Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft
File: bfhqH1cK4xUpAiqk9h79nsK5fQU.mft (raw, json)
Hash identifier: 8kbaOY/jlnWkSfqwe9TEB/h1giEShDRVsbpL+x0svUs=
Subject key identifier: 23:0F:7D:BD:C1:77:8A:D3:C2:3B:17:3F:0C:ED:CC:12:46:DF:61:6C
Authority key identifier: 6D:F8:6A:1F:57:0A:E3:15:29:02:2A:A4:F6:1E:FD:9E:C2:B9:7D:05
Certificate issuer: /CN=6df86a1f570ae31529022aa4f61efd9ec2b97d05
Certificate serial: 019A71B89B21351EA3A0509A88E7AB92E18D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfhqH1cK4xUpAiqk9h79nsK5fQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft
Manifest number: 159A
Signing time: Tue 11 Nov 2025 07:01:54 +0000
Manifest this update: Tue 11 Nov 2025 07:01:54 +0000
Manifest next update: Wed 12 Nov 2025 07:01:54 +0000
Files and hashes: 1: BpLbGApyHXLB4qqgJyw3nGH9lH0.roa (hash: 4AoUx/2M994KEwtEdAKInOt11G1446xmTonI1qJPrOg=)
2: bfhqH1cK4xUpAiqk9h79nsK5fQU.crl (hash: D14JEwUYbHkbb07kkYD/ov1f9i4266AeyPUgtPKL2Ew=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bfhqH1cK4xUpAiqk9h79nsK5fQU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:9b:21:35:1e:a3:a0:50:9a:88:e7:ab:92:e1:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6df86a1f570ae31529022aa4f61efd9ec2b97d05
Validity
Not Before: Nov 11 07:01:54 2025 GMT
Not After : Nov 12 07:01:54 2025 GMT
Subject: CN=230f7dbdc1778ad3c23b173f0cedcc1246df616c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6d:4f:d5:5d:07:7f:1d:4a:ff:a5:9d:c9:3f:
7e:12:00:80:56:b6:fd:d1:84:a6:4e:b1:93:26:c4:
7d:46:37:cb:94:ba:ad:65:10:6f:a3:3a:ec:ef:e3:
1f:f3:93:87:b0:c7:f2:7e:e4:35:58:3d:41:3b:92:
20:d8:12:ae:55:2e:d9:64:40:69:ce:68:cd:ca:24:
93:61:ee:aa:70:b2:ab:24:49:c9:ac:90:5e:43:fe:
0d:6a:2b:e5:6f:87:05:59:89:5b:71:9f:c6:63:87:
78:b2:18:0a:da:bf:33:2a:d1:92:73:5d:c4:71:11:
79:f3:1b:71:c1:d0:d9:26:3d:41:a3:aa:da:68:ce:
41:ba:52:30:19:1d:fc:98:ec:4c:d7:9e:08:7a:8f:
28:f4:b8:f4:35:ef:d3:6d:9b:76:21:51:6f:3a:d5:
04:55:9a:0e:2a:be:7e:73:05:3c:8d:9d:d3:71:0e:
19:b6:13:f3:34:6f:f4:61:f3:49:12:fb:d1:7f:59:
e1:b8:37:bc:b2:bb:31:a7:c7:29:d4:3a:d4:04:36:
a0:37:3c:34:a3:66:a3:c7:f8:e6:98:26:51:fe:8e:
2b:e2:7d:95:d2:f5:b0:6b:61:f5:34:1a:fe:3f:7b:
ee:22:bc:a4:3e:79:59:9a:f1:09:01:6b:f4:46:9b:
4a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:0F:7D:BD:C1:77:8A:D3:C2:3B:17:3F:0C:ED:CC:12:46:DF:61:6C
X509v3 Authority Key Identifier:
keyid:6D:F8:6A:1F:57:0A:E3:15:29:02:2A:A4:F6:1E:FD:9E:C2:B9:7D:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfhqH1cK4xUpAiqk9h79nsK5fQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c6:97:73:0f:19:85:0f:3f:63:f5:5a:eb:e3:72:73:59:56:dd:
ec:74:9a:46:80:c9:0e:8a:ff:af:2a:91:20:9a:02:20:0b:15:
3e:e1:56:60:5f:0d:78:ca:bc:1a:a7:72:70:af:e7:62:76:0e:
7b:b5:ad:cf:c6:f1:6a:4f:f6:07:ac:36:e9:e3:fd:fa:7a:7c:
83:cf:d8:f8:0f:c4:43:29:b3:6c:f9:a4:08:d4:5a:1f:fe:da:
3a:0e:dd:32:e8:50:af:c3:e3:5f:ec:b4:6c:6d:f8:55:89:37:
31:3b:91:a7:69:ba:55:ab:5f:5d:68:91:7b:7f:43:74:d4:04:
f3:9e:5c:66:02:8d:e5:04:47:dd:50:3d:c2:f9:be:33:bd:e6:
8f:9a:f7:d8:63:08:cc:a0:ef:1e:bb:01:1c:5d:a2:ac:a7:33:
06:08:63:db:17:1a:13:40:3d:c8:c5:22:90:87:d9:38:93:0d:
a6:0c:d0:45:82:f8:d8:d6:55:14:43:55:ee:83:24:2d:0e:84:
a0:41:48:77:46:b4:17:58:28:fa:ed:b2:49:d6:f2:e4:c1:09:
64:4e:b6:b3:a6:d6:01:97:37:65:fc:9d:74:f2:36:b5:7b:af:
7a:4a:b4:1a:c9:44:c6:35:7f:c3:67:1c:c5:fb:8e:04:26:c3:
4c:40:71:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuJshNR6joFCaiOerkuGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZjg2YTFmNTcwYWUzMTUyOTAyMmFhNGY2MWVmZDllYzJi
OTdkMDUwHhcNMjUxMTExMDcwMTU0WhcNMjUxMTEyMDcwMTU0WjAzMTEwLwYDVQQD
EygyMzBmN2RiZGMxNzc4YWQzYzIzYjE3M2YwY2VkY2MxMjQ2ZGY2MTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs21P1V0Hfx1K/6WdyT9+EgCAVrb9
0YSmTrGTJsR9RjfLlLqtZRBvozrs7+Mf85OHsMfyfuQ1WD1BO5Ig2BKuVS7ZZEBp
zmjNyiSTYe6qcLKrJEnJrJBeQ/4Naivlb4cFWYlbcZ/GY4d4shgK2r8zKtGSc13E
cRF58xtxwdDZJj1Bo6raaM5BulIwGR38mOxM154Ieo8o9Lj0Ne/TbZt2IVFvOtUE
VZoOKr5+cwU8jZ3TcQ4ZthPzNG/0YfNJEvvRf1nhuDe8srsxp8cp1DrUBDagNzw0
o2ajx/jmmCZR/o4r4n2V0vWwa2H1NBr+P3vuIrykPnlZmvEJAWv0RptKXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCMPfb3Bd4rTwjsXPwztzBJG32FsMB8GA1UdIwQY
MBaAFG34ah9XCuMVKQIqpPYe/Z7CuX0FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZocUgxY0s0eFVwQWlxazloNzluc0s1ZlFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS82YWRkMzUtYTk4My00MDExLWFmOGEt
N2FhYzJkODQ3OTU1LzEvYmZocUgxY0s0eFVwQWlxazloNzluc0s1ZlFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS82YWRkMzUtYTk4My00MDExLWFmOGEtN2FhYzJkODQ3OTU1
LzEvYmZocUgxY0s0eFVwQWlxazloNzluc0s1ZlFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxpdzDxmF
Dz9j9Vrr43JzWVbd7HSaRoDJDor/ryqRIJoCIAsVPuFWYF8NeMq8GqdycK/nYnYO
e7Wtz8bxak/2B6w26eP9+np8g8/Y+A/EQymzbPmkCNRaH/7aOg7dMuhQr8PjX+y0
bG34VYk3MTuRp2m6VatfXWiRe39DdNQE855cZgKN5QRH3VA9wvm+M73mj5r32GMI
zKDvHrsBHF2irKczBghj2xcaE0A9yMUikIfZOJMNpgzQRYL42NZVFENV7oMkLQ6E
oEFId0a0F1go+u2ySdby5MEJZE62s6bWAZc3ZfyddPI2tXuvekq0GslExjV/w2cc
xfuOBCbDTEBxgA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:53 2025 by rpki-client