uXD+EXWRcUT4zHwoRZKqjsSndnwT4x0rquYkPbOg=
Subject key identifier:   8F:BD:AA:24:E6:B0:46:BB:86:48:5D:87:19:04:C7:1E:91:5F:B7:CE
Authority key identifier: 1D:A3:1F:62:E9:7F:E6:A2:A3:8D:8F:39:84:FE:D6:E3:13:D1:BC:40
Certificate issuer:       /CN=1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40
Certificate serial:       66273850100D560347C5A388B5F1C0CE506E051F
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/9566443b-dff4-4d13-bb81-72c8630d6df6/1/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.mft
Manifest number:          28
Signing time:             Thu 19 Sep 2024 09:27:45 +0000
Manifest this update:     Thu 19 Sep 2024 09:22:45 +0000
Manifest next update:     Fri 20 Sep 2024 09:48:45 +0000
Files and hashes:         1: 326130393a353463363a653033303a3a2f34342d3434203d3e20323134333132.roa (hash: OMLxawB1xmOwyYzzaxrzvsbpaF4yCrkAPYh03b8qAjc=)
                          2: 326130393a353463363a653030303a3a2f33362d3336203d3e20323134333132.roa (hash: CyKeRB5kvuXNVpfjKfLOwCdTUahJn3QgDdML214vz3s=)
                          3: 326130393a353463363a653030303a3a2f34342d3434203d3e20323134333132.roa (hash: SDGFWvdjwoQDV5sjUu9wcCdgV8Ue9K9EafE6PeuXcDg=)
                          4: 326130393a353463363a653032303a3a2f34342d3434203d3e20323134333132.roa (hash: bOpJpMF9Je1vc8v8J0oCUhKgxcaWFcVaz/3zGGL8xoQ=)
                          5: 326130393a353463363a653031303a3a2f34342d3434203d3e20323134333132.roa (hash: alxWCzgy00Vc03XX7FGaPk0N+ZCnvqe4AJjGe4j7trY=)
                          6: 1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.crl (hash: zPEu1lxVBO6nd+30f58H26EPb11M7qm85VvTW1PHDqg=)

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/9566443b-dff4-4d13-bb81-72c8630d6df6/1/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/9566443b-dff4-4d13-bb81-72c8630d6df6/1/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 20 Sep 2024 07:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:27:38:50:10:0d:56:03:47:c5:a3:88:b5:f1:c0:ce:50:6e:05:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40
        Validity
            Not Before: Sep 19 09:22:45 2024 GMT
            Not After : Sep 20 09:48:45 2024 GMT
        Subject: CN=8FBDAA24E6B046BB86485D871904C71E915FB7CE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:9b:8a:3b:8e:f5:ba:7e:43:d3:be:3d:bb:bc:
                    4b:21:f0:6d:02:9d:d1:bb:ff:21:bf:b7:37:2b:1e:
                    6d:4d:73:f7:d9:22:05:21:24:d8:8c:9c:fd:62:37:
                    d0:e0:07:b7:7e:b7:ff:20:71:a6:91:83:cc:e5:98:
                    61:69:31:8c:fa:88:70:a1:e0:e9:c7:75:6e:6b:e6:
                    c5:5e:a7:c2:19:a7:27:59:50:00:ab:10:c7:ad:e5:
                    a7:7f:d2:67:13:84:d4:be:91:ca:88:67:0c:f8:a6:
                    66:0d:8b:b3:05:b4:d3:4f:e9:11:f1:14:35:ed:0c:
                    b9:b4:ba:eb:86:f5:c9:8c:fc:09:7e:67:14:d2:d5:
                    1d:cd:2b:e7:f1:1a:c5:b1:0f:89:4e:0d:ce:9f:1c:
                    d7:2a:19:7d:51:2a:34:6a:4d:61:c4:4e:d5:09:d4:
                    3b:5b:5c:ca:26:02:57:85:bc:7d:16:10:9a:90:54:
                    d0:56:0a:ba:2c:5e:fc:70:07:ca:1f:f6:0b:60:ce:
                    63:11:14:2c:8f:5c:28:c1:9f:b3:48:bf:9b:49:7d:
                    7a:c4:c9:74:5a:95:3e:9a:1b:6a:03:6e:1f:4e:8e:
                    38:47:cf:14:72:f7:1e:8c:3f:7d:9b:73:96:8f:10:
                    3a:86:00:88:9c:76:d8:39:6e:02:6b:57:4c:ad:52:
                    c2:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:BD:AA:24:E6:B0:46:BB:86:48:5D:87:19:04:C7:1E:91:5F:B7:CE
            X509v3 Authority Key Identifier:
                keyid:1D:A3:1F:62:E9:7F:E6:A2:A3:8D:8F:39:84:FE:D6:E3:13:D1:BC:40

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/9566443b-dff4-4d13-bb81-72c8630d6df6/1/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9566443b-dff4-4d13-bb81-72c8630d6df6/1/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:31:6a:98:1b:7d:3f:dc:05:e9:06:d6:7c:5d:02:78:ca:54:
         71:52:43:3f:6f:57:5a:90:38:9d:a3:6e:6c:67:8a:57:ef:94:
         ea:84:1a:3b:a7:af:cd:e8:be:4a:37:c5:c7:59:0b:99:d0:14:
         8e:4d:c4:f3:10:87:01:04:ab:e5:6e:0a:ed:70:bd:6a:d3:b6:
         85:b3:1a:52:73:af:b3:34:05:cb:dd:0a:b9:6e:7d:f7:af:5f:
         aa:65:83:e4:6d:6b:ee:fa:e5:7a:af:ba:6b:0b:fe:12:f4:6d:
         bb:63:9a:c6:5b:cf:65:59:5c:cf:14:5c:fa:4f:ac:73:1c:ea:
         9a:ba:e4:89:15:6d:a1:36:0c:89:92:0d:1a:d8:3c:41:25:d8:
         15:cd:cc:22:60:50:aa:5d:e3:72:a7:ad:c8:fa:79:cd:42:2e:
         9d:81:07:55:21:14:08:74:bd:c7:71:d8:0e:c3:f7:e7:22:70:
         7b:d8:8a:c3:40:18:8c:00:81:22:0b:92:cf:ff:57:e4:80:21:
         00:34:ea:7f:c0:57:10:33:df:79:1d:85:c9:77:9e:f6:4a:f3:
         73:2d:a1:97:57:f7:a5:d0:f5:00:9f:68:2b:01:f7:f5:92:31:
         9a:91:ec:6c:3e:d7:16:26:5b:04:95:41:ef:07:c7:50:5c:38:
         4e:68:7e:2f
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUZic4UBANVgNHxaOItfHAzlBuBR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMURBMzFGNjJFOTdGRTZBMkEzOEQ4RjM5ODRGRUQ2RTMx
M0QxQkM0MDAeFw0yNDA5MTkwOTIyNDVaFw0yNDA5MjAwOTQ4NDVaMDMxMTAvBgNV
BAMTKDhGQkRBQTI0RTZCMDQ2QkI4NjQ4NUQ4NzE5MDRDNzFFOTE1RkI3Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSm4o7jvW6fkPTvj27vEsh8G0C
ndG7/yG/tzcrHm1Nc/fZIgUhJNiMnP1iN9DgB7d+t/8gcaaRg8zlmGFpMYz6iHCh
4OnHdW5r5sVep8IZpydZUACrEMet5ad/0mcThNS+kcqIZwz4pmYNi7MFtNNP6RHx
FDXtDLm0uuuG9cmM/Al+ZxTS1R3NK+fxGsWxD4lODc6fHNcqGX1RKjRqTWHETtUJ
1DtbXMomAleFvH0WEJqQVNBWCrosXvxwB8of9gtgzmMRFCyPXCjBn7NIv5tJfXrE
yXRalT6aG2oDbh9OjjhHzxRy9x6MP32bc5aPEDqGAIicdtg5bgJrV0ytUsInAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUj72qJOawRruGSF2HGQTHHpFft84wHwYDVR0j
BBgwFoAUHaMfYul/5qKjjY85hP7W4xPRvEAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTU2NjQ0M2ItZGZmNC00ZDEzLWJiODEtNzJjODYzMGQ2
ZGY2LzEvMURBMzFGNjJFOTdGRTZBMkEzOEQ4RjM5ODRGRUQ2RTMxM0QxQkM0MC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC8xREEzMUY2MkU5N0ZFNkEyQTM4RDhGMzk4
NEZFRDZFMzEzRDFCQzQwLmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
Lzk1NjY0NDNiLWRmZjQtNGQxMy1iYjgxLTcyYzg2MzBkNmRmNi8xLzFEQTMxRjYy
RTk3RkU2QTJBMzhEOEYzOTg0RkVENkUzMTNEMUJDNDAubWZ0MBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIF
ADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCGMWqY
G30/3AXpBtZ8XQJ4ylRxUkM/b1dakDido25sZ4pX75TqhBo7p6/N6L5KN8XHWQuZ
0BSOTcTzEIcBBKvlbgrtcL1q07aFsxpSc6+zNAXL3Qq5bn33r1+qZYPkbWvu+uV6
r7prC/4S9G27Y5rGW89lWVzPFFz6T6xzHOqauuSJFW2hNgyJkg0a2DxBJdgVzcwi
YFCqXeNyp63I+nnNQi6dgQdVIRQIdL3HcdgOw/fnInB72IrDQBiMAIEiC5LP/1fk
gCEANOp/wFcQM995HYXJd572SvNzLaGXV/el0PUAn2grAff1kjGakexsPtcWJlsE
lUHvB8dQXDhOaH4v
-----END CERTIFICATE-----