Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft
File:                     FW-pMchet5jGgtwy5CkJ1xySOyM.mft (raw, json)
Hash identifier:          uA8XBszcnDI8lRNjB4buRUp+vTcWnHwaSS7/tN94Pr0=
Subject key identifier:   C6:AA:BD:8A:D0:F6:EC:F4:51:EE:22:52:08:9E:8E:53:D3:84:09:DB
Authority key identifier: 15:6F:A9:31:C8:5E:B7:98:C6:82:DC:32:E4:29:09:D7:1C:92:3B:23
Certificate issuer:       /CN=156fa931c85eb798c682dc32e42909d71c923b23
Certificate serial:       01976E5053B71AD29F5A8AD7BEAB00CE6B86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FW-pMchet5jGgtwy5CkJ1xySOyM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft
Manifest number:          0479
Signing time:             Sat 14 Jun 2025 12:00:47 +0000
Manifest this update:     Sat 14 Jun 2025 12:00:47 +0000
Manifest next update:     Sun 15 Jun 2025 12:00:47 +0000
Files and hashes:         1: FW-pMchet5jGgtwy5CkJ1xySOyM.crl (hash: XZ4o5A8rNRB6eyQMrclxUK+xMKDg51KDq6bWhydczUI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FW-pMchet5jGgtwy5CkJ1xySOyM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:50:53:b7:1a:d2:9f:5a:8a:d7:be:ab:00:ce:6b:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=156fa931c85eb798c682dc32e42909d71c923b23
        Validity
            Not Before: Jun 14 12:00:47 2025 GMT
            Not After : Jun 15 12:00:47 2025 GMT
        Subject: CN=c6aabd8ad0f6ecf451ee2252089e8e53d38409db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:20:3f:38:84:76:9b:72:ae:5c:20:23:c9:0d:
                    b7:06:4c:35:75:10:8f:87:df:fc:ca:1d:63:b5:a0:
                    c9:14:4a:5c:f9:ac:86:a1:38:bd:e7:35:45:8a:cb:
                    d4:90:65:0c:26:2f:c3:37:d4:50:73:96:be:34:99:
                    6d:21:c2:0c:b5:3a:71:d6:a1:7e:a0:f2:ae:1b:7c:
                    d0:99:95:59:74:32:cb:ce:78:3c:24:af:d0:8c:ec:
                    18:c1:52:b6:6c:70:78:8c:53:d5:85:f7:62:3e:79:
                    4b:dd:55:56:f6:33:8b:ac:36:f1:53:03:06:dd:fe:
                    14:cd:23:06:29:a9:f8:68:66:d5:fa:6e:19:76:7a:
                    34:43:12:23:84:d5:2f:a2:c8:80:89:a0:ce:1f:62:
                    52:0b:ae:52:e2:3d:4c:65:07:cc:d4:a9:8a:39:9c:
                    9b:bb:e7:b2:ca:45:db:18:22:c7:e6:cf:dd:7b:8b:
                    79:05:16:be:02:e0:23:d5:b9:fc:6e:86:b2:7f:50:
                    b0:1f:f8:6f:39:ca:c2:bf:51:31:30:dd:ad:e4:bb:
                    2b:63:78:09:c7:5c:dc:d4:04:5a:4b:56:2b:20:75:
                    93:93:19:66:c7:8b:6e:ea:c3:62:c2:35:c3:ea:e3:
                    ad:b3:da:42:47:93:78:26:83:38:e6:31:0c:46:9d:
                    2d:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:AA:BD:8A:D0:F6:EC:F4:51:EE:22:52:08:9E:8E:53:D3:84:09:DB
            X509v3 Authority Key Identifier:
                keyid:15:6F:A9:31:C8:5E:B7:98:C6:82:DC:32:E4:29:09:D7:1C:92:3B:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FW-pMchet5jGgtwy5CkJ1xySOyM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:b7:18:45:d4:3c:a5:c0:b1:18:e4:1e:44:26:98:a4:47:cf:
         88:89:35:cb:10:b4:62:88:97:0a:ff:3a:53:e9:27:e1:55:47:
         de:fa:22:03:9b:b5:92:07:22:b4:a5:e6:89:82:77:92:a3:3a:
         f1:f7:18:53:f4:3d:de:c5:f7:82:e4:67:57:ab:61:e1:4a:49:
         bc:21:ba:12:01:28:54:a0:a5:24:70:71:9b:3b:32:aa:e6:59:
         d7:96:72:ee:ca:92:6c:e4:5f:9e:5b:36:e5:fa:4f:e5:5b:7f:
         77:1b:0c:1a:ac:f4:a3:52:40:2f:ac:f7:99:58:0c:88:e4:10:
         e0:7c:eb:53:68:29:a8:d1:93:48:50:a8:db:46:36:42:33:3e:
         e5:2b:37:c6:d1:cd:9c:07:93:49:1e:c3:87:c6:53:81:da:f0:
         ba:f9:a0:fc:1c:0b:cc:a0:9b:82:cf:5a:73:d2:bc:3d:a2:bd:
         cb:e1:aa:68:fa:12:f8:5a:bb:8a:91:7c:f7:0d:ca:5d:b4:2c:
         1a:21:b1:14:e2:36:8e:de:92:f2:db:78:d6:2c:a8:5a:fb:a0:
         cc:74:c9:65:89:d1:9d:9d:59:1c:16:eb:4d:f3:32:88:6d:98:
         7b:1d:c0:3d:32:ee:fb:8b:c3:4b:27:8e:6e:a0:b7:4f:6a:e0:
         1b:1c:54:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduUFO3GtKfWorXvqsAzmuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NmZhOTMxYzg1ZWI3OThjNjgyZGMzMmU0MjkwOWQ3MWM5
MjNiMjMwHhcNMjUwNjE0MTIwMDQ3WhcNMjUwNjE1MTIwMDQ3WjAzMTEwLwYDVQQD
EyhjNmFhYmQ4YWQwZjZlY2Y0NTFlZTIyNTIwODllOGU1M2QzODQwOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CA/OIR2m3KuXCAjyQ23Bkw1dRCP
h9/8yh1jtaDJFEpc+ayGoTi95zVFisvUkGUMJi/DN9RQc5a+NJltIcIMtTpx1qF+
oPKuG3zQmZVZdDLLzng8JK/QjOwYwVK2bHB4jFPVhfdiPnlL3VVW9jOLrDbxUwMG
3f4UzSMGKan4aGbV+m4Zdno0QxIjhNUvosiAiaDOH2JSC65S4j1MZQfM1KmKOZyb
u+eyykXbGCLH5s/de4t5BRa+AuAj1bn8boayf1CwH/hvOcrCv1ExMN2t5LsrY3gJ
x1zc1ARaS1YrIHWTkxlmx4tu6sNiwjXD6uOts9pCR5N4JoM45jEMRp0tOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMaqvYrQ9uz0Ue4iUgiejlPThAnbMB8GA1UdIwQY
MBaAFBVvqTHIXreYxoLcMuQpCdcckjsjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlctcE1jaGV0NWpHZ3R3eTVDa0oxeHlTT3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lYzZhODMtYmJhNi00NWNiLTkwZWMt
NGVhODA2ZmYyOGNkLzEvRlctcE1jaGV0NWpHZ3R3eTVDa0oxeHlTT3lNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lYzZhODMtYmJhNi00NWNiLTkwZWMtNGVhODA2ZmYyOGNk
LzEvRlctcE1jaGV0NWpHZ3R3eTVDa0oxeHlTT3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnLcYRdQ8
pcCxGOQeRCaYpEfPiIk1yxC0YoiXCv86U+kn4VVH3voiA5u1kgcitKXmiYJ3kqM6
8fcYU/Q93sX3guRnV6th4UpJvCG6EgEoVKClJHBxmzsyquZZ15Zy7sqSbORfnls2
5fpP5Vt/dxsMGqz0o1JAL6z3mVgMiOQQ4HzrU2gpqNGTSFCo20Y2QjM+5Ss3xtHN
nAeTSR7Dh8ZTgdrwuvmg/BwLzKCbgs9ac9K8PaK9y+GqaPoS+Fq7ipF89w3KXbQs
GiGxFOI2jt6S8tt41iyoWvugzHTJZYnRnZ1ZHBbrTfMyiG2Yex3APTLu+4vDSyeO
bqC3T2rgGxxUuQ==
-----END CERTIFICATE-----