Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft
File: BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft (raw, json)
Hash identifier: YUpfoajWeyBJfR6ij1yV3dDLglIPPen4orLigG8uuK8=
Subject key identifier: 01:DB:1E:69:58:1E:7A:86:CD:E0:D5:F3:42:84:DC:81:0F:B9:80:07
Authority key identifier: 04:D2:92:11:F9:2E:56:0F:0B:78:34:BB:29:32:AC:63:CA:BF:A1:4A
Certificate issuer: /CN=04d29211f92e560f0b7834bb2932ac63cabfa14a
Certificate serial: 019A72CA992AAA7A7FD8509AA7E1C523F778
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft
Manifest number: 0C04
Signing time: Tue 11 Nov 2025 12:01:11 +0000
Manifest this update: Tue 11 Nov 2025 12:01:11 +0000
Manifest next update: Wed 12 Nov 2025 12:01:11 +0000
Files and hashes: 1: BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl (hash: 9wuzHxmGNTaoGtWdS12JOFtuyQlknQGuOpI4QVibjXo=)
2: dShe1ipT6-Y_-edVr4eNtxtPKAo.roa (hash: 34QucPlafnV+iMZk3j4FDiUJFtGuS1f17YL6xBvVoIo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:99:2a:aa:7a:7f:d8:50:9a:a7:e1:c5:23:f7:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04d29211f92e560f0b7834bb2932ac63cabfa14a
Validity
Not Before: Nov 11 12:01:11 2025 GMT
Not After : Nov 12 12:01:11 2025 GMT
Subject: CN=01db1e69581e7a86cde0d5f34284dc810fb98007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:08:a9:66:b0:e2:58:1c:05:a4:87:be:e4:5f:
f7:be:73:14:28:45:c2:e0:ac:ad:9c:69:6c:e0:4a:
76:1f:53:e8:5c:90:11:07:91:b5:36:ef:b3:69:23:
17:9c:76:da:eb:69:31:45:30:72:84:7a:50:5e:58:
22:11:17:cf:9f:26:a2:e2:74:ca:d0:81:cb:ac:17:
92:9a:4c:6e:7b:f9:b7:10:f5:36:b9:a8:72:dd:0c:
2e:ce:2a:62:a0:8d:ba:d7:d1:24:74:0e:ed:9f:a6:
98:5d:82:9f:5f:33:77:eb:63:6a:0f:c6:29:dc:a2:
49:7a:24:cd:39:3a:49:b8:3a:90:0f:7b:cc:98:1b:
5b:b8:8a:ea:b1:e6:51:4f:ec:2a:d8:27:ec:9c:85:
69:77:17:75:75:97:fd:93:0a:5f:88:66:13:eb:f0:
2b:e9:e4:d9:62:17:66:2c:2b:eb:74:3b:73:f1:c7:
91:63:9b:f5:87:af:26:ae:5f:54:18:98:70:7d:5c:
b3:47:06:6c:1d:8c:60:be:19:66:a6:43:68:ff:40:
6d:e1:0e:d7:d7:de:10:89:b4:3b:81:c3:98:f4:8d:
be:bf:71:44:a7:9c:a2:d5:d7:d1:c0:0f:23:18:21:
77:d1:09:ea:82:86:95:27:d9:d8:69:9d:05:65:d2:
d9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:DB:1E:69:58:1E:7A:86:CD:E0:D5:F3:42:84:DC:81:0F:B9:80:07
X509v3 Authority Key Identifier:
keyid:04:D2:92:11:F9:2E:56:0F:0B:78:34:BB:29:32:AC:63:CA:BF:A1:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ce:37:0c:35:58:97:21:09:db:c5:02:ef:85:5c:27:a5:08:76:
68:17:ae:96:38:64:6d:a8:6d:ce:7c:71:16:3b:0e:9e:a9:84:
e6:c7:8d:6c:16:11:14:0d:e2:5d:b2:c3:72:eb:95:55:53:20:
08:90:73:e5:47:ef:d6:8c:d7:c4:87:8b:82:01:da:0c:11:86:
8e:86:82:e2:80:b2:75:96:37:42:74:ce:4e:47:9e:42:be:2d:
f3:d0:36:92:53:58:ec:17:6c:9f:4b:8d:3b:c2:2e:20:af:b4:
b1:81:0f:d3:9e:19:cf:18:ff:ef:c3:f9:45:41:3a:c3:46:e4:
c9:f5:bb:51:18:1f:d0:02:6a:de:9f:de:45:8d:77:14:e7:59:
20:a8:e2:4b:9d:c2:06:91:63:d1:40:37:a4:64:7a:fd:33:51:
13:a2:72:e7:bc:05:dc:97:9f:8e:0f:4c:72:98:a6:3c:4f:a4:
e0:aa:7a:ed:93:c1:4b:0f:9f:a9:d9:b3:59:9a:41:be:91:cf:
98:73:26:71:3b:62:7d:44:bc:aa:d5:21:29:8b:51:45:20:bd:
52:12:ff:c8:1a:05:41:6a:d1:b6:7f:5a:e7:d7:89:aa:b7:71:
7d:c1:01:fa:29:c7:f3:b8:38:d0:1a:99:eb:c9:a9:80:b8:c0:
7b:ae:a6:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyypkqqnp/2FCap+HFI/d4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZDI5MjExZjkyZTU2MGYwYjc4MzRiYjI5MzJhYzYzY2Fi
ZmExNGEwHhcNMjUxMTExMTIwMTExWhcNMjUxMTEyMTIwMTExWjAzMTEwLwYDVQQD
EygwMWRiMWU2OTU4MWU3YTg2Y2RlMGQ1ZjM0Mjg0ZGM4MTBmYjk4MDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwipZrDiWBwFpIe+5F/3vnMUKEXC
4KytnGls4Ep2H1PoXJARB5G1Nu+zaSMXnHba62kxRTByhHpQXlgiERfPnyai4nTK
0IHLrBeSmkxue/m3EPU2uahy3QwuzipioI2619EkdA7tn6aYXYKfXzN362NqD8Yp
3KJJeiTNOTpJuDqQD3vMmBtbuIrqseZRT+wq2CfsnIVpdxd1dZf9kwpfiGYT6/Ar
6eTZYhdmLCvrdDtz8ceRY5v1h68mrl9UGJhwfVyzRwZsHYxgvhlmpkNo/0Bt4Q7X
194QibQ7gcOY9I2+v3FEp5yi1dfRwA8jGCF30QnqgoaVJ9nYaZ0FZdLZdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAHbHmlYHnqGzeDV80KE3IEPuYAHMB8GA1UdIwQY
MBaAFATSkhH5LlYPC3g0uykyrGPKv6FKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mNmFjMzQtNmJjMy00MTdiLTgxNGQt
ZThkMTkyOTYzOTVjLzEvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mNmFjMzQtNmJjMy00MTdiLTgxNGQtZThkMTkyOTYzOTVj
LzEvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzjcMNViX
IQnbxQLvhVwnpQh2aBeuljhkbahtznxxFjsOnqmE5seNbBYRFA3iXbLDcuuVVVMg
CJBz5Ufv1ozXxIeLggHaDBGGjoaC4oCydZY3QnTOTkeeQr4t89A2klNY7Bdsn0uN
O8IuIK+0sYEP054Zzxj/78P5RUE6w0bkyfW7URgf0AJq3p/eRY13FOdZIKjiS53C
BpFj0UA3pGR6/TNRE6Jy57wF3Jefjg9McpimPE+k4Kp67ZPBSw+fqdmzWZpBvpHP
mHMmcTtifUS8qtUhKYtRRSC9UhL/yBoFQWrRtn9a59eJqrdxfcEB+inH87g40BqZ
68mpgLjAe66mKQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:35:49 2025 by rpki-client