Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
File: bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft (raw, json)
Hash identifier: p+zNoYvlMm6xY2/ZA98PVMmWkQGBorlxzjc2/UhrJl4=
Subject key identifier: 3A:A5:18:08:6E:7D:26:A4:47:66:72:C7:42:2A:AC:D3:78:9F:63:2E
Authority key identifier: 6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F
Certificate issuer: /CN=6df293212d25d4863e386b9c480ddc9be738124f
Certificate serial: 019A1986917293A734BAF7992C649185E3BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
Manifest number: 1684
Signing time: Sat 25 Oct 2025 04:00:40 +0000
Manifest this update: Sat 25 Oct 2025 04:00:40 +0000
Manifest next update: Sun 26 Oct 2025 04:00:40 +0000
Files and hashes: 1: HoMgEifDpVQ65AHqBFCCx_7uMoE.roa (hash: MZgT/uxhPiKd1q/F+OrFW0KnU1po9n7PWWPZxZXmYvg=)
2: bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl (hash: /roSPAxbzVs+mUfLGhIwC6ElvCzpHv5UnbsdCrllj2E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 04:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:19:86:91:72:93:a7:34:ba:f7:99:2c:64:91:85:e3:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6df293212d25d4863e386b9c480ddc9be738124f
Validity
Not Before: Oct 25 04:00:40 2025 GMT
Not After : Oct 26 04:00:40 2025 GMT
Subject: CN=3aa518086e7d26a4476672c7422aacd3789f632e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:9b:09:a3:77:fb:7a:e5:28:1f:1c:c9:5b:9e:
6d:6c:54:cf:76:93:84:61:9e:44:dd:a9:c7:e8:f7:
62:b8:54:0a:39:94:e7:22:e4:e0:37:f8:b0:97:b7:
d0:2a:04:58:4a:67:f6:94:6b:78:70:32:80:8b:17:
93:be:56:36:ce:30:e3:3a:7c:c4:28:14:70:3c:de:
3d:bc:78:b1:96:38:d3:49:12:de:a7:08:de:71:22:
ec:2b:c5:99:8e:bc:91:5d:db:cf:13:ad:b3:0f:e6:
08:cd:90:2b:02:4e:69:22:6d:fd:9f:40:05:c3:c8:
ff:60:0f:f6:3d:62:3a:e6:ec:10:aa:bc:b4:32:21:
73:4f:ba:30:63:2a:3f:dc:89:de:d6:b6:14:90:cd:
d7:1f:d0:86:26:88:20:6f:8e:fe:42:6f:18:b8:11:
00:d7:20:b7:fd:59:90:78:b1:7f:8f:7f:5a:07:fe:
54:ff:78:69:ed:04:eb:ee:a5:ed:a6:b7:fd:5b:75:
89:81:d4:5a:51:03:57:f1:0c:4c:82:59:f4:79:5f:
8b:d1:0c:3c:3c:1f:83:7a:81:90:06:00:08:16:c6:
df:19:cc:ab:c7:b6:81:c4:9c:c9:d7:05:ff:c2:b6:
5c:a9:1c:15:24:6f:08:df:4d:88:1a:5e:08:e4:5d:
1e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A5:18:08:6E:7D:26:A4:47:66:72:C7:42:2A:AC:D3:78:9F:63:2E
X509v3 Authority Key Identifier:
keyid:6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:ab:33:f3:c2:07:d5:2b:a2:41:99:44:2a:f8:23:b9:49:97:
35:85:6c:06:69:bc:f7:f8:fc:bc:12:99:82:12:b4:b5:f9:98:
b9:7c:56:a8:dd:a5:eb:aa:77:82:64:95:87:01:d6:10:0c:b1:
44:f4:6e:fb:7f:87:b1:bd:a8:2d:0e:15:68:4b:7b:18:8c:1f:
b2:20:09:97:01:41:f3:64:29:ec:b6:3e:5b:22:48:16:01:2d:
f1:95:da:a3:8b:97:58:5e:d5:18:89:1a:f7:fa:bb:02:93:2c:
b2:f3:bc:ec:be:09:ea:db:2f:f7:e6:28:b7:18:da:ee:bd:18:
cc:c5:af:6b:f5:31:88:dc:cf:a5:de:54:e4:92:be:38:5e:56:
35:13:74:8b:77:da:87:07:d1:15:2f:a5:6e:14:00:52:5e:b5:
7d:64:3b:ff:a2:ad:1f:58:b4:b9:5a:64:ef:65:26:26:3e:69:
9a:fb:45:f4:4a:e0:62:9b:4a:05:31:fc:72:40:86:da:6a:11:
1e:72:38:8a:42:1a:15:19:60:39:a3:49:33:5c:d7:99:12:f2:
48:b1:54:c3:b3:bc:7f:1c:8a:90:b4:5f:a7:79:e9:dc:28:8f:
10:d6:0f:05:75:b1:48:8a:ff:f4:4c:58:44:10:5f:2c:1c:a6:
5d:9a:d8:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoZhpFyk6c0uveZLGSRheO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZjI5MzIxMmQyNWQ0ODYzZTM4NmI5YzQ4MGRkYzliZTcz
ODEyNGYwHhcNMjUxMDI1MDQwMDQwWhcNMjUxMDI2MDQwMDQwWjAzMTEwLwYDVQQD
EygzYWE1MTgwODZlN2QyNmE0NDc2NjcyYzc0MjJhYWNkMzc4OWY2MzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ZsJo3f7euUoHxzJW55tbFTPdpOE
YZ5E3anH6PdiuFQKOZTnIuTgN/iwl7fQKgRYSmf2lGt4cDKAixeTvlY2zjDjOnzE
KBRwPN49vHixljjTSRLepwjecSLsK8WZjryRXdvPE62zD+YIzZArAk5pIm39n0AF
w8j/YA/2PWI65uwQqry0MiFzT7owYyo/3Ine1rYUkM3XH9CGJoggb47+Qm8YuBEA
1yC3/VmQeLF/j39aB/5U/3hp7QTr7qXtprf9W3WJgdRaUQNX8QxMgln0eV+L0Qw8
PB+DeoGQBgAIFsbfGcyrx7aBxJzJ1wX/wrZcqRwVJG8I302IGl4I5F0eXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDqlGAhufSakR2Zyx0IqrNN4n2MuMB8GA1UdIwQY
MBaAFG3ykyEtJdSGPjhrnEgN3JvnOBJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYt
ZjQwMDQwMmI1MzZjLzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYtZjQwMDQwMmI1MzZj
LzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdasz88IH
1SuiQZlEKvgjuUmXNYVsBmm89/j8vBKZghK0tfmYuXxWqN2l66p3gmSVhwHWEAyx
RPRu+3+Hsb2oLQ4VaEt7GIwfsiAJlwFB82Qp7LY+WyJIFgEt8ZXao4uXWF7VGIka
9/q7ApMssvO87L4J6tsv9+Yotxja7r0YzMWva/UxiNzPpd5U5JK+OF5WNRN0i3fa
hwfRFS+lbhQAUl61fWQ7/6KtH1i0uVpk72UmJj5pmvtF9ErgYptKBTH8ckCG2moR
HnI4ikIaFRlgOaNJM1zXmRLySLFUw7O8fxyKkLRfp3np3CiPENYPBXWxSIr/9ExY
RBBfLBymXZrYlQ==
-----END CERTIFICATE-----
Generated at Sat Oct 25 13:21:56 2025 by rpki-client