Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/edecb7-bd59-4ebe-b201-6cf131c1caac/1/bGbVyy-crT9IQ_cUpNxi1yE96-g.mft
File: bGbVyy-crT9IQ_cUpNxi1yE96-g.mft (raw, json)
Hash identifier: pt/Vgsu3pcyPhosi2lD48811W2gABrREB+xL5qvGbhg=
Subject key identifier: 7C:1C:19:98:1C:16:FB:F9:3C:74:E6:AB:38:F6:45:2A:B5:43:5F:38
Authority key identifier: 6C:66:D5:CB:2F:9C:AD:3F:48:43:F7:14:A4:DC:62:D7:21:3D:EB:E8
Certificate issuer: /CN=6c66d5cb2f9cad3f4843f714a4dc62d7213debe8
Certificate serial: 019A71EE7E555C85BFF08D52E410F7F54562
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bGbVyy-crT9IQ_cUpNxi1yE96-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/edecb7-bd59-4ebe-b201-6cf131c1caac/1/bGbVyy-crT9IQ_cUpNxi1yE96-g.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 08:00:46 +0000
Manifest this update: Tue 11 Nov 2025 08:00:46 +0000
Manifest next update: Wed 12 Nov 2025 08:00:46 +0000
Files and hashes: 1: JAwkYlt_gNZ54Td8tq5GWdme2ug.roa (hash: zUyQFLpVWmBaNa+EvYNx5U2/U4IK1mMjW0Y/zg4R97w=)
2: bGbVyy-crT9IQ_cUpNxi1yE96-g.crl (hash: R4rIV3RxCtyfmuHNBo48OKTwIfuTkGlMTcGmiAcjkak=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/edecb7-bd59-4ebe-b201-6cf131c1caac/1/bGbVyy-crT9IQ_cUpNxi1yE96-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/edecb7-bd59-4ebe-b201-6cf131c1caac/1/bGbVyy-crT9IQ_cUpNxi1yE96-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/bGbVyy-crT9IQ_cUpNxi1yE96-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:7e:55:5c:85:bf:f0:8d:52:e4:10:f7:f5:45:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c66d5cb2f9cad3f4843f714a4dc62d7213debe8
Validity
Not Before: Nov 11 08:00:46 2025 GMT
Not After : Nov 12 08:00:46 2025 GMT
Subject: CN=7c1c19981c16fbf93c74e6ab38f6452ab5435f38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:be:55:a1:b3:e4:95:93:56:d8:d9:1e:c8:0a:
95:f8:64:a9:e9:2c:57:80:29:79:dc:b2:fc:be:0d:
b0:c6:f9:16:67:c9:94:63:5d:2d:ee:1b:01:73:ad:
00:95:5b:38:1c:c6:77:05:6c:18:3e:85:02:78:5d:
76:9e:8c:78:9d:0a:86:b4:f3:49:93:39:89:2c:bd:
95:d7:73:83:77:2e:42:e3:33:2d:5d:3e:d4:57:66:
a3:0f:f6:07:9c:b7:e4:03:52:6f:fa:34:c1:d5:33:
5a:29:a9:82:74:e9:ee:a8:71:f8:6b:00:aa:84:51:
b9:93:92:6e:99:69:41:f2:72:b3:81:36:16:dc:ef:
7a:1e:05:4e:f8:be:67:2e:8a:0b:45:a1:6e:f3:96:
d1:31:55:66:25:51:cd:68:7f:8d:5d:f2:b9:37:37:
0f:bd:f1:a3:64:43:38:f0:e3:53:ab:43:d5:05:32:
20:96:01:85:d9:ab:52:23:b0:11:e3:5e:5d:9b:ac:
0e:96:84:7c:db:bd:5a:e4:1d:e2:54:78:a6:2b:c9:
de:f7:20:75:ee:d6:ac:12:d9:d4:d3:85:e5:5b:bd:
21:63:00:e2:d3:60:81:8b:29:c4:92:71:bc:fd:58:
79:04:ec:93:53:99:d0:a8:7b:6d:3b:c5:79:de:ba:
dd:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:1C:19:98:1C:16:FB:F9:3C:74:E6:AB:38:F6:45:2A:B5:43:5F:38
X509v3 Authority Key Identifier:
keyid:6C:66:D5:CB:2F:9C:AD:3F:48:43:F7:14:A4:DC:62:D7:21:3D:EB:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bGbVyy-crT9IQ_cUpNxi1yE96-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/edecb7-bd59-4ebe-b201-6cf131c1caac/1/bGbVyy-crT9IQ_cUpNxi1yE96-g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/edecb7-bd59-4ebe-b201-6cf131c1caac/1/bGbVyy-crT9IQ_cUpNxi1yE96-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:ca:bb:ab:b3:69:fa:18:c0:fa:5e:1f:bf:c8:70:4b:f5:d6:
64:94:43:bb:61:dd:ec:db:46:7a:b6:09:03:d9:2b:37:61:fd:
f1:56:9c:2b:24:12:eb:f6:21:0f:09:7c:30:92:5c:26:08:3b:
54:d9:4d:09:9a:84:0f:b9:2c:e1:bc:18:8f:84:15:b7:14:d7:
f2:ad:a1:0b:10:55:42:a4:7e:8a:31:79:79:63:f7:c0:8d:22:
b7:67:0f:f7:79:50:26:47:ce:55:0e:7f:30:90:bd:42:61:a2:
99:51:6f:1f:33:bb:04:1d:22:e2:09:bf:0a:80:cf:b6:b9:d3:
bf:ad:c6:43:34:fa:74:3b:aa:42:21:d2:e4:a5:08:1c:2b:95:
e7:6b:20:02:8a:93:0e:c6:a9:e3:3e:54:b5:76:40:0f:40:ec:
d8:28:92:8a:3f:c2:08:30:a2:26:c6:b5:d6:57:d3:67:da:8e:
8a:4d:d8:f1:35:5c:b9:17:9c:5b:b2:30:2e:f9:84:4f:82:97:
8f:a2:b5:28:8a:1c:d6:cb:7a:bd:7b:b7:16:30:35:fa:65:7f:
62:38:4b:e9:73:bb:37:0d:69:af:59:f6:3a:cc:2d:d5:cb:88:
38:20:69:2f:02:9b:4e:64:93:72:60:dc:cb:89:30:35:4a:7a:
56:5f:c2:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7n5VXIW/8I1S5BD39UViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNjZkNWNiMmY5Y2FkM2Y0ODQzZjcxNGE0ZGM2MmQ3MjEz
ZGViZTgwHhcNMjUxMTExMDgwMDQ2WhcNMjUxMTEyMDgwMDQ2WjAzMTEwLwYDVQQD
Eyg3YzFjMTk5ODFjMTZmYmY5M2M3NGU2YWIzOGY2NDUyYWI1NDM1ZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL5VobPklZNW2NkeyAqV+GSp6SxX
gCl53LL8vg2wxvkWZ8mUY10t7hsBc60AlVs4HMZ3BWwYPoUCeF12nox4nQqGtPNJ
kzmJLL2V13ODdy5C4zMtXT7UV2ajD/YHnLfkA1Jv+jTB1TNaKamCdOnuqHH4awCq
hFG5k5JumWlB8nKzgTYW3O96HgVO+L5nLooLRaFu85bRMVVmJVHNaH+NXfK5NzcP
vfGjZEM48ONTq0PVBTIglgGF2atSI7AR415dm6wOloR8271a5B3iVHimK8ne9yB1
7tasEtnU04XlW70hYwDi02CBiynEknG8/Vh5BOyTU5nQqHttO8V53rrdvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwcGZgcFvv5PHTmqzj2RSq1Q184MB8GA1UdIwQY
MBaAFGxm1csvnK0/SEP3FKTcYtchPevoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkdiVnl5LWNyVDlJUV9jVXBOeGkxeUU5Ni1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9lZGVjYjctYmQ1OS00ZWJlLWIyMDEt
NmNmMTMxYzFjYWFjLzEvYkdiVnl5LWNyVDlJUV9jVXBOeGkxeUU5Ni1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9lZGVjYjctYmQ1OS00ZWJlLWIyMDEtNmNmMTMxYzFjYWFj
LzEvYkdiVnl5LWNyVDlJUV9jVXBOeGkxeUU5Ni1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMcq7q7Np
+hjA+l4fv8hwS/XWZJRDu2Hd7NtGerYJA9krN2H98VacKyQS6/YhDwl8MJJcJgg7
VNlNCZqED7ks4bwYj4QVtxTX8q2hCxBVQqR+ijF5eWP3wI0it2cP93lQJkfOVQ5/
MJC9QmGimVFvHzO7BB0i4gm/CoDPtrnTv63GQzT6dDuqQiHS5KUIHCuV52sgAoqT
Dsap4z5UtXZAD0Ds2CiSij/CCDCiJsa11lfTZ9qOik3Y8TVcuRecW7IwLvmET4KX
j6K1KIoc1st6vXu3FjA1+mV/YjhL6XO7Nw1pr1n2Oswt1cuIOCBpLwKbTmSTcmDc
y4kwNUp6Vl/CBA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:36 2025 by rpki-client