Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft
File:                     BOIiiGeO__Ff6nne8kxgZ84kqic.mft (raw, json)
Hash identifier:          nT7t46527Ed8Payn47wCyuK57Spql7KVEEzPaWNt8WM=
Subject key identifier:   60:45:A3:27:B5:35:41:92:69:BB:36:67:F0:43:AF:56:72:2B:A0:38
Authority key identifier: 04:E2:22:88:67:8E:FF:F1:5F:EA:79:DE:F2:4C:60:67:CE:24:AA:27
Certificate issuer:       /CN=04e22288678efff15fea79def24c6067ce24aa27
Certificate serial:       019A4EF5B23AAD368872CBA70D10695DE85E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BOIiiGeO__Ff6nne8kxgZ84kqic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 13:01:56 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:56 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:56 +0000
Files and hashes:         1: BOIiiGeO__Ff6nne8kxgZ84kqic.crl (hash: nhm9ojXgmI1LIRNBq9zP/RIFRH9veQ1LeySKeI9B0BE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BOIiiGeO__Ff6nne8kxgZ84kqic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:b2:3a:ad:36:88:72:cb:a7:0d:10:69:5d:e8:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04e22288678efff15fea79def24c6067ce24aa27
        Validity
            Not Before: Nov  4 13:01:56 2025 GMT
            Not After : Nov  5 13:01:56 2025 GMT
        Subject: CN=6045a327b535419269bb3667f043af56722ba038
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:38:82:97:51:9f:bb:36:4a:fe:f2:13:66:f9:
                    35:e2:d3:20:62:9f:b5:6a:38:f0:fb:48:73:f0:13:
                    dd:0a:e0:53:01:22:43:c0:64:5a:a5:d1:ce:d9:88:
                    82:bf:e9:a9:56:28:fd:ce:7c:73:a0:4d:2b:cd:61:
                    bb:40:60:d4:1a:4d:ac:1a:15:ec:fd:17:18:2e:4b:
                    d0:4f:88:bd:24:a3:cb:b1:5e:05:26:e5:22:65:85:
                    5f:dd:3f:d6:a0:81:50:28:fc:c6:53:9e:21:0d:93:
                    84:08:8c:1a:bf:11:bd:ab:0d:33:05:45:07:3b:45:
                    27:53:80:42:6f:31:bf:a1:00:49:40:f5:2b:41:de:
                    01:7f:66:2a:c2:5b:cc:20:b6:e8:da:c9:a6:4e:75:
                    4c:67:49:f8:37:ce:a9:87:4f:4a:d2:cb:7d:5d:3e:
                    fa:23:ee:d9:b1:41:bd:6c:d6:a1:9e:c1:4b:3f:00:
                    25:56:09:e2:17:35:95:78:e0:81:79:33:42:76:0e:
                    16:4c:60:b1:34:f0:7a:f2:e1:e1:bb:3c:bb:92:0c:
                    39:06:db:25:39:44:55:8c:31:f2:f1:02:33:79:a6:
                    a4:d9:ec:be:d5:e4:41:52:82:17:2c:3b:7c:4d:c8:
                    7f:0d:cd:b0:22:28:47:e3:e8:3d:27:20:d4:b0:86:
                    ad:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:45:A3:27:B5:35:41:92:69:BB:36:67:F0:43:AF:56:72:2B:A0:38
            X509v3 Authority Key Identifier:
                keyid:04:E2:22:88:67:8E:FF:F1:5F:EA:79:DE:F2:4C:60:67:CE:24:AA:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BOIiiGeO__Ff6nne8kxgZ84kqic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/54f8f6-b900-4405-927c-89c9892c14f0/1/BOIiiGeO__Ff6nne8kxgZ84kqic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:cc:8b:29:6c:e8:6a:d1:25:eb:ad:ab:6f:43:34:11:42:4f:
         66:34:8a:24:b0:f8:ef:5d:8c:5c:49:b1:02:e9:75:c2:47:09:
         b1:c4:a5:12:3b:9b:e1:2f:51:41:1b:c9:d7:36:8d:9c:92:3b:
         16:8e:61:64:70:1b:68:bc:45:08:cb:40:86:9d:10:73:c9:8f:
         f6:2d:d9:b7:68:01:e7:03:94:7e:3f:f8:6d:6b:7e:fc:48:7c:
         b3:b9:2c:ee:4b:63:c5:e8:43:fe:79:c7:86:b4:1e:54:9e:7b:
         9e:85:84:6e:29:b1:e9:3d:55:e0:f7:b1:b9:17:4c:44:8d:c8:
         8a:33:c7:6a:a4:33:18:37:62:25:ee:da:c6:e0:05:cd:7c:b5:
         f4:72:e1:57:22:1a:11:ff:88:21:59:e2:8e:41:71:00:e5:23:
         7e:23:73:30:51:53:fe:56:85:9c:8f:0a:fb:e9:7b:d4:8e:98:
         8f:ed:36:9f:2a:cb:05:2f:81:39:f5:83:79:98:45:f9:0a:71:
         0b:07:f5:0d:69:11:7b:d0:59:e4:cb:7a:a6:6d:56:ca:55:31:
         b4:ae:f1:8f:87:3c:15:b7:fc:e8:f3:e8:21:09:64:6d:26:07:
         ba:e3:02:f3:9d:50:db:f5:98:14:dd:ac:30:ec:20:55:83:7d:
         5e:3b:71:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9bI6rTaIcsunDRBpXeheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZTIyMjg4Njc4ZWZmZjE1ZmVhNzlkZWYyNGM2MDY3Y2Uy
NGFhMjcwHhcNMjUxMTA0MTMwMTU2WhcNMjUxMTA1MTMwMTU2WjAzMTEwLwYDVQQD
Eyg2MDQ1YTMyN2I1MzU0MTkyNjliYjM2NjdmMDQzYWY1NjcyMmJhMDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDiCl1GfuzZK/vITZvk14tMgYp+1
ajjw+0hz8BPdCuBTASJDwGRapdHO2YiCv+mpVij9znxzoE0rzWG7QGDUGk2sGhXs
/RcYLkvQT4i9JKPLsV4FJuUiZYVf3T/WoIFQKPzGU54hDZOECIwavxG9qw0zBUUH
O0UnU4BCbzG/oQBJQPUrQd4Bf2YqwlvMILbo2smmTnVMZ0n4N86ph09K0st9XT76
I+7ZsUG9bNahnsFLPwAlVgniFzWVeOCBeTNCdg4WTGCxNPB68uHhuzy7kgw5Btsl
OURVjDHy8QIzeaak2ey+1eRBUoIXLDt8Tch/Dc2wIihH4+g9JyDUsIatNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBFoye1NUGSabs2Z/BDr1ZyK6A4MB8GA1UdIwQY
MBaAFATiIohnjv/xX+p53vJMYGfOJKonMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk9JaWlHZU9fX0ZmNm5uZThreGdaODRrcWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81NGY4ZjYtYjkwMC00NDA1LTkyN2Mt
ODljOTg5MmMxNGYwLzEvQk9JaWlHZU9fX0ZmNm5uZThreGdaODRrcWljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81NGY4ZjYtYjkwMC00NDA1LTkyN2MtODljOTg5MmMxNGYw
LzEvQk9JaWlHZU9fX0ZmNm5uZThreGdaODRrcWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADMyLKWzo
atEl662rb0M0EUJPZjSKJLD4712MXEmxAul1wkcJscSlEjub4S9RQRvJ1zaNnJI7
Fo5hZHAbaLxFCMtAhp0Qc8mP9i3Zt2gB5wOUfj/4bWt+/Eh8s7ks7ktjxehD/nnH
hrQeVJ57noWEbimx6T1V4PexuRdMRI3IijPHaqQzGDdiJe7axuAFzXy19HLhVyIa
Ef+IIVnijkFxAOUjfiNzMFFT/laFnI8K++l71I6Yj+02nyrLBS+BOfWDeZhF+Qpx
Cwf1DWkRe9BZ5Mt6pm1WylUxtK7xj4c8Fbf86PPoIQlkbSYHuuMC851Q2/WYFN2s
MOwgVYN9XjtxeQ==
-----END CERTIFICATE-----