Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft
File:                     BOIiiGeO__Ff6nne8kxgZ84kqic.mft (raw, json)
Hash identifier:          fYFpIUr6ehG5bZmekO5NtjfdtcK+ieDtdnJ5DaaA/kU=
Subject key identifier:   55:C5:73:5F:2C:4F:15:A5:44:AA:31:78:1D:E3:4D:B5:B5:BC:55:FF
Authority key identifier: 04:E2:22:88:67:8E:FF:F1:5F:EA:79:DE:F2:4C:60:67:CE:24:AA:27
Certificate issuer:       /CN=04e22288678efff15fea79def24c6067ce24aa27
Certificate serial:       01967BD7BA2F700259B8EC1C419A2346EE2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BOIiiGeO__Ff6nne8kxgZ84kqic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft
Manifest number:          150E
Signing time:             Mon 28 Apr 2025 10:00:57 +0000
Manifest this update:     Mon 28 Apr 2025 10:00:57 +0000
Manifest next update:     Tue 29 Apr 2025 10:00:57 +0000
Files and hashes:         1: BOIiiGeO__Ff6nne8kxgZ84kqic.crl (hash: ecI+QRX1s2pM9p9IYM+dY0oJBpwE660EJ4oNP4MYBFo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BOIiiGeO__Ff6nne8kxgZ84kqic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7b:d7:ba:2f:70:02:59:b8:ec:1c:41:9a:23:46:ee:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04e22288678efff15fea79def24c6067ce24aa27
        Validity
            Not Before: Apr 28 10:00:57 2025 GMT
            Not After : Apr 29 10:00:57 2025 GMT
        Subject: CN=55c5735f2c4f15a544aa31781de34db5b5bc55ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:bb:bc:e9:f6:50:a7:40:97:ec:da:f0:d7:7e:
                    6b:e7:ae:69:f6:65:59:57:01:89:87:65:b7:1c:12:
                    12:15:08:96:33:bf:5c:ea:86:37:1b:15:51:15:e9:
                    71:ae:6f:bc:52:a8:fc:a2:c6:c6:0a:0b:4d:26:8b:
                    11:12:4b:f1:66:92:e5:16:da:1b:93:34:19:e1:27:
                    53:06:69:b9:23:72:b4:46:42:40:02:dd:11:1f:30:
                    d1:0e:25:93:ea:ec:02:50:6b:ef:59:d0:e1:12:3a:
                    5a:5b:1a:58:c9:de:11:f8:b3:08:b3:c1:66:a8:b1:
                    65:83:a3:c2:f4:5a:89:3d:4f:a4:4a:81:24:7b:10:
                    cd:ec:1a:76:d8:dd:d7:6e:06:9a:64:c1:21:71:61:
                    9a:6b:fb:5d:bc:fc:ec:11:91:13:c7:c8:12:43:a6:
                    5e:04:69:e6:f7:e7:85:da:dd:b9:ea:f1:78:b6:5b:
                    2f:31:7e:a3:66:cd:d7:8a:3a:22:a5:f3:59:23:e9:
                    7c:46:48:4a:80:e6:68:fc:1f:c8:db:46:b3:87:52:
                    08:a9:2e:ba:10:7d:27:e0:59:eb:13:e8:52:e6:3e:
                    0e:e6:6e:35:a7:a0:44:d3:36:73:29:f0:72:fc:85:
                    0e:ab:4c:45:f9:35:1a:78:be:d2:06:71:23:06:08:
                    8d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:C5:73:5F:2C:4F:15:A5:44:AA:31:78:1D:E3:4D:B5:B5:BC:55:FF
            X509v3 Authority Key Identifier:
                keyid:04:E2:22:88:67:8E:FF:F1:5F:EA:79:DE:F2:4C:60:67:CE:24:AA:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BOIiiGeO__Ff6nne8kxgZ84kqic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:4e:24:93:0e:7b:e0:65:96:c6:4e:d5:92:75:8a:02:3e:cd:
         a4:2f:91:2f:c2:2c:f4:ec:06:87:cf:1a:33:52:14:26:ab:7c:
         bd:6e:d9:5b:4f:4a:41:89:2f:da:60:59:f6:c3:74:39:79:f9:
         6f:44:3f:0f:98:a8:23:d7:e5:cb:64:9d:61:dd:19:13:6b:50:
         65:e7:ec:9e:60:4b:9a:b2:a0:68:ca:4a:6e:d4:87:25:a0:e2:
         83:90:40:2e:b3:28:47:98:94:b7:e7:5d:23:06:39:9e:58:07:
         08:22:0d:72:d6:f4:a4:42:73:fb:fa:db:a6:1e:a1:c9:73:40:
         8f:d9:5c:8f:7e:68:51:22:b0:77:a0:16:1b:5e:7b:d9:7d:95:
         dd:be:be:05:fe:61:c3:cb:4d:b5:8a:aa:94:01:0b:fa:65:5a:
         54:df:2a:6b:5e:35:17:9d:e1:32:ec:4d:77:e2:bc:f9:a9:1a:
         2f:77:49:08:17:ae:65:cc:bb:1c:de:53:dd:1f:96:4c:c9:5b:
         eb:9d:78:3a:a6:02:d4:78:96:66:2c:80:94:f6:8e:4a:75:57:
         55:24:b9:9f:25:7f:1e:88:8f:bb:6c:e3:82:12:1a:74:bb:ec:
         6f:00:45:2b:62:bf:f5:c8:36:d9:9c:6e:54:a1:08:e1:a2:b9:
         ea:b8:2d:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ717ovcAJZuOwcQZojRu4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZTIyMjg4Njc4ZWZmZjE1ZmVhNzlkZWYyNGM2MDY3Y2Uy
NGFhMjcwHhcNMjUwNDI4MTAwMDU3WhcNMjUwNDI5MTAwMDU3WjAzMTEwLwYDVQQD
Eyg1NWM1NzM1ZjJjNGYxNWE1NDRhYTMxNzgxZGUzNGRiNWI1YmM1NWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuru86fZQp0CX7Nrw135r565p9mVZ
VwGJh2W3HBISFQiWM79c6oY3GxVRFelxrm+8Uqj8osbGCgtNJosREkvxZpLlFtob
kzQZ4SdTBmm5I3K0RkJAAt0RHzDRDiWT6uwCUGvvWdDhEjpaWxpYyd4R+LMIs8Fm
qLFlg6PC9FqJPU+kSoEkexDN7Bp22N3XbgaaZMEhcWGaa/tdvPzsEZETx8gSQ6Ze
BGnm9+eF2t256vF4tlsvMX6jZs3XijoipfNZI+l8RkhKgOZo/B/I20azh1IIqS66
EH0n4FnrE+hS5j4O5m41p6BE0zZzKfBy/IUOq0xF+TUaeL7SBnEjBgiNwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFXFc18sTxWlRKoxeB3jTbW1vFX/MB8GA1UdIwQY
MBaAFATiIohnjv/xX+p53vJMYGfOJKonMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk9JaWlHZU9fX0ZmNm5uZThreGdaODRrcWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81NGY4ZjYtYjkwMC00NDA1LTkyN2Mt
ODljOTg5MmMxNGYwLzEvQk9JaWlHZU9fX0ZmNm5uZThreGdaODRrcWljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81NGY4ZjYtYjkwMC00NDA1LTkyN2MtODljOTg5MmMxNGYw
LzEvQk9JaWlHZU9fX0ZmNm5uZThreGdaODRrcWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM04kkw57
4GWWxk7VknWKAj7NpC+RL8Is9OwGh88aM1IUJqt8vW7ZW09KQYkv2mBZ9sN0OXn5
b0Q/D5ioI9fly2SdYd0ZE2tQZefsnmBLmrKgaMpKbtSHJaDig5BALrMoR5iUt+dd
IwY5nlgHCCINctb0pEJz+/rbph6hyXNAj9lcj35oUSKwd6AWG1572X2V3b6+Bf5h
w8tNtYqqlAEL+mVaVN8qa141F53hMuxNd+K8+akaL3dJCBeuZcy7HN5T3R+WTMlb
6514OqYC1HiWZiyAlPaOSnVXVSS5nyV/HoiPu2zjghIadLvsbwBFK2K/9cg22Zxu
VKEI4aK56rgtuA==
-----END CERTIFICATE-----