Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
File: bNmlABXpaTdlb8DKW21WXkWb02A.mft (raw, json)
Hash identifier: MmQO68G11TqtsGxjyInM2jB49QNW61Jkm6anvayzegs=
Subject key identifier: 0B:04:CA:4B:F9:F2:7A:42:2C:AF:08:1A:6F:8A:08:33:D5:9A:FA:EC
Authority key identifier: 6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
Certificate issuer: /CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Certificate serial: 0199239F0821D88BB1E8897A349328EA95F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
Manifest number: 1670
Signing time: Sun 07 Sep 2025 10:00:48 +0000
Manifest this update: Sun 07 Sep 2025 10:00:48 +0000
Manifest next update: Mon 08 Sep 2025 10:00:48 +0000
Files and hashes: 1: bNmlABXpaTdlb8DKW21WXkWb02A.crl (hash: +WKqmkiUE9toG+BTAvgwmeYVvTPFX1W9b8+wAea+j7o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:9f:08:21:d8:8b:b1:e8:89:7a:34:93:28:ea:95:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Validity
Not Before: Sep 7 10:00:48 2025 GMT
Not After : Sep 8 10:00:48 2025 GMT
Subject: CN=0b04ca4bf9f27a422caf081a6f8a0833d59afaec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d7:d5:e9:bd:34:47:3c:7e:a4:d0:1c:e1:eb:
3e:3f:a4:49:32:e9:41:5f:61:8f:d0:bc:48:a7:c6:
72:0c:5f:9c:36:32:0d:e4:e6:aa:4e:f6:9e:fc:dd:
2f:a5:9c:ff:4b:a4:5a:c5:7a:bb:2d:23:08:7c:82:
d2:89:ec:7b:fa:60:a1:e6:1a:cf:b7:55:34:40:98:
7a:3b:c4:a9:e1:4f:bd:f9:36:68:6c:e3:ee:5d:38:
81:59:2c:0c:59:85:c5:c3:90:4b:33:f7:1e:1b:7f:
54:ca:c7:18:78:dc:48:0a:5a:97:3e:77:db:40:21:
c1:69:42:d1:c9:fe:ce:59:d9:33:38:5f:77:f4:77:
77:e4:71:fd:fc:c7:f9:58:f6:37:3b:ae:b9:1a:94:
bb:b7:c3:6d:81:19:66:49:7b:a3:59:56:18:8a:e0:
df:ff:23:05:2c:a5:ee:6f:25:08:d2:fa:8b:01:b5:
8a:11:a3:d0:39:16:da:ba:75:5f:b5:5d:2a:5b:94:
e7:83:cb:0a:1d:65:f3:e8:8c:57:f2:2c:40:f9:a5:
b1:1c:38:8d:ce:16:c8:d5:a5:f4:bb:6f:05:52:8d:
8b:ea:dd:5a:1f:17:9f:c2:f2:1c:43:3a:8a:2c:50:
ea:2f:b3:29:dc:03:b0:96:00:59:20:86:3a:da:28:
93:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:04:CA:4B:F9:F2:7A:42:2C:AF:08:1A:6F:8A:08:33:D5:9A:FA:EC
X509v3 Authority Key Identifier:
keyid:6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:f2:b7:a3:83:76:bf:27:7a:a2:bd:ed:80:f7:e5:c4:66:03:
5d:a2:59:40:57:01:90:1f:79:76:65:0f:bd:2e:6d:16:81:c1:
bb:d5:64:f1:6f:9a:d5:7e:1c:8d:dc:64:63:13:88:3f:2f:ac:
65:f4:89:42:2c:61:45:82:fc:ac:76:a4:ad:64:5f:55:b1:9f:
4c:ab:32:45:fe:ec:89:22:54:2e:3b:43:e1:de:09:f8:6d:db:
ac:8f:71:aa:34:cf:8e:82:28:74:2f:81:ff:1d:c9:d1:0f:77:
b9:d0:84:3c:3c:67:54:e1:b4:66:df:24:f2:cd:ab:ff:4b:7e:
e1:8f:c5:4d:67:79:8a:11:86:8a:a8:cf:ec:f8:1b:6b:46:e0:
bb:16:4d:f5:3f:15:10:f7:fd:85:52:52:25:43:5b:3a:42:26:
df:51:b9:0b:d8:e8:fe:c7:f0:47:d5:56:f4:3e:95:5e:16:38:
9c:2e:f6:c8:37:c2:c1:d0:a9:a1:93:35:7a:f8:f1:73:6d:05:
ea:22:dd:fb:72:ef:c9:cd:35:7d:94:7e:2d:d5:b8:6b:45:73:
55:8f:91:15:f8:eb:95:1c:0e:6c:95:c1:d4:01:e0:09:3d:ca:
c8:35:4f:aa:86:88:11:89:43:96:bc:1c:63:2f:ef:62:08:4e:
87:af:85:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnwgh2Iux6Il6NJMo6pX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDlhNTAwMTVlOTY5Mzc2NTZmYzBjYTViNmQ1NjVlNDU5
YmQzNjAwHhcNMjUwOTA3MTAwMDQ4WhcNMjUwOTA4MTAwMDQ4WjAzMTEwLwYDVQQD
EygwYjA0Y2E0YmY5ZjI3YTQyMmNhZjA4MWE2ZjhhMDgzM2Q1OWFmYWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdfV6b00Rzx+pNAc4es+P6RJMulB
X2GP0LxIp8ZyDF+cNjIN5OaqTvae/N0vpZz/S6RaxXq7LSMIfILSiex7+mCh5hrP
t1U0QJh6O8Sp4U+9+TZobOPuXTiBWSwMWYXFw5BLM/ceG39UyscYeNxIClqXPnfb
QCHBaULRyf7OWdkzOF939Hd35HH9/Mf5WPY3O665GpS7t8NtgRlmSXujWVYYiuDf
/yMFLKXubyUI0vqLAbWKEaPQORbaunVftV0qW5Tng8sKHWXz6IxX8ixA+aWxHDiN
zhbI1aX0u28FUo2L6t1aHxefwvIcQzqKLFDqL7Mp3AOwlgBZIIY62iiTxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAsEykv58npCLK8IGm+KCDPVmvrsMB8GA1UdIwQY
MBaAFGzZpQAV6Wk3ZW/AylttVl5Fm9NgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMt
MmI5ZDQzN2ZlOTAyLzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMtMmI5ZDQzN2ZlOTAy
LzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKPK3o4N2
vyd6or3tgPflxGYDXaJZQFcBkB95dmUPvS5tFoHBu9Vk8W+a1X4cjdxkYxOIPy+s
ZfSJQixhRYL8rHakrWRfVbGfTKsyRf7siSJULjtD4d4J+G3brI9xqjTPjoIodC+B
/x3J0Q93udCEPDxnVOG0Zt8k8s2r/0t+4Y/FTWd5ihGGiqjP7Pgba0bguxZN9T8V
EPf9hVJSJUNbOkIm31G5C9jo/sfwR9VW9D6VXhY4nC72yDfCwdCpoZM1evjxc20F
6iLd+3Lvyc01fZR+LdW4a0VzVY+RFfjrlRwObJXB1AHgCT3KyDVPqoaIEYlDlrwc
Yy/vYghOh6+Fog==
-----END CERTIFICATE-----
Generated at Sun Sep 7 14:49:38 2025 by rpki-client