Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/00b28b-cc72-4406-b6d8-4c51c6797c1f/1/BhcC0sKRlfoKfbEe5GXwwFRdFwk.mft
File: BhcC0sKRlfoKfbEe5GXwwFRdFwk.mft (raw, json)
Hash identifier: bxTIq2h3Ywe6ax1MsX2MdBMuU/L23XChKFg78BWOx+I=
Subject key identifier: A0:2C:94:79:C3:EB:D9:8D:98:A9:D0:84:2C:06:71:8F:72:61:E7:C3
Authority key identifier: 06:17:02:D2:C2:91:95:FA:0A:7D:B1:1E:E4:65:F0:C0:54:5D:17:09
Certificate issuer: /CN=061702d2c29195fa0a7db11ee465f0c0545d1709
Certificate serial: 019A7149D6765B9D9055E3D1AA4110DF2967
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BhcC0sKRlfoKfbEe5GXwwFRdFwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/00b28b-cc72-4406-b6d8-4c51c6797c1f/1/BhcC0sKRlfoKfbEe5GXwwFRdFwk.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 05:00:55 +0000
Manifest this update: Tue 11 Nov 2025 05:00:55 +0000
Manifest next update: Wed 12 Nov 2025 05:00:55 +0000
Files and hashes: 1: BhcC0sKRlfoKfbEe5GXwwFRdFwk.crl (hash: V2edCoIFhm34CFskWG5mo3/NTKwVgWdtNrZKdXVzpfo=)
2: N7TBLk6ijg60Rw5drnJxmPzvOok.roa (hash: Gzj1MrzdxuXElz1N9UYhs6KigXCuOfoYMXiwL2fVYSQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/00b28b-cc72-4406-b6d8-4c51c6797c1f/1/BhcC0sKRlfoKfbEe5GXwwFRdFwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/00b28b-cc72-4406-b6d8-4c51c6797c1f/1/BhcC0sKRlfoKfbEe5GXwwFRdFwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BhcC0sKRlfoKfbEe5GXwwFRdFwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:d6:76:5b:9d:90:55:e3:d1:aa:41:10:df:29:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=061702d2c29195fa0a7db11ee465f0c0545d1709
Validity
Not Before: Nov 11 05:00:55 2025 GMT
Not After : Nov 12 05:00:55 2025 GMT
Subject: CN=a02c9479c3ebd98d98a9d0842c06718f7261e7c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e2:b0:69:d6:53:f4:95:e6:95:f7:1c:aa:db:
9b:05:12:f3:8a:97:1a:a7:15:b7:b4:0c:cc:8e:f5:
da:d7:f0:ee:fd:51:a5:f3:dd:9e:fa:77:0d:5b:40:
70:3f:49:6f:4c:c5:14:a0:33:83:7e:8a:14:84:1b:
64:30:31:9a:eb:7c:82:fe:dd:a8:66:4c:af:49:4b:
8f:59:b2:b7:08:ba:71:ef:fc:6a:c8:aa:09:37:f4:
76:30:e3:85:47:86:d4:00:79:ed:e1:25:06:8a:99:
46:9c:21:a9:20:86:36:b7:dd:15:02:42:4c:62:f0:
d0:20:df:83:f8:ad:29:a2:29:13:f8:a9:8d:d8:2f:
b5:df:c1:b3:43:ed:6f:bf:9a:95:fa:c0:c6:2d:ab:
f2:2a:ff:50:56:25:a9:f5:78:13:20:88:ef:41:34:
5d:47:c3:bb:29:36:b5:c0:3f:38:35:54:ee:68:db:
08:80:fc:65:6c:08:7d:0c:97:61:ed:e3:53:21:2b:
7e:d1:85:00:e7:1c:fb:01:78:28:a2:7a:8f:89:38:
a8:6b:3b:45:7d:ea:ac:e0:92:cd:72:bf:fc:50:ce:
25:28:08:5e:6a:02:bd:66:37:7a:4b:43:23:c2:47:
4b:69:94:5b:dd:87:79:56:f1:4a:7a:23:48:bc:de:
5c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:2C:94:79:C3:EB:D9:8D:98:A9:D0:84:2C:06:71:8F:72:61:E7:C3
X509v3 Authority Key Identifier:
keyid:06:17:02:D2:C2:91:95:FA:0A:7D:B1:1E:E4:65:F0:C0:54:5D:17:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BhcC0sKRlfoKfbEe5GXwwFRdFwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/00b28b-cc72-4406-b6d8-4c51c6797c1f/1/BhcC0sKRlfoKfbEe5GXwwFRdFwk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/00b28b-cc72-4406-b6d8-4c51c6797c1f/1/BhcC0sKRlfoKfbEe5GXwwFRdFwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:53:99:19:c3:4c:1a:14:a3:db:46:90:c4:c3:f5:8a:3f:87:
3c:0f:9e:c2:59:66:a7:64:1b:16:16:e3:50:ac:26:8e:27:c6:
80:f9:8e:be:05:56:ff:1c:78:e6:84:fe:6a:ea:28:87:e4:77:
de:ff:fd:cc:db:17:39:3c:1a:85:53:c1:21:d1:a1:93:3f:de:
dd:c3:f6:1d:95:9d:99:88:52:39:5e:8d:e0:5b:89:a1:0b:c6:
f3:b0:c4:4f:33:99:08:d5:12:60:28:8e:49:96:6b:c6:84:02:
af:8f:c4:ab:a8:08:16:30:2e:1c:5f:0c:34:b4:73:d7:d5:e8:
71:50:81:d7:f0:9d:9e:e9:52:34:8f:34:43:ec:c8:0c:5f:cb:
40:96:db:be:a3:a4:4c:8a:86:c7:27:a5:2c:cc:39:e8:7f:42:
a7:d9:13:6b:b5:a7:4d:56:9b:b6:52:50:55:ed:7d:84:3b:73:
49:e3:73:b3:7c:5e:79:fb:64:a1:26:87:0c:9d:42:de:4e:80:
43:14:85:4e:bd:ef:63:18:ab:28:f7:0c:df:85:fe:cc:ce:bd:
08:b8:d0:1d:51:c7:f0:c1:b1:ed:44:e7:c4:0d:2f:d3:70:53:
79:77:03:b2:b6:fa:34:33:9d:01:9c:e2:b8:9e:67:d2:1e:27:
05:37:78:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSdZ2W52QVePRqkEQ3ylnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MTcwMmQyYzI5MTk1ZmEwYTdkYjExZWU0NjVmMGMwNTQ1
ZDE3MDkwHhcNMjUxMTExMDUwMDU1WhcNMjUxMTEyMDUwMDU1WjAzMTEwLwYDVQQD
EyhhMDJjOTQ3OWMzZWJkOThkOThhOWQwODQyYzA2NzE4ZjcyNjFlN2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOKwadZT9JXmlfccqtubBRLzipca
pxW3tAzMjvXa1/Du/VGl892e+ncNW0BwP0lvTMUUoDODfooUhBtkMDGa63yC/t2o
ZkyvSUuPWbK3CLpx7/xqyKoJN/R2MOOFR4bUAHnt4SUGiplGnCGpIIY2t90VAkJM
YvDQIN+D+K0poikT+KmN2C+138GzQ+1vv5qV+sDGLavyKv9QViWp9XgTIIjvQTRd
R8O7KTa1wD84NVTuaNsIgPxlbAh9DJdh7eNTISt+0YUA5xz7AXgoonqPiTioaztF
feqs4JLNcr/8UM4lKAheagK9Zjd6S0MjwkdLaZRb3Yd5VvFKeiNIvN5cLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAslHnD69mNmKnQhCwGcY9yYefDMB8GA1UdIwQY
MBaAFAYXAtLCkZX6Cn2xHuRl8MBUXRcJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmhjQzBzS1JsZm9LZmJFZTVHWHd3RlJkRndrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8wMGIyOGItY2M3Mi00NDA2LWI2ZDgt
NGM1MWM2Nzk3YzFmLzEvQmhjQzBzS1JsZm9LZmJFZTVHWHd3RlJkRndrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8wMGIyOGItY2M3Mi00NDA2LWI2ZDgtNGM1MWM2Nzk3YzFm
LzEvQmhjQzBzS1JsZm9LZmJFZTVHWHd3RlJkRndrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsVOZGcNM
GhSj20aQxMP1ij+HPA+ewllmp2QbFhbjUKwmjifGgPmOvgVW/xx45oT+auooh+R3
3v/9zNsXOTwahVPBIdGhkz/e3cP2HZWdmYhSOV6N4FuJoQvG87DETzOZCNUSYCiO
SZZrxoQCr4/Eq6gIFjAuHF8MNLRz19XocVCB1/CdnulSNI80Q+zIDF/LQJbbvqOk
TIqGxyelLMw56H9Cp9kTa7WnTVabtlJQVe19hDtzSeNzs3xeeftkoSaHDJ1C3k6A
QxSFTr3vYxirKPcM34X+zM69CLjQHVHH8MGx7UTnxA0v03BTeXcDsrb6NDOdAZzi
uJ5n0h4nBTd4qw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:39:03 2025 by rpki-client