Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
File:                     BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft (raw, json)
Hash identifier:          lvuDsbg2S5xCczyzwp2sXJ4dGhGZMURrL5i7gO6bido=
Subject key identifier:   EF:3F:2F:25:FC:3A:FA:D1:0B:FB:5B:95:4E:6F:49:20:98:62:84:A9
Authority key identifier: 04:E3:2C:43:F9:69:BA:41:7B:A3:6D:07:21:B1:D9:D5:06:24:C4:0F
Certificate issuer:       /CN=04e32c43f969ba417ba36d0721b1d9d50624c40f
Certificate serial:       01974A0CC40BF4892573DEAB8BC4CF71955D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
Manifest number:          0727
Signing time:             Sat 07 Jun 2025 11:00:39 +0000
Manifest this update:     Sat 07 Jun 2025 11:00:39 +0000
Manifest next update:     Sun 08 Jun 2025 11:00:39 +0000
Files and hashes:         1: BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl (hash: /RrR2ExXxMx1VxK+T9TYPFHCADgGSYcBQmdtBIR6pOs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:0c:c4:0b:f4:89:25:73:de:ab:8b:c4:cf:71:95:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04e32c43f969ba417ba36d0721b1d9d50624c40f
        Validity
            Not Before: Jun  7 11:00:39 2025 GMT
            Not After : Jun  8 11:00:39 2025 GMT
        Subject: CN=ef3f2f25fc3afad10bfb5b954e6f4920986284a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:49:27:d0:64:f9:1f:ec:4c:7f:34:6e:92:65:
                    16:28:ce:a3:4c:88:df:a6:36:42:c0:61:3c:a6:14:
                    97:b2:7c:ed:90:bc:4c:51:ec:bf:ca:19:c8:88:48:
                    af:9d:4c:2a:14:d8:a9:73:6e:43:29:1f:df:58:53:
                    bc:0b:f2:41:2d:59:c3:7f:56:08:cd:9c:d1:d7:8b:
                    87:c1:7e:a5:38:8f:dc:b1:5d:83:47:5b:b3:12:d4:
                    d9:85:68:89:ba:d0:c7:0b:f0:44:ec:6d:4a:6e:d0:
                    39:bc:48:80:09:73:9b:26:e7:a3:ea:11:d1:98:ec:
                    80:2e:19:f2:3a:26:91:88:a8:42:77:fc:6d:ca:4a:
                    6c:06:20:a1:66:60:41:04:8b:a5:2a:f2:18:f3:1b:
                    6a:62:16:4f:e0:c9:6c:fd:a7:e5:4c:33:35:50:19:
                    e1:b8:49:ad:c6:c6:5d:87:9a:24:7d:c8:5d:55:42:
                    45:7c:b2:6b:1d:58:0e:2f:82:39:31:3c:1c:cb:60:
                    84:47:25:70:8b:be:6c:6b:81:19:08:15:d4:dc:7d:
                    2b:e5:29:08:11:66:bd:1b:c0:a6:af:00:34:a1:cf:
                    e7:50:2a:2f:20:2b:ed:ef:aa:c3:bc:2f:50:b8:af:
                    c0:ff:44:72:2e:4e:8e:96:b8:7e:3b:34:27:14:69:
                    7b:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:3F:2F:25:FC:3A:FA:D1:0B:FB:5B:95:4E:6F:49:20:98:62:84:A9
            X509v3 Authority Key Identifier:
                keyid:04:E3:2C:43:F9:69:BA:41:7B:A3:6D:07:21:B1:D9:D5:06:24:C4:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BOMsQ_lpukF7o20HIbHZ1QYkxA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/316f15-bcb5-422c-92a0-826a48eefd96/1/BOMsQ_lpukF7o20HIbHZ1QYkxA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:4f:1e:e5:cb:5c:a9:a8:6c:32:5f:f6:09:50:dd:99:f1:da:
         42:5e:4d:13:40:a5:35:35:cc:b2:e5:0b:15:1a:d8:6b:65:bb:
         1b:c4:9c:22:41:bf:29:6b:09:13:4a:5b:31:0f:8b:bb:72:f5:
         44:90:64:00:4f:f4:4f:0c:de:21:2f:4e:3e:05:07:89:80:45:
         fd:83:83:06:0d:c9:92:29:17:5c:f6:84:f2:f6:4a:bf:4b:45:
         66:a1:18:97:be:6a:83:96:92:1b:47:13:e5:08:78:6c:f2:c8:
         5f:bc:61:d9:db:ac:7b:1f:3f:5a:e1:5c:2f:77:70:df:2a:a5:
         85:59:56:e5:5e:fd:0f:98:80:41:9a:7a:9e:81:50:06:42:5c:
         fd:41:11:2b:6d:e1:e4:62:58:79:39:10:c2:c2:d6:6d:10:fa:
         ab:32:71:f0:73:ce:3a:d1:02:4c:98:79:12:98:c3:0e:11:51:
         ef:dc:aa:97:20:40:25:f2:8a:f1:73:3e:fe:67:d4:a8:45:45:
         04:59:9c:1d:5a:0d:57:e9:a4:12:7a:94:d0:93:f8:af:97:cc:
         f4:30:1a:7d:dc:89:d6:67:05:98:ef:a7:70:f5:27:93:6e:9c:
         a4:ff:be:ab:df:71:a2:25:a0:d5:01:e2:c4:5e:d8:af:66:78:
         cc:85:51:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKDMQL9Iklc96ri8TPcZVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZTMyYzQzZjk2OWJhNDE3YmEzNmQwNzIxYjFkOWQ1MDYy
NGM0MGYwHhcNMjUwNjA3MTEwMDM5WhcNMjUwNjA4MTEwMDM5WjAzMTEwLwYDVQQD
EyhlZjNmMmYyNWZjM2FmYWQxMGJmYjViOTU0ZTZmNDkyMDk4NjI4NGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0kn0GT5H+xMfzRukmUWKM6jTIjf
pjZCwGE8phSXsnztkLxMUey/yhnIiEivnUwqFNipc25DKR/fWFO8C/JBLVnDf1YI
zZzR14uHwX6lOI/csV2DR1uzEtTZhWiJutDHC/BE7G1KbtA5vEiACXObJuej6hHR
mOyALhnyOiaRiKhCd/xtykpsBiChZmBBBIulKvIY8xtqYhZP4Mls/aflTDM1UBnh
uEmtxsZdh5okfchdVUJFfLJrHVgOL4I5MTwcy2CERyVwi75sa4EZCBXU3H0r5SkI
EWa9G8CmrwA0oc/nUCovICvt76rDvC9QuK/A/0RyLk6Olrh+OzQnFGl7BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO8/LyX8OvrRC/tblU5vSSCYYoSpMB8GA1UdIwQY
MBaAFATjLEP5abpBe6NtByGx2dUGJMQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8zMTZmMTUtYmNiNS00MjJjLTkyYTAt
ODI2YTQ4ZWVmZDk2LzEvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8zMTZmMTUtYmNiNS00MjJjLTkyYTAtODI2YTQ4ZWVmZDk2
LzEvQk9Nc1FfbHB1a0Y3bzIwSEliSFoxUVlreEE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcU8e5ctc
qahsMl/2CVDdmfHaQl5NE0ClNTXMsuULFRrYa2W7G8ScIkG/KWsJE0pbMQ+Lu3L1
RJBkAE/0TwzeIS9OPgUHiYBF/YODBg3JkikXXPaE8vZKv0tFZqEYl75qg5aSG0cT
5Qh4bPLIX7xh2dusex8/WuFcL3dw3yqlhVlW5V79D5iAQZp6noFQBkJc/UERK23h
5GJYeTkQwsLWbRD6qzJx8HPOOtECTJh5EpjDDhFR79yqlyBAJfKK8XM+/mfUqEVF
BFmcHVoNV+mkEnqU0JP4r5fM9DAafdyJ1mcFmO+ncPUnk26cpP++q99xoiWg1QHi
xF7Yr2Z4zIVRSg==
-----END CERTIFICATE-----