Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
File: bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft (raw, json)
Hash identifier: gUP2O1jyWZ9ztgnSf4/9RAH9KWgK+wOkOfdpX4ogbBc=
Subject key identifier: 63:FA:E4:6E:58:88:3A:41:84:36:9B:71:54:A1:51:7D:E5:3A:AD:55
Authority key identifier: 6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F
Certificate issuer: /CN=6df293212d25d4863e386b9c480ddc9be738124f
Certificate serial: 019D39AE839384875B810C8A5F4A7C488630
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
Manifest number: 1823
Signing time: Sun 29 Mar 2026 13:00:31 +0000
Manifest this update: Sun 29 Mar 2026 13:00:31 +0000
Manifest next update: Mon 30 Mar 2026 13:00:31 +0000
Files and hashes: 1: bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl (hash: mFaIZ8+/giN9Mp16zo8bWVvGN3hmHH18hHytH6ZaJrw=)
2: q4MMxbvpWnkqIJJ1G1vh9k5IaD0.roa (hash: atJClVpeASPtSX6kEGrHIIjj/e8dWQQKfuBLHQmvtvQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:83:93:84:87:5b:81:0c:8a:5f:4a:7c:48:86:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6df293212d25d4863e386b9c480ddc9be738124f
Validity
Not Before: Mar 29 13:00:31 2026 GMT
Not After : Mar 30 13:00:31 2026 GMT
Subject: CN=63fae46e58883a4184369b7154a1517de53aad55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d6:9e:1c:06:a5:30:f6:b2:3d:f2:b3:62:2e:
12:13:09:d4:dd:16:60:b1:21:56:6f:3a:d3:34:5e:
05:7b:73:7e:14:8b:19:58:63:6d:8f:e3:08:36:8a:
a0:f7:42:9e:6f:e2:c4:17:5a:c6:28:0c:b5:68:c1:
07:92:70:ba:07:ca:f7:a4:c9:cc:2c:de:4a:b7:8f:
95:43:55:68:73:44:da:0d:52:f3:e1:9a:2f:bd:4c:
5f:0f:8d:d8:2c:c5:3e:be:e8:50:03:3c:19:e3:02:
d5:b8:08:63:d5:f5:3e:7c:41:0f:7a:a4:ef:fa:21:
07:dc:03:77:26:9f:80:25:73:2d:21:da:59:06:89:
53:47:63:bf:40:8a:f3:a4:fc:e5:f1:ea:d6:f2:e9:
24:a2:91:94:3a:d9:96:7b:fb:46:69:fe:b2:ba:e4:
14:54:2a:03:42:c8:d4:da:83:2d:a5:c3:fe:ac:41:
12:07:7a:6a:06:5d:04:d5:16:c3:57:db:c4:25:37:
2f:a0:c4:45:3d:dc:f7:13:82:91:02:d7:17:33:1e:
20:6b:9c:ed:7f:0c:3f:4d:28:06:98:14:c8:3c:46:
90:5e:57:40:51:9b:1b:65:92:73:a6:ab:71:60:a4:
d1:8a:4c:f8:72:3a:54:e3:45:0f:a0:01:c3:5e:b9:
25:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:FA:E4:6E:58:88:3A:41:84:36:9B:71:54:A1:51:7D:E5:3A:AD:55
X509v3 Authority Key Identifier:
keyid:6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:01:3a:1a:0b:1f:36:13:d0:5a:18:c9:73:cf:67:8e:85:a1:
d5:0b:56:95:6e:6a:df:b7:6b:02:09:af:ff:60:e9:e3:91:79:
a5:25:8a:5f:04:55:0d:b0:10:60:37:db:e2:87:0f:81:ee:33:
f4:83:35:cb:b4:8f:0f:21:2a:ef:a1:05:21:0e:3c:9a:85:8a:
ae:fa:7c:57:ca:89:3a:5e:64:c2:2b:09:3b:09:e3:52:16:9a:
22:9d:7c:fd:7c:bd:8c:5c:ce:3a:32:8e:26:8d:6f:a0:b5:4f:
07:1f:3f:3d:90:36:cc:5a:77:f6:64:f8:75:4b:b9:77:1c:a5:
51:3a:ce:20:09:86:04:61:8b:93:77:82:81:6e:a0:88:69:81:
f2:fe:5b:40:b9:86:8f:82:92:e4:55:76:f7:fb:4e:d6:97:13:
38:ff:9d:a7:93:fb:f6:0c:70:06:d7:cd:80:5d:48:97:48:fb:
70:6b:37:19:d2:30:46:57:f5:91:3c:4b:2b:f6:ee:0a:95:d0:
16:af:90:ed:e8:b6:12:3d:80:79:eb:a8:9b:78:03:a8:43:fe:
96:23:b8:2f:9c:6b:00:09:b0:66:8d:b9:bd:73:a9:70:2b:51:
90:5e:09:e9:a2:74:e3:db:a6:57:73:11:d6:b3:e4:69:c6:6e:
61:27:b3:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05roOThIdbgQyKX0p8SIYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZjI5MzIxMmQyNWQ0ODYzZTM4NmI5YzQ4MGRkYzliZTcz
ODEyNGYwHhcNMjYwMzI5MTMwMDMxWhcNMjYwMzMwMTMwMDMxWjAzMTEwLwYDVQQD
Eyg2M2ZhZTQ2ZTU4ODgzYTQxODQzNjliNzE1NGExNTE3ZGU1M2FhZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39aeHAalMPayPfKzYi4SEwnU3RZg
sSFWbzrTNF4Fe3N+FIsZWGNtj+MINoqg90Keb+LEF1rGKAy1aMEHknC6B8r3pMnM
LN5Kt4+VQ1Voc0TaDVLz4ZovvUxfD43YLMU+vuhQAzwZ4wLVuAhj1fU+fEEPeqTv
+iEH3AN3Jp+AJXMtIdpZBolTR2O/QIrzpPzl8erW8ukkopGUOtmWe/tGaf6yuuQU
VCoDQsjU2oMtpcP+rEESB3pqBl0E1RbDV9vEJTcvoMRFPdz3E4KRAtcXMx4ga5zt
fww/TSgGmBTIPEaQXldAUZsbZZJzpqtxYKTRikz4cjpU40UPoAHDXrklcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGP65G5YiDpBhDabcVShUX3lOq1VMB8GA1UdIwQY
MBaAFG3ykyEtJdSGPjhrnEgN3JvnOBJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYt
ZjQwMDQwMmI1MzZjLzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYtZjQwMDQwMmI1MzZj
LzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKwE6Ggsf
NhPQWhjJc89njoWh1QtWlW5q37drAgmv/2Dp45F5pSWKXwRVDbAQYDfb4ocPge4z
9IM1y7SPDyEq76EFIQ48moWKrvp8V8qJOl5kwisJOwnjUhaaIp18/Xy9jFzOOjKO
Jo1voLVPBx8/PZA2zFp39mT4dUu5dxylUTrOIAmGBGGLk3eCgW6giGmB8v5bQLmG
j4KS5FV29/tO1pcTOP+dp5P79gxwBtfNgF1Il0j7cGs3GdIwRlf1kTxLK/buCpXQ
Fq+Q7ei2Ej2Aeeuom3gDqEP+liO4L5xrAAmwZo25vXOpcCtRkF4J6aJ049umV3MR
1rPkacZuYSezrw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:27:51 2026 by rpki-client