Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.mft
File: biw-HNO4VNZu9GxWd-9y0sWjZpc.mft (raw, json)
Hash identifier: Y8WgHvtDA69LMfPCWjLqaO06U9MOBLEvOPQA5QUtCCE=
Subject key identifier: 02:2B:2A:17:17:B7:B0:30:C8:C7:AF:5B:3C:76:9A:7E:3F:C8:57:8A
Authority key identifier: 6E:2C:3E:1C:D3:B8:54:D6:6E:F4:6C:56:77:EF:72:D2:C5:A3:66:97
Certificate issuer: /CN=6e2c3e1cd3b854d66ef46c5677ef72d2c5a36697
Certificate serial: 019A70DC080A6EC009C7D03A795FD0FBD538
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/biw-HNO4VNZu9GxWd-9y0sWjZpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.mft
Manifest number: 08D8
Signing time: Tue 11 Nov 2025 03:00:59 +0000
Manifest this update: Tue 11 Nov 2025 03:00:59 +0000
Manifest next update: Wed 12 Nov 2025 03:00:59 +0000
Files and hashes: 1: biw-HNO4VNZu9GxWd-9y0sWjZpc.crl (hash: SESwt7RWUUuWZZOlp7bgYIxlo0NK+PlKs1fIz4jXnRs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/biw-HNO4VNZu9GxWd-9y0sWjZpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:08:0a:6e:c0:09:c7:d0:3a:79:5f:d0:fb:d5:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e2c3e1cd3b854d66ef46c5677ef72d2c5a36697
Validity
Not Before: Nov 11 03:00:59 2025 GMT
Not After : Nov 12 03:00:59 2025 GMT
Subject: CN=022b2a1717b7b030c8c7af5b3c769a7e3fc8578a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:47:fa:f4:71:25:f8:e7:9c:6b:06:8b:a3:38:
c5:33:b4:e8:ac:eb:b2:e0:3f:cb:3f:17:c2:e7:c8:
c6:c6:35:66:dd:1f:b7:cd:03:a2:ef:03:99:4f:c7:
21:3b:d9:9b:7b:36:d2:b5:5a:e7:6e:48:5a:68:aa:
07:6d:06:87:46:ca:7d:32:54:b9:ce:a6:1a:64:04:
0f:15:02:02:93:67:2e:b0:7f:92:db:84:31:d9:c5:
39:b9:3e:4e:83:48:ac:77:fc:18:41:d5:b5:a1:43:
c3:f6:4f:6d:f4:34:94:2c:2e:93:bc:e5:7e:15:2e:
e1:d8:27:98:e4:d3:2c:40:a1:72:54:77:d5:5f:5a:
4d:7c:92:45:eb:57:1d:af:e4:32:c2:7b:1f:da:2a:
f6:11:ce:78:00:f2:d6:99:c7:8a:1e:69:76:33:03:
0d:33:bf:7c:88:c5:79:0a:64:62:4f:82:05:76:f2:
da:35:9d:0c:36:37:56:ea:d6:d1:7e:45:96:86:e6:
c6:ad:d4:4c:9e:a8:9d:c5:75:e7:d7:3c:ea:9f:9e:
f0:14:26:21:82:e1:ef:e8:93:56:c1:72:17:0f:09:
12:d9:79:9f:9e:88:4a:62:7b:d1:06:6c:2b:73:18:
d9:ef:7d:bd:de:18:aa:29:65:06:2a:48:09:3c:f3:
09:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:2B:2A:17:17:B7:B0:30:C8:C7:AF:5B:3C:76:9A:7E:3F:C8:57:8A
X509v3 Authority Key Identifier:
keyid:6E:2C:3E:1C:D3:B8:54:D6:6E:F4:6C:56:77:EF:72:D2:C5:A3:66:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/biw-HNO4VNZu9GxWd-9y0sWjZpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2590fb-b05e-4441-add1-f8355b78db24/1/biw-HNO4VNZu9GxWd-9y0sWjZpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:7e:8c:d7:52:23:ec:0e:ce:69:b8:98:c8:83:99:23:e4:ec:
cb:2d:c5:cd:85:68:34:1e:58:38:f0:7b:9f:7d:ec:07:3a:13:
0c:a0:c1:6c:b0:11:58:78:ce:5f:bf:6e:00:74:2b:c6:b9:17:
0f:3a:40:fa:91:65:93:d3:4c:78:32:a3:9e:12:5d:86:0a:78:
62:0e:8a:2e:19:a3:20:f5:f4:25:58:b6:77:8b:46:e7:a3:97:
36:0c:18:66:5f:37:cc:72:0c:5a:05:2d:4b:33:c1:5e:74:f6:
66:7a:4d:a3:fc:45:96:5c:f1:d0:d4:7c:89:ba:29:e0:90:0c:
0c:29:16:82:27:a6:03:05:f3:ff:57:e6:7a:bd:14:9b:61:d6:
58:af:73:c8:e9:e5:9b:8d:14:10:e0:eb:6c:e9:a6:46:df:20:
6f:9c:fd:90:67:01:f6:e0:85:e3:dd:43:6f:ef:7a:de:58:c0:
88:fb:fb:5d:7e:56:8b:1f:2a:79:24:cd:76:37:81:c0:70:5d:
83:f0:41:4a:87:e8:b0:22:21:4b:35:d1:72:41:a6:fb:a5:24:
bb:00:25:34:7b:b8:dd:dc:a5:83:a1:57:15:08:fe:7f:fb:29:
18:12:53:05:12:32:9e:17:c7:cb:b1:29:58:d6:96:41:3e:1a:
5f:e1:7a:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3AgKbsAJx9A6eV/Q+9U4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMmMzZTFjZDNiODU0ZDY2ZWY0NmM1Njc3ZWY3MmQyYzVh
MzY2OTcwHhcNMjUxMTExMDMwMDU5WhcNMjUxMTEyMDMwMDU5WjAzMTEwLwYDVQQD
EygwMjJiMmExNzE3YjdiMDMwYzhjN2FmNWIzYzc2OWE3ZTNmYzg1NzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0f69HEl+OecawaLozjFM7TorOuy
4D/LPxfC58jGxjVm3R+3zQOi7wOZT8chO9mbezbStVrnbkhaaKoHbQaHRsp9MlS5
zqYaZAQPFQICk2cusH+S24Qx2cU5uT5Og0isd/wYQdW1oUPD9k9t9DSULC6TvOV+
FS7h2CeY5NMsQKFyVHfVX1pNfJJF61cdr+Qywnsf2ir2Ec54APLWmceKHml2MwMN
M798iMV5CmRiT4IFdvLaNZ0MNjdW6tbRfkWWhubGrdRMnqidxXXn1zzqn57wFCYh
guHv6JNWwXIXDwkS2XmfnohKYnvRBmwrcxjZ73293hiqKWUGKkgJPPMJsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIrKhcXt7AwyMevWzx2mn4/yFeKMB8GA1UdIwQY
MBaAFG4sPhzTuFTWbvRsVnfvctLFo2aXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYml3LUhOTzRWTlp1OUd4V2QtOXkwc1dqWnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNTkwZmItYjA1ZS00NDQxLWFkZDEt
ZjgzNTViNzhkYjI0LzEvYml3LUhOTzRWTlp1OUd4V2QtOXkwc1dqWnBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNTkwZmItYjA1ZS00NDQxLWFkZDEtZjgzNTViNzhkYjI0
LzEvYml3LUhOTzRWTlp1OUd4V2QtOXkwc1dqWnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY36M11Ij
7A7OabiYyIOZI+Tsyy3FzYVoNB5YOPB7n33sBzoTDKDBbLARWHjOX79uAHQrxrkX
DzpA+pFlk9NMeDKjnhJdhgp4Yg6KLhmjIPX0JVi2d4tG56OXNgwYZl83zHIMWgUt
SzPBXnT2ZnpNo/xFllzx0NR8ibop4JAMDCkWgiemAwXz/1fmer0Um2HWWK9zyOnl
m40UEODrbOmmRt8gb5z9kGcB9uCF491Db+963ljAiPv7XX5Wix8qeSTNdjeBwHBd
g/BBSofosCIhSzXRckGm+6UkuwAlNHu43dylg6FXFQj+f/spGBJTBRIynhfHy7Ep
WNaWQT4aX+F64Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:04:48 2025 by rpki-client