Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.mft
File:                     xcgmUInL3eamxXnNd2tfgMD4rdQ.mft (raw, json)
Hash identifier:          tHRk1rDvQBgxyXgi7LZ/4bkK4cYkHqA5VaTqr/eU/0M=
Subject key identifier:   5C:7C:8B:D3:DE:B3:54:E8:FA:E6:20:E6:FD:0A:47:8C:42:E2:EB:55
Authority key identifier: C5:C8:26:50:89:CB:DD:E6:A6:C5:79:CD:77:6B:5F:80:C0:F8:AD:D4
Certificate issuer:       /CN=c5c8265089cbdde6a6c579cd776b5f80c0f8add4
Certificate serial:       0196B1B35DB1D49BD975A54C90FB1ABC95D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xcgmUInL3eamxXnNd2tfgMD4rdQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.mft
Manifest number:          45
Signing time:             Thu 08 May 2025 21:00:44 +0000
Manifest this update:     Thu 08 May 2025 21:00:44 +0000
Manifest next update:     Fri 09 May 2025 21:00:44 +0000
Files and hashes:         1: xcgmUInL3eamxXnNd2tfgMD4rdQ.crl (hash: GwWmE1gu0x6odfR0WgymP5NPRb2cxyoza+6Y49JfI6g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xcgmUInL3eamxXnNd2tfgMD4rdQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 21:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b1:b3:5d:b1:d4:9b:d9:75:a5:4c:90:fb:1a:bc:95:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5c8265089cbdde6a6c579cd776b5f80c0f8add4
        Validity
            Not Before: May  8 21:00:44 2025 GMT
            Not After : May  9 21:00:44 2025 GMT
        Subject: CN=5c7c8bd3deb354e8fae620e6fd0a478c42e2eb55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:ac:14:c5:e4:d4:8a:ef:33:d8:84:6f:8e:40:
                    49:67:63:98:57:f2:95:b8:4c:8c:21:36:b7:ab:4b:
                    e7:9d:85:b7:14:b1:25:32:7a:d5:92:0d:fb:97:a8:
                    b9:a6:f7:1d:50:42:cb:6b:83:99:f3:a8:28:1c:6d:
                    a9:62:4a:31:28:59:32:59:57:d9:4a:77:2a:b2:7b:
                    4b:21:64:a9:fa:e1:e5:18:c9:41:de:b7:1b:19:40:
                    35:9c:de:33:5f:94:3f:85:e1:88:f7:df:43:ff:f6:
                    92:0c:b7:b5:8a:eb:d5:30:d7:3d:61:40:f0:85:4b:
                    ac:57:4a:1e:28:01:49:31:39:7a:12:53:f4:1b:e8:
                    77:cd:ef:f3:e8:46:52:df:ef:5b:25:4f:7d:ce:f5:
                    3c:be:3b:00:90:42:55:6c:02:20:85:c1:c5:6a:0c:
                    e8:43:12:22:38:41:66:0e:31:79:cf:e6:b3:94:73:
                    3c:5e:5b:0b:17:30:5b:a8:c1:23:a2:5b:83:2e:33:
                    3e:7d:99:ad:14:41:df:89:86:ae:05:71:0b:a1:3c:
                    93:55:cb:af:85:7a:4d:41:b5:bf:54:00:20:4d:54:
                    23:62:83:ea:a5:71:44:63:12:72:78:1b:b8:78:ab:
                    f0:69:b0:c9:a3:15:72:f6:f9:4f:ad:42:fa:39:ef:
                    4b:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:7C:8B:D3:DE:B3:54:E8:FA:E6:20:E6:FD:0A:47:8C:42:E2:EB:55
            X509v3 Authority Key Identifier:
                keyid:C5:C8:26:50:89:CB:DD:E6:A6:C5:79:CD:77:6B:5F:80:C0:F8:AD:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcgmUInL3eamxXnNd2tfgMD4rdQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:c2:44:78:b2:f9:6e:c2:8b:73:98:40:9f:e2:a7:f6:37:a1:
         1f:7a:bf:f3:76:be:3c:d8:97:86:2b:95:c2:fc:00:67:72:05:
         fc:e0:e4:a7:6f:3e:ec:b2:31:69:39:c1:6f:9e:0f:f5:5e:ff:
         c0:eb:78:2b:21:9d:9a:44:5b:33:e7:d6:5e:21:9e:06:0f:e9:
         14:a9:bb:69:4e:4d:e5:b8:67:96:4a:e2:14:7a:1a:cf:9d:6b:
         36:12:61:f7:69:cd:bc:e7:5d:82:dc:61:55:2e:00:df:02:a0:
         3b:9b:ad:a0:c8:c4:f0:ef:e1:36:aa:ff:96:16:b5:d1:42:3b:
         f9:d3:d0:75:5f:04:71:58:50:a3:53:41:91:59:5b:75:bc:cd:
         9e:c3:de:65:24:d5:c6:5f:c5:5d:72:7c:95:8a:04:b8:2e:fd:
         a6:f5:74:28:93:61:51:21:78:0b:dd:42:f0:33:52:a5:ef:ab:
         f5:66:c5:ef:b0:ef:19:ee:32:57:7c:50:50:d1:ce:32:bf:00:
         f7:ce:8c:de:ad:1d:24:a8:b9:54:cb:0a:87:da:2c:70:d6:31:
         32:e7:da:22:d9:dc:ca:73:c9:dd:a1:3a:54:21:5d:f6:b4:2e:
         a9:03:b4:98:a6:3f:3d:9a:de:c9:73:42:8d:d0:85:55:a3:a5:
         ec:00:98:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaxs12x1JvZdaVMkPsavJXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YzgyNjUwODljYmRkZTZhNmM1NzljZDc3NmI1ZjgwYzBm
OGFkZDQwHhcNMjUwNTA4MjEwMDQ0WhcNMjUwNTA5MjEwMDQ0WjAzMTEwLwYDVQQD
Eyg1YzdjOGJkM2RlYjM1NGU4ZmFlNjIwZTZmZDBhNDc4YzQyZTJlYjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKwUxeTUiu8z2IRvjkBJZ2OYV/KV
uEyMITa3q0vnnYW3FLElMnrVkg37l6i5pvcdUELLa4OZ86goHG2pYkoxKFkyWVfZ
SncqsntLIWSp+uHlGMlB3rcbGUA1nN4zX5Q/heGI999D//aSDLe1iuvVMNc9YUDw
hUusV0oeKAFJMTl6ElP0G+h3ze/z6EZS3+9bJU99zvU8vjsAkEJVbAIghcHFagzo
QxIiOEFmDjF5z+azlHM8XlsLFzBbqMEjoluDLjM+fZmtFEHfiYauBXELoTyTVcuv
hXpNQbW/VAAgTVQjYoPqpXFEYxJyeBu4eKvwabDJoxVy9vlPrUL6Oe9LhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFx8i9Pes1To+uYg5v0KR4xC4utVMB8GA1UdIwQY
MBaAFMXIJlCJy93mpsV5zXdrX4DA+K3UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNnbVVJbkwzZWFteFhuTmQydGZnTUQ0cmRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80OGM3ZWMtMGM3NS00MWM0LTg1YWEt
NDM4ODIwZmJhMjU0LzEveGNnbVVJbkwzZWFteFhuTmQydGZnTUQ0cmRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80OGM3ZWMtMGM3NS00MWM0LTg1YWEtNDM4ODIwZmJhMjU0
LzEveGNnbVVJbkwzZWFteFhuTmQydGZnTUQ0cmRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX8JEeLL5
bsKLc5hAn+Kn9jehH3q/83a+PNiXhiuVwvwAZ3IF/ODkp28+7LIxaTnBb54P9V7/
wOt4KyGdmkRbM+fWXiGeBg/pFKm7aU5N5bhnlkriFHoaz51rNhJh92nNvOddgtxh
VS4A3wKgO5utoMjE8O/hNqr/lha10UI7+dPQdV8EcVhQo1NBkVlbdbzNnsPeZSTV
xl/FXXJ8lYoEuC79pvV0KJNhUSF4C91C8DNSpe+r9WbF77DvGe4yV3xQUNHOMr8A
986M3q0dJKi5VMsKh9oscNYxMufaItncynPJ3aE6VCFd9rQuqQO0mKY/PZreyXNC
jdCFVaOl7ACYXg==
-----END CERTIFICATE-----