Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft
File:                     BOIiiGeO__Ff6nne8kxgZ84kqic.mft (raw, json)
Hash identifier:          mrUetQ+U4kj9adDnstYvig++RywiD9lm/2acLdzCIQI=
Subject key identifier:   EB:82:2E:33:A8:2B:90:16:89:13:81:44:1E:2D:09:A8:E3:36:5D:BB
Authority key identifier: 04:E2:22:88:67:8E:FF:F1:5F:EA:79:DE:F2:4C:60:67:CE:24:AA:27
Certificate issuer:       /CN=04e22288678efff15fea79def24c6067ce24aa27
Certificate serial:       019D9AE3B0A7AEADA7B4F820458ADD730B82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BOIiiGeO__Ff6nne8kxgZ84kqic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 10:01:46 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:46 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:46 +0000
Files and hashes:         1: BOIiiGeO__Ff6nne8kxgZ84kqic.crl (hash: ePGIp4T1w4Khd6bEma2K++OjZAUepL4xXQJLtT6xdDc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BOIiiGeO__Ff6nne8kxgZ84kqic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:b0:a7:ae:ad:a7:b4:f8:20:45:8a:dd:73:0b:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04e22288678efff15fea79def24c6067ce24aa27
        Validity
            Not Before: Apr 17 10:01:46 2026 GMT
            Not After : Apr 18 10:01:46 2026 GMT
        Subject: CN=eb822e33a82b9016891381441e2d09a8e3365dbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:d0:ad:81:63:76:b8:4e:12:33:72:56:f0:e2:
                    71:6c:8e:ec:72:40:24:3a:60:91:2c:66:be:7d:ce:
                    a7:cf:c9:b8:3d:02:8e:9e:c9:d2:d3:3a:0b:6d:91:
                    e8:11:7c:8b:5c:19:45:bb:62:43:76:74:e9:7d:1b:
                    35:c9:af:a3:aa:58:ce:68:99:31:86:65:94:5b:67:
                    60:6b:d7:9e:b2:2c:a2:ce:e0:4d:a6:80:c1:11:76:
                    12:a9:50:a0:45:a1:30:d7:13:72:3b:ff:a5:eb:00:
                    6c:25:34:21:66:a0:07:e4:38:a1:45:25:a6:bf:cd:
                    ec:bb:79:2a:0e:6a:e2:1d:15:ea:aa:82:e0:7f:b1:
                    4d:06:bb:85:95:fd:52:1d:ef:d0:c9:a5:aa:72:92:
                    d3:58:0f:2a:f8:b2:9f:5f:c9:26:d7:85:22:de:27:
                    2a:0b:a8:1c:ee:89:fc:55:f6:c1:63:de:4b:92:f0:
                    dc:34:0e:15:c2:42:d9:c5:e3:68:fe:bb:35:7f:3a:
                    67:bb:ab:91:44:a6:23:d5:83:a6:01:56:69:ad:dd:
                    6e:a1:94:f9:cf:91:00:35:05:24:b7:c9:ff:89:9a:
                    64:32:0b:64:f6:f6:46:9c:8e:f9:0c:0d:5b:0b:bb:
                    61:39:ab:a4:81:cc:28:16:58:28:bc:92:a2:81:3e:
                    3e:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:82:2E:33:A8:2B:90:16:89:13:81:44:1E:2D:09:A8:E3:36:5D:BB
            X509v3 Authority Key Identifier:
                keyid:04:E2:22:88:67:8E:FF:F1:5F:EA:79:DE:F2:4C:60:67:CE:24:AA:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BOIiiGeO__Ff6nne8kxgZ84kqic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:75:35:51:73:9b:8e:a4:0b:d5:69:9b:72:96:6e:89:96:b0:
         76:e7:30:9d:41:0e:87:f7:3a:b0:2a:81:e6:ea:5d:fb:31:9d:
         b8:f0:c8:5d:3e:dd:97:ca:6c:16:a6:42:6e:1e:01:09:e7:df:
         43:fd:38:a2:d4:49:e5:62:1c:d7:b0:19:de:ce:eb:93:54:b8:
         4c:1e:98:a2:1b:34:b6:fc:74:85:b0:b2:a8:e7:29:9a:af:2a:
         ca:fb:59:bb:0a:06:f8:6d:65:65:01:37:06:2b:e3:23:c1:07:
         be:8e:35:b3:70:a9:46:de:6b:fc:3d:d8:5e:97:38:4a:08:fd:
         5a:cb:1c:4d:73:9e:cf:86:44:3c:c9:fb:a0:63:2c:53:fc:ef:
         ff:19:60:28:4a:06:7f:eb:8f:9b:8f:95:1f:65:33:bb:fd:ef:
         f0:6c:0e:47:10:09:0e:a9:81:3c:33:a1:28:1e:75:6b:ea:30:
         2f:cf:a8:2d:37:11:a1:05:d2:fd:3f:c0:8e:d6:88:01:ec:dd:
         c3:22:3e:0e:e4:14:2b:37:00:1c:16:58:ca:0b:83:b6:3d:44:
         b9:0a:75:a6:f8:c7:8d:41:af:91:e3:23:d7:e6:6b:77:cb:42:
         41:bf:cf:14:14:7c:5e:52:02:45:49:14:a3:7c:04:8f:65:23:
         3a:e7:39:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a47Cnrq2ntPggRYrdcwuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZTIyMjg4Njc4ZWZmZjE1ZmVhNzlkZWYyNGM2MDY3Y2Uy
NGFhMjcwHhcNMjYwNDE3MTAwMTQ2WhcNMjYwNDE4MTAwMTQ2WjAzMTEwLwYDVQQD
EyhlYjgyMmUzM2E4MmI5MDE2ODkxMzgxNDQxZTJkMDlhOGUzMzY1ZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tCtgWN2uE4SM3JW8OJxbI7sckAk
OmCRLGa+fc6nz8m4PQKOnsnS0zoLbZHoEXyLXBlFu2JDdnTpfRs1ya+jqljOaJkx
hmWUW2dga9eesiyizuBNpoDBEXYSqVCgRaEw1xNyO/+l6wBsJTQhZqAH5DihRSWm
v83su3kqDmriHRXqqoLgf7FNBruFlf1SHe/QyaWqcpLTWA8q+LKfX8km14Ui3icq
C6gc7on8VfbBY95LkvDcNA4VwkLZxeNo/rs1fzpnu6uRRKYj1YOmAVZprd1uoZT5
z5EANQUkt8n/iZpkMgtk9vZGnI75DA1bC7thOaukgcwoFlgovJKigT4+GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOuCLjOoK5AWiROBRB4tCajjNl27MB8GA1UdIwQY
MBaAFATiIohnjv/xX+p53vJMYGfOJKonMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk9JaWlHZU9fX0ZmNm5uZThreGdaODRrcWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81NGY4ZjYtYjkwMC00NDA1LTkyN2Mt
ODljOTg5MmMxNGYwLzEvQk9JaWlHZU9fX0ZmNm5uZThreGdaODRrcWljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81NGY4ZjYtYjkwMC00NDA1LTkyN2MtODljOTg5MmMxNGYw
LzEvQk9JaWlHZU9fX0ZmNm5uZThreGdaODRrcWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk3U1UXOb
jqQL1WmbcpZuiZawducwnUEOh/c6sCqB5upd+zGduPDIXT7dl8psFqZCbh4BCeff
Q/04otRJ5WIc17AZ3s7rk1S4TB6Yohs0tvx0hbCyqOcpmq8qyvtZuwoG+G1lZQE3
BivjI8EHvo41s3CpRt5r/D3YXpc4Sgj9WsscTXOez4ZEPMn7oGMsU/zv/xlgKEoG
f+uPm4+VH2Uzu/3v8GwORxAJDqmBPDOhKB51a+owL8+oLTcRoQXS/T/AjtaIAezd
wyI+DuQUKzcAHBZYyguDtj1EuQp1pvjHjUGvkeMj1+Zrd8tCQb/PFBR8XlICRUkU
o3wEj2UjOuc5bA==
-----END CERTIFICATE-----