
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/1-BaGWSju7uXLyS9MTTiuXGAd7go.mft
File: 1-BaGWSju7uXLyS9MTTiuXGAd7go.mft (raw, json)
Hash identifier: HrHeDRpiuLdm7A7vzsK+zaamAnJ6rUANScKEbPZBUGE=
Subject key identifier: 52:EF:79:50:0A:05:21:7F:AA:63:E0:43:BF:69:EA:A5:38:28:5E:62
Authority key identifier: F8:16:86:59:28:EE:EE:E5:CB:C9:2F:4C:4D:38:AE:5C:60:1D:EE:0A
Certificate issuer: /CN=f816865928eeeee5cbc92f4c4d38ae5c601dee0a
Certificate serial: 01984A412AD9D2C70486308BBD7332244607
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-BaGWSju7uXLyS9MTTiuXGAd7go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/1-BaGWSju7uXLyS9MTTiuXGAd7go.mft
Manifest number: 1601
Signing time: Sun 27 Jul 2025 05:00:41 +0000
Manifest this update: Sun 27 Jul 2025 05:00:41 +0000
Manifest next update: Mon 28 Jul 2025 05:00:41 +0000
Files and hashes: 1: 0rDYOCiVnQy1wBfGsCwgf4uCy6M.roa (hash: dtebcZBA/CIRFXc0hvNHRfZk/QfKnBn3jDoKUNxXxXo=)
2: 1-BaGWSju7uXLyS9MTTiuXGAd7go.crl (hash: kimZrrOydmLDXth1UiC+GTbXa/C0BnjuJhkSBOa58bQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/1-BaGWSju7uXLyS9MTTiuXGAd7go.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/1-BaGWSju7uXLyS9MTTiuXGAd7go.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-BaGWSju7uXLyS9MTTiuXGAd7go.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4a:41:2a:d9:d2:c7:04:86:30:8b:bd:73:32:24:46:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f816865928eeeee5cbc92f4c4d38ae5c601dee0a
Validity
Not Before: Jul 27 05:00:41 2025 GMT
Not After : Jul 28 05:00:41 2025 GMT
Subject: CN=52ef79500a05217faa63e043bf69eaa538285e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:db:f3:91:9c:4a:19:7d:51:9d:d5:4e:b6:eb:
ea:56:8b:0e:c8:bf:56:31:11:3f:f3:ae:0a:62:6b:
d8:8d:71:73:0c:4d:20:74:43:25:3f:74:9a:46:57:
4c:20:b7:51:5b:e7:35:a3:03:78:0c:29:03:13:26:
d8:b9:7a:24:42:38:20:b9:31:d0:6d:87:4a:94:09:
d4:50:04:a4:bf:da:0a:c4:91:81:ea:98:4f:4a:97:
57:b2:b8:f5:53:fd:97:01:97:7a:a3:aa:e1:4e:e3:
5c:bb:71:c8:ec:2d:34:d9:43:e3:41:d5:b9:7a:eb:
9a:83:a6:88:ae:ea:16:c0:41:ac:6a:f1:c9:bb:99:
b0:b7:4a:7a:b9:7a:81:30:77:55:f7:7b:6f:31:9e:
9c:a3:05:f6:fc:da:23:80:ea:7b:f1:f4:e5:3b:5b:
71:52:a3:3d:09:17:ee:ea:1a:f3:56:b0:02:91:7a:
c2:cd:11:6e:6e:18:d5:80:a0:bd:7a:7c:cf:39:8b:
6c:43:b1:2f:4e:84:6f:51:d4:ed:f5:13:42:b4:d1:
d2:5d:63:f2:c2:c2:bb:53:bb:d1:ca:de:b9:b8:46:
f8:62:0c:7f:63:83:ce:d4:71:de:b5:78:d2:16:71:
bb:03:6c:7a:c3:a5:97:6a:90:03:83:92:ba:84:a4:
7f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:EF:79:50:0A:05:21:7F:AA:63:E0:43:BF:69:EA:A5:38:28:5E:62
X509v3 Authority Key Identifier:
keyid:F8:16:86:59:28:EE:EE:E5:CB:C9:2F:4C:4D:38:AE:5C:60:1D:EE:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BaGWSju7uXLyS9MTTiuXGAd7go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/1-BaGWSju7uXLyS9MTTiuXGAd7go.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/1-BaGWSju7uXLyS9MTTiuXGAd7go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bc:0b:c7:6a:8c:ef:25:0c:25:46:7d:c2:f7:d9:65:90:dc:ce:
05:fc:47:c9:31:8f:bd:29:d5:6b:12:51:93:95:89:0d:be:f0:
c6:59:2a:65:13:9c:98:5d:83:71:91:88:73:26:98:c7:a0:df:
a4:87:86:fe:f1:7d:72:48:67:48:6e:08:ad:58:30:35:ce:dc:
74:ad:0e:6a:66:cb:11:1b:15:bf:e2:ca:e7:6b:4d:3d:d0:7d:
0d:42:3b:31:d1:63:a1:8a:07:4c:a4:e2:3f:89:1c:57:0f:e5:
47:6b:ab:b6:77:25:81:06:64:3e:c6:92:f6:fc:b2:46:2f:53:
b1:87:6a:f0:fd:a1:ba:30:f3:90:28:a3:da:2f:f2:0d:68:53:
6d:bb:b2:43:99:c8:bb:df:72:a9:7b:54:f3:18:46:99:ab:55:
70:ee:c8:aa:7b:82:98:cc:b1:70:e9:20:59:52:c1:41:f8:2f:
5c:ea:db:80:22:9f:53:78:e3:29:27:7e:db:21:09:69:fa:fb:
b3:90:c4:ce:2e:cc:6b:73:54:6d:8f:5c:cd:c5:43:6a:b3:f9:
74:47:56:64:f6:1b:00:5c:d4:fc:d1:01:3e:40:12:39:fd:dc:
fb:dc:ec:25:da:99:4e:ef:81:2f:53:53:07:e4:dd:f3:8a:cc:
f2:2c:fa:99
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZhKQSrZ0scEhjCLvXMyJEYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MTY4NjU5MjhlZWVlZTVjYmM5MmY0YzRkMzhhZTVjNjAx
ZGVlMGEwHhcNMjUwNzI3MDUwMDQxWhcNMjUwNzI4MDUwMDQxWjAzMTEwLwYDVQQD
Eyg1MmVmNzk1MDBhMDUyMTdmYWE2M2UwNDNiZjY5ZWFhNTM4Mjg1ZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9vzkZxKGX1RndVOtuvqVosOyL9W
MRE/864KYmvYjXFzDE0gdEMlP3SaRldMILdRW+c1owN4DCkDEybYuXokQjgguTHQ
bYdKlAnUUASkv9oKxJGB6phPSpdXsrj1U/2XAZd6o6rhTuNcu3HI7C002UPjQdW5
euuag6aIruoWwEGsavHJu5mwt0p6uXqBMHdV93tvMZ6cowX2/NojgOp78fTlO1tx
UqM9CRfu6hrzVrACkXrCzRFubhjVgKC9enzPOYtsQ7EvToRvUdTt9RNCtNHSXWPy
wsK7U7vRyt65uEb4Ygx/Y4PO1HHetXjSFnG7A2x6w6WXapADg5K6hKR/BwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFLveVAKBSF/qmPgQ79p6qU4KF5iMB8GA1UdIwQY
MBaAFPgWhlko7u7ly8kvTE04rlxgHe4KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CYUdXU2p1N3VYTHlTOU1UVGl1WEdBZDdnby5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYvNjhiMWJmLThmNDgtNDE2OS1hOWEy
LTVkYWM3MjAyMjNhYi8xLzEtQmFHV1NqdTd1WEx5UzlNVFRpdVhHQWQ3Z28ubWZ0
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL2RmLzY4YjFiZi04ZjQ4LTQxNjktYTlhMi01ZGFjNzIwMjIz
YWIvMS8xLUJhR1dTanU3dVhMeVM5TVRUaXVYR0FkN2dvLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvAvH
aozvJQwlRn3C99llkNzOBfxHyTGPvSnVaxJRk5WJDb7wxlkqZROcmF2DcZGIcyaY
x6DfpIeG/vF9ckhnSG4IrVgwNc7cdK0OambLERsVv+LK52tNPdB9DUI7MdFjoYoH
TKTiP4kcVw/lR2urtnclgQZkPsaS9vyyRi9TsYdq8P2hujDzkCij2i/yDWhTbbuy
Q5nIu99yqXtU8xhGmatVcO7IqnuCmMyxcOkgWVLBQfgvXOrbgCKfU3jjKSd+2yEJ
afr7s5DEzi7Ma3NUbY9czcVDarP5dEdWZPYbAFzU/NEBPkASOf3c+9zsJdqZTu+B
L1NTB+Td84rM8iz6mQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:40:35 2025 by rpki-client