Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
File:                     r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json)
Hash identifier:          dj92fRZMNrm646Qtn5BdFlN8PjEOxhzZtA0t6LgZuYo=
Subject key identifier:   3C:DE:55:20:DD:D2:1F:7E:C1:E3:92:2A:FB:22:49:B0:44:BD:B4:FA
Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
Certificate issuer:       /CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Certificate serial:       01984A7839F34547AAC878DE3C4E689A5B47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
Manifest number:          1601
Signing time:             Sun 27 Jul 2025 06:00:49 +0000
Manifest this update:     Sun 27 Jul 2025 06:00:49 +0000
Manifest next update:     Mon 28 Jul 2025 06:00:49 +0000
Files and hashes:         1: Sj0PB6C71UQWy93CM-Vpj4pjoBg.roa (hash: StQmSXi8WTjztpX70qdwwtDI4sB0dsxFMynA07YhLgY=)
                          2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: +K3cdr+l8b2IfGOXkicC38pRPnlderoK2CAk3gEgfec=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:78:39:f3:45:47:aa:c8:78:de:3c:4e:68:9a:5b:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79
        Validity
            Not Before: Jul 27 06:00:49 2025 GMT
            Not After : Jul 28 06:00:49 2025 GMT
        Subject: CN=3cde5520ddd21f7ec1e3922afb2249b044bdb4fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:47:37:9f:61:90:0d:f0:76:60:79:f2:c7:e6:
                    e5:74:cd:a8:74:a7:8e:41:a9:fd:8f:31:60:a6:9d:
                    1d:29:0a:11:e4:33:c3:40:c9:e7:6b:0d:b6:2e:0d:
                    17:10:2d:de:09:19:cc:1a:0f:d8:9b:b2:30:f9:14:
                    ed:d0:a2:80:e0:ca:f7:82:b4:fd:20:9a:e6:f9:e2:
                    00:d7:0d:c0:8d:fb:16:05:fa:3f:d5:e8:aa:09:8f:
                    4a:46:0e:35:5e:47:6e:85:64:ef:33:d5:c9:ee:8f:
                    7a:85:d8:0d:f1:f0:8d:13:06:8c:4a:23:ee:c7:c3:
                    dc:71:ba:43:b5:a5:16:c5:cd:12:72:dc:3d:c4:98:
                    aa:c1:99:e5:81:2c:d3:60:dd:3e:13:9d:42:dd:87:
                    b2:cc:8f:09:e3:31:ac:e5:6e:81:d4:df:e2:14:7f:
                    e4:fe:0b:e1:fd:50:72:47:bf:cd:4c:87:2c:50:e2:
                    4d:82:59:60:13:21:8e:57:e5:4c:16:cd:e7:d1:b2:
                    ad:71:49:fc:1f:fe:15:d2:6c:97:c4:5a:9a:2a:8d:
                    da:e1:d5:0c:a1:99:c6:5b:bf:0d:10:40:6e:9a:29:
                    80:df:22:d8:e4:a0:c4:f3:18:c6:59:3f:82:09:72:
                    6b:71:60:fa:20:fe:6a:ea:d6:85:b7:15:22:f2:c9:
                    16:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:DE:55:20:DD:D2:1F:7E:C1:E3:92:2A:FB:22:49:B0:44:BD:B4:FA
            X509v3 Authority Key Identifier:
                keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:b2:37:b6:02:e5:df:c9:c3:ca:bc:34:7c:81:06:72:d8:8f:
         45:c8:2f:1d:45:66:ba:53:df:87:84:f2:3d:bc:b4:e6:72:9a:
         16:38:5e:7e:2f:80:c6:70:6b:5d:fa:b0:10:52:a4:86:5e:bf:
         f4:4a:02:77:64:54:1e:d6:0c:e8:ad:ba:2f:68:83:9c:c1:c2:
         e0:0d:de:37:2c:0e:b7:18:30:96:6e:ac:c1:2f:0b:6d:bb:12:
         58:b9:d3:b9:22:07:69:3a:e2:ee:59:5f:3b:5e:cf:e1:3f:a4:
         0b:95:23:51:b4:90:3c:1f:89:9e:c0:6f:bc:71:a9:4d:87:33:
         22:f9:0f:08:c8:b6:23:cf:33:1a:53:a0:f9:44:12:01:53:92:
         61:72:cd:95:77:17:3b:38:ae:77:56:71:5b:bf:a5:ab:a4:db:
         79:85:8d:da:77:c5:0e:da:b4:4a:d1:c3:22:03:c4:81:aa:78:
         ff:5c:6d:1b:e3:01:4b:db:87:ff:2f:91:7a:ba:a5:fc:f0:d4:
         a3:86:1c:52:96:a2:c2:78:1d:41:f0:37:02:5d:4a:76:cb:92:
         a0:78:99:6c:8a:6d:4d:92:68:83:b1:4d:ea:49:be:f9:f6:31:
         f5:06:e0:b6:b8:a4:88:d4:53:e5:d1:ce:cc:d2:55:96:ea:f8:
         42:0d:3c:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKeDnzRUeqyHjePE5omltHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh
NWNiNzkwHhcNMjUwNzI3MDYwMDQ5WhcNMjUwNzI4MDYwMDQ5WjAzMTEwLwYDVQQD
EygzY2RlNTUyMGRkZDIxZjdlYzFlMzkyMmFmYjIyNDliMDQ0YmRiNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kc3n2GQDfB2YHnyx+bldM2odKeO
Qan9jzFgpp0dKQoR5DPDQMnnaw22Lg0XEC3eCRnMGg/Ym7Iw+RTt0KKA4Mr3grT9
IJrm+eIA1w3AjfsWBfo/1eiqCY9KRg41XkduhWTvM9XJ7o96hdgN8fCNEwaMSiPu
x8PccbpDtaUWxc0Sctw9xJiqwZnlgSzTYN0+E51C3YeyzI8J4zGs5W6B1N/iFH/k
/gvh/VByR7/NTIcsUOJNgllgEyGOV+VMFs3n0bKtcUn8H/4V0myXxFqaKo3a4dUM
oZnGW78NEEBumimA3yLY5KDE8xjGWT+CCXJrcWD6IP5q6taFtxUi8skWeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzeVSDd0h9+weOSKvsiSbBEvbT6MB8GA1UdIwQY
MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt
ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy
LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALLI3tgLl
38nDyrw0fIEGctiPRcgvHUVmulPfh4TyPby05nKaFjhefi+AxnBrXfqwEFKkhl6/
9EoCd2RUHtYM6K26L2iDnMHC4A3eNywOtxgwlm6swS8LbbsSWLnTuSIHaTri7llf
O17P4T+kC5UjUbSQPB+JnsBvvHGpTYczIvkPCMi2I88zGlOg+UQSAVOSYXLNlXcX
Oziud1ZxW7+lq6TbeYWN2nfFDtq0StHDIgPEgap4/1xtG+MBS9uH/y+Rerql/PDU
o4YcUpaiwngdQfA3Al1KdsuSoHiZbIptTZJog7FN6km++fYx9QbgtrikiNRT5dHO
zNJVlur4Qg08gw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:40:31 2025 by rpki-client