Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
File:                     BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft (raw, json)
Hash identifier:          9TBA7DmcPSaSm7orNeP3CtRWmHInETjkhgLkiBjsd0I=
Subject key identifier:   81:92:3D:C1:B6:A5:DA:72:6D:69:78:1E:10:E1:53:1C:06:F1:1F:E2
Authority key identifier: 04:E3:2C:43:F9:69:BA:41:7B:A3:6D:07:21:B1:D9:D5:06:24:C4:0F
Certificate issuer:       /CN=04e32c43f969ba417ba36d0721b1d9d50624c40f
Certificate serial:       01976CCF6DF5D092A46DAF77A5EBD88DD528
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
Manifest number:          0739
Signing time:             Sat 14 Jun 2025 05:00:22 +0000
Manifest this update:     Sat 14 Jun 2025 05:00:22 +0000
Manifest next update:     Sun 15 Jun 2025 05:00:22 +0000
Files and hashes:         1: BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl (hash: XQlSWZDyZFiREuV06GmalxqOcOgmYBs5X+4tVw1r5WI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:cf:6d:f5:d0:92:a4:6d:af:77:a5:eb:d8:8d:d5:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04e32c43f969ba417ba36d0721b1d9d50624c40f
        Validity
            Not Before: Jun 14 05:00:22 2025 GMT
            Not After : Jun 15 05:00:22 2025 GMT
        Subject: CN=81923dc1b6a5da726d69781e10e1531c06f11fe2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:83:b2:43:5f:00:ed:72:4b:f5:7e:54:26:14:
                    80:6e:30:ca:9b:89:5e:1f:b9:9d:25:c3:13:ff:6d:
                    0e:1c:16:9a:c0:1c:5a:5c:9b:65:68:3e:a1:8a:72:
                    8a:27:cb:fa:d2:83:f0:7d:cd:9d:d9:d4:28:64:47:
                    4c:70:bb:ba:97:d5:76:db:d8:9b:53:06:c2:e2:76:
                    ff:96:e1:fd:b7:73:50:ab:5c:62:0c:7c:33:08:c1:
                    fd:ee:cf:02:71:62:6c:99:7f:63:84:78:83:e5:5b:
                    ed:c1:f3:c8:63:a2:c5:e8:34:ef:57:ec:5b:7c:e2:
                    d0:3e:3c:bd:e5:6b:77:39:02:2b:e1:89:46:7b:2a:
                    10:89:af:5e:ae:bc:bc:72:74:bc:56:3c:b2:57:87:
                    f1:2b:5a:88:9b:23:32:28:d7:9b:da:d0:f3:f1:30:
                    aa:49:bd:b1:2b:ab:d1:83:78:cd:ad:4d:5f:99:2c:
                    c6:ea:06:8f:59:16:89:5d:55:0a:c6:0a:32:e2:42:
                    16:20:29:97:0d:78:55:69:e6:96:aa:62:67:8f:27:
                    ed:95:18:68:d8:79:17:04:9f:df:65:f0:fa:47:66:
                    c5:9d:a1:36:f9:47:d7:33:48:90:28:ba:bb:f7:80:
                    df:70:b4:49:f3:be:9d:98:2f:f4:a7:3e:28:be:4b:
                    db:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:92:3D:C1:B6:A5:DA:72:6D:69:78:1E:10:E1:53:1C:06:F1:1F:E2
            X509v3 Authority Key Identifier:
                keyid:04:E3:2C:43:F9:69:BA:41:7B:A3:6D:07:21:B1:D9:D5:06:24:C4:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:6c:3a:01:71:74:fe:de:c2:fe:f3:55:dd:f6:1e:21:38:db:
         f6:95:b0:f6:e5:cc:c5:a3:35:97:45:5f:f2:e3:36:1d:8e:c0:
         63:22:23:4e:70:74:60:c1:af:0e:d5:7b:b0:cc:c0:4b:0f:cc:
         fc:f5:2e:4d:a7:79:b4:97:65:6a:72:4d:09:74:9a:23:cf:5a:
         72:1f:b7:f5:36:8b:7f:9e:61:ed:58:29:ee:a4:c1:15:71:a9:
         fa:83:62:ca:2d:4c:67:46:cb:b8:ff:71:65:f5:c6:e8:04:88:
         0f:6d:97:95:8d:1c:e6:87:05:9a:0b:0a:57:4b:fc:a8:c3:a3:
         a6:d1:4b:1c:c5:01:3b:4f:e2:60:f3:a0:e1:3a:da:90:4c:f3:
         d2:86:e4:3b:cb:75:d1:7a:79:c8:a8:83:da:eb:41:fd:7f:9b:
         c5:a7:d3:4d:7d:65:4b:27:61:b5:4e:d5:ef:ca:11:16:d1:17:
         a6:75:65:3f:c4:dd:1d:b3:5a:72:30:02:b1:aa:82:92:37:8e:
         a6:ac:fd:a3:30:03:3b:9f:ea:da:35:40:6f:f8:e7:78:98:04:
         1b:f6:52:01:f8:fc:92:10:6d:99:5b:33:c5:17:f4:02:08:96:
         6e:e7:d0:cd:ee:9a:86:f3:e3:2b:f3:18:13:7d:8a:f5:8f:af:
         b8:7f:95:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsz2310JKkba93pevYjdUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZTMyYzQzZjk2OWJhNDE3YmEzNmQwNzIxYjFkOWQ1MDYy
NGM0MGYwHhcNMjUwNjE0MDUwMDIyWhcNMjUwNjE1MDUwMDIyWjAzMTEwLwYDVQQD
Eyg4MTkyM2RjMWI2YTVkYTcyNmQ2OTc4MWUxMGUxNTMxYzA2ZjExZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4OyQ18A7XJL9X5UJhSAbjDKm4le
H7mdJcMT/20OHBaawBxaXJtlaD6hinKKJ8v60oPwfc2d2dQoZEdMcLu6l9V229ib
UwbC4nb/luH9t3NQq1xiDHwzCMH97s8CcWJsmX9jhHiD5VvtwfPIY6LF6DTvV+xb
fOLQPjy95Wt3OQIr4YlGeyoQia9erry8cnS8VjyyV4fxK1qImyMyKNeb2tDz8TCq
Sb2xK6vRg3jNrU1fmSzG6gaPWRaJXVUKxgoy4kIWICmXDXhVaeaWqmJnjyftlRho
2HkXBJ/fZfD6R2bFnaE2+UfXM0iQKLq794DfcLRJ876dmC/0pz4ovkvb2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGSPcG2pdpybWl4HhDhUxwG8R/iMB8GA1UdIwQY
MBaAFATjLEP5abpBe6NtByGx2dUGJMQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8zMTZmMTUtYmNiNS00MjJjLTkyYTAt
ODI2YTQ4ZWVmZDk2LzEvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8zMTZmMTUtYmNiNS00MjJjLTkyYTAtODI2YTQ4ZWVmZDk2
LzEvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALGw6AXF0
/t7C/vNV3fYeITjb9pWw9uXMxaM1l0Vf8uM2HY7AYyIjTnB0YMGvDtV7sMzASw/M
/PUuTad5tJdlanJNCXSaI89ach+39TaLf55h7Vgp7qTBFXGp+oNiyi1MZ0bLuP9x
ZfXG6ASID22XlY0c5ocFmgsKV0v8qMOjptFLHMUBO0/iYPOg4TrakEzz0obkO8t1
0Xp5yKiD2utB/X+bxafTTX1lSydhtU7V78oRFtEXpnVlP8TdHbNacjACsaqCkjeO
pqz9ozADO5/q2jVAb/jneJgEG/ZSAfj8khBtmVszxRf0AgiWbufQze6ahvPjK/MY
E32K9Y+vuH+V2g==
-----END CERTIFICATE-----