Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/1-BaGWSju7uXLyS9MTTiuXGAd7go.mft
File:                     1-BaGWSju7uXLyS9MTTiuXGAd7go.mft (raw, json)
Hash identifier:          HrHeDRpiuLdm7A7vzsK+zaamAnJ6rUANScKEbPZBUGE=
Subject key identifier:   52:EF:79:50:0A:05:21:7F:AA:63:E0:43:BF:69:EA:A5:38:28:5E:62
Authority key identifier: F8:16:86:59:28:EE:EE:E5:CB:C9:2F:4C:4D:38:AE:5C:60:1D:EE:0A
Certificate issuer:       /CN=f816865928eeeee5cbc92f4c4d38ae5c601dee0a
Certificate serial:       01984A412AD9D2C70486308BBD7332244607
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-BaGWSju7uXLyS9MTTiuXGAd7go.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/1-BaGWSju7uXLyS9MTTiuXGAd7go.mft
Manifest number:          1601
Signing time:             Sun 27 Jul 2025 05:00:41 +0000
Manifest this update:     Sun 27 Jul 2025 05:00:41 +0000
Manifest next update:     Mon 28 Jul 2025 05:00:41 +0000
Files and hashes:         1: 0rDYOCiVnQy1wBfGsCwgf4uCy6M.roa (hash: dtebcZBA/CIRFXc0hvNHRfZk/QfKnBn3jDoKUNxXxXo=)
                          2: 1-BaGWSju7uXLyS9MTTiuXGAd7go.crl (hash: kimZrrOydmLDXth1UiC+GTbXa/C0BnjuJhkSBOa58bQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/1-BaGWSju7uXLyS9MTTiuXGAd7go.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/1-BaGWSju7uXLyS9MTTiuXGAd7go.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-BaGWSju7uXLyS9MTTiuXGAd7go.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:41:2a:d9:d2:c7:04:86:30:8b:bd:73:32:24:46:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f816865928eeeee5cbc92f4c4d38ae5c601dee0a
        Validity
            Not Before: Jul 27 05:00:41 2025 GMT
            Not After : Jul 28 05:00:41 2025 GMT
        Subject: CN=52ef79500a05217faa63e043bf69eaa538285e62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:db:f3:91:9c:4a:19:7d:51:9d:d5:4e:b6:eb:
                    ea:56:8b:0e:c8:bf:56:31:11:3f:f3:ae:0a:62:6b:
                    d8:8d:71:73:0c:4d:20:74:43:25:3f:74:9a:46:57:
                    4c:20:b7:51:5b:e7:35:a3:03:78:0c:29:03:13:26:
                    d8:b9:7a:24:42:38:20:b9:31:d0:6d:87:4a:94:09:
                    d4:50:04:a4:bf:da:0a:c4:91:81:ea:98:4f:4a:97:
                    57:b2:b8:f5:53:fd:97:01:97:7a:a3:aa:e1:4e:e3:
                    5c:bb:71:c8:ec:2d:34:d9:43:e3:41:d5:b9:7a:eb:
                    9a:83:a6:88:ae:ea:16:c0:41:ac:6a:f1:c9:bb:99:
                    b0:b7:4a:7a:b9:7a:81:30:77:55:f7:7b:6f:31:9e:
                    9c:a3:05:f6:fc:da:23:80:ea:7b:f1:f4:e5:3b:5b:
                    71:52:a3:3d:09:17:ee:ea:1a:f3:56:b0:02:91:7a:
                    c2:cd:11:6e:6e:18:d5:80:a0:bd:7a:7c:cf:39:8b:
                    6c:43:b1:2f:4e:84:6f:51:d4:ed:f5:13:42:b4:d1:
                    d2:5d:63:f2:c2:c2:bb:53:bb:d1:ca:de:b9:b8:46:
                    f8:62:0c:7f:63:83:ce:d4:71:de:b5:78:d2:16:71:
                    bb:03:6c:7a:c3:a5:97:6a:90:03:83:92:ba:84:a4:
                    7f:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:EF:79:50:0A:05:21:7F:AA:63:E0:43:BF:69:EA:A5:38:28:5E:62
            X509v3 Authority Key Identifier:
                keyid:F8:16:86:59:28:EE:EE:E5:CB:C9:2F:4C:4D:38:AE:5C:60:1D:EE:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BaGWSju7uXLyS9MTTiuXGAd7go.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/1-BaGWSju7uXLyS9MTTiuXGAd7go.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/1-BaGWSju7uXLyS9MTTiuXGAd7go.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:0b:c7:6a:8c:ef:25:0c:25:46:7d:c2:f7:d9:65:90:dc:ce:
         05:fc:47:c9:31:8f:bd:29:d5:6b:12:51:93:95:89:0d:be:f0:
         c6:59:2a:65:13:9c:98:5d:83:71:91:88:73:26:98:c7:a0:df:
         a4:87:86:fe:f1:7d:72:48:67:48:6e:08:ad:58:30:35:ce:dc:
         74:ad:0e:6a:66:cb:11:1b:15:bf:e2:ca:e7:6b:4d:3d:d0:7d:
         0d:42:3b:31:d1:63:a1:8a:07:4c:a4:e2:3f:89:1c:57:0f:e5:
         47:6b:ab:b6:77:25:81:06:64:3e:c6:92:f6:fc:b2:46:2f:53:
         b1:87:6a:f0:fd:a1:ba:30:f3:90:28:a3:da:2f:f2:0d:68:53:
         6d:bb:b2:43:99:c8:bb:df:72:a9:7b:54:f3:18:46:99:ab:55:
         70:ee:c8:aa:7b:82:98:cc:b1:70:e9:20:59:52:c1:41:f8:2f:
         5c:ea:db:80:22:9f:53:78:e3:29:27:7e:db:21:09:69:fa:fb:
         b3:90:c4:ce:2e:cc:6b:73:54:6d:8f:5c:cd:c5:43:6a:b3:f9:
         74:47:56:64:f6:1b:00:5c:d4:fc:d1:01:3e:40:12:39:fd:dc:
         fb:dc:ec:25:da:99:4e:ef:81:2f:53:53:07:e4:dd:f3:8a:cc:
         f2:2c:fa:99
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZhKQSrZ0scEhjCLvXMyJEYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MTY4NjU5MjhlZWVlZTVjYmM5MmY0YzRkMzhhZTVjNjAx
ZGVlMGEwHhcNMjUwNzI3MDUwMDQxWhcNMjUwNzI4MDUwMDQxWjAzMTEwLwYDVQQD
Eyg1MmVmNzk1MDBhMDUyMTdmYWE2M2UwNDNiZjY5ZWFhNTM4Mjg1ZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9vzkZxKGX1RndVOtuvqVosOyL9W
MRE/864KYmvYjXFzDE0gdEMlP3SaRldMILdRW+c1owN4DCkDEybYuXokQjgguTHQ
bYdKlAnUUASkv9oKxJGB6phPSpdXsrj1U/2XAZd6o6rhTuNcu3HI7C002UPjQdW5
euuag6aIruoWwEGsavHJu5mwt0p6uXqBMHdV93tvMZ6cowX2/NojgOp78fTlO1tx
UqM9CRfu6hrzVrACkXrCzRFubhjVgKC9enzPOYtsQ7EvToRvUdTt9RNCtNHSXWPy
wsK7U7vRyt65uEb4Ygx/Y4PO1HHetXjSFnG7A2x6w6WXapADg5K6hKR/BwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFLveVAKBSF/qmPgQ79p6qU4KF5iMB8GA1UdIwQY
MBaAFPgWhlko7u7ly8kvTE04rlxgHe4KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CYUdXU2p1N3VYTHlTOU1UVGl1WEdBZDdnby5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYvNjhiMWJmLThmNDgtNDE2OS1hOWEy
LTVkYWM3MjAyMjNhYi8xLzEtQmFHV1NqdTd1WEx5UzlNVFRpdVhHQWQ3Z28ubWZ0
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL2RmLzY4YjFiZi04ZjQ4LTQxNjktYTlhMi01ZGFjNzIwMjIz
YWIvMS8xLUJhR1dTanU3dVhMeVM5TVRUaXVYR0FkN2dvLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvAvH
aozvJQwlRn3C99llkNzOBfxHyTGPvSnVaxJRk5WJDb7wxlkqZROcmF2DcZGIcyaY
x6DfpIeG/vF9ckhnSG4IrVgwNc7cdK0OambLERsVv+LK52tNPdB9DUI7MdFjoYoH
TKTiP4kcVw/lR2urtnclgQZkPsaS9vyyRi9TsYdq8P2hujDzkCij2i/yDWhTbbuy
Q5nIu99yqXtU8xhGmatVcO7IqnuCmMyxcOkgWVLBQfgvXOrbgCKfU3jjKSd+2yEJ
afr7s5DEzi7Ma3NUbY9czcVDarP5dEdWZPYbAFzU/NEBPkASOf3c+9zsJdqZTu+B
L1NTB+Td84rM8iz6mQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:40:35 2025 by rpki-client