Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.mft
File: BD0sjag_XDyUrpQKDv0qdxT_kOI.mft (raw, json)
Hash identifier: n8TzUu7NIdjX/2ifF6w9Y3lSjA/Z9ARwp8p/vTdBLhY=
Subject key identifier: D7:78:C8:8B:7F:4A:07:6D:36:2F:B0:27:1A:98:E8:EF:BB:DC:25:35
Authority key identifier: 04:3D:2C:8D:A8:3F:5C:3C:94:AE:94:0A:0E:FD:2A:77:14:FF:90:E2
Certificate issuer: /CN=043d2c8da83f5c3c94ae940a0efd2a7714ff90e2
Certificate serial: 019A7149D69F8AAE60E07B07341A5460193C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BD0sjag_XDyUrpQKDv0qdxT_kOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.mft
Manifest number: DF
Signing time: Tue 11 Nov 2025 05:00:55 +0000
Manifest this update: Tue 11 Nov 2025 05:00:55 +0000
Manifest next update: Wed 12 Nov 2025 05:00:55 +0000
Files and hashes: 1: BD0sjag_XDyUrpQKDv0qdxT_kOI.crl (hash: YTz6zOcRknrhLueHITOWjpaEX3poc8v6GJGPN7NH0VM=)
2: F0I2of0atpvetTn6otcAa1FRJF0.roa (hash: JY9VjmC9P6KQBtlxAcmoRA4HCsgOVKGxeDdf5vhfcm4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/BD0sjag_XDyUrpQKDv0qdxT_kOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:d6:9f:8a:ae:60:e0:7b:07:34:1a:54:60:19:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=043d2c8da83f5c3c94ae940a0efd2a7714ff90e2
Validity
Not Before: Nov 11 05:00:55 2025 GMT
Not After : Nov 12 05:00:55 2025 GMT
Subject: CN=d778c88b7f4a076d362fb0271a98e8efbbdc2535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:64:d0:ce:f3:dc:5d:d0:5a:24:03:df:af:e0:
35:9e:20:8c:cb:56:36:69:d5:69:78:ce:25:1a:8a:
aa:f1:5b:22:9d:cb:1d:d4:67:16:bd:3d:eb:31:aa:
79:cc:72:1c:f5:76:2d:c8:60:f0:a9:ba:80:41:c1:
4e:f9:ba:c0:45:49:a8:3b:8f:4b:a7:a6:5f:89:0a:
b8:25:7a:3c:11:d4:2c:d9:26:bd:62:c8:b7:a5:19:
9b:87:7c:18:4e:31:8e:3f:51:45:a0:21:d4:22:c1:
65:20:d1:a1:22:18:d8:9c:aa:dc:cb:b6:64:a3:60:
80:18:a8:37:a9:85:fa:e5:3a:3e:ce:73:e1:9b:ec:
77:d0:78:3b:cb:86:aa:13:95:e9:90:72:24:dd:97:
20:cd:61:8d:31:3f:f3:0a:3a:ed:f3:0c:d4:dc:b0:
78:30:5c:ad:13:95:b7:72:a1:13:1e:df:b0:a1:a4:
f9:7c:74:1e:7d:25:85:32:39:e1:b9:b8:33:3a:97:
31:f0:2c:b1:cc:60:ec:13:5e:a6:d2:31:42:59:1a:
5e:e2:64:5b:85:19:d0:d5:28:34:da:6a:32:74:ed:
b5:be:77:ee:cc:97:e1:ee:17:ac:d4:05:be:62:37:
99:67:d3:21:3e:28:61:ba:b5:23:2a:56:eb:78:d1:
5c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:78:C8:8B:7F:4A:07:6D:36:2F:B0:27:1A:98:E8:EF:BB:DC:25:35
X509v3 Authority Key Identifier:
keyid:04:3D:2C:8D:A8:3F:5C:3C:94:AE:94:0A:0E:FD:2A:77:14:FF:90:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BD0sjag_XDyUrpQKDv0qdxT_kOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:1d:b9:1d:d7:ae:bf:0b:8e:f5:c5:50:1b:fa:a4:cc:df:0d:
d2:2b:a1:d6:85:e3:15:ad:20:ee:3b:b4:5d:96:24:9e:a8:2c:
13:5a:e8:5c:b6:6b:bc:fb:c4:86:2a:bd:dc:d2:2f:06:4f:2d:
89:8b:4a:6c:5a:b0:e7:5a:ee:3f:29:9f:76:fb:65:3f:6d:08:
cb:4f:de:3a:31:ca:3b:69:f3:78:d4:a7:f8:f2:47:50:98:ee:
51:08:68:d1:f5:d2:a8:6f:c5:56:59:6a:de:34:39:c0:6d:8f:
32:b2:fb:39:ec:3e:b3:36:53:26:89:40:81:9e:91:6b:9b:1b:
37:57:3a:c4:9b:41:21:57:4a:db:a5:ac:0e:64:7b:d1:a7:70:
51:2f:8a:33:7c:67:8d:55:79:12:34:64:d6:3a:f4:ab:2f:cb:
d1:10:4a:b7:e8:cc:bc:f9:dd:02:69:8b:ac:f2:7d:7c:c9:97:
16:41:5d:da:4b:f5:3c:f7:0f:cc:54:85:dc:7f:5a:24:8a:63:
d5:29:49:6a:a1:59:f0:aa:8e:8b:79:49:60:d0:19:47:bf:b6:
02:e1:4a:10:eb:dc:fe:7e:80:00:a4:38:62:f2:be:bb:ef:2b:
d7:1e:f8:5a:19:7b:c8:67:a7:dd:b2:50:33:32:68:9c:92:b1:
15:96:f0:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSdafiq5g4HsHNBpUYBk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0M2QyYzhkYTgzZjVjM2M5NGFlOTQwYTBlZmQyYTc3MTRm
ZjkwZTIwHhcNMjUxMTExMDUwMDU1WhcNMjUxMTEyMDUwMDU1WjAzMTEwLwYDVQQD
EyhkNzc4Yzg4YjdmNGEwNzZkMzYyZmIwMjcxYTk4ZThlZmJiZGMyNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mTQzvPcXdBaJAPfr+A1niCMy1Y2
adVpeM4lGoqq8Vsincsd1GcWvT3rMap5zHIc9XYtyGDwqbqAQcFO+brARUmoO49L
p6ZfiQq4JXo8EdQs2Sa9Ysi3pRmbh3wYTjGOP1FFoCHUIsFlINGhIhjYnKrcy7Zk
o2CAGKg3qYX65To+znPhm+x30Hg7y4aqE5XpkHIk3ZcgzWGNMT/zCjrt8wzU3LB4
MFytE5W3cqETHt+woaT5fHQefSWFMjnhubgzOpcx8CyxzGDsE16m0jFCWRpe4mRb
hRnQ1Sg02moydO21vnfuzJfh7hes1AW+YjeZZ9MhPihhurUjKlbreNFc+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNd4yIt/SgdtNi+wJxqY6O+73CU1MB8GA1UdIwQY
MBaAFAQ9LI2oP1w8lK6UCg79KncU/5DiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkQwc2phZ19YRHlVcnBRS0R2MHFkeFRfa09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lYzRjMjUtZTU1Mi00ZDBjLTk1ZWUt
M2JiYzY2MWI0Y2M1LzEvQkQwc2phZ19YRHlVcnBRS0R2MHFkeFRfa09JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lYzRjMjUtZTU1Mi00ZDBjLTk1ZWUtM2JiYzY2MWI0Y2M1
LzEvQkQwc2phZ19YRHlVcnBRS0R2MHFkeFRfa09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlh25Hdeu
vwuO9cVQG/qkzN8N0iuh1oXjFa0g7ju0XZYknqgsE1roXLZrvPvEhiq93NIvBk8t
iYtKbFqw51ruPymfdvtlP20Iy0/eOjHKO2nzeNSn+PJHUJjuUQho0fXSqG/FVllq
3jQ5wG2PMrL7Oew+szZTJolAgZ6Ra5sbN1c6xJtBIVdK26WsDmR70adwUS+KM3xn
jVV5EjRk1jr0qy/L0RBKt+jMvPndAmmLrPJ9fMmXFkFd2kv1PPcPzFSF3H9aJIpj
1SlJaqFZ8KqOi3lJYNAZR7+2AuFKEOvc/n6AAKQ4YvK+u+8r1x74Whl7yGen3bJQ
MzJonJKxFZbwzA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:04:17 2025 by rpki-client