Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft
File:                     FW-pMchet5jGgtwy5CkJ1xySOyM.mft (raw, json)
Hash identifier:          TUTPUNF0gbk8N150ap1iViW/cUj5JuAeFte1hhFyqBE=
Subject key identifier:   A6:21:7E:A6:6B:B6:83:C3:8F:2E:F2:C1:C3:9C:9A:DC:FA:0D:86:7B
Authority key identifier: 15:6F:A9:31:C8:5E:B7:98:C6:82:DC:32:E4:29:09:D7:1C:92:3B:23
Certificate issuer:       /CN=156fa931c85eb798c682dc32e42909d71c923b23
Certificate serial:       0193579B69771D6E18A5340148409BDF88E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FW-pMchet5jGgtwy5CkJ1xySOyM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft
Manifest number:          025B
Signing time:             Sat 23 Nov 2024 06:00:22 +0000
Manifest this update:     Sat 23 Nov 2024 06:00:22 +0000
Manifest next update:     Sun 24 Nov 2024 06:00:22 +0000
Files and hashes:         1: FW-pMchet5jGgtwy5CkJ1xySOyM.crl (hash: yBufhJC7DybiB7KCtSK2gmVIXDHckzyhN9BFA/QL/sw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FW-pMchet5jGgtwy5CkJ1xySOyM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 00:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:9b:69:77:1d:6e:18:a5:34:01:48:40:9b:df:88:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=156fa931c85eb798c682dc32e42909d71c923b23
        Validity
            Not Before: Nov 23 06:00:22 2024 GMT
            Not After : Nov 24 06:00:22 2024 GMT
        Subject: CN=a6217ea66bb683c38f2ef2c1c39c9adcfa0d867b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:95:ae:3a:7e:1c:4a:93:04:04:4d:49:82:8c:
                    95:e9:e8:52:91:47:59:0c:ea:54:a7:06:7b:26:6c:
                    98:3c:b3:e6:90:4a:b8:56:a8:90:40:d2:5a:62:35:
                    b0:34:da:4b:ad:68:89:91:93:db:d1:39:d2:e9:cc:
                    a3:1f:d8:c5:cf:50:3f:76:0b:3e:4c:45:3f:06:a5:
                    f3:40:fd:40:b9:57:3b:5f:e6:2e:17:ea:95:ea:10:
                    2c:c9:94:34:6b:55:de:25:4b:9d:8f:48:37:5b:5d:
                    3e:16:23:b1:2c:33:53:39:54:f0:f1:b7:00:94:fd:
                    32:cc:4a:46:dc:06:3f:fe:6f:fc:20:73:59:18:16:
                    9a:45:6e:46:b5:d6:55:38:34:9c:42:42:84:fa:23:
                    18:41:31:2b:00:bc:d8:da:25:df:fd:ba:c2:57:ab:
                    4a:87:32:3e:0e:0c:fe:f1:ec:c0:df:98:7c:0e:f2:
                    53:7c:90:14:a3:10:92:4a:a8:c7:d4:6a:ad:69:7f:
                    ac:ff:64:7c:c7:1e:ee:e8:90:a4:63:4e:dd:79:c0:
                    9b:b3:52:11:70:06:03:4a:b4:da:ac:cd:09:6d:cc:
                    2b:ff:6b:a1:86:62:f0:ac:fa:2f:3d:9d:8a:44:97:
                    dc:20:2e:4a:84:76:db:11:9c:0f:0d:3d:95:71:41:
                    49:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:21:7E:A6:6B:B6:83:C3:8F:2E:F2:C1:C3:9C:9A:DC:FA:0D:86:7B
            X509v3 Authority Key Identifier:
                keyid:15:6F:A9:31:C8:5E:B7:98:C6:82:DC:32:E4:29:09:D7:1C:92:3B:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FW-pMchet5jGgtwy5CkJ1xySOyM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:76:46:7f:4e:ee:e4:b9:ea:95:a3:ac:72:2f:b5:7a:30:3b:
         8d:70:a3:e2:17:19:fe:58:90:f7:f3:a9:34:67:a7:06:18:40:
         38:07:a4:c3:11:bc:f4:65:d6:18:fd:0f:af:3d:71:7c:98:cb:
         6e:78:af:38:3b:1a:af:d8:f4:11:5a:92:a3:41:bd:f6:bb:67:
         ef:82:df:28:61:ac:e5:0f:d4:42:30:66:34:ad:8f:91:d6:6c:
         32:c6:1d:00:85:7d:41:81:8f:b3:94:ae:64:b5:bb:e4:d9:3c:
         11:24:52:9a:bf:c5:b9:23:0c:93:32:ab:a2:94:b2:be:cc:c2:
         97:75:c9:b5:75:5e:f4:cd:a1:f8:90:04:f4:60:5b:7c:e6:6c:
         4e:a9:7d:d2:72:4a:78:01:5f:2f:e8:ce:44:17:91:06:f4:7d:
         b0:a0:fe:3f:f3:b2:65:a8:2b:5f:6b:60:d6:1a:52:a7:3d:38:
         d6:6b:28:47:b5:03:a0:43:58:5c:a1:3e:96:29:6f:91:09:2e:
         1d:84:17:98:fc:80:3a:b9:f4:41:9b:4a:1f:67:44:be:dd:2b:
         cd:b1:32:ad:d4:13:9b:4d:fe:ab:8c:f0:de:34:6f:65:3c:eb:
         87:66:6e:bd:92:57:2e:45:7e:54:72:65:f1:0e:87:f1:83:af:
         ca:70:68:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXm2l3HW4YpTQBSECb34jnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NmZhOTMxYzg1ZWI3OThjNjgyZGMzMmU0MjkwOWQ3MWM5
MjNiMjMwHhcNMjQxMTIzMDYwMDIyWhcNMjQxMTI0MDYwMDIyWjAzMTEwLwYDVQQD
EyhhNjIxN2VhNjZiYjY4M2MzOGYyZWYyYzFjMzljOWFkY2ZhMGQ4NjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5WuOn4cSpMEBE1JgoyV6ehSkUdZ
DOpUpwZ7JmyYPLPmkEq4VqiQQNJaYjWwNNpLrWiJkZPb0TnS6cyjH9jFz1A/dgs+
TEU/BqXzQP1AuVc7X+YuF+qV6hAsyZQ0a1XeJUudj0g3W10+FiOxLDNTOVTw8bcA
lP0yzEpG3AY//m/8IHNZGBaaRW5GtdZVODScQkKE+iMYQTErALzY2iXf/brCV6tK
hzI+Dgz+8ezA35h8DvJTfJAUoxCSSqjH1GqtaX+s/2R8xx7u6JCkY07decCbs1IR
cAYDSrTarM0Jbcwr/2uhhmLwrPovPZ2KRJfcIC5KhHbbEZwPDT2VcUFJawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYhfqZrtoPDjy7ywcOcmtz6DYZ7MB8GA1UdIwQY
MBaAFBVvqTHIXreYxoLcMuQpCdcckjsjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlctcE1jaGV0NWpHZ3R3eTVDa0oxeHlTT3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lYzZhODMtYmJhNi00NWNiLTkwZWMt
NGVhODA2ZmYyOGNkLzEvRlctcE1jaGV0NWpHZ3R3eTVDa0oxeHlTT3lNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lYzZhODMtYmJhNi00NWNiLTkwZWMtNGVhODA2ZmYyOGNk
LzEvRlctcE1jaGV0NWpHZ3R3eTVDa0oxeHlTT3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXnZGf07u
5LnqlaOsci+1ejA7jXCj4hcZ/liQ9/OpNGenBhhAOAekwxG89GXWGP0Prz1xfJjL
bnivODsar9j0EVqSo0G99rtn74LfKGGs5Q/UQjBmNK2PkdZsMsYdAIV9QYGPs5Su
ZLW75Nk8ESRSmr/FuSMMkzKropSyvszCl3XJtXVe9M2h+JAE9GBbfOZsTql90nJK
eAFfL+jORBeRBvR9sKD+P/OyZagrX2tg1hpSpz041msoR7UDoENYXKE+lilvkQku
HYQXmPyAOrn0QZtKH2dEvt0rzbEyrdQTm03+q4zw3jRvZTzrh2ZuvZJXLkV+VHJl
8Q6H8YOvynBokQ==
-----END CERTIFICATE-----