Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
File:                     BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft (raw, json)
Hash identifier:          hGHUOykQnY/Gjs2sStdsPpKYeiWPM/HbcH0ZWZDikrE=
Subject key identifier:   1D:EA:D7:99:2B:84:D4:A7:E1:DB:4D:6C:F9:EC:C4:33:F9:7E:24:C1
Authority key identifier: 04:E3:2C:43:F9:69:BA:41:7B:A3:6D:07:21:B1:D9:D5:06:24:C4:0F
Certificate issuer:       /CN=04e32c43f969ba417ba36d0721b1d9d50624c40f
Certificate serial:       0199179AF65E0404A8321A73C57DEB7B2A9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
Manifest number:          0816
Signing time:             Fri 05 Sep 2025 02:00:55 +0000
Manifest this update:     Fri 05 Sep 2025 02:00:55 +0000
Manifest next update:     Sat 06 Sep 2025 02:00:55 +0000
Files and hashes:         1: BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl (hash: ZM5GuFTFJC335W3mYGdzAzzOlPhqX1DQ5dqAtAlu7KA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:17:9a:f6:5e:04:04:a8:32:1a:73:c5:7d:eb:7b:2a:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04e32c43f969ba417ba36d0721b1d9d50624c40f
        Validity
            Not Before: Sep  5 02:00:55 2025 GMT
            Not After : Sep  6 02:00:55 2025 GMT
        Subject: CN=1dead7992b84d4a7e1db4d6cf9ecc433f97e24c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:51:c2:76:f2:fe:47:65:c1:03:39:12:74:d0:
                    40:1c:09:99:c9:5c:e5:d7:fa:17:c5:94:21:24:f9:
                    a0:09:e7:26:06:d1:45:05:a8:05:53:fa:cd:4e:b7:
                    a1:a2:d9:5c:2e:ea:12:04:42:e0:a0:1b:9c:58:61:
                    f9:34:d2:8d:66:d4:bf:80:c8:11:af:9a:25:3c:9d:
                    0d:cb:49:c4:03:bf:c7:ed:1a:cc:dc:d2:a5:4a:8e:
                    2b:67:e8:ea:15:37:98:b6:05:64:c1:ba:3e:8e:9d:
                    8c:b2:50:ee:da:18:c6:43:fd:ec:96:ed:40:70:f8:
                    85:67:1c:9e:b2:24:c4:9f:35:74:76:d0:25:f4:24:
                    19:01:96:49:44:86:23:f3:cb:7c:93:f3:ad:8b:e0:
                    f3:cb:64:a7:2d:14:c5:03:b4:0a:99:b6:ef:18:fc:
                    d4:4c:0f:61:ac:70:b4:2b:19:2c:0e:3f:2b:1f:1d:
                    8f:49:ab:ff:9e:eb:01:e3:65:ca:b6:1b:11:8d:6e:
                    e3:84:db:bf:a1:a8:00:75:c7:2e:b8:e9:67:76:09:
                    a9:a9:18:91:c9:82:30:5c:48:9f:f2:c2:61:e0:1a:
                    48:74:b3:85:5f:83:1a:e5:9e:49:fd:ab:78:a2:aa:
                    5e:6c:05:42:cd:d2:59:19:b6:52:70:1f:3b:b9:b5:
                    ad:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:EA:D7:99:2B:84:D4:A7:E1:DB:4D:6C:F9:EC:C4:33:F9:7E:24:C1
            X509v3 Authority Key Identifier:
                keyid:04:E3:2C:43:F9:69:BA:41:7B:A3:6D:07:21:B1:D9:D5:06:24:C4:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:bf:d2:0b:4d:33:39:27:55:47:02:03:cf:1e:51:14:52:a5:
         d1:04:08:22:32:f0:e9:34:0a:88:83:ed:a5:34:ac:df:65:cf:
         1c:ea:a6:f6:d3:a1:70:fb:99:d9:4a:80:dc:e5:db:c0:5d:bf:
         ef:fc:55:7b:e0:bd:da:ec:85:83:c5:91:ea:29:fa:30:32:e3:
         38:73:f6:f3:10:a2:a8:9e:6f:49:fd:cb:4c:f7:ed:de:88:be:
         6c:a9:cd:42:bf:e7:b1:46:53:24:f8:c5:11:b1:1d:1e:d1:26:
         3d:d2:7f:c0:77:71:7b:5c:43:55:7d:18:38:16:4c:84:e3:ae:
         8b:83:73:02:64:2e:ad:0d:e9:f7:43:e2:76:c8:70:67:36:6b:
         ca:6d:8b:65:7c:08:50:c0:05:7c:d9:b8:8e:c7:e8:6a:f9:69:
         97:80:ba:eb:f5:b0:85:7a:b2:3a:1d:25:c9:97:c7:12:db:7c:
         75:11:46:91:31:c6:1b:5b:12:6b:29:17:41:35:11:e0:67:c3:
         bd:e2:c6:16:39:dc:93:84:c9:17:d0:d4:c5:ba:a8:7d:82:16:
         db:e4:fb:64:2a:72:de:58:de:ca:fa:61:7c:d1:b0:75:61:83:
         31:a4:86:cc:11:66:61:a5:23:92:0d:9c:f1:31:36:09:9a:69:
         cb:b7:d8:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXmvZeBASoMhpzxX3reyqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZTMyYzQzZjk2OWJhNDE3YmEzNmQwNzIxYjFkOWQ1MDYy
NGM0MGYwHhcNMjUwOTA1MDIwMDU1WhcNMjUwOTA2MDIwMDU1WjAzMTEwLwYDVQQD
EygxZGVhZDc5OTJiODRkNGE3ZTFkYjRkNmNmOWVjYzQzM2Y5N2UyNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7VHCdvL+R2XBAzkSdNBAHAmZyVzl
1/oXxZQhJPmgCecmBtFFBagFU/rNTrehotlcLuoSBELgoBucWGH5NNKNZtS/gMgR
r5olPJ0Ny0nEA7/H7RrM3NKlSo4rZ+jqFTeYtgVkwbo+jp2MslDu2hjGQ/3slu1A
cPiFZxyesiTEnzV0dtAl9CQZAZZJRIYj88t8k/Oti+Dzy2SnLRTFA7QKmbbvGPzU
TA9hrHC0KxksDj8rHx2PSav/nusB42XKthsRjW7jhNu/oagAdccuuOlndgmpqRiR
yYIwXEif8sJh4BpIdLOFX4Ma5Z5J/at4oqpebAVCzdJZGbZScB87ubWt8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3q15krhNSn4dtNbPnsxDP5fiTBMB8GA1UdIwQY
MBaAFATjLEP5abpBe6NtByGx2dUGJMQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8zMTZmMTUtYmNiNS00MjJjLTkyYTAt
ODI2YTQ4ZWVmZDk2LzEvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8zMTZmMTUtYmNiNS00MjJjLTkyYTAtODI2YTQ4ZWVmZDk2
LzEvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVr/SC00z
OSdVRwIDzx5RFFKl0QQIIjLw6TQKiIPtpTSs32XPHOqm9tOhcPuZ2UqA3OXbwF2/
7/xVe+C92uyFg8WR6in6MDLjOHP28xCiqJ5vSf3LTPft3oi+bKnNQr/nsUZTJPjF
EbEdHtEmPdJ/wHdxe1xDVX0YOBZMhOOui4NzAmQurQ3p90PidshwZzZrym2LZXwI
UMAFfNm4jsfoavlpl4C66/WwhXqyOh0lyZfHEtt8dRFGkTHGG1sSaykXQTUR4GfD
veLGFjnck4TJF9DUxbqofYIW2+T7ZCpy3ljeyvphfNGwdWGDMaSGzBFmYaUjkg2c
8TE2CZppy7fYZA==
-----END CERTIFICATE-----