Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft
File: bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft (raw, json)
Hash identifier: bZ+dAoajf5KZOArJKEHKGzlvcHY4i/XA36BaT2opwOM=
Subject key identifier: B9:18:08:D7:F3:1F:FD:E9:B6:F9:99:48:1B:51:57:2F:87:E2:C3:3B
Authority key identifier: 6C:B8:50:DE:B2:8B:DB:2F:65:5E:2F:1B:02:D3:7C:13:C6:D4:34:52
Certificate issuer: /CN=6cb850deb28bdb2f655e2f1b02d37c13c6d43452
Certificate serial: 019A725C56A7D9FDD57C1DD888B2E622695D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft
Manifest number: 04AC
Signing time: Tue 11 Nov 2025 10:00:45 +0000
Manifest this update: Tue 11 Nov 2025 10:00:45 +0000
Manifest next update: Wed 12 Nov 2025 10:00:45 +0000
Files and hashes: 1: bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl (hash: dpxSQBmf+2JXi59yyDVaoqf0kz2ZEjj6TjRHFM/nUZ8=)
2: xfuYQjKIwNsH8n8qNl-5nn5swlA.roa (hash: EURGAPm/xAIC/hIpJIK0VPaCfzGhmdAUIaI/It3KKIY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft
rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:56:a7:d9:fd:d5:7c:1d:d8:88:b2:e6:22:69:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb850deb28bdb2f655e2f1b02d37c13c6d43452
Validity
Not Before: Nov 11 10:00:45 2025 GMT
Not After : Nov 12 10:00:45 2025 GMT
Subject: CN=b91808d7f31ffde9b6f999481b51572f87e2c33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:b2:d2:6f:24:83:b1:37:6c:ca:69:22:8f:af:
b5:71:13:1e:20:b2:8e:d0:aa:a2:1c:20:4e:ac:eb:
3a:bd:40:de:00:c3:11:d3:8a:55:4c:13:a3:0f:05:
e8:d9:68:2c:d1:2a:4d:67:15:03:6f:b6:06:1c:67:
b4:2d:11:26:5a:6c:0d:07:25:46:14:77:51:17:53:
eb:a7:7d:a0:50:91:09:b9:96:1d:7e:8a:27:13:73:
c0:75:06:9f:fb:bc:c5:98:bc:71:3c:d7:f4:18:a3:
f4:49:43:da:e5:4d:10:c0:5c:ba:a2:d4:b5:6c:52:
99:d0:e8:3f:78:0e:06:27:aa:00:27:0d:83:fe:df:
ce:ca:81:59:ad:bd:d9:86:a3:c3:33:0d:8f:47:93:
95:5c:46:8f:ad:0c:86:e2:e6:5f:2c:15:b9:72:7c:
2c:f4:11:ca:b3:c4:4a:97:f0:ea:d7:d6:4d:49:db:
0f:b7:7c:b5:a4:d0:a4:af:f5:ae:fe:87:22:2e:0a:
1c:d0:1f:71:19:0b:fa:72:0b:0e:2b:08:bb:9d:4a:
13:d0:3e:7d:bb:66:38:2b:d2:e2:2e:5f:dd:73:e0:
fe:95:23:55:c9:71:8f:4b:c2:c7:eb:e1:2f:b8:38:
5d:ed:d7:fc:0b:18:f4:79:ac:f3:f0:b8:35:5f:f3:
6c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:18:08:D7:F3:1F:FD:E9:B6:F9:99:48:1B:51:57:2F:87:E2:C3:3B
X509v3 Authority Key Identifier:
keyid:6C:B8:50:DE:B2:8B:DB:2F:65:5E:2F:1B:02:D3:7C:13:C6:D4:34:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:43:cc:47:04:35:0b:dd:bd:e6:45:57:81:b4:43:de:66:4d:
ce:c5:2f:57:c6:f7:fb:de:f4:e2:01:78:35:03:b8:59:e5:26:
1e:80:47:09:67:64:10:cc:44:4f:16:33:19:3d:00:cf:22:76:
ca:03:7a:76:17:34:f0:03:9f:b9:c2:d3:50:57:d4:70:9e:cc:
e2:8f:02:7f:64:78:a9:49:da:6a:36:b2:78:a4:05:ce:08:83:
be:44:c7:18:21:56:ad:c1:6c:17:76:ea:02:2c:f2:26:22:7b:
df:e1:8e:60:d0:f0:f5:f7:ce:8a:47:56:57:4c:73:0e:72:2b:
a8:45:ab:c6:7c:99:fe:dd:ad:68:ea:0a:ab:5a:5d:18:76:35:
8c:67:89:bd:4e:46:e8:14:65:fd:74:75:4f:27:dd:6b:2a:27:
5f:a7:70:fe:22:14:ab:71:e4:d1:8d:8a:c1:b9:8c:9a:d2:a8:
08:7b:30:f3:c0:9f:d2:0b:4b:8f:88:db:7a:d2:e4:a3:fa:f4:
a5:9c:52:4f:50:46:52:6a:17:4b:25:3b:f8:a0:05:5f:7e:ce:
9b:5e:b3:e8:80:a0:d4:c2:5f:61:8e:5d:b8:a4:a5:ae:37:c0:
4e:ee:90:43:55:c7:ab:d4:ab:7e:52:4e:e0:d7:15:2b:17:4f:
c7:e4:b8:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXFan2f3VfB3YiLLmImldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjg1MGRlYjI4YmRiMmY2NTVlMmYxYjAyZDM3YzEzYzZk
NDM0NTIwHhcNMjUxMTExMTAwMDQ1WhcNMjUxMTEyMTAwMDQ1WjAzMTEwLwYDVQQD
EyhiOTE4MDhkN2YzMWZmZGU5YjZmOTk5NDgxYjUxNTcyZjg3ZTJjMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6rLSbySDsTdsymkij6+1cRMeILKO
0KqiHCBOrOs6vUDeAMMR04pVTBOjDwXo2Wgs0SpNZxUDb7YGHGe0LREmWmwNByVG
FHdRF1Prp32gUJEJuZYdfoonE3PAdQaf+7zFmLxxPNf0GKP0SUPa5U0QwFy6otS1
bFKZ0Og/eA4GJ6oAJw2D/t/OyoFZrb3ZhqPDMw2PR5OVXEaPrQyG4uZfLBW5cnws
9BHKs8RKl/Dq19ZNSdsPt3y1pNCkr/Wu/ociLgoc0B9xGQv6cgsOKwi7nUoT0D59
u2Y4K9LiLl/dc+D+lSNVyXGPS8LH6+EvuDhd7df8Cxj0eazz8Lg1X/Ns+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLkYCNfzH/3ptvmZSBtRVy+H4sM7MB8GA1UdIwQY
MBaAFGy4UN6yi9svZV4vGwLTfBPG1DRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iMmQ3MGQtNDk1My00ZDYxLWI4Yzkt
ODhiMmQyY2Y3YzMxLzEvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9iMmQ3MGQtNDk1My00ZDYxLWI4YzktODhiMmQyY2Y3YzMx
LzEvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApUPMRwQ1
C9295kVXgbRD3mZNzsUvV8b3+9704gF4NQO4WeUmHoBHCWdkEMxETxYzGT0AzyJ2
ygN6dhc08AOfucLTUFfUcJ7M4o8Cf2R4qUnaajayeKQFzgiDvkTHGCFWrcFsF3bq
AizyJiJ73+GOYNDw9ffOikdWV0xzDnIrqEWrxnyZ/t2taOoKq1pdGHY1jGeJvU5G
6BRl/XR1TyfdayonX6dw/iIUq3Hk0Y2KwbmMmtKoCHsw88Cf0gtLj4jbetLko/r0
pZxST1BGUmoXSyU7+KAFX37Om16z6ICg1MJfYY5duKSlrjfATu6QQ1XHq9SrflJO
4NcVKxdPx+S4sA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:55 2025 by rpki-client