Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/324a9d-cf07-4e71-83a1-182512f8bcde/1/BVPEM_bCJQGdnLWkMwAS9Md6Hz4.mft
File:                     BVPEM_bCJQGdnLWkMwAS9Md6Hz4.mft (raw, json)
Hash identifier:          3SV+ZtQIdyyglHPxpvNAfBvljF6487BWkdrwgHDlVEg=
Subject key identifier:   24:BB:F1:42:7F:D2:4C:B2:A9:50:0B:5A:31:67:9D:23:DA:D2:7F:6D
Authority key identifier: 05:53:C4:33:F6:C2:25:01:9D:9C:B5:A4:33:00:12:F4:C7:7A:1F:3E
Certificate issuer:       /CN=0553c433f6c225019d9cb5a4330012f4c77a1f3e
Certificate serial:       019873E2CC38FF75EE879AE96DD714226A9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BVPEM_bCJQGdnLWkMwAS9Md6Hz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/324a9d-cf07-4e71-83a1-182512f8bcde/1/BVPEM_bCJQGdnLWkMwAS9Md6Hz4.mft
Manifest number:          1614
Signing time:             Mon 04 Aug 2025 07:01:39 +0000
Manifest this update:     Mon 04 Aug 2025 07:01:39 +0000
Manifest next update:     Tue 05 Aug 2025 07:01:39 +0000
Files and hashes:         1: BVPEM_bCJQGdnLWkMwAS9Md6Hz4.crl (hash: OIu9rsCngJQ5kyhMf4bvP9DctZtxXRZee7sFnZPulso=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/324a9d-cf07-4e71-83a1-182512f8bcde/1/BVPEM_bCJQGdnLWkMwAS9Md6Hz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/324a9d-cf07-4e71-83a1-182512f8bcde/1/BVPEM_bCJQGdnLWkMwAS9Md6Hz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BVPEM_bCJQGdnLWkMwAS9Md6Hz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 07:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e2:cc:38:ff:75:ee:87:9a:e9:6d:d7:14:22:6a:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0553c433f6c225019d9cb5a4330012f4c77a1f3e
        Validity
            Not Before: Aug  4 07:01:39 2025 GMT
            Not After : Aug  5 07:01:39 2025 GMT
        Subject: CN=24bbf1427fd24cb2a9500b5a31679d23dad27f6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:03:a4:3e:c5:34:74:45:70:32:35:97:b2:3a:
                    e5:48:1a:b5:bc:f5:21:6b:e4:82:07:a6:2b:2f:02:
                    1c:f6:c9:2f:88:1c:fb:d2:a5:a9:f9:f0:a2:a4:a4:
                    13:09:7c:7e:2e:2c:03:9c:95:dd:35:f2:52:8a:b8:
                    16:a2:78:2f:d7:ef:13:7e:3f:79:99:62:7e:07:e1:
                    76:19:e3:06:12:ba:9f:7d:4b:d7:ff:5e:a4:d7:3e:
                    a5:67:22:b9:fd:a0:2f:70:20:84:5f:32:42:c6:fc:
                    99:77:b5:05:cd:7b:43:18:8d:e4:ea:09:c8:53:24:
                    92:cc:90:cf:89:89:9b:53:f8:1d:06:35:fc:c4:cd:
                    c6:40:6e:57:86:e5:cd:60:5b:7d:29:54:21:50:9a:
                    61:e6:57:7b:3e:22:b9:6b:bc:84:4f:fe:36:6a:41:
                    71:c5:e8:6f:a2:c9:d9:ab:76:54:dd:e9:07:76:89:
                    d9:a5:eb:62:19:89:f9:8c:80:3e:93:4e:92:5f:b2:
                    f8:0b:ab:05:2a:56:a7:37:82:15:44:3e:bd:c6:8b:
                    bd:ab:86:32:5e:0b:58:7e:db:8d:9d:c8:0e:9f:99:
                    eb:37:26:a0:6f:ac:ba:c2:bd:93:34:b3:20:6c:32:
                    ce:b3:2f:2a:6c:a8:64:78:2a:0e:89:f4:d0:14:6a:
                    5a:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:BB:F1:42:7F:D2:4C:B2:A9:50:0B:5A:31:67:9D:23:DA:D2:7F:6D
            X509v3 Authority Key Identifier:
                keyid:05:53:C4:33:F6:C2:25:01:9D:9C:B5:A4:33:00:12:F4:C7:7A:1F:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVPEM_bCJQGdnLWkMwAS9Md6Hz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/324a9d-cf07-4e71-83a1-182512f8bcde/1/BVPEM_bCJQGdnLWkMwAS9Md6Hz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/324a9d-cf07-4e71-83a1-182512f8bcde/1/BVPEM_bCJQGdnLWkMwAS9Md6Hz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:25:4e:fd:33:94:51:78:a8:17:e8:b6:b3:61:7e:aa:fc:09:
         70:d0:e0:28:a3:2f:ca:ff:1c:b8:85:9a:b5:3c:23:a9:c0:f5:
         fb:38:bc:44:e5:fe:8e:d2:13:85:a8:5e:04:43:1f:e0:da:37:
         05:42:60:51:b6:d0:7e:9b:75:45:51:a4:5b:5d:b5:c5:4d:a4:
         1c:ca:f0:b7:fd:0e:83:dc:25:c7:a3:08:b0:aa:ce:4e:ac:97:
         95:e5:40:13:26:4e:07:55:26:6d:f9:30:db:c9:d6:a6:a3:c4:
         0a:8e:ec:97:fc:c9:3e:4a:a3:6a:20:77:05:3e:9e:3e:85:37:
         da:a9:9c:03:1b:99:9d:42:dc:cf:4d:30:c7:4f:f0:ef:89:d9:
         cf:9a:d2:99:3f:80:34:b5:0c:b0:f2:87:ef:21:b6:4a:46:28:
         9f:99:2b:7a:22:e0:dc:d3:17:92:a0:4a:57:6a:c3:43:c4:40:
         8a:46:8d:64:4e:73:15:2d:51:5a:2c:df:26:84:f4:0e:8f:87:
         6f:b2:12:26:0e:cb:20:37:09:78:c6:78:20:39:52:a3:fa:11:
         99:9e:b8:47:49:5d:68:9d:e5:37:eb:5a:2c:d8:45:d6:c7:82:
         99:27:bd:80:f6:87:0b:01:54:75:80:1a:6f:93:69:63:b1:6b:
         ee:ea:50:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4sw4/3Xuh5rpbdcUImqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTNjNDMzZjZjMjI1MDE5ZDljYjVhNDMzMDAxMmY0Yzc3
YTFmM2UwHhcNMjUwODA0MDcwMTM5WhcNMjUwODA1MDcwMTM5WjAzMTEwLwYDVQQD
EygyNGJiZjE0MjdmZDI0Y2IyYTk1MDBiNWEzMTY3OWQyM2RhZDI3ZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQOkPsU0dEVwMjWXsjrlSBq1vPUh
a+SCB6YrLwIc9skviBz70qWp+fCipKQTCXx+LiwDnJXdNfJSirgWongv1+8Tfj95
mWJ+B+F2GeMGErqffUvX/16k1z6lZyK5/aAvcCCEXzJCxvyZd7UFzXtDGI3k6gnI
UySSzJDPiYmbU/gdBjX8xM3GQG5XhuXNYFt9KVQhUJph5ld7PiK5a7yET/42akFx
xehvosnZq3ZU3ekHdonZpetiGYn5jIA+k06SX7L4C6sFKlanN4IVRD69xou9q4Yy
XgtYftuNncgOn5nrNyagb6y6wr2TNLMgbDLOsy8qbKhkeCoOifTQFGpaZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCS78UJ/0kyyqVALWjFnnSPa0n9tMB8GA1UdIwQY
MBaAFAVTxDP2wiUBnZy1pDMAEvTHeh8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZQRU1fYkNKUUdkbkxXa013QVM5TWQ2SHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8zMjRhOWQtY2YwNy00ZTcxLTgzYTEt
MTgyNTEyZjhiY2RlLzEvQlZQRU1fYkNKUUdkbkxXa013QVM5TWQ2SHo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8zMjRhOWQtY2YwNy00ZTcxLTgzYTEtMTgyNTEyZjhiY2Rl
LzEvQlZQRU1fYkNKUUdkbkxXa013QVM5TWQ2SHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhiVO/TOU
UXioF+i2s2F+qvwJcNDgKKMvyv8cuIWatTwjqcD1+zi8ROX+jtIThaheBEMf4No3
BUJgUbbQfpt1RVGkW121xU2kHMrwt/0Og9wlx6MIsKrOTqyXleVAEyZOB1Umbfkw
28nWpqPECo7sl/zJPkqjaiB3BT6ePoU32qmcAxuZnULcz00wx0/w74nZz5rSmT+A
NLUMsPKH7yG2SkYon5kreiLg3NMXkqBKV2rDQ8RAikaNZE5zFS1RWizfJoT0Do+H
b7ISJg7LIDcJeMZ4IDlSo/oRmZ64R0ldaJ3lN+taLNhF1seCmSe9gPaHCwFUdYAa
b5NpY7Fr7upQow==
-----END CERTIFICATE-----