Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft
File:                     FW-pMchet5jGgtwy5CkJ1xySOyM.mft (raw, json)
Hash identifier:          qwplI6ud9IVFu9QxfeLk1ohuv9qQ5bwu/+4hhl/t7VM=
Subject key identifier:   75:AB:02:E2:86:A2:EE:32:27:2C:A5:7D:DC:FD:C1:5C:83:45:A0:B0
Authority key identifier: 15:6F:A9:31:C8:5E:B7:98:C6:82:DC:32:E4:29:09:D7:1C:92:3B:23
Certificate issuer:       /CN=156fa931c85eb798c682dc32e42909d71c923b23
Certificate serial:       019A72CA298F0E4FD415BEC8061FF6930E3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FW-pMchet5jGgtwy5CkJ1xySOyM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft
Manifest number:          0609
Signing time:             Tue 11 Nov 2025 12:00:42 +0000
Manifest this update:     Tue 11 Nov 2025 12:00:42 +0000
Manifest next update:     Wed 12 Nov 2025 12:00:42 +0000
Files and hashes:         1: FW-pMchet5jGgtwy5CkJ1xySOyM.crl (hash: shz+30IwmC406EPuDpu4IIHen118MWq9c2WjhgyRg5M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FW-pMchet5jGgtwy5CkJ1xySOyM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:ca:29:8f:0e:4f:d4:15:be:c8:06:1f:f6:93:0e:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=156fa931c85eb798c682dc32e42909d71c923b23
        Validity
            Not Before: Nov 11 12:00:42 2025 GMT
            Not After : Nov 12 12:00:42 2025 GMT
        Subject: CN=75ab02e286a2ee32272ca57ddcfdc15c8345a0b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:da:b4:c2:7d:e2:87:1f:42:f9:c1:9f:b3:d0:
                    e3:6d:ff:ef:49:b1:f6:58:a0:7d:d1:87:18:ba:ff:
                    b9:5d:86:49:63:22:54:68:b4:68:b5:fd:7a:3f:78:
                    e4:ce:71:db:4d:e6:0b:8e:4f:ad:42:54:73:35:d1:
                    27:2d:e7:b3:16:c0:d4:e4:6e:22:09:e2:e1:a3:a3:
                    06:83:76:16:01:c5:ee:37:c6:7a:fb:a9:54:7f:d6:
                    ff:28:d0:9e:bf:0a:48:44:91:ec:82:58:4e:69:fb:
                    13:a9:e4:c1:4b:53:57:9b:8d:ef:9a:d7:2f:ea:cf:
                    2e:b6:4c:bb:d1:e1:87:7a:60:08:64:42:ca:1f:f9:
                    38:64:4f:70:3d:ba:43:df:e1:1d:09:52:1d:c7:b4:
                    d9:5a:04:27:48:26:2d:6b:f9:83:fb:6a:3c:39:e2:
                    82:b4:c9:03:8b:da:5f:95:64:ca:9b:f5:5e:bb:19:
                    3a:97:6e:ba:66:2c:db:7c:83:59:e4:dd:64:21:a2:
                    e3:19:dc:58:b2:2f:f0:d8:a8:26:24:c7:f0:b5:1c:
                    1e:b4:42:19:5c:de:1b:69:7a:7d:7c:39:1e:c4:45:
                    40:f6:29:66:da:03:8b:94:81:65:7c:7f:72:50:2f:
                    10:c7:af:17:eb:1e:69:c6:a2:52:bd:78:6c:a1:1e:
                    b5:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:AB:02:E2:86:A2:EE:32:27:2C:A5:7D:DC:FD:C1:5C:83:45:A0:B0
            X509v3 Authority Key Identifier:
                keyid:15:6F:A9:31:C8:5E:B7:98:C6:82:DC:32:E4:29:09:D7:1C:92:3B:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FW-pMchet5jGgtwy5CkJ1xySOyM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:5a:6a:bc:ea:7e:44:2b:86:46:10:30:86:55:e7:36:58:c2:
         4e:b8:98:b4:3f:c1:98:43:02:c2:1c:90:5e:a5:9e:66:e7:9e:
         ff:e6:a4:ec:9e:e0:12:51:96:34:e9:2a:2f:0a:19:c9:18:a3:
         6e:9e:a9:c3:aa:3c:0e:de:6b:13:dc:7e:b7:fb:cf:a0:92:e4:
         92:c6:74:ca:1c:33:20:f5:ba:72:b5:2e:4a:dd:32:6a:bb:e4:
         45:ef:dd:8a:a8:52:0c:40:f7:d5:e2:0e:46:2d:77:e3:22:e9:
         be:6d:ad:03:7a:9c:2c:cd:d6:5d:2f:83:82:c5:ae:c6:de:f2:
         04:69:cc:1a:0f:41:7d:0b:a6:8d:1c:05:6c:a7:a1:16:40:82:
         b9:47:8c:32:6d:2a:e5:13:f3:c6:71:d5:28:fe:ca:0c:d7:40:
         f0:3e:c4:af:2b:da:91:af:93:08:75:5a:91:5d:78:ce:e1:5d:
         86:27:97:75:34:45:92:cc:ab:97:c5:c1:1d:6b:01:1f:3d:2c:
         82:39:0c:99:94:81:56:5b:be:72:97:47:93:44:7e:10:9e:00:
         35:1b:54:24:58:ca:ef:06:1d:14:08:c3:5e:40:15:bf:fe:af:
         e0:00:c8:ab:9d:45:b4:dd:70:f5:4c:61:79:4f:59:2b:a4:bf:
         ae:43:c1:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyimPDk/UFb7IBh/2kw47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NmZhOTMxYzg1ZWI3OThjNjgyZGMzMmU0MjkwOWQ3MWM5
MjNiMjMwHhcNMjUxMTExMTIwMDQyWhcNMjUxMTEyMTIwMDQyWjAzMTEwLwYDVQQD
Eyg3NWFiMDJlMjg2YTJlZTMyMjcyY2E1N2RkY2ZkYzE1YzgzNDVhMGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Nq0wn3ihx9C+cGfs9Djbf/vSbH2
WKB90YcYuv+5XYZJYyJUaLRotf16P3jkznHbTeYLjk+tQlRzNdEnLeezFsDU5G4i
CeLho6MGg3YWAcXuN8Z6+6lUf9b/KNCevwpIRJHsglhOafsTqeTBS1NXm43vmtcv
6s8utky70eGHemAIZELKH/k4ZE9wPbpD3+EdCVIdx7TZWgQnSCYta/mD+2o8OeKC
tMkDi9pflWTKm/Veuxk6l266ZizbfINZ5N1kIaLjGdxYsi/w2KgmJMfwtRwetEIZ
XN4baXp9fDkexEVA9ilm2gOLlIFlfH9yUC8Qx68X6x5pxqJSvXhsoR61IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHWrAuKGou4yJyylfdz9wVyDRaCwMB8GA1UdIwQY
MBaAFBVvqTHIXreYxoLcMuQpCdcckjsjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlctcE1jaGV0NWpHZ3R3eTVDa0oxeHlTT3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lYzZhODMtYmJhNi00NWNiLTkwZWMt
NGVhODA2ZmYyOGNkLzEvRlctcE1jaGV0NWpHZ3R3eTVDa0oxeHlTT3lNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lYzZhODMtYmJhNi00NWNiLTkwZWMtNGVhODA2ZmYyOGNk
LzEvRlctcE1jaGV0NWpHZ3R3eTVDa0oxeHlTT3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATlpqvOp+
RCuGRhAwhlXnNljCTriYtD/BmEMCwhyQXqWeZuee/+ak7J7gElGWNOkqLwoZyRij
bp6pw6o8Dt5rE9x+t/vPoJLkksZ0yhwzIPW6crUuSt0yarvkRe/diqhSDED31eIO
Ri134yLpvm2tA3qcLM3WXS+DgsWuxt7yBGnMGg9BfQumjRwFbKehFkCCuUeMMm0q
5RPzxnHVKP7KDNdA8D7Eryvaka+TCHVakV14zuFdhieXdTRFksyrl8XBHWsBHz0s
gjkMmZSBVlu+cpdHk0R+EJ4ANRtUJFjK7wYdFAjDXkAVv/6v4ADIq51FtN1w9Uxh
eU9ZK6S/rkPBuQ==
-----END CERTIFICATE-----