Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6cf5f4-3d60-41d7-ae1a-cbc331bfcdb2/1/bkQo9_F7GcFQaMq5OdN3lA6NTHA.mft
File: bkQo9_F7GcFQaMq5OdN3lA6NTHA.mft (raw, json)
Hash identifier: h+aM4pZ1gLIXsCiEEgg9yhfegoTGMcwPS7YDjInZn/w=
Subject key identifier: A3:AF:FA:27:70:2A:13:BA:87:27:84:73:E6:16:B7:11:E4:5B:B3:3E
Authority key identifier: 6E:44:28:F7:F1:7B:19:C1:50:68:CA:B9:39:D3:77:94:0E:8D:4C:70
Certificate issuer: /CN=6e4428f7f17b19c15068cab939d377940e8d4c70
Certificate serial: 019A70A4F06BDBF173F053AEB5E6146E3366
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkQo9_F7GcFQaMq5OdN3lA6NTHA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6cf5f4-3d60-41d7-ae1a-cbc331bfcdb2/1/bkQo9_F7GcFQaMq5OdN3lA6NTHA.mft
Manifest number: 04CF
Signing time: Tue 11 Nov 2025 02:00:48 +0000
Manifest this update: Tue 11 Nov 2025 02:00:48 +0000
Manifest next update: Wed 12 Nov 2025 02:00:48 +0000
Files and hashes: 1: bkQo9_F7GcFQaMq5OdN3lA6NTHA.crl (hash: SkM2aY6XQng7UaXkrTCx0AEsNSfECQQ/xNH/o9Cc1Bg=)
2: r5LfqFNzBSvkVNYj6vVDPex2eII.roa (hash: zD3Y+yhvhdTCP2LNWWBpR2SBF00RvRC4BFmgCTYqEsc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/6cf5f4-3d60-41d7-ae1a-cbc331bfcdb2/1/bkQo9_F7GcFQaMq5OdN3lA6NTHA.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/6cf5f4-3d60-41d7-ae1a-cbc331bfcdb2/1/bkQo9_F7GcFQaMq5OdN3lA6NTHA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bkQo9_F7GcFQaMq5OdN3lA6NTHA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a4:f0:6b:db:f1:73:f0:53:ae:b5:e6:14:6e:33:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e4428f7f17b19c15068cab939d377940e8d4c70
Validity
Not Before: Nov 11 02:00:48 2025 GMT
Not After : Nov 12 02:00:48 2025 GMT
Subject: CN=a3affa27702a13ba87278473e616b711e45bb33e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:53:a1:57:6b:da:41:bd:b6:90:84:48:dc:09:
17:44:d0:dd:86:e7:0d:b7:12:4f:4e:fe:c6:02:5b:
37:3a:5a:1a:d4:ea:f1:5e:71:0b:94:b4:b8:6c:02:
94:6a:36:1f:36:e5:7c:ad:93:a9:82:77:9f:6b:ac:
4b:9b:36:f1:28:1b:0a:f3:09:c8:07:73:cd:d7:15:
32:ae:30:30:b9:e0:f0:00:02:e8:bf:ab:f6:36:22:
81:a4:33:f1:23:d3:c4:94:f2:ea:9a:a8:33:bd:f1:
7a:56:4c:13:90:b2:43:f2:70:be:8e:e4:5c:18:5e:
77:b0:96:95:90:8d:8d:a7:99:bb:ed:e8:f8:af:4d:
c8:f3:bd:8d:7f:ac:11:48:37:36:15:c7:93:40:bd:
af:4c:07:e0:ab:0b:a7:fb:7f:b1:12:1a:d4:82:bc:
b6:fc:93:94:6b:79:7c:40:8a:a5:ec:f9:8f:41:de:
52:0a:2d:25:91:4e:d9:f7:f9:70:ee:f7:a3:52:cf:
8b:b4:b1:54:41:b6:01:c8:e8:7d:df:c3:e8:df:ae:
6d:1b:b3:48:4c:41:a6:be:72:a2:90:5f:59:95:dc:
4e:e7:d3:c2:89:5a:08:e8:52:1a:56:78:38:0f:7d:
fc:cc:23:f4:fb:b1:d9:f1:86:09:8c:c5:6a:8a:cc:
07:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:AF:FA:27:70:2A:13:BA:87:27:84:73:E6:16:B7:11:E4:5B:B3:3E
X509v3 Authority Key Identifier:
keyid:6E:44:28:F7:F1:7B:19:C1:50:68:CA:B9:39:D3:77:94:0E:8D:4C:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkQo9_F7GcFQaMq5OdN3lA6NTHA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6cf5f4-3d60-41d7-ae1a-cbc331bfcdb2/1/bkQo9_F7GcFQaMq5OdN3lA6NTHA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6cf5f4-3d60-41d7-ae1a-cbc331bfcdb2/1/bkQo9_F7GcFQaMq5OdN3lA6NTHA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:03:53:62:d2:35:d0:ef:7c:cf:55:22:25:39:bb:54:1a:8d:
57:f7:e9:47:7a:ef:97:b6:16:5d:0a:2b:97:71:61:1a:ef:9f:
f7:e4:45:0c:ce:4a:97:37:cf:8c:8a:e2:12:81:a2:7f:2a:be:
46:72:fc:44:77:75:5d:8a:69:81:7e:8c:78:98:ce:f9:b3:1a:
af:4f:db:c6:e4:88:27:a7:65:b2:37:78:75:f9:a7:7c:41:5b:
35:ca:19:ba:f7:9c:b0:44:50:6a:3f:6f:32:1f:8a:7a:a6:5e:
8c:1d:b6:93:23:a3:63:a3:99:81:79:de:9d:41:34:6b:59:23:
fd:14:3a:2f:5b:f8:3a:82:4b:ac:ed:2f:87:db:e6:5b:b8:55:
98:3c:15:e6:ba:9c:70:27:48:ad:8a:15:e0:20:34:87:f4:42:
f5:ba:08:82:d7:c2:cd:69:f5:43:42:b3:98:29:1e:2b:60:e9:
28:61:17:fb:46:3d:6e:87:2a:da:5b:cf:61:3a:1f:06:97:75:
5e:cb:85:1d:95:21:4f:06:ed:aa:fd:ef:7c:17:d2:b5:4f:d3:
1b:ca:9d:59:e7:71:aa:09:4a:38:1c:e5:9d:f8:1e:9c:ee:6b:
5e:44:d1:47:09:64:35:0f:e3:b9:d6:9c:e4:3d:7a:57:0d:59:
43:c6:87:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpPBr2/Fz8FOuteYUbjNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNDQyOGY3ZjE3YjE5YzE1MDY4Y2FiOTM5ZDM3Nzk0MGU4
ZDRjNzAwHhcNMjUxMTExMDIwMDQ4WhcNMjUxMTEyMDIwMDQ4WjAzMTEwLwYDVQQD
EyhhM2FmZmEyNzcwMmExM2JhODcyNzg0NzNlNjE2YjcxMWU0NWJiMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFOhV2vaQb22kIRI3AkXRNDdhucN
txJPTv7GAls3Oloa1OrxXnELlLS4bAKUajYfNuV8rZOpgnefa6xLmzbxKBsK8wnI
B3PN1xUyrjAwueDwAALov6v2NiKBpDPxI9PElPLqmqgzvfF6VkwTkLJD8nC+juRc
GF53sJaVkI2Np5m77ej4r03I872Nf6wRSDc2FceTQL2vTAfgqwun+3+xEhrUgry2
/JOUa3l8QIql7PmPQd5SCi0lkU7Z9/lw7vejUs+LtLFUQbYByOh938Po365tG7NI
TEGmvnKikF9ZldxO59PCiVoI6FIaVng4D338zCP0+7HZ8YYJjMVqiswHFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOv+idwKhO6hyeEc+YWtxHkW7M+MB8GA1UdIwQY
MBaAFG5EKPfxexnBUGjKuTnTd5QOjUxwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmtRbzlfRjdHY0ZRYU1xNU9kTjNsQTZOVEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82Y2Y1ZjQtM2Q2MC00MWQ3LWFlMWEt
Y2JjMzMxYmZjZGIyLzEvYmtRbzlfRjdHY0ZRYU1xNU9kTjNsQTZOVEhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82Y2Y1ZjQtM2Q2MC00MWQ3LWFlMWEtY2JjMzMxYmZjZGIy
LzEvYmtRbzlfRjdHY0ZRYU1xNU9kTjNsQTZOVEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOwNTYtI1
0O98z1UiJTm7VBqNV/fpR3rvl7YWXQorl3FhGu+f9+RFDM5KlzfPjIriEoGifyq+
RnL8RHd1XYppgX6MeJjO+bMar0/bxuSIJ6dlsjd4dfmnfEFbNcoZuvecsERQaj9v
Mh+KeqZejB22kyOjY6OZgXnenUE0a1kj/RQ6L1v4OoJLrO0vh9vmW7hVmDwV5rqc
cCdIrYoV4CA0h/RC9boIgtfCzWn1Q0KzmCkeK2DpKGEX+0Y9bocq2lvPYTofBpd1
XsuFHZUhTwbtqv3vfBfStU/TG8qdWedxqglKOBzlnfgenO5rXkTRRwlkNQ/judac
5D16Vw1ZQ8aHNQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:32 2025 by rpki-client