Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/e62879-2c69-40c3-b116-0e46875d45fd/1/BgOecctxUgSoPMJTgi3CmmLHmeY.mft
File: BgOecctxUgSoPMJTgi3CmmLHmeY.mft (raw, json)
Hash identifier: Pneey1aoj8ZifKd+V/BK5mMaCC1Dg60LGML883JXe7Y=
Subject key identifier: A4:4C:C5:1B:54:DC:ED:A5:5C:D5:D0:25:E1:97:1E:2C:F5:33:5C:38
Authority key identifier: 06:03:9E:71:CB:71:52:04:A8:3C:C2:53:82:2D:C2:9A:62:C7:99:E6
Certificate issuer: /CN=06039e71cb715204a83cc253822dc29a62c799e6
Certificate serial: 019A71B7D1B8028044D19FD253B90B69DCB1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BgOecctxUgSoPMJTgi3CmmLHmeY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/e62879-2c69-40c3-b116-0e46875d45fd/1/BgOecctxUgSoPMJTgi3CmmLHmeY.mft
Manifest number: 0830
Signing time: Tue 11 Nov 2025 07:01:03 +0000
Manifest this update: Tue 11 Nov 2025 07:01:03 +0000
Manifest next update: Wed 12 Nov 2025 07:01:03 +0000
Files and hashes: 1: AzSimOOUCBaH0nGWbesdL3p-c-Y.roa (hash: tmnAHG5c86gcxksbrSaGyYNVU434mmJFa3fZgdZ+AZw=)
2: BgOecctxUgSoPMJTgi3CmmLHmeY.crl (hash: NMpH+Fj5KUorpy+PBxET0hftmrWHt1cdX53khcGAumE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/e62879-2c69-40c3-b116-0e46875d45fd/1/BgOecctxUgSoPMJTgi3CmmLHmeY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/e62879-2c69-40c3-b116-0e46875d45fd/1/BgOecctxUgSoPMJTgi3CmmLHmeY.mft
rsync://rpki.ripe.net/repository/DEFAULT/BgOecctxUgSoPMJTgi3CmmLHmeY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:d1:b8:02:80:44:d1:9f:d2:53:b9:0b:69:dc:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06039e71cb715204a83cc253822dc29a62c799e6
Validity
Not Before: Nov 11 07:01:03 2025 GMT
Not After : Nov 12 07:01:03 2025 GMT
Subject: CN=a44cc51b54dceda55cd5d025e1971e2cf5335c38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:31:cb:08:59:db:f1:2b:43:76:35:1a:ca:2f:
7f:e0:d9:00:f0:ff:f8:94:e8:fb:01:c6:6a:67:f8:
79:5b:fb:6e:6e:a4:71:a4:8b:ef:33:7f:3f:71:e8:
55:db:43:72:f4:66:96:c3:b9:78:98:d0:c6:57:ea:
7a:88:96:3a:52:98:ee:4a:4d:81:0d:84:48:34:0c:
85:78:40:f4:a6:0c:1b:39:94:0a:79:c8:ce:8a:1f:
36:e7:77:52:2e:9e:1e:99:e5:08:6c:e3:f5:d8:c4:
02:80:69:46:8b:16:79:be:ae:2a:2b:56:b9:e8:d8:
34:1b:45:f2:36:44:24:7d:fd:98:bb:a9:e0:0f:79:
1f:f2:08:83:79:02:bb:bd:de:b1:67:cf:0e:e2:22:
e9:58:a0:e0:af:0b:2b:a5:82:aa:30:5c:db:6e:04:
86:d9:17:91:c9:6a:cb:7b:00:59:69:dd:cc:02:eb:
7d:d2:8c:88:82:6a:6e:71:34:b0:3e:13:ee:e6:4e:
df:e6:18:97:85:06:9f:4a:b7:da:e0:82:b4:45:ba:
4a:77:a8:c1:31:4c:ea:e2:66:d8:34:d1:ff:1d:5b:
47:04:2a:79:47:b3:6c:97:0d:81:c0:7c:f1:af:34:
00:7f:1e:39:ea:64:6f:02:7a:5d:b3:e6:29:28:ad:
3a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:4C:C5:1B:54:DC:ED:A5:5C:D5:D0:25:E1:97:1E:2C:F5:33:5C:38
X509v3 Authority Key Identifier:
keyid:06:03:9E:71:CB:71:52:04:A8:3C:C2:53:82:2D:C2:9A:62:C7:99:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgOecctxUgSoPMJTgi3CmmLHmeY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/e62879-2c69-40c3-b116-0e46875d45fd/1/BgOecctxUgSoPMJTgi3CmmLHmeY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/e62879-2c69-40c3-b116-0e46875d45fd/1/BgOecctxUgSoPMJTgi3CmmLHmeY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b5:db:05:e0:67:80:c2:1d:2e:cd:2c:16:a5:5c:98:a9:ab:f7:
80:26:f8:c8:7b:ff:84:59:17:a4:b0:0f:03:94:7f:bc:22:ed:
9f:0f:6b:94:6c:71:f2:b4:b7:28:74:ea:76:84:b8:2a:75:7f:
cd:4c:2e:90:fe:fc:9e:18:7c:a4:d6:05:db:00:21:30:b6:3a:
07:68:38:66:55:e5:2b:a5:d0:4c:41:2a:fb:b6:af:06:12:58:
b0:82:a4:3b:4a:15:b6:91:42:d1:e3:42:d8:29:0a:f0:36:ef:
af:41:2f:59:f7:37:38:46:3a:65:77:32:2b:42:c6:6d:2d:c2:
e8:a1:6e:b1:3f:20:b7:5c:81:f2:e4:d9:de:35:93:42:ec:f2:
6c:ee:be:08:cb:39:9e:96:d5:f2:9b:2c:fa:07:19:13:b6:7c:
ce:34:f7:ad:ea:c7:fa:8c:e1:ba:1c:68:a7:d5:0b:fe:d5:c3:
8d:b5:25:1a:c6:c4:35:8b:28:86:87:71:7a:6a:be:91:fd:c1:
e7:6b:01:39:2e:3a:0d:5b:38:54:bc:e4:6b:9f:90:04:99:37:
e5:90:0b:23:bf:90:2d:09:6e:56:6a:b9:b4:ce:ad:ce:ce:21:
0f:a9:a8:63:c6:38:17:49:85:62:00:73:42:ee:7d:db:34:86:
f5:f6:01:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt9G4AoBE0Z/SU7kLadyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDM5ZTcxY2I3MTUyMDRhODNjYzI1MzgyMmRjMjlhNjJj
Nzk5ZTYwHhcNMjUxMTExMDcwMTAzWhcNMjUxMTEyMDcwMTAzWjAzMTEwLwYDVQQD
EyhhNDRjYzUxYjU0ZGNlZGE1NWNkNWQwMjVlMTk3MWUyY2Y1MzM1YzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzHLCFnb8StDdjUayi9/4NkA8P/4
lOj7AcZqZ/h5W/tubqRxpIvvM38/cehV20Ny9GaWw7l4mNDGV+p6iJY6UpjuSk2B
DYRINAyFeED0pgwbOZQKecjOih8253dSLp4emeUIbOP12MQCgGlGixZ5vq4qK1a5
6Ng0G0XyNkQkff2Yu6ngD3kf8giDeQK7vd6xZ88O4iLpWKDgrwsrpYKqMFzbbgSG
2ReRyWrLewBZad3MAut90oyIgmpucTSwPhPu5k7f5hiXhQafSrfa4IK0RbpKd6jB
MUzq4mbYNNH/HVtHBCp5R7Nslw2BwHzxrzQAfx456mRvAnpds+YpKK060wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKRMxRtU3O2lXNXQJeGXHiz1M1w4MB8GA1UdIwQY
MBaAFAYDnnHLcVIEqDzCU4Itwppix5nmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdPZWNjdHhVZ1NvUE1KVGdpM0NtbUxIbWVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9lNjI4NzktMmM2OS00MGMzLWIxMTYt
MGU0Njg3NWQ0NWZkLzEvQmdPZWNjdHhVZ1NvUE1KVGdpM0NtbUxIbWVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9lNjI4NzktMmM2OS00MGMzLWIxMTYtMGU0Njg3NWQ0NWZk
LzEvQmdPZWNjdHhVZ1NvUE1KVGdpM0NtbUxIbWVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtdsF4GeA
wh0uzSwWpVyYqav3gCb4yHv/hFkXpLAPA5R/vCLtnw9rlGxx8rS3KHTqdoS4KnV/
zUwukP78nhh8pNYF2wAhMLY6B2g4ZlXlK6XQTEEq+7avBhJYsIKkO0oVtpFC0eNC
2CkK8Dbvr0EvWfc3OEY6ZXcyK0LGbS3C6KFusT8gt1yB8uTZ3jWTQuzybO6+CMs5
npbV8pss+gcZE7Z8zjT3rerH+ozhuhxop9UL/tXDjbUlGsbENYsohodxemq+kf3B
52sBOS46DVs4VLzka5+QBJk35ZALI7+QLQluVmq5tM6tzs4hD6moY8Y4F0mFYgBz
Qu592zSG9fYBaw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:06:38 2025 by rpki-client