Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
File:                     BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft (raw, json)
Hash identifier:          BQdTBtG77Gi1keqAq2pQ7JyncUeYtV82B4CIYrzigYs=
Subject key identifier:   58:4F:C6:EC:41:68:A2:31:B2:A5:E4:E1:09:F5:30:6E:6E:7C:B9:60
Authority key identifier: 04:E3:2C:43:F9:69:BA:41:7B:A3:6D:07:21:B1:D9:D5:06:24:C4:0F
Certificate issuer:       /CN=04e32c43f969ba417ba36d0721b1d9d50624c40f
Certificate serial:       01988C8F351A4B4D0276DD63D7200CE6D55A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
Manifest number:          07CE
Signing time:             Sat 09 Aug 2025 02:00:52 +0000
Manifest this update:     Sat 09 Aug 2025 02:00:52 +0000
Manifest next update:     Sun 10 Aug 2025 02:00:52 +0000
Files and hashes:         1: BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl (hash: tDPF9i93sed9IiLH+XQrYKtjGYg2bcyMDjE+PJ9WCbc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 02:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8c:8f:35:1a:4b:4d:02:76:dd:63:d7:20:0c:e6:d5:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04e32c43f969ba417ba36d0721b1d9d50624c40f
        Validity
            Not Before: Aug  9 02:00:52 2025 GMT
            Not After : Aug 10 02:00:52 2025 GMT
        Subject: CN=584fc6ec4168a231b2a5e4e109f5306e6e7cb960
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:0a:58:76:c7:3a:35:f2:19:bd:11:37:df:d8:
                    a6:4e:9f:43:ad:cb:18:d5:23:f5:5a:58:19:97:a5:
                    bd:0b:1d:fb:5c:99:d9:65:60:1e:e2:20:83:3d:66:
                    94:dc:09:35:b4:4b:b3:7a:02:ef:09:30:fe:c4:39:
                    f7:50:7a:02:f1:27:ce:ca:04:81:52:12:6c:1b:1b:
                    7f:a7:f9:50:fe:67:6a:52:59:3d:9a:64:e7:5b:d8:
                    1b:32:0a:fe:2b:35:2a:23:5a:a4:e2:45:62:8a:62:
                    a1:5c:c9:49:29:2a:81:de:9a:6a:4f:d5:72:17:e8:
                    2c:6f:89:b1:72:3b:e3:b8:fe:30:98:ea:95:9f:76:
                    ae:03:b5:f0:97:a2:10:38:57:89:9d:92:ab:d2:a7:
                    4f:80:da:e2:87:ac:06:40:62:2d:76:da:b5:87:b8:
                    56:6a:48:87:f1:e1:c1:30:5c:b6:36:0d:1c:18:94:
                    c0:a7:88:4a:cf:a5:d5:be:cc:16:d2:e9:74:db:d1:
                    11:d8:70:0f:60:c3:77:08:f6:1a:c4:0d:3d:30:64:
                    aa:1e:b3:cb:f3:d6:f2:01:6d:32:a7:ca:4a:cc:52:
                    02:2f:86:07:fc:d9:22:58:2a:c2:62:f3:cd:f5:24:
                    2b:32:a2:d1:aa:ec:da:eb:ab:db:11:ef:d3:0d:21:
                    57:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:4F:C6:EC:41:68:A2:31:B2:A5:E4:E1:09:F5:30:6E:6E:7C:B9:60
            X509v3 Authority Key Identifier:
                keyid:04:E3:2C:43:F9:69:BA:41:7B:A3:6D:07:21:B1:D9:D5:06:24:C4:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:93:04:85:81:ce:ba:b6:cd:48:4f:ad:86:93:3d:85:da:c8:
         43:1e:3e:c7:50:68:26:f8:27:e4:c6:ab:06:98:0b:19:e8:5c:
         76:6d:32:65:0f:32:c3:63:0b:22:9c:f8:75:50:04:64:aa:6c:
         2d:a0:82:c8:40:a1:8c:1d:06:7c:7a:83:71:6c:db:35:4d:bd:
         26:e9:2b:8b:0f:f7:9e:bd:fb:da:00:8a:40:65:32:69:b7:7b:
         bd:75:75:07:06:0c:0a:b2:52:7a:15:8f:9e:a3:75:e8:76:89:
         24:10:ef:e3:d6:c3:5a:0d:46:a8:5b:dc:92:0b:0a:32:d1:73:
         b3:59:c0:49:7f:85:ec:b8:5c:3d:a5:d3:55:60:08:41:65:67:
         54:3b:6a:83:55:9a:c9:30:22:36:9b:ab:f3:1a:0a:a4:ae:44:
         8b:6b:4a:eb:7d:8b:a8:f7:e1:07:f5:26:e9:e5:7b:d0:db:5c:
         39:f3:cb:75:f7:56:9f:39:b9:64:82:fa:5a:9c:1d:8e:96:18:
         6f:ce:ba:ab:8b:5e:cd:dc:ec:70:fd:ac:28:24:2e:06:dc:e0:
         34:10:65:c5:b5:44:b7:cd:4b:12:19:1a:98:e7:5b:0e:73:de:
         50:d7:de:58:e6:6f:67:ab:48:cf:57:7e:70:a7:da:3b:37:1b:
         be:d2:ee:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiMjzUaS00Cdt1j1yAM5tVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZTMyYzQzZjk2OWJhNDE3YmEzNmQwNzIxYjFkOWQ1MDYy
NGM0MGYwHhcNMjUwODA5MDIwMDUyWhcNMjUwODEwMDIwMDUyWjAzMTEwLwYDVQQD
Eyg1ODRmYzZlYzQxNjhhMjMxYjJhNWU0ZTEwOWY1MzA2ZTZlN2NiOTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwpYdsc6NfIZvRE339imTp9DrcsY
1SP1WlgZl6W9Cx37XJnZZWAe4iCDPWaU3Ak1tEuzegLvCTD+xDn3UHoC8SfOygSB
UhJsGxt/p/lQ/mdqUlk9mmTnW9gbMgr+KzUqI1qk4kViimKhXMlJKSqB3ppqT9Vy
F+gsb4mxcjvjuP4wmOqVn3auA7Xwl6IQOFeJnZKr0qdPgNrih6wGQGItdtq1h7hW
akiH8eHBMFy2Ng0cGJTAp4hKz6XVvswW0ul029ER2HAPYMN3CPYaxA09MGSqHrPL
89byAW0yp8pKzFICL4YH/NkiWCrCYvPN9SQrMqLRquza66vbEe/TDSFXPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhPxuxBaKIxsqXk4Qn1MG5ufLlgMB8GA1UdIwQY
MBaAFATjLEP5abpBe6NtByGx2dUGJMQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8zMTZmMTUtYmNiNS00MjJjLTkyYTAt
ODI2YTQ4ZWVmZDk2LzEvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8zMTZmMTUtYmNiNS00MjJjLTkyYTAtODI2YTQ4ZWVmZDk2
LzEvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATpMEhYHO
urbNSE+thpM9hdrIQx4+x1BoJvgn5MarBpgLGehcdm0yZQ8yw2MLIpz4dVAEZKps
LaCCyEChjB0GfHqDcWzbNU29Jukriw/3nr372gCKQGUyabd7vXV1BwYMCrJSehWP
nqN16HaJJBDv49bDWg1GqFvckgsKMtFzs1nASX+F7LhcPaXTVWAIQWVnVDtqg1Wa
yTAiNpur8xoKpK5Ei2tK632LqPfhB/Um6eV70NtcOfPLdfdWnzm5ZIL6WpwdjpYY
b866q4tezdzscP2sKCQuBtzgNBBlxbVEt81LEhkamOdbDnPeUNfeWOZvZ6tIz1d+
cKfaOzcbvtLuTw==
-----END CERTIFICATE-----