Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft
File:                     FW-pMchet5jGgtwy5CkJ1xySOyM.mft (raw, json)
Hash identifier:          vGCXx1nM0CG1oR5jV1mGAAd5rOczl9xUu9enN+5SCMw=
Subject key identifier:   EA:77:2D:20:D4:54:B5:90:65:B5:71:7A:88:65:04:F5:9D:E9:85:DC
Authority key identifier: 15:6F:A9:31:C8:5E:B7:98:C6:82:DC:32:E4:29:09:D7:1C:92:3B:23
Certificate issuer:       /CN=156fa931c85eb798c682dc32e42909d71c923b23
Certificate serial:       01975CEEEA7F516E8B58F9C6F8BBAAF5124B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FW-pMchet5jGgtwy5CkJ1xySOyM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft
Manifest number:          0470
Signing time:             Wed 11 Jun 2025 03:00:50 +0000
Manifest this update:     Wed 11 Jun 2025 03:00:50 +0000
Manifest next update:     Thu 12 Jun 2025 03:00:50 +0000
Files and hashes:         1: FW-pMchet5jGgtwy5CkJ1xySOyM.crl (hash: B6RIG+lt3LpD2yIgm7GcdmUSDqr49dNWeVT/Rczej7A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FW-pMchet5jGgtwy5CkJ1xySOyM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:ee:ea:7f:51:6e:8b:58:f9:c6:f8:bb:aa:f5:12:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=156fa931c85eb798c682dc32e42909d71c923b23
        Validity
            Not Before: Jun 11 03:00:50 2025 GMT
            Not After : Jun 12 03:00:50 2025 GMT
        Subject: CN=ea772d20d454b59065b5717a886504f59de985dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:e9:0d:47:80:f3:52:a7:6c:3d:f8:53:46:95:
                    ad:de:70:85:30:f4:ea:9b:74:6e:0e:6f:66:b3:4a:
                    f1:32:07:03:fb:34:0a:91:89:9a:68:bd:26:dd:7d:
                    7a:7f:f1:74:9a:e7:59:be:07:a6:95:a0:04:67:f7:
                    29:b4:57:6a:51:01:1e:5c:47:37:3d:2f:83:b8:5e:
                    22:70:e4:17:b1:09:f4:d5:8d:82:49:be:7d:77:c1:
                    f2:a2:29:82:07:82:70:41:0d:86:f4:50:96:90:af:
                    06:50:e9:2a:c0:d5:75:fd:84:7d:8c:8b:73:7d:10:
                    e6:9d:26:93:c8:64:cd:76:05:cb:4d:e3:86:34:22:
                    85:83:ae:84:2a:06:05:c9:b7:6e:5b:8c:8b:82:ad:
                    36:2e:36:5c:00:14:6c:ec:26:0f:ea:31:f6:16:1a:
                    4e:44:5d:a9:e1:1a:c2:34:87:c1:7f:5c:6b:71:b1:
                    ea:57:ca:8d:95:bb:41:8a:6d:72:32:6f:48:2c:45:
                    00:e4:89:05:5b:a6:72:d1:5e:0c:6d:bc:23:04:02:
                    2f:c1:a2:96:82:d3:1e:81:69:6d:16:1a:23:d5:36:
                    6a:e5:61:dd:84:dd:f9:9c:ec:22:d5:3f:a4:42:07:
                    08:60:c7:2d:f4:a5:90:16:d0:85:da:b1:25:65:e6:
                    84:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:77:2D:20:D4:54:B5:90:65:B5:71:7A:88:65:04:F5:9D:E9:85:DC
            X509v3 Authority Key Identifier:
                keyid:15:6F:A9:31:C8:5E:B7:98:C6:82:DC:32:E4:29:09:D7:1C:92:3B:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FW-pMchet5jGgtwy5CkJ1xySOyM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ec6a83-bba6-45cb-90ec-4ea806ff28cd/1/FW-pMchet5jGgtwy5CkJ1xySOyM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:86:2d:1a:1b:d7:3f:18:4a:01:68:a2:e4:a4:0b:58:f4:f3:
         bf:e2:68:21:ce:9d:9d:3b:ea:c3:29:b1:54:fe:29:1b:dd:bb:
         1d:5e:e5:5a:09:3f:c7:83:39:7d:05:a5:2f:ef:e6:b8:c6:2b:
         72:b7:56:87:cd:b3:9b:50:8d:ed:44:7b:49:cd:3c:ec:4c:86:
         5a:9a:a6:90:91:ab:17:70:10:70:f5:a9:7e:b3:04:c3:18:6d:
         74:32:52:f0:4c:b1:c9:5c:ed:32:21:fe:9c:45:db:c4:58:b1:
         94:0d:98:d7:a5:4f:7a:fa:3f:6a:91:8f:e5:80:db:f7:29:8e:
         85:72:f7:4c:43:7b:6b:aa:b7:f7:b2:85:9d:f3:91:70:ea:5d:
         be:7f:00:09:2e:a5:78:76:2e:ee:95:59:22:de:9d:b3:c9:56:
         65:5b:11:aa:cb:13:32:8c:19:a2:06:0e:f4:22:e5:83:55:d2:
         de:69:7b:df:d3:8a:dd:17:be:40:6a:55:d9:2b:aa:f8:99:61:
         46:7f:ab:bb:a2:12:ec:34:18:60:c0:40:fd:fc:99:20:b5:85:
         19:28:9f:b4:e3:9e:78:f8:b6:94:34:16:88:f8:e7:e6:58:1d:
         cf:33:36:08:5c:27:09:42:6c:8f:1a:fa:16:8e:69:cf:99:83:
         10:b4:be:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdc7up/UW6LWPnG+Luq9RJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NmZhOTMxYzg1ZWI3OThjNjgyZGMzMmU0MjkwOWQ3MWM5
MjNiMjMwHhcNMjUwNjExMDMwMDUwWhcNMjUwNjEyMDMwMDUwWjAzMTEwLwYDVQQD
EyhlYTc3MmQyMGQ0NTRiNTkwNjViNTcxN2E4ODY1MDRmNTlkZTk4NWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ukNR4DzUqdsPfhTRpWt3nCFMPTq
m3RuDm9ms0rxMgcD+zQKkYmaaL0m3X16f/F0mudZvgemlaAEZ/cptFdqUQEeXEc3
PS+DuF4icOQXsQn01Y2CSb59d8HyoimCB4JwQQ2G9FCWkK8GUOkqwNV1/YR9jItz
fRDmnSaTyGTNdgXLTeOGNCKFg66EKgYFybduW4yLgq02LjZcABRs7CYP6jH2FhpO
RF2p4RrCNIfBf1xrcbHqV8qNlbtBim1yMm9ILEUA5IkFW6Zy0V4MbbwjBAIvwaKW
gtMegWltFhoj1TZq5WHdhN35nOwi1T+kQgcIYMct9KWQFtCF2rElZeaEjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOp3LSDUVLWQZbVxeohlBPWd6YXcMB8GA1UdIwQY
MBaAFBVvqTHIXreYxoLcMuQpCdcckjsjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlctcE1jaGV0NWpHZ3R3eTVDa0oxeHlTT3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lYzZhODMtYmJhNi00NWNiLTkwZWMt
NGVhODA2ZmYyOGNkLzEvRlctcE1jaGV0NWpHZ3R3eTVDa0oxeHlTT3lNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lYzZhODMtYmJhNi00NWNiLTkwZWMtNGVhODA2ZmYyOGNk
LzEvRlctcE1jaGV0NWpHZ3R3eTVDa0oxeHlTT3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPYYtGhvX
PxhKAWii5KQLWPTzv+JoIc6dnTvqwymxVP4pG927HV7lWgk/x4M5fQWlL+/muMYr
crdWh82zm1CN7UR7Sc087EyGWpqmkJGrF3AQcPWpfrMEwxhtdDJS8EyxyVztMiH+
nEXbxFixlA2Y16VPevo/apGP5YDb9ymOhXL3TEN7a6q397KFnfORcOpdvn8ACS6l
eHYu7pVZIt6ds8lWZVsRqssTMowZogYO9CLlg1XS3ml739OK3Re+QGpV2Suq+Jlh
Rn+ru6IS7DQYYMBA/fyZILWFGSiftOOeePi2lDQWiPjn5lgdzzM2CFwnCUJsjxr6
Fo5pz5mDELS+Hg==
-----END CERTIFICATE-----