Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d31361-096d-4a8d-ab4f-c3dc739425a1/1/BpilU2SQ1wyON7dvMtpoTxIp2bo.mft
File: BpilU2SQ1wyON7dvMtpoTxIp2bo.mft (raw, json)
Hash identifier: Opa/HNXWYDdc3dp0c/AAKJ5rSaqvzLA9BfuJr5ml0kQ=
Subject key identifier: 9F:2F:A4:B2:4B:EB:A6:48:F4:9F:E7:AE:2B:AD:EE:63:F6:35:7F:54
Authority key identifier: 06:98:A5:53:64:90:D7:0C:8E:37:B7:6F:32:DA:68:4F:12:29:D9:BA
Certificate issuer: /CN=0698a5536490d70c8e37b76f32da684f1229d9ba
Certificate serial: 019A71EE8FD4CFE9CCF1829A5B6AA0D25CBB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BpilU2SQ1wyON7dvMtpoTxIp2bo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d31361-096d-4a8d-ab4f-c3dc739425a1/1/BpilU2SQ1wyON7dvMtpoTxIp2bo.mft
Manifest number: 01D4
Signing time: Tue 11 Nov 2025 08:00:50 +0000
Manifest this update: Tue 11 Nov 2025 08:00:50 +0000
Manifest next update: Wed 12 Nov 2025 08:00:50 +0000
Files and hashes: 1: 6I3Ul79wxRN6W37mo7nUpqwqt0s.roa (hash: J9bvPeLp8sfcjLoyxN9ggYT+mX3AB6I6+8a1daK3z1U=)
2: BpilU2SQ1wyON7dvMtpoTxIp2bo.crl (hash: P6lFrCbTLByAsh2xHYoRiX7iBt1XEpcvq4QcBqcavgY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/d31361-096d-4a8d-ab4f-c3dc739425a1/1/BpilU2SQ1wyON7dvMtpoTxIp2bo.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/d31361-096d-4a8d-ab4f-c3dc739425a1/1/BpilU2SQ1wyON7dvMtpoTxIp2bo.mft
rsync://rpki.ripe.net/repository/DEFAULT/BpilU2SQ1wyON7dvMtpoTxIp2bo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:8f:d4:cf:e9:cc:f1:82:9a:5b:6a:a0:d2:5c:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0698a5536490d70c8e37b76f32da684f1229d9ba
Validity
Not Before: Nov 11 08:00:50 2025 GMT
Not After : Nov 12 08:00:50 2025 GMT
Subject: CN=9f2fa4b24beba648f49fe7ae2badee63f6357f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:16:b3:ad:9d:d3:1e:4c:08:08:19:7a:44:2f:
9e:fe:8c:6d:de:9b:2d:cd:98:0e:4b:28:39:aa:a6:
26:17:48:29:62:d6:a2:57:30:ac:79:77:f3:71:36:
e3:ec:b2:6e:84:2d:d7:d7:91:c8:a5:18:bd:56:5a:
93:ff:6a:03:8c:10:bc:ae:c7:5a:ac:e1:96:36:ed:
a7:ad:a6:ab:81:df:e7:f6:16:15:aa:90:92:f4:eb:
9e:62:4e:38:87:58:6d:ef:31:93:f6:c3:97:3e:ee:
6c:23:dc:4d:b1:e0:45:d2:9a:54:4c:a5:d1:50:5c:
11:f4:29:39:12:be:ba:ac:af:5d:02:26:97:98:f0:
91:39:d9:52:22:7b:24:90:e2:86:e1:b4:9e:09:6f:
d5:8f:a3:b6:74:5c:c6:df:fe:49:42:95:20:69:af:
6a:4a:2d:06:28:7c:4b:17:5e:23:90:86:1e:15:85:
70:1f:41:89:fe:52:16:7a:72:b2:f3:26:12:8f:e6:
c9:fe:61:07:d1:1d:2a:bc:29:59:33:16:87:90:e9:
35:24:8e:96:7a:96:45:69:87:5c:ec:92:2f:30:e3:
28:98:68:5f:70:2e:58:8f:b4:f9:fd:5a:72:23:f3:
96:99:1a:c0:3b:57:df:43:46:49:c5:26:c1:c1:b2:
ac:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:2F:A4:B2:4B:EB:A6:48:F4:9F:E7:AE:2B:AD:EE:63:F6:35:7F:54
X509v3 Authority Key Identifier:
keyid:06:98:A5:53:64:90:D7:0C:8E:37:B7:6F:32:DA:68:4F:12:29:D9:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BpilU2SQ1wyON7dvMtpoTxIp2bo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d31361-096d-4a8d-ab4f-c3dc739425a1/1/BpilU2SQ1wyON7dvMtpoTxIp2bo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d31361-096d-4a8d-ab4f-c3dc739425a1/1/BpilU2SQ1wyON7dvMtpoTxIp2bo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:ff:3f:b1:3e:18:8c:06:4f:44:1a:eb:44:20:c5:c7:52:47:
30:3f:d9:dc:b8:56:c2:28:1e:1c:b1:48:a0:b9:f6:f1:2b:35:
1d:df:43:80:8a:86:b3:4d:cf:6a:5a:4a:03:79:1e:60:33:be:
5f:59:0a:4f:2a:fd:b1:69:96:c4:26:0b:bb:ae:bc:ed:58:15:
a2:ef:e0:0f:b4:6b:5d:f9:f4:8a:52:99:63:7e:25:81:75:76:
e2:06:50:2d:bc:53:3d:8d:60:06:c1:16:a3:82:6d:ad:1e:9f:
d8:21:b5:4a:4a:c2:61:55:d1:ef:60:a2:99:86:79:6e:7c:92:
0f:80:ab:52:92:95:30:b6:57:50:9a:00:b6:c5:2c:47:1e:25:
3d:88:4d:37:d4:a8:e2:e4:d5:ca:e4:30:b2:40:e3:f3:fb:0f:
8b:8d:b2:c8:6e:5e:d3:60:2f:1c:d5:96:46:9f:1c:fc:9f:d1:
ca:f3:78:53:83:96:45:ec:4a:d9:70:c1:9c:f7:b5:a6:09:a7:
39:58:b0:d0:e7:03:ba:f8:52:be:6b:55:28:2d:0a:53:26:6c:
d2:72:92:6e:8c:0f:20:2a:d4:29:ae:b9:dc:b8:99:7b:b5:b1:
cd:56:25:f7:a0:78:03:e0:b5:9c:26:8d:95:a2:25:0f:a7:73:
d2:01:35:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7o/Uz+nM8YKaW2qg0ly7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2OThhNTUzNjQ5MGQ3MGM4ZTM3Yjc2ZjMyZGE2ODRmMTIy
OWQ5YmEwHhcNMjUxMTExMDgwMDUwWhcNMjUxMTEyMDgwMDUwWjAzMTEwLwYDVQQD
Eyg5ZjJmYTRiMjRiZWJhNjQ4ZjQ5ZmU3YWUyYmFkZWU2M2Y2MzU3ZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhazrZ3THkwICBl6RC+e/oxt3pst
zZgOSyg5qqYmF0gpYtaiVzCseXfzcTbj7LJuhC3X15HIpRi9VlqT/2oDjBC8rsda
rOGWNu2nraargd/n9hYVqpCS9OueYk44h1ht7zGT9sOXPu5sI9xNseBF0ppUTKXR
UFwR9Ck5Er66rK9dAiaXmPCROdlSInskkOKG4bSeCW/Vj6O2dFzG3/5JQpUgaa9q
Si0GKHxLF14jkIYeFYVwH0GJ/lIWenKy8yYSj+bJ/mEH0R0qvClZMxaHkOk1JI6W
epZFaYdc7JIvMOMomGhfcC5Yj7T5/VpyI/OWmRrAO1ffQ0ZJxSbBwbKsPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8vpLJL66ZI9J/nriut7mP2NX9UMB8GA1UdIwQY
MBaAFAaYpVNkkNcMjje3bzLaaE8SKdm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnBpbFUyU1Exd3lPTjdkdk10cG9UeElwMmJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kMzEzNjEtMDk2ZC00YThkLWFiNGYt
YzNkYzczOTQyNWExLzEvQnBpbFUyU1Exd3lPTjdkdk10cG9UeElwMmJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kMzEzNjEtMDk2ZC00YThkLWFiNGYtYzNkYzczOTQyNWEx
LzEvQnBpbFUyU1Exd3lPTjdkdk10cG9UeElwMmJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKP8/sT4Y
jAZPRBrrRCDFx1JHMD/Z3LhWwigeHLFIoLn28Ss1Hd9DgIqGs03PalpKA3keYDO+
X1kKTyr9sWmWxCYLu6687VgVou/gD7RrXfn0ilKZY34lgXV24gZQLbxTPY1gBsEW
o4JtrR6f2CG1SkrCYVXR72CimYZ5bnySD4CrUpKVMLZXUJoAtsUsRx4lPYhNN9So
4uTVyuQwskDj8/sPi42yyG5e02AvHNWWRp8c/J/RyvN4U4OWRexK2XDBnPe1pgmn
OViw0OcDuvhSvmtVKC0KUyZs0nKSbowPICrUKa653LiZe7WxzVYl96B4A+C1nCaN
laIlD6dz0gE1+Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:17:01 2025 by rpki-client