Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft
File:                     BOIiiGeO__Ff6nne8kxgZ84kqic.mft (raw, json)
Hash identifier:          7OvLxXFramw0BKLw1uW6uh10SSwEIpfdzPz6AIuq948=
Subject key identifier:   E0:89:1C:4A:0D:17:3A:6D:4A:FF:1F:27:21:72:5D:6D:A4:90:BB:B5
Authority key identifier: 04:E2:22:88:67:8E:FF:F1:5F:EA:79:DE:F2:4C:60:67:CE:24:AA:27
Certificate issuer:       /CN=04e22288678efff15fea79def24c6067ce24aa27
Certificate serial:       0197696119D3E1B7D5E78F1716C1C5638544
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BOIiiGeO__Ff6nne8kxgZ84kqic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft
Manifest number:          1589
Signing time:             Fri 13 Jun 2025 13:01:00 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:00 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:00 +0000
Files and hashes:         1: BOIiiGeO__Ff6nne8kxgZ84kqic.crl (hash: a7cgOqrYdQGbTpxi9zgg3hig5cOmI/u8oaEo21nQ8f4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BOIiiGeO__Ff6nne8kxgZ84kqic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:19:d3:e1:b7:d5:e7:8f:17:16:c1:c5:63:85:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04e22288678efff15fea79def24c6067ce24aa27
        Validity
            Not Before: Jun 13 13:01:00 2025 GMT
            Not After : Jun 14 13:01:00 2025 GMT
        Subject: CN=e0891c4a0d173a6d4aff1f2721725d6da490bbb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:6d:8a:50:03:f1:00:d4:ea:00:35:e9:da:8b:
                    5e:13:37:86:0b:b3:19:8d:c3:7c:2d:24:71:26:91:
                    c5:0e:73:dd:ef:9f:50:78:71:b0:eb:51:72:83:57:
                    3f:6a:1d:cd:16:62:30:1f:cb:56:32:5e:7a:98:a6:
                    1a:01:01:99:77:1c:67:ca:9d:cb:b7:7a:11:19:0c:
                    ec:b4:a4:f8:b1:98:16:fc:55:02:1d:34:c3:b6:c4:
                    07:61:d1:a8:8a:c6:31:5b:8f:da:17:74:73:93:27:
                    cf:35:b1:1a:6c:c8:96:8a:bd:1e:a3:6f:3a:01:11:
                    31:a6:d0:8c:83:6b:7a:8f:18:0f:6a:2f:0f:0d:a9:
                    5c:81:15:bb:b1:d0:f8:98:24:80:91:86:08:cc:dd:
                    28:12:05:12:75:e0:64:f7:a6:ba:57:d5:c6:2f:68:
                    e0:7a:ec:25:25:25:7d:58:03:e1:b8:36:8a:b0:5d:
                    af:c6:ec:01:cd:4b:7d:49:30:0f:36:f2:a7:d0:1f:
                    3d:ae:2e:83:3f:81:26:65:64:8e:a9:0a:e8:b8:fd:
                    1c:17:6c:7a:a6:92:43:96:71:10:b5:ac:f0:fa:7a:
                    9a:89:bb:5c:28:59:f5:d9:b6:fa:9e:06:e2:f5:90:
                    31:33:d0:8f:5e:d9:61:ca:c5:a5:1d:7e:eb:f3:ab:
                    fb:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:89:1C:4A:0D:17:3A:6D:4A:FF:1F:27:21:72:5D:6D:A4:90:BB:B5
            X509v3 Authority Key Identifier:
                keyid:04:E2:22:88:67:8E:FF:F1:5F:EA:79:DE:F2:4C:60:67:CE:24:AA:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BOIiiGeO__Ff6nne8kxgZ84kqic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:52:d7:ff:76:84:f4:32:f5:ce:d4:32:c7:da:36:d1:fe:d1:
         88:3d:5a:62:2d:8c:59:cc:c0:a2:e0:62:0d:55:18:c6:8d:05:
         76:22:b4:b9:66:38:9b:00:9e:b5:59:19:78:82:b4:66:13:0f:
         1a:2b:8b:d9:84:39:60:fa:e1:01:84:aa:8a:1c:6b:d5:82:b7:
         a7:48:d0:0a:aa:a7:f0:fb:8d:45:ab:0b:41:52:24:27:d2:de:
         d9:14:5d:f2:52:25:fc:a2:64:12:2d:b4:c4:ac:88:36:ef:20:
         17:e4:2d:f2:a1:b4:62:21:0c:9f:ee:6b:bd:35:d2:2f:da:30:
         51:ae:38:fa:98:b1:5f:29:3c:b4:de:5e:bc:7e:49:83:63:f0:
         50:65:c3:97:71:fd:41:48:7a:04:92:6d:02:ef:92:d2:25:6c:
         a4:72:26:66:c4:43:f5:7c:91:12:36:5c:ce:c2:c0:c7:50:fb:
         fc:56:88:47:58:ed:d2:f3:6f:d6:b9:5a:1a:b5:02:2e:ec:c9:
         8c:a3:da:05:28:70:cf:73:b9:bf:90:60:ab:1e:00:60:26:9d:
         9e:c4:c6:b9:3a:e0:68:53:7d:04:cc:7b:e8:f1:c9:18:4a:9e:
         70:56:8e:ad:7e:af:72:08:0e:8a:4b:b1:f5:ef:f9:9d:3a:44:
         6d:46:0f:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYRnT4bfV548XFsHFY4VEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZTIyMjg4Njc4ZWZmZjE1ZmVhNzlkZWYyNGM2MDY3Y2Uy
NGFhMjcwHhcNMjUwNjEzMTMwMTAwWhcNMjUwNjE0MTMwMTAwWjAzMTEwLwYDVQQD
EyhlMDg5MWM0YTBkMTczYTZkNGFmZjFmMjcyMTcyNWQ2ZGE0OTBiYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW2KUAPxANTqADXp2oteEzeGC7MZ
jcN8LSRxJpHFDnPd759QeHGw61Fyg1c/ah3NFmIwH8tWMl56mKYaAQGZdxxnyp3L
t3oRGQzstKT4sZgW/FUCHTTDtsQHYdGoisYxW4/aF3RzkyfPNbEabMiWir0eo286
ARExptCMg2t6jxgPai8PDalcgRW7sdD4mCSAkYYIzN0oEgUSdeBk96a6V9XGL2jg
euwlJSV9WAPhuDaKsF2vxuwBzUt9STAPNvKn0B89ri6DP4EmZWSOqQrouP0cF2x6
ppJDlnEQtazw+nqaibtcKFn12bb6ngbi9ZAxM9CPXtlhysWlHX7r86v7WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOCJHEoNFzptSv8fJyFyXW2kkLu1MB8GA1UdIwQY
MBaAFATiIohnjv/xX+p53vJMYGfOJKonMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk9JaWlHZU9fX0ZmNm5uZThreGdaODRrcWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81NGY4ZjYtYjkwMC00NDA1LTkyN2Mt
ODljOTg5MmMxNGYwLzEvQk9JaWlHZU9fX0ZmNm5uZThreGdaODRrcWljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81NGY4ZjYtYjkwMC00NDA1LTkyN2MtODljOTg5MmMxNGYw
LzEvQk9JaWlHZU9fX0ZmNm5uZThreGdaODRrcWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqFLX/3aE
9DL1ztQyx9o20f7RiD1aYi2MWczAouBiDVUYxo0FdiK0uWY4mwCetVkZeIK0ZhMP
GiuL2YQ5YPrhAYSqihxr1YK3p0jQCqqn8PuNRasLQVIkJ9Le2RRd8lIl/KJkEi20
xKyINu8gF+Qt8qG0YiEMn+5rvTXSL9owUa44+pixXyk8tN5evH5Jg2PwUGXDl3H9
QUh6BJJtAu+S0iVspHImZsRD9XyREjZczsLAx1D7/FaIR1jt0vNv1rlaGrUCLuzJ
jKPaBShwz3O5v5Bgqx4AYCadnsTGuTrgaFN9BMx76PHJGEqecFaOrX6vcggOikux
9e/5nTpEbUYPCQ==
-----END CERTIFICATE-----