Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.mft
File: bfHIcky70DS6t6Da3wq0uZ_2b_8.mft (raw, json)
Hash identifier: l0TuE/SycIepq/fh830KIY3i9f6Gal07j/qKzdjXsV0=
Subject key identifier: B1:BB:2D:A5:AE:53:7A:A1:88:1F:35:E2:FB:D7:A0:5B:F0:7E:D8:52
Authority key identifier: 6D:F1:C8:72:4C:BB:D0:34:BA:B7:A0:DA:DF:0A:B4:B9:9F:F6:6F:FF
Certificate issuer: /CN=6df1c8724cbbd034bab7a0dadf0ab4b99ff66fff
Certificate serial: 019A71135F0B7A9B2838C54E9B1923B4AA62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfHIcky70DS6t6Da3wq0uZ_2b_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 04:01:26 +0000
Manifest this update: Tue 11 Nov 2025 04:01:26 +0000
Manifest next update: Wed 12 Nov 2025 04:01:26 +0000
Files and hashes: 1: 3gASlQlN9UdPtrWqrdLITdzt5Ew.roa (hash: ramhN8+V67WDz+dJge66wgSFRzcM7UnMyKgsybDZiQA=)
2: bfHIcky70DS6t6Da3wq0uZ_2b_8.crl (hash: lE63oUPw6+3lBbt+8ERrZ0kvGyLZQw3GWeyaSXIe30Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bfHIcky70DS6t6Da3wq0uZ_2b_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:5f:0b:7a:9b:28:38:c5:4e:9b:19:23:b4:aa:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6df1c8724cbbd034bab7a0dadf0ab4b99ff66fff
Validity
Not Before: Nov 11 04:01:26 2025 GMT
Not After : Nov 12 04:01:26 2025 GMT
Subject: CN=b1bb2da5ae537aa1881f35e2fbd7a05bf07ed852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9d:b5:07:73:d7:f6:d3:73:40:d5:2e:0f:43:
60:d8:ad:62:6f:74:b0:5d:97:99:d5:be:e1:2a:b3:
a0:14:a8:b5:4d:8a:3e:35:8a:6e:48:fc:49:01:71:
5a:a1:72:14:76:74:7e:4e:2a:84:c1:06:b6:94:86:
8c:0d:6a:83:97:ed:1f:86:ba:39:4e:11:3f:b4:d8:
6a:9d:4b:ea:5d:e0:2a:d9:8e:11:60:40:45:81:62:
b9:c3:44:c8:f5:e4:e7:68:f5:43:e1:5e:a8:c3:9a:
83:ca:34:97:e7:e9:e4:08:f8:91:36:b8:56:1f:51:
3c:6a:f8:79:2e:d8:9d:aa:35:a0:41:e7:31:bf:31:
42:dc:00:8a:c0:c4:72:84:30:4d:98:44:54:3c:fe:
9f:19:d7:65:c8:f7:5a:5d:b2:25:ec:4d:60:60:43:
00:09:4a:ee:58:09:e7:26:2b:d9:b7:4e:a9:db:a3:
a8:01:56:d4:e4:c8:88:19:f2:3f:eb:83:4e:aa:6f:
5f:4b:53:4a:46:41:42:21:1f:25:d2:4b:d0:d9:97:
a5:f1:a1:7f:00:60:a2:33:90:1e:06:75:ef:3e:8d:
1a:0f:22:40:a8:59:c8:64:54:a4:bb:a9:8b:0e:32:
d9:89:d0:ab:17:ec:37:51:e6:06:d5:d3:ab:25:08:
41:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:BB:2D:A5:AE:53:7A:A1:88:1F:35:E2:FB:D7:A0:5B:F0:7E:D8:52
X509v3 Authority Key Identifier:
keyid:6D:F1:C8:72:4C:BB:D0:34:BA:B7:A0:DA:DF:0A:B4:B9:9F:F6:6F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfHIcky70DS6t6Da3wq0uZ_2b_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:7f:3d:ab:8a:6d:c2:2c:ea:a6:d3:71:a5:d2:3a:69:79:69:
18:a5:e2:73:a4:b3:2d:37:56:85:ab:05:38:e2:66:ab:49:79:
16:47:4e:fd:cc:85:ba:4a:d5:09:7e:0e:84:a7:cd:0a:33:1b:
79:a7:72:c6:ba:44:b6:b7:a0:13:26:b7:a3:65:39:bb:18:73:
82:b6:e0:5a:11:62:ef:8a:ea:87:45:c5:15:ab:18:53:cd:a2:
ea:09:1c:81:1d:d0:34:38:40:56:d6:e5:71:f5:8f:10:85:92:
2b:4c:8c:83:8d:cd:6b:5b:37:70:77:f8:60:b8:6d:cf:8f:07:
c6:10:43:db:58:44:8a:7e:45:04:d4:1a:77:e1:0b:bf:0b:c9:
5c:12:88:df:f6:72:a7:00:f3:a6:9a:98:2b:9e:c4:1b:d2:bd:
21:6f:3b:53:6c:d9:09:12:e6:1d:5b:2f:7b:8b:8a:da:74:21:
05:ac:df:87:01:e4:42:bb:76:5c:a2:36:bc:8d:14:fe:6e:25:
1c:eb:de:5d:de:b0:1b:92:31:1f:32:8a:e8:02:26:79:03:92:
57:7a:e5:02:df:3c:b2:56:d9:96:d7:0c:fa:ab:93:c3:41:cd:
4b:f1:6c:14:87:63:b1:d8:da:fd:fe:04:62:20:88:58:a4:9e:
aa:88:91:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE18LepsoOMVOmxkjtKpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZjFjODcyNGNiYmQwMzRiYWI3YTBkYWRmMGFiNGI5OWZm
NjZmZmYwHhcNMjUxMTExMDQwMTI2WhcNMjUxMTEyMDQwMTI2WjAzMTEwLwYDVQQD
EyhiMWJiMmRhNWFlNTM3YWExODgxZjM1ZTJmYmQ3YTA1YmYwN2VkODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm521B3PX9tNzQNUuD0Ng2K1ib3Sw
XZeZ1b7hKrOgFKi1TYo+NYpuSPxJAXFaoXIUdnR+TiqEwQa2lIaMDWqDl+0fhro5
ThE/tNhqnUvqXeAq2Y4RYEBFgWK5w0TI9eTnaPVD4V6ow5qDyjSX5+nkCPiRNrhW
H1E8avh5LtidqjWgQecxvzFC3ACKwMRyhDBNmERUPP6fGddlyPdaXbIl7E1gYEMA
CUruWAnnJivZt06p26OoAVbU5MiIGfI/64NOqm9fS1NKRkFCIR8l0kvQ2Zel8aF/
AGCiM5AeBnXvPo0aDyJAqFnIZFSku6mLDjLZidCrF+w3UeYG1dOrJQhB8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLG7LaWuU3qhiB814vvXoFvwfthSMB8GA1UdIwQY
MBaAFG3xyHJMu9A0ureg2t8KtLmf9m//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZISWNreTcwRFM2dDZEYTN3cTB1Wl8yYl84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9lMDc4MWYtNmU2NC00NmFhLThhZjAt
ZjkyNGQ2ZjZhNTk1LzEvYmZISWNreTcwRFM2dDZEYTN3cTB1Wl8yYl84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9lMDc4MWYtNmU2NC00NmFhLThhZjAtZjkyNGQ2ZjZhNTk1
LzEvYmZISWNreTcwRFM2dDZEYTN3cTB1Wl8yYl84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ389q4pt
wizqptNxpdI6aXlpGKXic6SzLTdWhasFOOJmq0l5FkdO/cyFukrVCX4OhKfNCjMb
eadyxrpEtregEya3o2U5uxhzgrbgWhFi74rqh0XFFasYU82i6gkcgR3QNDhAVtbl
cfWPEIWSK0yMg43Na1s3cHf4YLhtz48HxhBD21hEin5FBNQad+ELvwvJXBKI3/Zy
pwDzppqYK57EG9K9IW87U2zZCRLmHVsve4uK2nQhBazfhwHkQrt2XKI2vI0U/m4l
HOveXd6wG5IxHzKK6AImeQOSV3rlAt88slbZltcM+quTw0HNS/FsFIdjsdja/f4E
YiCIWKSeqoiRhw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:01:05 2025 by rpki-client