Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.mft
File: bs1crU0zBsT3LEKvwG5c0fuv46M.mft (raw, json)
Hash identifier: hyCWJ5F225b8xQxAEDQ2kWwlOFh9j343vREtLmCorO8=
Subject key identifier: C3:43:D8:1D:0A:1B:C3:92:0E:A9:3D:1C:30:3F:DE:E1:48:68:59:91
Authority key identifier: 6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3
Certificate issuer: /CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3
Certificate serial: 019A25F85ADC336D8A144991568311C8CBEC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.mft
Manifest number: 16FC
Signing time: Mon 27 Oct 2025 14:00:24 +0000
Manifest this update: Mon 27 Oct 2025 14:00:24 +0000
Manifest next update: Tue 28 Oct 2025 14:00:24 +0000
Files and hashes: 1: IVWLNAUIsWDuNfRfR17vH-v5XfI.roa (hash: OmbLmtXQG4MyTcSNnTCa+QZsFqNmOgdwU2G3Jors4PA=)
2: bs1crU0zBsT3LEKvwG5c0fuv46M.crl (hash: jRtZsowN9af100qzcIopwnft3ttkZTj7bIcVkMQaFus=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.mft
rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:f8:5a:dc:33:6d:8a:14:49:91:56:83:11:c8:cb:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3
Validity
Not Before: Oct 27 14:00:24 2025 GMT
Not After : Oct 28 14:00:24 2025 GMT
Subject: CN=c343d81d0a1bc3920ea93d1c303fdee148685991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:50:e6:f5:77:75:17:7d:f3:59:c2:44:2b:81:
94:70:95:45:4a:a1:2a:ba:e7:5f:27:4f:69:9e:60:
e9:f5:5e:23:eb:83:0f:c6:81:af:a8:dc:f8:b5:43:
9d:0e:c3:a3:1f:0f:5d:5c:b9:32:3d:68:c9:2e:28:
90:68:45:21:73:c1:0a:c4:10:d9:a8:51:4b:d9:fe:
ff:fd:e7:92:f5:ed:59:30:5b:fb:c1:53:a9:91:fc:
78:8b:21:45:2e:50:ec:ff:9a:31:84:8c:41:b3:43:
86:f4:a3:2f:90:0f:1a:11:c5:34:36:43:6c:a2:35:
6e:24:82:2b:c6:e5:fe:cf:5e:85:e6:04:7f:b1:12:
e3:61:5a:9c:b5:0b:fe:15:78:65:66:22:79:3d:ea:
28:dd:40:b3:b7:ad:df:da:e9:8f:0f:a3:a8:d9:4d:
05:7d:2f:0d:34:f4:f2:14:f2:ad:62:0a:12:8a:fd:
da:f1:c9:26:9e:f4:dd:b1:9f:95:7e:1f:9a:4e:8a:
3c:a9:e0:15:14:33:ba:9e:eb:a5:d5:f8:1e:3e:a0:
d5:0b:d2:23:07:1a:e2:ed:85:a8:ed:35:00:73:9f:
ce:5d:60:a7:2c:c6:32:34:2e:f7:0a:01:57:3e:94:
39:b5:fd:3b:af:d8:0f:70:7e:a0:35:fa:44:df:2f:
10:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:43:D8:1D:0A:1B:C3:92:0E:A9:3D:1C:30:3F:DE:E1:48:68:59:91
X509v3 Authority Key Identifier:
keyid:6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ab:05:79:84:56:d3:da:67:67:24:b8:bd:d0:2a:54:fb:b4:1f:
34:e9:f7:43:a9:99:82:26:9f:61:e6:1e:7b:1d:9f:91:23:79:
5d:8b:2a:56:6e:03:d2:d4:89:24:d2:bf:fa:3d:10:55:9e:09:
05:8b:39:ef:bd:3d:9b:27:bf:f6:48:97:aa:ef:19:69:e4:5e:
b5:db:8d:6d:d7:90:8e:92:f2:7f:39:e0:14:8b:ed:f5:45:ad:
98:8e:91:71:52:65:96:76:6b:11:02:ec:df:92:69:f7:2a:6e:
3e:51:2e:1b:45:61:52:43:88:47:00:cb:0c:49:4d:1e:99:5b:
59:a1:09:b9:9e:2d:8f:81:1d:e4:1e:bd:4d:33:af:e3:d4:a6:
38:7c:7d:9e:19:f9:21:a1:17:cc:40:6f:a6:11:44:2c:8e:a7:
a2:4d:66:2e:a0:60:50:6f:c2:72:62:d1:14:32:72:4a:f0:78:
30:58:93:c7:66:93:1e:79:a7:de:70:40:29:58:0f:ce:e4:47:
77:d4:4b:a5:d8:89:dc:da:7e:52:98:82:2b:6a:a8:10:ba:13:
66:5f:e7:ea:d4:c8:1e:c5:43:53:91:82:39:de:c1:01:5e:8b:
bd:77:12:5c:d7:13:91:c3:84:ec:37:a4:34:16:86:ef:03:1b:
61:54:11:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZol+FrcM22KFEmRVoMRyMvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlY2Q1Y2FkNGQzMzA2YzRmNzJjNDJhZmMwNmU1Y2QxZmJh
ZmUzYTMwHhcNMjUxMDI3MTQwMDI0WhcNMjUxMDI4MTQwMDI0WjAzMTEwLwYDVQQD
EyhjMzQzZDgxZDBhMWJjMzkyMGVhOTNkMWMzMDNmZGVlMTQ4Njg1OTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolDm9Xd1F33zWcJEK4GUcJVFSqEq
uudfJ09pnmDp9V4j64MPxoGvqNz4tUOdDsOjHw9dXLkyPWjJLiiQaEUhc8EKxBDZ
qFFL2f7//eeS9e1ZMFv7wVOpkfx4iyFFLlDs/5oxhIxBs0OG9KMvkA8aEcU0NkNs
ojVuJIIrxuX+z16F5gR/sRLjYVqctQv+FXhlZiJ5Peoo3UCzt63f2umPD6Oo2U0F
fS8NNPTyFPKtYgoSiv3a8ckmnvTdsZ+Vfh+aToo8qeAVFDO6nuul1fgePqDVC9Ij
Bxri7YWo7TUAc5/OXWCnLMYyNC73CgFXPpQ5tf07r9gPcH6gNfpE3y8Q3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMND2B0KG8OSDqk9HDA/3uFIaFmRMB8GA1UdIwQY
MBaAFG7NXK1NMwbE9yxCr8BuXNH7r+OjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80OTY1MjUtMmMwZC00M2U0LTgxODgt
NWZiYzIzMGFiZGMyLzEvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80OTY1MjUtMmMwZC00M2U0LTgxODgtNWZiYzIzMGFiZGMy
LzEvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqwV5hFbT
2mdnJLi90CpU+7QfNOn3Q6mZgiafYeYeex2fkSN5XYsqVm4D0tSJJNK/+j0QVZ4J
BYs57709mye/9kiXqu8ZaeRetduNbdeQjpLyfzngFIvt9UWtmI6RcVJllnZrEQLs
35Jp9ypuPlEuG0VhUkOIRwDLDElNHplbWaEJuZ4tj4Ed5B69TTOv49SmOHx9nhn5
IaEXzEBvphFELI6nok1mLqBgUG/CcmLRFDJySvB4MFiTx2aTHnmn3nBAKVgPzuRH
d9RLpdiJ3Np+UpiCK2qoELoTZl/n6tTIHsVDU5GCOd7BAV6LvXcSXNcTkcOE7Dek
NBaG7wMbYVQRZg==
-----END CERTIFICATE-----
Generated at Mon Oct 27 21:00:53 2025 by rpki-client