Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/9ce8f5-fed2-47ea-83b3-8d13f7b3f142/1/BeHQfebxKPRpxMOzAorfjU034tk.mft
File: BeHQfebxKPRpxMOzAorfjU034tk.mft (raw, json)
Hash identifier: YXMCN9eQf9GzBB+rARZyiNzHCQBhY++clntW5Wjkuzc=
Subject key identifier: A0:2F:F3:6D:13:62:49:5E:BE:B0:41:63:0B:93:42:E1:30:FD:FD:55
Authority key identifier: 05:E1:D0:7D:E6:F1:28:F4:69:C4:C3:B3:02:8A:DF:8D:4D:37:E2:D9
Certificate issuer: /CN=05e1d07de6f128f469c4c3b3028adf8d4d37e2d9
Certificate serial: 019A71499D03ACFCCA37C9C3AB11F06DE4CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BeHQfebxKPRpxMOzAorfjU034tk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/9ce8f5-fed2-47ea-83b3-8d13f7b3f142/1/BeHQfebxKPRpxMOzAorfjU034tk.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 05:00:40 +0000
Manifest this update: Tue 11 Nov 2025 05:00:40 +0000
Manifest next update: Wed 12 Nov 2025 05:00:40 +0000
Files and hashes: 1: 5_4qOd1GTRdKd6DbyMT4VAzgn60.roa (hash: Q449y6NU5T0NgahXGNO0aRD91GR+m9cfLNErlQRiyf0=)
2: BeHQfebxKPRpxMOzAorfjU034tk.crl (hash: J75vnAgYhoUjt/kWXa3Qg7zuZwjjUUKBJJz7yC4v/RY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/9ce8f5-fed2-47ea-83b3-8d13f7b3f142/1/BeHQfebxKPRpxMOzAorfjU034tk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/9ce8f5-fed2-47ea-83b3-8d13f7b3f142/1/BeHQfebxKPRpxMOzAorfjU034tk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BeHQfebxKPRpxMOzAorfjU034tk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:9d:03:ac:fc:ca:37:c9:c3:ab:11:f0:6d:e4:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05e1d07de6f128f469c4c3b3028adf8d4d37e2d9
Validity
Not Before: Nov 11 05:00:40 2025 GMT
Not After : Nov 12 05:00:40 2025 GMT
Subject: CN=a02ff36d1362495ebeb041630b9342e130fdfd55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2d:fa:e6:72:24:42:42:d5:31:6c:5d:c0:90:
3b:e4:08:f0:6f:4d:8e:c2:6f:3f:c1:6e:a6:29:53:
e4:26:37:0c:46:6d:c3:c7:18:32:71:2a:72:ce:8e:
8c:49:b2:e4:d0:40:57:e8:19:e6:7e:de:d8:d6:37:
b1:22:51:e3:95:bc:09:1f:b4:61:4e:5c:00:87:70:
4b:0e:5c:ee:34:e8:19:4e:4d:b6:85:c9:5e:57:59:
f5:ea:e3:75:f2:f6:c3:2c:02:6a:72:11:7f:bd:d4:
ff:c1:7c:65:7b:ae:67:df:ea:05:db:8f:af:1b:12:
d0:5b:c5:8c:28:f5:cc:4f:50:3c:21:75:8b:d8:4a:
fc:6b:ad:b8:0a:46:fe:c0:c8:c2:ad:4b:ca:97:54:
d9:62:31:9e:1e:fb:02:bd:b8:62:39:df:21:70:1c:
ae:45:0e:af:63:eb:c9:15:6f:9a:0b:a3:3e:55:2e:
ee:60:3b:b8:23:6d:2d:65:e2:65:8b:d2:db:84:3f:
4d:ff:85:9c:a6:6b:b1:a1:d2:41:da:43:ed:d1:f9:
f7:64:14:a3:5f:50:d9:90:c5:2f:d0:82:d9:53:13:
0d:c8:dc:16:e1:3b:1f:8a:c5:09:5e:88:f9:f6:9f:
94:5c:fc:37:9f:b3:9b:74:7d:71:03:34:80:8f:68:
5f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:2F:F3:6D:13:62:49:5E:BE:B0:41:63:0B:93:42:E1:30:FD:FD:55
X509v3 Authority Key Identifier:
keyid:05:E1:D0:7D:E6:F1:28:F4:69:C4:C3:B3:02:8A:DF:8D:4D:37:E2:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BeHQfebxKPRpxMOzAorfjU034tk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9ce8f5-fed2-47ea-83b3-8d13f7b3f142/1/BeHQfebxKPRpxMOzAorfjU034tk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9ce8f5-fed2-47ea-83b3-8d13f7b3f142/1/BeHQfebxKPRpxMOzAorfjU034tk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:bf:ae:df:22:f9:4a:24:05:49:5c:24:f9:5b:6f:07:09:30:
08:95:97:83:71:98:b1:1a:aa:a5:cc:0e:21:e7:ed:8c:26:7b:
04:92:f1:f0:88:65:3e:66:24:a7:b2:a7:90:d6:b2:07:41:25:
f3:64:1a:ec:c7:00:09:86:2c:06:62:2c:8b:f2:62:5d:51:8e:
fb:8f:74:2c:a4:be:98:0d:48:75:af:e7:4f:86:a9:e0:8e:99:
f7:e5:47:06:77:3d:fc:76:16:54:94:62:a6:df:cc:a0:7c:7e:
71:db:af:49:a9:c4:c0:16:2f:d0:48:b8:0c:9a:d4:b8:ba:87:
c0:c0:25:42:52:2b:dc:47:e0:14:0e:52:bf:ec:fc:ed:12:08:
82:24:09:de:7d:88:70:7e:6c:58:c8:12:20:b5:17:d0:a3:37:
7f:50:1f:4a:f6:7d:28:0e:67:6c:c3:d2:ff:90:e2:76:dd:e2:
6f:6c:88:a8:95:f3:4b:51:8b:13:50:d4:59:75:c3:dc:11:02:
99:6a:d2:1b:74:ef:f2:31:3f:e7:83:59:c9:fd:2a:44:f4:e5:
67:ac:10:c9:e2:50:3b:15:d5:8f:02:d3:59:d4:c3:60:93:6c:
42:00:2b:4e:3d:f5:1a:a8:21:e0:7f:c4:0c:ee:8e:a9:9c:a9:
1c:a5:0b:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSZ0DrPzKN8nDqxHwbeTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTFkMDdkZTZmMTI4ZjQ2OWM0YzNiMzAyOGFkZjhkNGQz
N2UyZDkwHhcNMjUxMTExMDUwMDQwWhcNMjUxMTEyMDUwMDQwWjAzMTEwLwYDVQQD
EyhhMDJmZjM2ZDEzNjI0OTVlYmViMDQxNjMwYjkzNDJlMTMwZmRmZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC365nIkQkLVMWxdwJA75Ajwb02O
wm8/wW6mKVPkJjcMRm3DxxgycSpyzo6MSbLk0EBX6Bnmft7Y1jexIlHjlbwJH7Rh
TlwAh3BLDlzuNOgZTk22hcleV1n16uN18vbDLAJqchF/vdT/wXxle65n3+oF24+v
GxLQW8WMKPXMT1A8IXWL2Er8a624Ckb+wMjCrUvKl1TZYjGeHvsCvbhiOd8hcByu
RQ6vY+vJFW+aC6M+VS7uYDu4I20tZeJli9LbhD9N/4WcpmuxodJB2kPt0fn3ZBSj
X1DZkMUv0ILZUxMNyNwW4TsfisUJXoj59p+UXPw3n7ObdH1xAzSAj2hf7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAv820TYklevrBBYwuTQuEw/f1VMB8GA1UdIwQY
MBaAFAXh0H3m8Sj0acTDswKK341NN+LZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVIUWZlYnhLUFJweE1PekFvcmZqVTAzNHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi85Y2U4ZjUtZmVkMi00N2VhLTgzYjMt
OGQxM2Y3YjNmMTQyLzEvQmVIUWZlYnhLUFJweE1PekFvcmZqVTAzNHRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi85Y2U4ZjUtZmVkMi00N2VhLTgzYjMtOGQxM2Y3YjNmMTQy
LzEvQmVIUWZlYnhLUFJweE1PekFvcmZqVTAzNHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd7+u3yL5
SiQFSVwk+VtvBwkwCJWXg3GYsRqqpcwOIeftjCZ7BJLx8IhlPmYkp7KnkNayB0El
82Qa7McACYYsBmIsi/JiXVGO+490LKS+mA1Ida/nT4ap4I6Z9+VHBnc9/HYWVJRi
pt/MoHx+cduvSanEwBYv0Ei4DJrUuLqHwMAlQlIr3EfgFA5Sv+z87RIIgiQJ3n2I
cH5sWMgSILUX0KM3f1AfSvZ9KA5nbMPS/5Didt3ib2yIqJXzS1GLE1DUWXXD3BEC
mWrSG3Tv8jE/54NZyf0qRPTlZ6wQyeJQOxXVjwLTWdTDYJNsQgArTj31Gqgh4H/E
DO6OqZypHKULpw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:08 2025 by rpki-client