Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.mft
File: BozI9XorPCKZsfSCtn4V2d5DrTw.mft (raw, json)
Hash identifier: 3U/yzQNJBF4a/29Is0MpfvsOhCMVt8Lag36V+UoSpTM=
Subject key identifier: 23:C1:54:31:3E:C9:5B:3D:54:DF:C4:40:F3:03:A6:03:25:C3:CE:3F
Authority key identifier: 06:8C:C8:F5:7A:2B:3C:22:99:B1:F4:82:B6:7E:15:D9:DE:43:AD:3C
Certificate issuer: /CN=068cc8f57a2b3c2299b1f482b67e15d9de43ad3c
Certificate serial: 019A71B83B2B70091D438EF34180F30513F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.mft
Manifest number: 1495
Signing time: Tue 11 Nov 2025 07:01:30 +0000
Manifest this update: Tue 11 Nov 2025 07:01:30 +0000
Manifest next update: Wed 12 Nov 2025 07:01:30 +0000
Files and hashes: 1: BozI9XorPCKZsfSCtn4V2d5DrTw.crl (hash: WAQJWX0tSYdtqFTRBkY2tFfCf+4/qxZR6lK1lP4en6w=)
2: P9IjOiRib_oTzk3RFCj75_fHPso.roa (hash: zczeX9mp/ovcEZlHCQx76naAHy+fi7XPa1xXLFJeJgA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:3b:2b:70:09:1d:43:8e:f3:41:80:f3:05:13:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=068cc8f57a2b3c2299b1f482b67e15d9de43ad3c
Validity
Not Before: Nov 11 07:01:30 2025 GMT
Not After : Nov 12 07:01:30 2025 GMT
Subject: CN=23c154313ec95b3d54dfc440f303a60325c3ce3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:13:fd:42:ed:c6:6f:16:6e:a2:7d:81:85:9e:
51:d0:16:47:3c:0f:24:ca:9c:42:0b:f4:02:59:4f:
d6:54:ac:be:f3:78:ab:27:b9:58:39:5d:63:66:3c:
1d:31:d2:32:36:9a:c1:c5:f2:c5:38:aa:6e:e9:ce:
92:73:a4:0f:3f:73:ef:1f:7f:a0:13:ab:f8:6f:d3:
f9:ff:bc:4a:15:e8:d7:31:ff:07:57:cc:9b:9b:35:
1b:1a:87:8b:00:c4:a6:3e:0a:fe:aa:55:7d:c9:7c:
02:be:a5:97:f1:56:db:79:10:66:1c:72:1b:7a:30:
18:7f:9a:c8:c2:0b:59:b7:60:96:67:ca:32:1b:bc:
e8:48:12:04:19:7f:c6:00:c3:e2:ab:31:b8:a5:4f:
96:dc:af:f5:ec:43:64:b9:1f:c8:c1:ba:c0:67:79:
61:b4:f7:a7:6c:28:e2:9f:71:23:d1:a4:f9:aa:18:
2b:20:df:4e:4f:f1:cd:f3:f0:a3:33:f8:da:aa:f3:
a1:8c:a6:bb:e9:46:9e:ed:e0:14:2a:ae:8f:02:da:
cf:8b:ca:73:b8:c2:2b:dc:e2:03:4c:f8:c5:f7:18:
52:1d:16:af:ea:4a:5b:4d:c5:b2:c8:e3:07:2b:6e:
8f:53:d7:df:3d:84:16:a9:a4:75:66:83:10:e2:d2:
f2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C1:54:31:3E:C9:5B:3D:54:DF:C4:40:F3:03:A6:03:25:C3:CE:3F
X509v3 Authority Key Identifier:
keyid:06:8C:C8:F5:7A:2B:3C:22:99:B1:F4:82:B6:7E:15:D9:DE:43:AD:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:95:ec:c9:f5:f1:24:68:4d:bb:a6:ba:a8:13:74:f0:b5:e8:
19:77:7b:98:e5:73:9a:fa:98:99:56:8c:df:a7:08:58:dc:7d:
37:ea:b6:48:d2:32:f4:e0:11:46:43:1b:fa:e7:18:ad:25:6f:
50:da:f3:25:ea:05:08:06:ea:85:94:02:ee:ee:08:c6:05:1b:
fe:55:1b:cf:74:51:9e:ee:38:c4:db:2e:9e:d5:f1:54:c1:44:
ad:cf:e6:76:ad:09:a5:ff:7e:ad:15:c9:b1:2e:06:e7:da:13:
fe:0b:ec:0b:db:99:1f:6d:b2:a5:12:3a:f3:d5:47:89:9e:a9:
95:d6:5a:be:57:a8:c5:21:26:55:91:6d:b5:3f:f1:3a:3b:cc:
33:5d:18:90:69:d6:62:26:93:8d:f8:cb:2f:02:57:dd:c3:19:
7e:04:94:b8:e9:38:c5:8a:e6:13:b7:14:03:f1:f7:ed:85:a5:
4b:18:8a:91:fc:ab:9e:a3:76:fa:67:5e:74:b2:ef:8e:d9:f0:
38:74:d2:ff:78:04:a0:5a:7b:fa:78:89:c7:f8:e0:f1:5b:e7:
a3:6c:11:7d:6b:1d:6e:f5:9b:44:b7:f9:62:d8:5f:9f:08:f9:
fd:80:31:5f:c4:49:e1:37:ca:d4:3d:f7:9b:7c:36:38:d5:85:
b5:f0:fd:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDsrcAkdQ47zQYDzBRP3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2OGNjOGY1N2EyYjNjMjI5OWIxZjQ4MmI2N2UxNWQ5ZGU0
M2FkM2MwHhcNMjUxMTExMDcwMTMwWhcNMjUxMTEyMDcwMTMwWjAzMTEwLwYDVQQD
EygyM2MxNTQzMTNlYzk1YjNkNTRkZmM0NDBmMzAzYTYwMzI1YzNjZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhP9Qu3GbxZuon2BhZ5R0BZHPA8k
ypxCC/QCWU/WVKy+83irJ7lYOV1jZjwdMdIyNprBxfLFOKpu6c6Sc6QPP3PvH3+g
E6v4b9P5/7xKFejXMf8HV8ybmzUbGoeLAMSmPgr+qlV9yXwCvqWX8VbbeRBmHHIb
ejAYf5rIwgtZt2CWZ8oyG7zoSBIEGX/GAMPiqzG4pU+W3K/17ENkuR/IwbrAZ3lh
tPenbCjin3Ej0aT5qhgrIN9OT/HN8/CjM/jaqvOhjKa76Uae7eAUKq6PAtrPi8pz
uMIr3OIDTPjF9xhSHRav6kpbTcWyyOMHK26PU9ffPYQWqaR1ZoMQ4tLyhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPBVDE+yVs9VN/EQPMDpgMlw84/MB8GA1UdIwQY
MBaAFAaMyPV6KzwimbH0grZ+FdneQ608MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kYmRlOGMtYTBmYy00NGQ3LTk5M2It
MmEyODQxNmQ0NWIyLzEvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kYmRlOGMtYTBmYy00NGQ3LTk5M2ItMmEyODQxNmQ0NWIy
LzEvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUpXsyfXx
JGhNu6a6qBN08LXoGXd7mOVzmvqYmVaM36cIWNx9N+q2SNIy9OARRkMb+ucYrSVv
UNrzJeoFCAbqhZQC7u4IxgUb/lUbz3RRnu44xNsuntXxVMFErc/mdq0Jpf9+rRXJ
sS4G59oT/gvsC9uZH22ypRI689VHiZ6pldZavleoxSEmVZFttT/xOjvMM10YkGnW
YiaTjfjLLwJX3cMZfgSUuOk4xYrmE7cUA/H37YWlSxiKkfyrnqN2+mdedLLvjtnw
OHTS/3gEoFp7+niJx/jg8Vvno2wRfWsdbvWbRLf5Ythfnwj5/YAxX8RJ4TfK1D33
m3w2ONWFtfD9NQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:39:06 2025 by rpki-client