Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft
File:                     mlCFOiSox2IjTokTpKWymFwzHa0.mft (raw, json)
Hash identifier:          55N1EvMslsmJS7TgOrSm8Z86MGhwGH7awj0bqmLqnyg=
Subject key identifier:   48:40:51:F2:9B:08:B2:38:08:4C:A3:34:87:05:4A:7D:82:C8:7F:52
Authority key identifier: 9A:50:85:3A:24:A8:C7:62:23:4E:89:13:A4:A5:B2:98:5C:33:1D:AD
Certificate issuer:       /CN=9a50853a24a8c762234e8913a4a5b2985c331dad
Certificate serial:       01935A66F991984BB0949F5C20745864F8E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft
Manifest number:          1132
Signing time:             Sat 23 Nov 2024 19:01:58 +0000
Manifest this update:     Sat 23 Nov 2024 19:01:58 +0000
Manifest next update:     Sun 24 Nov 2024 19:01:58 +0000
Files and hashes:         1: mlCFOiSox2IjTokTpKWymFwzHa0.crl (hash: znt+BaCUZtImaHl4G9V+yfJvvJan9pHghCNSukEWlP0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 15:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:5a:66:f9:91:98:4b:b0:94:9f:5c:20:74:58:64:f8:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a50853a24a8c762234e8913a4a5b2985c331dad
        Validity
            Not Before: Nov 23 19:01:58 2024 GMT
            Not After : Nov 24 19:01:58 2024 GMT
        Subject: CN=484051f29b08b238084ca33487054a7d82c87f52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:73:27:ad:ff:7d:c0:78:83:8f:e1:b8:ad:de:
                    23:cf:9d:c6:f9:a8:b9:d9:28:0e:79:b6:b7:0a:85:
                    9f:b8:80:fb:a9:79:61:eb:77:37:43:45:02:4a:bf:
                    cf:0e:13:ad:12:3b:e1:f4:40:bb:9b:3e:d6:ca:60:
                    aa:01:2a:75:df:08:ef:ab:fc:64:50:bb:e8:70:27:
                    b9:cd:54:be:52:0f:00:fb:7c:9d:9e:7d:2a:e6:a9:
                    e1:71:9e:1d:01:c9:32:1a:fd:ee:e5:62:22:4f:22:
                    9f:55:b7:87:a0:cf:6c:43:8e:2d:25:18:9d:f0:7a:
                    eb:2f:2c:e3:10:78:90:bd:75:46:ec:9f:71:0d:0b:
                    90:c2:d1:4f:37:19:77:4c:cd:d7:84:8a:88:7b:aa:
                    25:24:12:33:7d:07:e6:5b:ba:ed:63:9a:70:1a:99:
                    03:ca:3d:6d:e9:3b:c8:8a:fa:49:6f:ef:4e:28:6e:
                    5e:22:4b:51:a8:59:85:0d:ec:0c:cd:91:56:b9:42:
                    1e:8f:16:81:a9:79:e8:f3:db:77:72:77:cf:54:69:
                    86:02:5c:94:f8:2b:93:40:5e:db:ca:4d:1c:22:b2:
                    8e:89:6a:64:68:1a:d0:3c:c3:9c:e1:ce:be:0e:b4:
                    90:8c:42:01:6d:13:bd:ff:0b:10:66:61:c1:9d:f3:
                    0b:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:40:51:F2:9B:08:B2:38:08:4C:A3:34:87:05:4A:7D:82:C8:7F:52
            X509v3 Authority Key Identifier:
                keyid:9A:50:85:3A:24:A8:C7:62:23:4E:89:13:A4:A5:B2:98:5C:33:1D:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:e5:8b:df:87:78:e8:1c:82:6a:5d:47:18:b6:5a:db:62:e5:
         85:08:af:3c:fc:0e:9a:1c:d3:47:0f:40:c3:3f:77:cb:e2:64:
         0a:16:51:ad:87:e4:ed:3a:21:8f:c4:b2:84:41:0d:f3:29:80:
         1a:0e:2d:77:be:33:15:96:a5:fc:6a:cb:a5:8d:67:7b:f7:84:
         36:b9:fb:a5:31:b9:e2:bc:51:9c:80:27:d3:2b:e3:09:30:cb:
         c9:d8:5f:a2:7e:a9:c2:17:02:25:bd:ea:89:5b:b4:2d:37:1c:
         0f:95:69:70:ae:d1:de:0a:00:6a:24:13:f2:c5:bf:99:69:79:
         1d:2c:49:2b:cd:ba:3f:f4:fe:cd:f1:8a:2c:69:38:f7:a2:85:
         d1:cf:aa:db:1d:3c:92:b2:44:8a:d7:00:17:75:a8:f7:cc:9c:
         b1:0f:37:86:01:fe:4f:7d:09:dc:22:5a:a6:33:27:4e:98:f2:
         a3:6a:14:c3:62:87:d6:e3:9b:d7:da:02:d4:cb:38:a4:ef:50:
         77:a4:7c:1a:44:05:1d:c3:a2:c5:bb:d3:0d:2a:a0:8f:ee:40:
         5d:25:09:94:9e:df:45:d8:34:59:11:44:83:2b:93:77:99:d9:
         e6:f7:d1:77:61:c5:00:50:0f:f4:fb:56:26:a6:49:21:ee:ef:
         55:88:6e:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNaZvmRmEuwlJ9cIHRYZPjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTA4NTNhMjRhOGM3NjIyMzRlODkxM2E0YTViMjk4NWMz
MzFkYWQwHhcNMjQxMTIzMTkwMTU4WhcNMjQxMTI0MTkwMTU4WjAzMTEwLwYDVQQD
Eyg0ODQwNTFmMjliMDhiMjM4MDg0Y2EzMzQ4NzA1NGE3ZDgyYzg3ZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHMnrf99wHiDj+G4rd4jz53G+ai5
2SgOeba3CoWfuID7qXlh63c3Q0UCSr/PDhOtEjvh9EC7mz7WymCqASp13wjvq/xk
ULvocCe5zVS+Ug8A+3ydnn0q5qnhcZ4dAckyGv3u5WIiTyKfVbeHoM9sQ44tJRid
8HrrLyzjEHiQvXVG7J9xDQuQwtFPNxl3TM3XhIqIe6olJBIzfQfmW7rtY5pwGpkD
yj1t6TvIivpJb+9OKG5eIktRqFmFDewMzZFWuUIejxaBqXno89t3cnfPVGmGAlyU
+CuTQF7byk0cIrKOiWpkaBrQPMOc4c6+DrSQjEIBbRO9/wsQZmHBnfMLyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEhAUfKbCLI4CEyjNIcFSn2CyH9SMB8GA1UdIwQY
MBaAFJpQhTokqMdiI06JE6SlsphcMx2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxDRk9pU294MklqVG9rVHBLV3ltRnd6SGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wYTQyOWItYTQ1NC00MjhiLWJiODgt
ODhiNThkMDJiMmExLzEvbWxDRk9pU294MklqVG9rVHBLV3ltRnd6SGEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wYTQyOWItYTQ1NC00MjhiLWJiODgtODhiNThkMDJiMmEx
LzEvbWxDRk9pU294MklqVG9rVHBLV3ltRnd6SGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoOWL34d4
6ByCal1HGLZa22LlhQivPPwOmhzTRw9Awz93y+JkChZRrYfk7Tohj8SyhEEN8ymA
Gg4td74zFZal/GrLpY1ne/eENrn7pTG54rxRnIAn0yvjCTDLydhfon6pwhcCJb3q
iVu0LTccD5VpcK7R3goAaiQT8sW/mWl5HSxJK826P/T+zfGKLGk496KF0c+q2x08
krJEitcAF3Wo98ycsQ83hgH+T30J3CJapjMnTpjyo2oUw2KH1uOb19oC1Ms4pO9Q
d6R8GkQFHcOixbvTDSqgj+5AXSUJlJ7fRdg0WRFEgyuTd5nZ5vfRd2HFAFAP9PtW
JqZJIe7vVYhuSA==
-----END CERTIFICATE-----