Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft
File: BkizODOZAP9_O1myRtJNJofGNnw.mft (raw, json)
Hash identifier: RnfsHETydP+fq45PsFNOoD087AAKAaD2NQDx/gR3BZA=
Subject key identifier: 83:A2:49:44:C3:17:A3:45:C7:2D:BF:6F:3A:8D:B0:4A:1E:6C:2D:3F
Authority key identifier: 06:48:B3:38:33:99:00:FF:7F:3B:59:B2:46:D2:4D:26:87:C6:36:7C
Certificate issuer: /CN=0648b338339900ff7f3b59b246d24d2687c6367c
Certificate serial: 019D382E67EC69AEAD5AA2B07B8F0EF18EDF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BkizODOZAP9_O1myRtJNJofGNnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft
Manifest number: 040E
Signing time: Sun 29 Mar 2026 06:00:58 +0000
Manifest this update: Sun 29 Mar 2026 06:00:58 +0000
Manifest next update: Mon 30 Mar 2026 06:00:58 +0000
Files and hashes: 1: BkizODOZAP9_O1myRtJNJofGNnw.crl (hash: cFKBM273t3z2oqYj2Vvq38NKFrUu/H1Wiw/diWIhOd0=)
2: cfmhFWxRmQMPqxzLZOdLCKBVtII.roa (hash: hnNzoR6kq2MH8dzC1wQ5EZyQAUNnpRqddoSLhzjNpPw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BkizODOZAP9_O1myRtJNJofGNnw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:67:ec:69:ae:ad:5a:a2:b0:7b:8f:0e:f1:8e:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0648b338339900ff7f3b59b246d24d2687c6367c
Validity
Not Before: Mar 29 06:00:58 2026 GMT
Not After : Mar 30 06:00:58 2026 GMT
Subject: CN=83a24944c317a345c72dbf6f3a8db04a1e6c2d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:99:8a:c6:47:73:25:d2:40:3c:28:f8:11:80:
7c:15:2e:82:c7:47:f9:3c:38:53:36:ee:84:14:d7:
6c:02:14:a0:b5:2e:34:21:56:70:2b:df:2d:24:28:
ba:84:be:8a:d8:91:3c:1b:5a:83:71:79:9d:68:3b:
f7:11:5a:ba:a8:2d:80:76:aa:69:55:e9:02:e5:7d:
2b:40:97:b2:65:3d:e3:e1:76:86:a4:62:52:f4:56:
c4:a7:f8:c3:9e:31:13:13:9f:22:eb:ce:5e:99:86:
29:e3:a1:c4:75:d2:1e:7b:3c:e5:b3:8f:f6:29:3d:
bd:4b:60:a3:c3:7f:d6:6d:8d:a7:71:86:9b:74:4c:
c5:f5:71:08:c1:bd:c9:27:14:20:59:7a:24:f2:90:
69:6c:74:d2:a0:3b:7e:35:79:81:43:ad:5e:b0:63:
62:7d:19:d4:28:eb:4f:9f:d1:72:a7:51:a1:88:92:
63:8e:3a:00:5d:cd:cb:6e:c3:90:f0:4c:d8:20:5e:
57:85:46:df:5d:b3:7c:ee:9e:07:9f:8f:9b:59:75:
d3:c4:6d:40:58:3c:94:7e:58:b9:3f:d7:d7:70:66:
29:91:bc:82:83:65:8d:20:5c:44:fa:db:42:97:a5:
85:62:e7:04:98:cd:ed:89:d1:d0:6b:c6:8e:0d:c8:
1e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:A2:49:44:C3:17:A3:45:C7:2D:BF:6F:3A:8D:B0:4A:1E:6C:2D:3F
X509v3 Authority Key Identifier:
keyid:06:48:B3:38:33:99:00:FF:7F:3B:59:B2:46:D2:4D:26:87:C6:36:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkizODOZAP9_O1myRtJNJofGNnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:aa:e5:60:0b:e6:7d:33:5d:07:75:6f:24:c9:0e:f9:2a:f1:
54:6a:a8:fa:b9:dc:17:ea:20:39:0d:81:31:f4:93:08:4e:aa:
e2:29:c1:1e:72:e3:77:d7:91:25:86:37:00:c2:3e:82:e8:71:
33:5a:bc:54:64:1f:71:a0:03:5c:9e:e7:27:46:3c:55:cf:ec:
40:4a:6a:a8:42:4e:e0:e6:44:40:5f:a5:1d:4d:79:f9:c8:9c:
4c:a0:34:01:06:85:b0:9f:50:c3:0d:8e:db:29:73:01:7a:56:
7e:42:f7:b0:9e:0c:98:86:c4:c4:c2:22:60:e3:a1:e5:3d:1d:
18:5f:8e:cc:d4:b6:64:1f:b2:92:f5:1e:64:ff:86:63:74:b3:
eb:01:05:08:e4:be:7e:b3:12:11:99:6f:28:e4:73:56:27:1d:
37:8a:5c:9d:08:01:8e:4a:2a:2d:98:fa:54:c0:5e:4f:56:39:
34:0c:6b:f6:a9:fc:4b:24:12:d7:ce:ad:d5:c5:f0:0a:2a:67:
a5:52:d6:44:19:74:86:37:a1:45:76:b0:5c:21:43:dd:07:72:
f4:02:52:42:07:22:39:24:58:ba:df:19:9c:ef:08:10:40:3e:
86:55:99:83:55:c3:eb:e3:10:d1:0a:80:9c:dd:b8:06:5f:f9:
4f:03:85:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lmfsaa6tWqKwe48O8Y7fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NDhiMzM4MzM5OTAwZmY3ZjNiNTliMjQ2ZDI0ZDI2ODdj
NjM2N2MwHhcNMjYwMzI5MDYwMDU4WhcNMjYwMzMwMDYwMDU4WjAzMTEwLwYDVQQD
Eyg4M2EyNDk0NGMzMTdhMzQ1YzcyZGJmNmYzYThkYjA0YTFlNmMyZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JmKxkdzJdJAPCj4EYB8FS6Cx0f5
PDhTNu6EFNdsAhSgtS40IVZwK98tJCi6hL6K2JE8G1qDcXmdaDv3EVq6qC2Adqpp
VekC5X0rQJeyZT3j4XaGpGJS9FbEp/jDnjETE58i685emYYp46HEddIeezzls4/2
KT29S2Cjw3/WbY2ncYabdEzF9XEIwb3JJxQgWXok8pBpbHTSoDt+NXmBQ61esGNi
fRnUKOtPn9Fyp1GhiJJjjjoAXc3LbsOQ8EzYIF5XhUbfXbN87p4Hn4+bWXXTxG1A
WDyUfli5P9fXcGYpkbyCg2WNIFxE+ttCl6WFYucEmM3tidHQa8aODcge+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIOiSUTDF6NFxy2/bzqNsEoebC0/MB8GA1UdIwQY
MBaAFAZIszgzmQD/fztZskbSTSaHxjZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmtpek9ET1pBUDlfTzFteVJ0Sk5Kb2ZHTm53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zM2EwMzctMDY3NS00OGY4LTkyNWQt
MGQ5MThlZWRjMjZmLzEvQmtpek9ET1pBUDlfTzFteVJ0Sk5Kb2ZHTm53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zM2EwMzctMDY3NS00OGY4LTkyNWQtMGQ5MThlZWRjMjZm
LzEvQmtpek9ET1pBUDlfTzFteVJ0Sk5Kb2ZHTm53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIarlYAvm
fTNdB3VvJMkO+SrxVGqo+rncF+ogOQ2BMfSTCE6q4inBHnLjd9eRJYY3AMI+guhx
M1q8VGQfcaADXJ7nJ0Y8Vc/sQEpqqEJO4OZEQF+lHU15+cicTKA0AQaFsJ9Qww2O
2ylzAXpWfkL3sJ4MmIbExMIiYOOh5T0dGF+OzNS2ZB+ykvUeZP+GY3Sz6wEFCOS+
frMSEZlvKORzVicdN4pcnQgBjkoqLZj6VMBeT1Y5NAxr9qn8SyQS186t1cXwCipn
pVLWRBl0hjehRXawXCFD3Qdy9AJSQgciOSRYut8ZnO8IEEA+hlWZg1XD6+MQ0QqA
nN24Bl/5TwOFfQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:28:31 2026 by rpki-client