Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/95a6f4-8220-46dc-b238-34ad1c853599/1/bG9jkROWOM74MYEUEyzPJuFn06Q.mft
File: bG9jkROWOM74MYEUEyzPJuFn06Q.mft (raw, json)
Hash identifier: BKchT4/P+P90hC9HKYO2QYil+rHT49HIyuZQQSZ+4LY=
Subject key identifier: AE:9F:FF:43:2F:B2:68:82:C0:A4:48:B2:F4:BF:9D:68:7B:59:17:64
Authority key identifier: 6C:6F:63:91:13:96:38:CE:F8:31:81:14:13:2C:CF:26:E1:67:D3:A4
Certificate issuer: /CN=6c6f6391139638cef8318114132ccf26e167d3a4
Certificate serial: 019A71B88182DBBE5F3E2B8D8FB08D3C0F00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bG9jkROWOM74MYEUEyzPJuFn06Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/95a6f4-8220-46dc-b238-34ad1c853599/1/bG9jkROWOM74MYEUEyzPJuFn06Q.mft
Manifest number: 13F8
Signing time: Tue 11 Nov 2025 07:01:48 +0000
Manifest this update: Tue 11 Nov 2025 07:01:48 +0000
Manifest next update: Wed 12 Nov 2025 07:01:48 +0000
Files and hashes: 1: _HGowDUCSG2pcAysO4ogxA6yosc.roa (hash: UPTC6ZbpFxK2iqUZ6z67RcYvcbR0/gldSq3kNUHLLJI=)
2: bG9jkROWOM74MYEUEyzPJuFn06Q.crl (hash: 7G3IE4IFNIyDLPZQRrBifuRbTeqiqp8b1atOD5Ixvlw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/95a6f4-8220-46dc-b238-34ad1c853599/1/bG9jkROWOM74MYEUEyzPJuFn06Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/95a6f4-8220-46dc-b238-34ad1c853599/1/bG9jkROWOM74MYEUEyzPJuFn06Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/bG9jkROWOM74MYEUEyzPJuFn06Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:81:82:db:be:5f:3e:2b:8d:8f:b0:8d:3c:0f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c6f6391139638cef8318114132ccf26e167d3a4
Validity
Not Before: Nov 11 07:01:48 2025 GMT
Not After : Nov 12 07:01:48 2025 GMT
Subject: CN=ae9fff432fb26882c0a448b2f4bf9d687b591764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:40:68:11:2d:f0:ca:af:60:48:8b:23:e2:9b:
78:79:57:72:a2:c5:12:d6:1d:84:0d:e7:42:49:f3:
e8:25:94:74:49:ba:7d:66:08:bf:7a:40:2b:fb:25:
15:e8:26:c7:b4:26:0f:64:83:9c:bd:56:46:4e:4b:
7d:71:fc:4b:24:a8:ce:a7:6d:84:bd:3b:c1:7d:8f:
c6:a6:18:6e:b5:a4:75:e0:7f:2e:54:92:dd:23:a4:
72:4f:3c:1b:12:9b:c4:17:ca:1d:86:2a:47:c0:f5:
1e:7b:06:0a:95:ce:79:23:c2:fa:6f:c1:4b:a0:61:
a3:35:d5:57:6e:d1:dd:76:50:bb:86:d6:8e:da:3b:
98:97:76:5a:b2:6c:99:fd:1a:aa:4c:08:71:36:bc:
78:35:35:63:29:69:49:76:33:7d:2f:ef:b4:91:f0:
38:48:c0:b4:d1:b3:c5:13:ed:0f:26:d0:9c:ec:94:
49:39:c8:f5:45:4c:36:7c:9e:91:7d:31:b1:d6:fd:
5b:5a:7b:0f:3a:af:55:66:24:20:49:47:ef:97:4a:
26:6a:86:15:8c:a7:48:8c:f5:9d:60:f3:4e:60:83:
52:e8:7d:ec:44:83:3a:c7:2b:a3:88:cd:73:c1:9b:
66:76:8f:51:57:19:3b:4a:9e:a5:b8:73:17:3d:2f:
09:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:9F:FF:43:2F:B2:68:82:C0:A4:48:B2:F4:BF:9D:68:7B:59:17:64
X509v3 Authority Key Identifier:
keyid:6C:6F:63:91:13:96:38:CE:F8:31:81:14:13:2C:CF:26:E1:67:D3:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bG9jkROWOM74MYEUEyzPJuFn06Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/95a6f4-8220-46dc-b238-34ad1c853599/1/bG9jkROWOM74MYEUEyzPJuFn06Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/95a6f4-8220-46dc-b238-34ad1c853599/1/bG9jkROWOM74MYEUEyzPJuFn06Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:07:b3:fd:1c:58:c2:6a:58:94:8c:95:95:94:c9:5a:09:dc:
e1:75:5f:d6:1a:85:04:74:c8:eb:c9:a5:eb:f9:25:fb:13:50:
3e:a3:83:25:80:a3:65:b9:cd:8f:11:b3:7d:7f:b1:d2:29:e4:
5d:9b:60:f5:a5:e4:65:6e:e4:c7:34:77:06:24:36:31:b7:3a:
df:4f:e0:56:28:27:17:4a:77:a5:10:ee:92:64:81:0f:0c:5b:
73:5e:9e:ce:9b:b1:07:6a:36:2e:17:37:35:d1:43:1f:41:54:
8e:47:fd:82:93:97:bc:88:b3:76:40:e5:cd:48:fc:95:12:ad:
e3:ec:3e:84:4d:be:81:02:22:3c:43:e4:2b:29:36:a7:6f:47:
73:13:5c:ff:03:ab:a0:bb:fd:f0:d9:75:d0:46:02:51:56:e8:
20:6a:c3:be:bd:af:58:07:91:09:8a:26:cf:24:e0:21:fa:d3:
4d:6f:58:c3:01:03:57:f3:9c:dc:ef:2a:1f:f3:af:03:5c:71:
4f:e9:d4:88:f2:45:36:1c:d0:a0:ea:af:4e:f9:2d:45:2d:7e:
1c:c7:cf:25:a4:ab:3f:7d:36:1b:9e:3f:ae:ce:91:b9:3a:90:
cf:0f:59:51:9e:b2:a5:97:de:8d:ad:6c:fd:55:2e:11:54:43:
b4:38:18:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuIGC275fPiuNj7CNPA8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNmY2MzkxMTM5NjM4Y2VmODMxODExNDEzMmNjZjI2ZTE2
N2QzYTQwHhcNMjUxMTExMDcwMTQ4WhcNMjUxMTEyMDcwMTQ4WjAzMTEwLwYDVQQD
EyhhZTlmZmY0MzJmYjI2ODgyYzBhNDQ4YjJmNGJmOWQ2ODdiNTkxNzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUBoES3wyq9gSIsj4pt4eVdyosUS
1h2EDedCSfPoJZR0Sbp9Zgi/ekAr+yUV6CbHtCYPZIOcvVZGTkt9cfxLJKjOp22E
vTvBfY/GphhutaR14H8uVJLdI6RyTzwbEpvEF8odhipHwPUeewYKlc55I8L6b8FL
oGGjNdVXbtHddlC7htaO2juYl3ZasmyZ/RqqTAhxNrx4NTVjKWlJdjN9L++0kfA4
SMC00bPFE+0PJtCc7JRJOcj1RUw2fJ6RfTGx1v1bWnsPOq9VZiQgSUfvl0omaoYV
jKdIjPWdYPNOYINS6H3sRIM6xyujiM1zwZtmdo9RVxk7Sp6luHMXPS8JmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK6f/0MvsmiCwKRIsvS/nWh7WRdkMB8GA1UdIwQY
MBaAFGxvY5ETljjO+DGBFBMszybhZ9OkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkc5amtST1dPTTc0TVlFVUV5elBKdUZuMDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS85NWE2ZjQtODIyMC00NmRjLWIyMzgt
MzRhZDFjODUzNTk5LzEvYkc5amtST1dPTTc0TVlFVUV5elBKdUZuMDZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS85NWE2ZjQtODIyMC00NmRjLWIyMzgtMzRhZDFjODUzNTk5
LzEvYkc5amtST1dPTTc0TVlFVUV5elBKdUZuMDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAowez/RxY
wmpYlIyVlZTJWgnc4XVf1hqFBHTI68ml6/kl+xNQPqODJYCjZbnNjxGzfX+x0ink
XZtg9aXkZW7kxzR3BiQ2Mbc630/gVignF0p3pRDukmSBDwxbc16ezpuxB2o2Lhc3
NdFDH0FUjkf9gpOXvIizdkDlzUj8lRKt4+w+hE2+gQIiPEPkKyk2p29HcxNc/wOr
oLv98Nl10EYCUVboIGrDvr2vWAeRCYomzyTgIfrTTW9YwwEDV/Oc3O8qH/OvA1xx
T+nUiPJFNhzQoOqvTvktRS1+HMfPJaSrP302G54/rs6RuTqQzw9ZUZ6ypZfeja1s
/VUuEVRDtDgYVg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:55 2025 by rpki-client