Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
File:                     BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft (raw, json)
Hash identifier:          Rd4EilUKGF22fy3j4RP308SO8RCqKTRO1DGZ+mxQ7HM=
Subject key identifier:   2A:24:53:4A:BC:47:71:84:4C:DF:83:12:9E:D3:3F:01:2B:F1:52:9D
Authority key identifier: 04:E3:2C:43:F9:69:BA:41:7B:A3:6D:07:21:B1:D9:D5:06:24:C4:0F
Certificate issuer:       /CN=04e32c43f969ba417ba36d0721b1d9d50624c40f
Certificate serial:       0198D4046733CFD5D7C379C62069368A10A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
Manifest number:          07F3
Signing time:             Fri 22 Aug 2025 23:01:55 +0000
Manifest this update:     Fri 22 Aug 2025 23:01:55 +0000
Manifest next update:     Sat 23 Aug 2025 23:01:55 +0000
Files and hashes:         1: BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl (hash: xH2Tt7cJQ/wj54cXb65jQgDbnfPBjBpFKHe5aS4Q3XE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Aug 2025 23:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:04:67:33:cf:d5:d7:c3:79:c6:20:69:36:8a:10:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04e32c43f969ba417ba36d0721b1d9d50624c40f
        Validity
            Not Before: Aug 22 23:01:55 2025 GMT
            Not After : Aug 23 23:01:55 2025 GMT
        Subject: CN=2a24534abc4771844cdf83129ed33f012bf1529d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:ba:4b:eb:f6:b6:4f:b5:79:d1:d1:b4:5e:c4:
                    e0:08:51:90:59:d5:70:a5:8c:99:9b:94:f6:a2:41:
                    21:03:69:1f:64:fc:27:2b:46:ee:0c:3b:c1:19:ff:
                    c0:b3:96:ea:93:d2:19:2a:b0:97:f3:9a:9f:f2:cb:
                    5a:fa:4f:e7:16:55:59:77:29:12:d0:a5:94:10:0e:
                    d6:0e:82:01:24:07:b3:59:97:9a:83:db:f0:a7:59:
                    36:3f:59:60:56:29:6f:7b:12:cb:5e:6f:8c:48:13:
                    a9:35:0b:e9:cd:bf:56:22:71:64:8c:b5:14:87:6f:
                    47:97:e1:ae:7b:b1:a8:c4:b7:25:7f:57:03:72:20:
                    43:c5:86:6f:d5:fe:8c:d1:f5:88:fa:62:21:61:90:
                    9b:84:94:dc:5a:aa:0c:6f:b7:a3:e0:fc:46:1d:cf:
                    f3:0c:56:89:1a:a4:e6:5b:2d:9f:37:c9:36:76:33:
                    75:77:32:78:1c:31:57:54:80:92:55:e4:59:3e:2d:
                    68:78:0d:fe:b0:d9:79:06:dd:f4:7b:db:ac:be:46:
                    21:bd:28:6e:58:31:10:b8:b8:9f:d9:2a:b7:ed:2b:
                    24:10:41:6e:de:1a:fe:dc:b4:8f:0d:20:89:bd:fe:
                    32:d9:0b:1c:eb:72:39:d9:2f:b7:ed:8c:7f:8a:3d:
                    be:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:24:53:4A:BC:47:71:84:4C:DF:83:12:9E:D3:3F:01:2B:F1:52:9D
            X509v3 Authority Key Identifier:
                keyid:04:E3:2C:43:F9:69:BA:41:7B:A3:6D:07:21:B1:D9:D5:06:24:C4:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:84:09:8a:6a:7c:e1:c7:f6:74:05:8e:dc:6c:44:f9:54:47:
         be:e8:18:af:62:20:f9:67:63:e7:4a:bd:d2:0d:39:ee:1c:16:
         96:66:19:a2:6e:98:92:00:f4:ac:9f:22:21:df:ee:f4:59:b1:
         b1:d4:16:6e:42:e8:5c:03:b6:18:fa:66:94:2e:8e:9b:83:f4:
         61:fc:e2:35:a3:e9:74:29:9e:cb:b7:e3:b5:bd:b4:5e:55:70:
         3d:49:7d:b0:8d:a9:a2:49:c6:a9:31:24:c3:14:1d:41:51:df:
         e4:89:5d:74:4e:4d:81:a6:d9:96:93:27:30:b3:e6:fe:f3:30:
         cd:5a:bc:00:c7:10:12:03:e0:de:8c:d8:b4:46:9e:fc:d2:b9:
         c8:d3:35:3d:79:78:28:60:ba:ca:02:4a:e2:eb:52:a8:25:09:
         18:02:46:ad:8b:50:cc:c7:07:80:05:01:57:07:10:cd:0e:14:
         a5:79:32:f2:ad:9d:a8:a2:7f:bb:a1:e0:0f:fa:9d:79:df:e4:
         21:71:97:f3:f6:c0:f8:f8:ae:92:a9:ae:10:bb:3f:b2:6f:a3:
         e3:a7:81:a3:77:d2:1e:1b:c1:49:57:66:5b:50:8c:c3:f8:2f:
         9d:05:37:8c:7e:d3:57:8e:db:ee:cb:54:2e:19:3c:5e:95:1b:
         ad:a9:80:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUBGczz9XXw3nGIGk2ihCjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZTMyYzQzZjk2OWJhNDE3YmEzNmQwNzIxYjFkOWQ1MDYy
NGM0MGYwHhcNMjUwODIyMjMwMTU1WhcNMjUwODIzMjMwMTU1WjAzMTEwLwYDVQQD
EygyYTI0NTM0YWJjNDc3MTg0NGNkZjgzMTI5ZWQzM2YwMTJiZjE1MjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27pL6/a2T7V50dG0XsTgCFGQWdVw
pYyZm5T2okEhA2kfZPwnK0buDDvBGf/As5bqk9IZKrCX85qf8sta+k/nFlVZdykS
0KWUEA7WDoIBJAezWZeag9vwp1k2P1lgVilvexLLXm+MSBOpNQvpzb9WInFkjLUU
h29Hl+Gue7GoxLclf1cDciBDxYZv1f6M0fWI+mIhYZCbhJTcWqoMb7ej4PxGHc/z
DFaJGqTmWy2fN8k2djN1dzJ4HDFXVICSVeRZPi1oeA3+sNl5Bt30e9usvkYhvShu
WDEQuLif2Sq37SskEEFu3hr+3LSPDSCJvf4y2Qsc63I52S+37Yx/ij2+BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCokU0q8R3GETN+DEp7TPwEr8VKdMB8GA1UdIwQY
MBaAFATjLEP5abpBe6NtByGx2dUGJMQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8zMTZmMTUtYmNiNS00MjJjLTkyYTAt
ODI2YTQ4ZWVmZDk2LzEvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8zMTZmMTUtYmNiNS00MjJjLTkyYTAtODI2YTQ4ZWVmZDk2
LzEvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ4QJimp8
4cf2dAWO3GxE+VRHvugYr2Ig+Wdj50q90g057hwWlmYZom6YkgD0rJ8iId/u9Fmx
sdQWbkLoXAO2GPpmlC6Om4P0YfziNaPpdCmey7fjtb20XlVwPUl9sI2poknGqTEk
wxQdQVHf5IlddE5NgabZlpMnMLPm/vMwzVq8AMcQEgPg3ozYtEae/NK5yNM1PXl4
KGC6ygJK4utSqCUJGAJGrYtQzMcHgAUBVwcQzQ4UpXky8q2dqKJ/u6HgD/qded/k
IXGX8/bA+PiukqmuELs/sm+j46eBo3fSHhvBSVdmW1CMw/gvnQU3jH7TV47b7stU
Lhk8XpUbramAGg==
-----END CERTIFICATE-----