Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/0f9d37-fb57-48cf-839e-b0623ea7fb01/1/bWSoZ_RcSPICewC4PHd5b7u-Ayg.mft
File: bWSoZ_RcSPICewC4PHd5b7u-Ayg.mft (raw, json)
Hash identifier: 4ID3TySOn5Gy3cUts+1SpQ21xf8KsUrqhgCF3GP6t+Y=
Subject key identifier: BB:21:4D:D2:75:7A:4D:6A:17:B8:AD:C6:81:2E:2C:34:F2:B4:3B:28
Authority key identifier: 6D:64:A8:67:F4:5C:48:F2:02:7B:00:B8:3C:77:79:6F:BB:BE:03:28
Certificate issuer: /CN=6d64a867f45c48f2027b00b83c77796fbbbe0328
Certificate serial: 019A7225BC1DB4778F9D438872A9F91A9FD2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWSoZ_RcSPICewC4PHd5b7u-Ayg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/0f9d37-fb57-48cf-839e-b0623ea7fb01/1/bWSoZ_RcSPICewC4PHd5b7u-Ayg.mft
Manifest number: 02CA
Signing time: Tue 11 Nov 2025 09:01:06 +0000
Manifest this update: Tue 11 Nov 2025 09:01:06 +0000
Manifest next update: Wed 12 Nov 2025 09:01:06 +0000
Files and hashes: 1: ZX73IV0uGk2ob4VktyJV9wBSBac.roa (hash: Z5WvoiItJu0epzg3OUDQ1qokvJ24J2oFtkaMgOd6bHY=)
2: bWSoZ_RcSPICewC4PHd5b7u-Ayg.crl (hash: pkhd9D//g1qLAy7caVWxXRNi42OR1gmZbgGYu8VfxpM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/0f9d37-fb57-48cf-839e-b0623ea7fb01/1/bWSoZ_RcSPICewC4PHd5b7u-Ayg.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/0f9d37-fb57-48cf-839e-b0623ea7fb01/1/bWSoZ_RcSPICewC4PHd5b7u-Ayg.mft
rsync://rpki.ripe.net/repository/DEFAULT/bWSoZ_RcSPICewC4PHd5b7u-Ayg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:bc:1d:b4:77:8f:9d:43:88:72:a9:f9:1a:9f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d64a867f45c48f2027b00b83c77796fbbbe0328
Validity
Not Before: Nov 11 09:01:06 2025 GMT
Not After : Nov 12 09:01:06 2025 GMT
Subject: CN=bb214dd2757a4d6a17b8adc6812e2c34f2b43b28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5a:4b:81:1e:22:8e:10:bc:02:82:38:34:e4:
7c:a4:cf:81:71:6d:b6:4b:5d:5e:ad:57:ac:48:da:
7a:10:ac:4a:cd:b6:bc:fa:e8:da:dc:e1:86:63:cd:
04:66:de:65:a2:16:b6:41:c0:6a:46:97:d2:64:b0:
ad:71:26:51:5c:e0:58:ee:5b:bf:ae:1a:39:02:5b:
d6:61:02:7d:9a:77:d0:76:73:9b:9f:3d:d8:d0:ac:
79:81:27:58:8f:80:1c:6e:c7:f1:98:95:cf:f3:00:
ca:c4:77:e0:af:00:3d:6b:95:c7:79:38:5b:ab:e0:
f4:0c:9e:9a:82:12:a3:9a:3a:82:22:fa:85:d1:97:
01:30:fe:a6:3e:7d:9e:76:02:4d:d5:0e:1d:52:5a:
23:5d:2d:c9:0e:23:48:51:e2:7c:6a:1e:9e:da:19:
27:66:9f:64:73:39:ce:e2:d6:f0:ee:a0:ce:df:41:
12:74:dc:61:9a:90:dc:0b:44:ec:fd:19:76:41:4d:
38:9e:83:c8:6d:08:de:3f:c0:3a:28:66:ad:56:a6:
f4:94:45:48:c3:e8:e4:eb:0c:03:8d:df:4e:9a:af:
b8:e9:f0:d3:e8:d9:97:69:68:5e:5c:78:ad:dd:4d:
d5:b8:a6:13:79:b2:30:a3:80:b5:0c:e1:a9:35:8b:
b4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:21:4D:D2:75:7A:4D:6A:17:B8:AD:C6:81:2E:2C:34:F2:B4:3B:28
X509v3 Authority Key Identifier:
keyid:6D:64:A8:67:F4:5C:48:F2:02:7B:00:B8:3C:77:79:6F:BB:BE:03:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWSoZ_RcSPICewC4PHd5b7u-Ayg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0f9d37-fb57-48cf-839e-b0623ea7fb01/1/bWSoZ_RcSPICewC4PHd5b7u-Ayg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0f9d37-fb57-48cf-839e-b0623ea7fb01/1/bWSoZ_RcSPICewC4PHd5b7u-Ayg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:c3:4c:ba:35:03:e8:a0:a2:62:42:75:1e:58:eb:ff:b1:4b:
e5:36:cd:aa:63:3b:a9:ac:a2:41:59:11:22:72:71:04:f2:e6:
1b:3f:9a:61:6e:b8:66:f5:4e:d5:52:28:bb:b6:59:0a:c8:6e:
97:31:6d:68:51:f4:a6:29:fb:2f:a3:a9:5d:f2:76:8f:ab:5b:
c4:47:ee:bd:dc:8e:21:72:72:e5:53:67:cc:38:e4:a2:27:32:
f4:1a:ca:9b:1e:0a:4f:f6:45:b9:d2:39:5d:6e:9a:d2:75:93:
50:ca:ec:43:88:5f:18:f5:c8:17:34:63:52:33:a5:09:e1:3a:
91:b3:5a:c2:70:80:2b:f6:a4:54:95:44:7b:c6:4a:13:a6:ac:
04:bf:39:2a:f0:c9:b4:52:03:e9:a2:0e:40:24:05:1b:af:d2:
70:cd:86:10:46:7e:98:ac:b3:43:cf:d5:53:f8:c2:0f:04:06:
2f:d0:a3:d7:5d:4a:f2:f7:c0:4b:f4:57:f4:04:41:5e:a4:5b:
d0:44:04:be:6a:ce:be:58:4a:02:7a:b1:d3:c3:a7:a1:33:03:
43:81:4c:89:14:db:55:df:54:fd:30:db:21:92:f7:73:30:6e:
55:e1:3c:c5:f8:57:d5:27:e9:a0:5a:a2:87:15:bc:d3:0a:b9:
28:90:2d:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJbwdtHePnUOIcqn5Gp/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjRhODY3ZjQ1YzQ4ZjIwMjdiMDBiODNjNzc3OTZmYmJi
ZTAzMjgwHhcNMjUxMTExMDkwMTA2WhcNMjUxMTEyMDkwMTA2WjAzMTEwLwYDVQQD
EyhiYjIxNGRkMjc1N2E0ZDZhMTdiOGFkYzY4MTJlMmMzNGYyYjQzYjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlpLgR4ijhC8AoI4NOR8pM+BcW22
S11erVesSNp6EKxKzba8+uja3OGGY80EZt5loha2QcBqRpfSZLCtcSZRXOBY7lu/
rho5AlvWYQJ9mnfQdnObnz3Y0Kx5gSdYj4AcbsfxmJXP8wDKxHfgrwA9a5XHeThb
q+D0DJ6aghKjmjqCIvqF0ZcBMP6mPn2edgJN1Q4dUlojXS3JDiNIUeJ8ah6e2hkn
Zp9kcznO4tbw7qDO30ESdNxhmpDcC0Ts/Rl2QU04noPIbQjeP8A6KGatVqb0lEVI
w+jk6wwDjd9Omq+46fDT6NmXaWheXHit3U3VuKYTebIwo4C1DOGpNYu0IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLshTdJ1ek1qF7itxoEuLDTytDsoMB8GA1UdIwQY
MBaAFG1kqGf0XEjyAnsAuDx3eW+7vgMoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYldTb1pfUmNTUElDZXdDNFBIZDViN3UtQXlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wZjlkMzctZmI1Ny00OGNmLTgzOWUt
YjA2MjNlYTdmYjAxLzEvYldTb1pfUmNTUElDZXdDNFBIZDViN3UtQXlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8wZjlkMzctZmI1Ny00OGNmLTgzOWUtYjA2MjNlYTdmYjAx
LzEvYldTb1pfUmNTUElDZXdDNFBIZDViN3UtQXlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO8NMujUD
6KCiYkJ1Hljr/7FL5TbNqmM7qayiQVkRInJxBPLmGz+aYW64ZvVO1VIou7ZZCshu
lzFtaFH0pin7L6OpXfJ2j6tbxEfuvdyOIXJy5VNnzDjkoicy9BrKmx4KT/ZFudI5
XW6a0nWTUMrsQ4hfGPXIFzRjUjOlCeE6kbNawnCAK/akVJVEe8ZKE6asBL85KvDJ
tFID6aIOQCQFG6/ScM2GEEZ+mKyzQ8/VU/jCDwQGL9Cj111K8vfAS/RX9ARBXqRb
0EQEvmrOvlhKAnqx08OnoTMDQ4FMiRTbVd9U/TDbIZL3czBuVeE8xfhX1SfpoFqi
hxW80wq5KJAtuA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:42:52 2025 by rpki-client