Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
File: BZ9RaALCYTCaYQSHcubq_VhnqZA.mft (raw, json)
Hash identifier: yZzzCrgDJ03c/ZSfrVsk1V1HFlRl7JKPbeKBvp16shI=
Subject key identifier: 49:0E:E3:79:A4:9C:22:AF:58:16:71:00:A7:27:DF:41:48:0B:FB:F5
Authority key identifier: 05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90
Certificate issuer: /CN=059f516802c261309a61048772e6eafd5867a990
Certificate serial: 019A72CA5C68FD0CC13A65366244DB4D7B59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
Manifest number: 15DC
Signing time: Tue 11 Nov 2025 12:00:55 +0000
Manifest this update: Tue 11 Nov 2025 12:00:55 +0000
Manifest next update: Wed 12 Nov 2025 12:00:55 +0000
Files and hashes: 1: BZ9RaALCYTCaYQSHcubq_VhnqZA.crl (hash: uNff1eh0yovMLmidSLJXxMhyaKRUv4W0vHBYepbjQPw=)
2: RyM0TaDcy3MATcF4kZgnomIhcSc.roa (hash: u1hwu96g0Ti3Leptf/8mOz/le6P/VB383vy/UE8/YqQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:5c:68:fd:0c:c1:3a:65:36:62:44:db:4d:7b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059f516802c261309a61048772e6eafd5867a990
Validity
Not Before: Nov 11 12:00:55 2025 GMT
Not After : Nov 12 12:00:55 2025 GMT
Subject: CN=490ee379a49c22af58167100a727df41480bfbf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:57:78:39:25:09:86:02:a4:f1:9e:6f:07:b6:
eb:be:3a:88:0f:96:60:51:8c:7a:e0:f0:6d:e6:60:
f0:58:a7:ad:90:22:c1:e7:db:7d:a0:36:16:97:04:
a9:a3:b1:c4:86:39:77:03:78:2e:a5:c6:04:a9:53:
07:b2:ec:91:a7:5b:c1:0b:4b:72:63:13:f8:1c:29:
d7:0a:67:2c:4a:79:82:dc:2b:2a:c9:0b:4a:9f:b0:
1c:c8:3e:1b:90:bf:bd:68:99:53:23:39:44:f2:a2:
33:d2:37:4d:4e:fc:f4:a0:8c:cd:43:0e:0d:07:32:
f2:e9:ed:a5:8c:72:c0:1d:9d:d9:79:21:23:f8:4a:
a9:7e:62:2c:90:c4:49:a3:16:ca:9b:40:5f:ec:30:
d5:77:6b:90:81:d6:fb:54:97:18:34:57:d4:56:e4:
c2:11:11:8d:84:3c:d3:bc:5c:38:31:41:f8:77:85:
3e:12:96:9b:0d:d6:81:60:5b:26:15:e6:33:02:8e:
50:cd:c4:c8:44:36:94:0c:a9:9f:8e:62:e6:24:0b:
83:87:af:91:a3:f3:f4:7b:1a:2a:ba:8d:95:aa:6a:
48:0c:db:72:88:72:fe:a9:d0:fb:0b:c8:b6:3d:d1:
06:a8:5e:98:b0:93:88:0b:61:f4:72:ed:ee:9e:6a:
fd:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:0E:E3:79:A4:9C:22:AF:58:16:71:00:A7:27:DF:41:48:0B:FB:F5
X509v3 Authority Key Identifier:
keyid:05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:b0:db:ce:10:b5:a4:f4:9d:d7:67:39:52:e3:af:a5:ad:03:
cf:52:d6:7b:4c:c0:43:a6:7b:9f:de:88:75:2b:28:18:64:f6:
18:a8:32:b6:b7:31:2e:78:bf:40:da:dc:d6:67:66:a2:24:aa:
82:88:9d:a1:62:f9:5c:7b:6b:e8:84:62:3a:9a:0c:b0:0f:a4:
d5:31:91:5c:ae:f1:5f:27:91:1c:d1:e9:3a:5e:45:b8:92:2f:
f2:b8:a2:ca:07:d3:6c:8a:50:6c:f5:98:74:89:d1:c0:45:b7:
7b:3b:48:3b:c1:18:5c:c8:5f:5d:fc:a6:b9:0a:86:68:8a:39:
da:69:00:db:f5:f8:29:cf:a8:cc:e0:02:ed:06:d2:67:16:29:
c3:56:b0:15:f3:9c:91:11:cd:74:cd:a9:ef:a2:b0:5a:34:7b:
75:4f:da:a0:2a:51:55:03:44:b7:1b:32:10:7a:b8:bd:35:e8:
63:93:a6:19:7a:a9:6c:6d:c8:3e:be:7a:ec:5e:52:d8:7a:a7:
a7:b9:c7:ee:64:00:1c:ee:7d:94:75:5f:77:41:88:dd:41:f4:
d5:46:02:49:49:e5:69:68:d0:75:ab:76:84:54:15:e6:d0:b5:
92:a3:8e:1a:68:da:7b:64:90:ba:fc:0b:5e:08:e8:4f:e9:ef:
12:1d:77:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyylxo/QzBOmU2YkTbTXtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWY1MTY4MDJjMjYxMzA5YTYxMDQ4NzcyZTZlYWZkNTg2
N2E5OTAwHhcNMjUxMTExMTIwMDU1WhcNMjUxMTEyMTIwMDU1WjAzMTEwLwYDVQQD
Eyg0OTBlZTM3OWE0OWMyMmFmNTgxNjcxMDBhNzI3ZGY0MTQ4MGJmYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVd4OSUJhgKk8Z5vB7brvjqID5Zg
UYx64PBt5mDwWKetkCLB59t9oDYWlwSpo7HEhjl3A3gupcYEqVMHsuyRp1vBC0ty
YxP4HCnXCmcsSnmC3CsqyQtKn7AcyD4bkL+9aJlTIzlE8qIz0jdNTvz0oIzNQw4N
BzLy6e2ljHLAHZ3ZeSEj+EqpfmIskMRJoxbKm0Bf7DDVd2uQgdb7VJcYNFfUVuTC
ERGNhDzTvFw4MUH4d4U+EpabDdaBYFsmFeYzAo5QzcTIRDaUDKmfjmLmJAuDh6+R
o/P0exoquo2VqmpIDNtyiHL+qdD7C8i2PdEGqF6YsJOIC2H0cu3unmr9bwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEkO43mknCKvWBZxAKcn30FIC/v1MB8GA1UdIwQY
MBaAFAWfUWgCwmEwmmEEh3Lm6v1YZ6mQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80MDg3Y2YtNzFlOS00MmNhLThjMzUt
OTUxYjE5ODU2NzFjLzEvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy80MDg3Y2YtNzFlOS00MmNhLThjMzUtOTUxYjE5ODU2NzFj
LzEvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo7DbzhC1
pPSd12c5UuOvpa0Dz1LWe0zAQ6Z7n96IdSsoGGT2GKgytrcxLni/QNrc1mdmoiSq
goidoWL5XHtr6IRiOpoMsA+k1TGRXK7xXyeRHNHpOl5FuJIv8riiygfTbIpQbPWY
dInRwEW3eztIO8EYXMhfXfymuQqGaIo52mkA2/X4Kc+ozOAC7QbSZxYpw1awFfOc
kRHNdM2p76KwWjR7dU/aoCpRVQNEtxsyEHq4vTXoY5OmGXqpbG3IPr567F5S2Hqn
p7nH7mQAHO59lHVfd0GI3UH01UYCSUnlaWjQdat2hFQV5tC1kqOOGmjae2SQuvwL
XgjoT+nvEh13Bg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:06:59 2025 by rpki-client