Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
File: bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft (raw, json)
Hash identifier: 4arNX8kb8uBMjwe6YfS49atQ15ZvBwSRUlnx6ix3ge8=
Subject key identifier: 38:EA:43:D2:BD:14:C0:F6:9F:A4:DF:BF:74:FC:61:56:90:98:95:13
Authority key identifier: 6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F
Certificate issuer: /CN=6df293212d25d4863e386b9c480ddc9be738124f
Certificate serial: 019922559137E9DA62539F26D0C578334D34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
Manifest number: 1604
Signing time: Sun 07 Sep 2025 04:00:56 +0000
Manifest this update: Sun 07 Sep 2025 04:00:56 +0000
Manifest next update: Mon 08 Sep 2025 04:00:56 +0000
Files and hashes: 1: HoMgEifDpVQ65AHqBFCCx_7uMoE.roa (hash: MZgT/uxhPiKd1q/F+OrFW0KnU1po9n7PWWPZxZXmYvg=)
2: bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl (hash: KuF5ooKxHOl/OFBKSzIjsUAdQMf7e0Yy5y/vLv51adM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:55:91:37:e9:da:62:53:9f:26:d0:c5:78:33:4d:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6df293212d25d4863e386b9c480ddc9be738124f
Validity
Not Before: Sep 7 04:00:56 2025 GMT
Not After : Sep 8 04:00:56 2025 GMT
Subject: CN=38ea43d2bd14c0f69fa4dfbf74fc615690989513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f0:3a:0b:b2:0b:70:79:58:38:76:85:60:cf:
31:a9:6f:ca:6c:5f:8c:bf:4d:ab:d8:28:59:f6:19:
8c:3d:bc:30:e4:73:7d:37:8f:6b:47:f4:48:68:1e:
92:a7:f7:e1:01:95:b7:e0:f4:f6:3a:19:25:2d:dc:
d2:c4:76:8a:1a:04:12:09:17:e8:7f:73:9b:16:f9:
0c:0e:01:13:c2:38:5d:af:bb:65:9e:a6:99:66:a9:
23:b0:21:e3:8c:52:d4:2f:f9:e3:cf:ba:57:ad:ff:
43:62:c0:a8:b0:13:f0:d9:61:48:cb:18:4c:ed:5d:
1d:ab:77:c3:6a:31:92:b4:73:83:cb:c1:a7:66:89:
78:c7:21:23:ee:f2:60:c2:1e:83:eb:10:10:ef:02:
3c:81:84:d9:5b:94:c7:9b:31:fa:69:60:e0:d9:a8:
d8:87:eb:93:1e:aa:94:ff:80:1e:b2:ec:4b:53:01:
3a:fb:97:5e:17:08:b6:85:93:54:34:59:1c:49:cd:
b7:a5:57:e5:41:12:5b:e2:bf:8f:c1:e9:7e:57:dc:
f8:fc:48:f6:73:c3:c1:e7:db:67:95:29:54:d4:41:
91:4a:4a:a1:46:e9:5b:6f:93:85:be:67:4f:83:52:
34:7a:67:75:f3:47:ec:08:e8:e7:5e:3d:fa:d6:41:
38:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EA:43:D2:BD:14:C0:F6:9F:A4:DF:BF:74:FC:61:56:90:98:95:13
X509v3 Authority Key Identifier:
keyid:6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:88:04:3b:b6:32:19:e0:11:39:31:7f:59:7c:3a:9d:1b:49:
f5:86:81:e2:a7:76:39:e1:75:71:70:19:47:3a:99:72:0d:fa:
c7:36:91:86:e6:e9:39:48:c2:8a:03:87:4a:ed:06:c6:b5:2f:
65:90:76:0c:85:7c:3d:9d:38:04:df:78:f9:3a:94:b7:fa:12:
f4:52:1e:89:07:56:83:25:25:a4:a5:58:75:23:41:9e:54:48:
50:a7:30:34:a6:bd:5d:02:d3:a1:8a:43:08:e3:d4:3b:16:43:
6f:02:23:6a:6e:e6:38:e1:26:99:62:26:53:bf:f2:ce:33:a3:
ad:7a:e3:22:d2:4f:4b:52:f9:1d:e3:34:bb:92:5d:d3:70:e5:
ac:13:47:4c:2e:37:41:1b:21:58:6c:e1:a4:7a:46:9e:94:05:
10:30:3c:64:e1:06:15:2f:82:58:ac:40:e0:86:49:f4:d0:ea:
87:12:f7:45:7e:64:8f:f1:9c:7d:ff:df:8f:be:67:ad:95:6a:
3a:8a:39:06:f6:1f:97:e9:af:df:d7:f1:f6:28:2b:d4:04:ef:
b9:bd:42:dd:7f:4c:12:ca:56:9f:84:75:66:ef:8d:ff:97:2b:
da:69:be:ed:ea:aa:6e:fc:2d:a4:a1:39:d8:6c:20:1d:f7:b3:
57:ed:b5:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVZE36dpiU58m0MV4M000MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZjI5MzIxMmQyNWQ0ODYzZTM4NmI5YzQ4MGRkYzliZTcz
ODEyNGYwHhcNMjUwOTA3MDQwMDU2WhcNMjUwOTA4MDQwMDU2WjAzMTEwLwYDVQQD
EygzOGVhNDNkMmJkMTRjMGY2OWZhNGRmYmY3NGZjNjE1NjkwOTg5NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPA6C7ILcHlYOHaFYM8xqW/KbF+M
v02r2ChZ9hmMPbww5HN9N49rR/RIaB6Sp/fhAZW34PT2OhklLdzSxHaKGgQSCRfo
f3ObFvkMDgETwjhdr7tlnqaZZqkjsCHjjFLUL/njz7pXrf9DYsCosBPw2WFIyxhM
7V0dq3fDajGStHODy8GnZol4xyEj7vJgwh6D6xAQ7wI8gYTZW5THmzH6aWDg2ajY
h+uTHqqU/4AesuxLUwE6+5deFwi2hZNUNFkcSc23pVflQRJb4r+Pwel+V9z4/Ej2
c8PB59tnlSlU1EGRSkqhRulbb5OFvmdPg1I0emd180fsCOjnXj361kE4bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjqQ9K9FMD2n6Tfv3T8YVaQmJUTMB8GA1UdIwQY
MBaAFG3ykyEtJdSGPjhrnEgN3JvnOBJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYt
ZjQwMDQwMmI1MzZjLzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYtZjQwMDQwMmI1MzZj
LzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABIgEO7Yy
GeAROTF/WXw6nRtJ9YaB4qd2OeF1cXAZRzqZcg36xzaRhubpOUjCigOHSu0GxrUv
ZZB2DIV8PZ04BN94+TqUt/oS9FIeiQdWgyUlpKVYdSNBnlRIUKcwNKa9XQLToYpD
COPUOxZDbwIjam7mOOEmmWImU7/yzjOjrXrjItJPS1L5HeM0u5Jd03DlrBNHTC43
QRshWGzhpHpGnpQFEDA8ZOEGFS+CWKxA4IZJ9NDqhxL3RX5kj/Gcff/fj75nrZVq
Ooo5BvYfl+mv39fx9igr1ATvub1C3X9MEspWn4R1Zu+N/5cr2mm+7eqqbvwtpKE5
2GwgHfezV+21BQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:26:55 2025 by rpki-client