Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.mft
File: BjfRzl3D-oAOHR3PvaqEH93UOQU.mft (raw, json)
Hash identifier: NKcUs3w8zXcEflTZAfgTMslRzLZ/CN/3E/JKv8kshi4=
Subject key identifier: 50:04:72:A7:62:62:D1:B9:D1:CC:37:C4:60:4C:01:A8:38:C8:AD:58
Authority key identifier: 06:37:D1:CE:5D:C3:FA:80:0E:1D:1D:CF:BD:AA:84:1F:DD:D4:39:05
Certificate issuer: /CN=0637d1ce5dc3fa800e1d1dcfbdaa841fddd43905
Certificate serial: 01993A26FF5B78DE2020D05DA932078990F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BjfRzl3D-oAOHR3PvaqEH93UOQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.mft
Manifest number: 14C7
Signing time: Thu 11 Sep 2025 19:00:58 +0000
Manifest this update: Thu 11 Sep 2025 19:00:58 +0000
Manifest next update: Fri 12 Sep 2025 19:00:58 +0000
Files and hashes: 1: BjfRzl3D-oAOHR3PvaqEH93UOQU.crl (hash: syp5Jur50kQ93GlASo1GcqNCtO2XELuZVfx6P6ojqPo=)
2: cqs27uyShJLHJ19HI0wbuu9K6Mw.roa (hash: Io5SItgYrsPuNxUpvFI/wIElXAajrpA8wR3rTKWJTBI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.mft
rsync://rpki.ripe.net/repository/DEFAULT/BjfRzl3D-oAOHR3PvaqEH93UOQU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 14:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:3a:26:ff:5b:78:de:20:20:d0:5d:a9:32:07:89:90:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0637d1ce5dc3fa800e1d1dcfbdaa841fddd43905
Validity
Not Before: Sep 11 19:00:58 2025 GMT
Not After : Sep 12 19:00:58 2025 GMT
Subject: CN=500472a76262d1b9d1cc37c4604c01a838c8ad58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:33:fd:f5:41:30:5f:a1:09:0b:05:7d:a7:ef:
c7:31:2b:69:d4:f7:d3:dc:61:77:dc:21:d4:5e:0f:
41:5c:fd:37:bb:e3:a2:9d:9b:fc:76:28:45:e2:86:
73:42:39:87:9d:e5:93:af:69:2a:1a:85:9f:63:1e:
54:86:83:63:27:d4:2c:bf:fe:23:e0:6e:b6:65:1c:
47:69:0d:48:ae:24:49:f2:3d:af:43:13:03:ad:b6:
59:aa:e7:3e:a5:63:c9:5f:77:29:bd:90:5e:d0:6b:
90:3c:05:41:95:01:a9:03:9d:fd:a3:7c:d1:0e:c1:
dd:29:c2:f9:a9:36:b0:85:6e:73:81:3a:a0:fc:2a:
b0:a0:8a:69:fa:c5:cd:ce:07:63:31:64:56:da:ed:
c6:a3:4e:6e:eb:f2:e7:1f:15:46:78:08:7f:59:8d:
73:17:15:ee:f9:af:33:7b:86:6a:39:f3:9a:39:39:
51:c9:b4:1b:e7:b0:f1:ce:05:88:2c:cc:9f:5e:3c:
80:8d:fa:9d:2f:ec:47:24:ef:fe:c9:c4:5a:c7:c7:
6f:af:77:a0:82:06:4f:1b:3a:c0:3e:b9:d5:02:5b:
84:af:e2:5d:77:3d:80:ca:8e:51:99:dd:1f:16:b5:
12:7f:83:de:8e:da:58:6a:c2:b6:71:f4:23:29:6d:
0e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:04:72:A7:62:62:D1:B9:D1:CC:37:C4:60:4C:01:A8:38:C8:AD:58
X509v3 Authority Key Identifier:
keyid:06:37:D1:CE:5D:C3:FA:80:0E:1D:1D:CF:BD:AA:84:1F:DD:D4:39:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjfRzl3D-oAOHR3PvaqEH93UOQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:3a:16:eb:87:a3:32:18:b2:b6:d2:6b:f0:ac:d9:9a:db:c0:
1c:62:a7:22:2b:dd:2c:eb:a9:46:80:6f:c9:6d:19:be:14:23:
6f:90:20:2f:b4:77:f1:89:98:6a:57:87:a1:52:45:9f:34:3d:
15:1f:82:2a:90:26:2e:78:5a:9f:b3:45:ae:82:37:16:f0:5c:
bc:81:6e:7c:21:0a:1e:66:35:a0:be:1e:8a:5f:38:87:3b:36:
a8:c1:e0:ca:64:be:ea:86:de:86:16:fd:ca:4c:3f:ac:63:71:
8f:53:18:1a:ce:e7:fc:8c:02:dc:ff:1d:64:22:fa:1f:59:b0:
8d:67:9d:cf:0b:d2:81:6c:6e:11:63:ac:25:24:cd:e9:1a:b1:
b7:82:19:fd:62:ef:9d:41:15:83:40:ca:26:13:6e:7a:9d:d1:
1f:dd:47:7d:3c:cb:52:d6:25:90:2c:4c:ca:66:89:0b:c4:9d:
01:ff:bd:f2:07:cf:8d:56:1a:01:9c:6d:76:66:3c:3c:51:e2:
72:41:7b:ac:74:93:6e:7c:e3:8c:d9:ea:0f:bd:72:50:f6:1c:
a9:7f:ec:ae:af:37:95:f9:e0:36:56:67:35:ce:8e:27:64:2f:
74:da:fb:b2:72:6c:44:c6:58:38:c4:a7:b3:c4:56:53:10:d4:
51:bf:95:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk6Jv9beN4gINBdqTIHiZD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzdkMWNlNWRjM2ZhODAwZTFkMWRjZmJkYWE4NDFmZGRk
NDM5MDUwHhcNMjUwOTExMTkwMDU4WhcNMjUwOTEyMTkwMDU4WjAzMTEwLwYDVQQD
Eyg1MDA0NzJhNzYyNjJkMWI5ZDFjYzM3YzQ2MDRjMDFhODM4YzhhZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujP99UEwX6EJCwV9p+/HMStp1PfT
3GF33CHUXg9BXP03u+OinZv8dihF4oZzQjmHneWTr2kqGoWfYx5UhoNjJ9Qsv/4j
4G62ZRxHaQ1IriRJ8j2vQxMDrbZZquc+pWPJX3cpvZBe0GuQPAVBlQGpA539o3zR
DsHdKcL5qTawhW5zgTqg/CqwoIpp+sXNzgdjMWRW2u3Go05u6/LnHxVGeAh/WY1z
FxXu+a8ze4ZqOfOaOTlRybQb57DxzgWILMyfXjyAjfqdL+xHJO/+ycRax8dvr3eg
ggZPGzrAPrnVAluEr+Jddz2Ayo5Rmd0fFrUSf4PejtpYasK2cfQjKW0OwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFAEcqdiYtG50cw3xGBMAag4yK1YMB8GA1UdIwQY
MBaAFAY30c5dw/qADh0dz72qhB/d1DkFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpmUnpsM0Qtb0FPSFIzUHZhcUVIOTNVT1FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lYWE2MDItMmEzZi00ZjMyLWFiY2Ut
M2Q4MGQ2ODZlNzQ3LzEvQmpmUnpsM0Qtb0FPSFIzUHZhcUVIOTNVT1FVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lYWE2MDItMmEzZi00ZjMyLWFiY2UtM2Q4MGQ2ODZlNzQ3
LzEvQmpmUnpsM0Qtb0FPSFIzUHZhcUVIOTNVT1FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQDoW64ej
MhiyttJr8KzZmtvAHGKnIivdLOupRoBvyW0ZvhQjb5AgL7R38YmYaleHoVJFnzQ9
FR+CKpAmLnhan7NFroI3FvBcvIFufCEKHmY1oL4eil84hzs2qMHgymS+6obehhb9
ykw/rGNxj1MYGs7n/IwC3P8dZCL6H1mwjWedzwvSgWxuEWOsJSTN6Rqxt4IZ/WLv
nUEVg0DKJhNuep3RH91HfTzLUtYlkCxMymaJC8SdAf+98gfPjVYaAZxtdmY8PFHi
ckF7rHSTbnzjjNnqD71yUPYcqX/srq83lfngNlZnNc6OJ2QvdNr7snJsRMZYOMSn
s8RWUxDUUb+VrA==
-----END CERTIFICATE-----
Generated at Thu Sep 11 21:28:34 2025 by rpki-client