Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ebf169-be17-4ce9-9275-081786ab0748/1/bchbZ4jkUMBUE0row2V0iyP3Qmc.mft
File: bchbZ4jkUMBUE0row2V0iyP3Qmc.mft (raw, json)
Hash identifier: +ykLdymPEXLHriRKTe7BwRuKWwbYdomH5diOhk6a37c=
Subject key identifier: A8:B7:40:7E:7E:F6:51:61:85:1A:42:A1:A2:25:2D:80:C7:B0:EB:2A
Authority key identifier: 6D:C8:5B:67:88:E4:50:C0:54:13:4A:E8:C3:65:74:8B:23:F7:42:67
Certificate issuer: /CN=6dc85b6788e450c054134ae8c365748b23f74267
Certificate serial: 019A71EEE477EDDF7D541EF57E844F5B27F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bchbZ4jkUMBUE0row2V0iyP3Qmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ebf169-be17-4ce9-9275-081786ab0748/1/bchbZ4jkUMBUE0row2V0iyP3Qmc.mft
Manifest number: 0899
Signing time: Tue 11 Nov 2025 08:01:12 +0000
Manifest this update: Tue 11 Nov 2025 08:01:12 +0000
Manifest next update: Wed 12 Nov 2025 08:01:12 +0000
Files and hashes: 1: HuuruuJUnyizGG7iC01ujDUd5zE.roa (hash: zJUuXbnFQXiP5Cz81qdrVSNYrr0dHAG+T0ZkZ/sUgdY=)
2: bchbZ4jkUMBUE0row2V0iyP3Qmc.crl (hash: CdPxigaNdaL6yFOeuQKZctNKzQfFWNRWu2zP8IM4Cgs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/ebf169-be17-4ce9-9275-081786ab0748/1/bchbZ4jkUMBUE0row2V0iyP3Qmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/ebf169-be17-4ce9-9275-081786ab0748/1/bchbZ4jkUMBUE0row2V0iyP3Qmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/bchbZ4jkUMBUE0row2V0iyP3Qmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:e4:77:ed:df:7d:54:1e:f5:7e:84:4f:5b:27:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dc85b6788e450c054134ae8c365748b23f74267
Validity
Not Before: Nov 11 08:01:12 2025 GMT
Not After : Nov 12 08:01:12 2025 GMT
Subject: CN=a8b7407e7ef65161851a42a1a2252d80c7b0eb2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6c:47:de:c0:05:c8:95:3c:f7:c8:47:b7:4f:
49:e6:44:74:c7:b3:04:90:2a:38:95:6f:56:5e:24:
23:53:39:86:64:cc:45:c9:59:29:80:82:0b:f0:49:
c8:88:4d:b0:1d:58:2d:c8:69:7d:d6:41:2d:b3:9a:
ce:c4:cc:2d:13:6f:64:40:94:23:5a:be:1d:b9:71:
b8:8a:f0:6e:c8:a6:0f:32:f5:e6:f3:6d:5d:27:c6:
21:05:93:69:91:2f:6e:b0:ef:ad:7f:f5:1d:c4:b0:
54:71:88:af:ae:f7:bf:b6:6d:4a:d2:0d:e3:a2:e8:
09:97:38:d0:f8:39:cd:de:26:ac:74:f0:af:ae:54:
57:88:93:f6:c0:c7:ce:48:9e:3d:80:49:80:5d:82:
91:ee:3e:84:b5:0b:c5:1f:9b:f0:5a:7f:6e:79:75:
8b:ea:0c:1e:f2:da:a8:48:94:60:1c:60:1f:56:da:
1e:dd:84:ed:51:02:75:6a:85:f2:f6:9b:e5:9c:b4:
1a:03:c7:bb:b5:1e:9f:4d:74:36:ec:09:ab:f2:e4:
ca:b0:23:a6:7e:9f:08:fa:cd:24:04:da:ac:cb:e9:
e0:73:81:71:8b:2a:42:15:e0:5f:98:2f:b4:3f:77:
02:4c:51:6c:93:61:1e:25:25:4e:b1:0f:f4:e6:16:
60:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B7:40:7E:7E:F6:51:61:85:1A:42:A1:A2:25:2D:80:C7:B0:EB:2A
X509v3 Authority Key Identifier:
keyid:6D:C8:5B:67:88:E4:50:C0:54:13:4A:E8:C3:65:74:8B:23:F7:42:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bchbZ4jkUMBUE0row2V0iyP3Qmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ebf169-be17-4ce9-9275-081786ab0748/1/bchbZ4jkUMBUE0row2V0iyP3Qmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ebf169-be17-4ce9-9275-081786ab0748/1/bchbZ4jkUMBUE0row2V0iyP3Qmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:e4:b2:b1:b3:6c:59:97:45:06:0b:68:aa:f3:08:19:8d:86:
7b:63:b5:08:ee:28:b7:83:03:89:50:1a:20:c9:45:9f:d4:d8:
ed:9c:50:6e:ba:18:df:9d:3d:db:8e:60:1a:59:dc:bd:7b:3c:
cb:4d:0b:d8:f0:4c:a2:62:fe:6a:ef:3e:f6:85:22:5b:53:69:
eb:45:91:51:f5:2a:01:c9:f1:84:ac:0a:a6:91:86:9a:08:c6:
4b:27:66:95:20:1d:7a:1d:08:af:49:db:d3:3d:c4:a9:e7:37:
3c:34:1d:5d:07:4b:11:96:7a:b4:b1:72:1c:c8:9e:af:22:03:
b5:62:44:93:47:a6:3b:4d:6f:45:21:72:05:d5:a8:cf:f2:c2:
06:56:db:32:f3:84:c3:16:20:d1:e0:9b:8d:9f:9c:a0:19:e3:
b6:d5:1c:23:c2:36:ed:f2:12:f3:7a:41:4c:0d:6d:5e:63:01:
06:62:da:ba:ad:3e:1e:fa:53:82:75:f1:b6:f0:8a:50:a3:f7:
30:d2:df:e8:cf:25:3e:0c:86:96:67:37:09:93:14:69:7e:89:
05:96:c1:8c:22:ce:db:64:f7:ed:2b:87:58:3a:27:49:93:a7:
e0:c0:77:52:a1:55:6c:e7:94:94:cb:18:cb:f0:22:99:d8:ed:
4f:a5:c3:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7uR37d99VB71foRPWyf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYzg1YjY3ODhlNDUwYzA1NDEzNGFlOGMzNjU3NDhiMjNm
NzQyNjcwHhcNMjUxMTExMDgwMTEyWhcNMjUxMTEyMDgwMTEyWjAzMTEwLwYDVQQD
EyhhOGI3NDA3ZTdlZjY1MTYxODUxYTQyYTFhMjI1MmQ4MGM3YjBlYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWxH3sAFyJU898hHt09J5kR0x7ME
kCo4lW9WXiQjUzmGZMxFyVkpgIIL8EnIiE2wHVgtyGl91kEts5rOxMwtE29kQJQj
Wr4duXG4ivBuyKYPMvXm821dJ8YhBZNpkS9usO+tf/UdxLBUcYivrve/tm1K0g3j
ougJlzjQ+DnN3iasdPCvrlRXiJP2wMfOSJ49gEmAXYKR7j6EtQvFH5vwWn9ueXWL
6gwe8tqoSJRgHGAfVtoe3YTtUQJ1aoXy9pvlnLQaA8e7tR6fTXQ27Amr8uTKsCOm
fp8I+s0kBNqsy+ngc4FxiypCFeBfmC+0P3cCTFFsk2EeJSVOsQ/05hZgfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKi3QH5+9lFhhRpCoaIlLYDHsOsqMB8GA1UdIwQY
MBaAFG3IW2eI5FDAVBNK6MNldIsj90JnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmNoYlo0amtVTUJVRTByb3cyVjBpeVAzUW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lYmYxNjktYmUxNy00Y2U5LTkyNzUt
MDgxNzg2YWIwNzQ4LzEvYmNoYlo0amtVTUJVRTByb3cyVjBpeVAzUW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lYmYxNjktYmUxNy00Y2U5LTkyNzUtMDgxNzg2YWIwNzQ4
LzEvYmNoYlo0amtVTUJVRTByb3cyVjBpeVAzUW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADeSysbNs
WZdFBgtoqvMIGY2Ge2O1CO4ot4MDiVAaIMlFn9TY7ZxQbroY3509245gGlncvXs8
y00L2PBMomL+au8+9oUiW1Np60WRUfUqAcnxhKwKppGGmgjGSydmlSAdeh0Ir0nb
0z3Eqec3PDQdXQdLEZZ6tLFyHMieryIDtWJEk0emO01vRSFyBdWoz/LCBlbbMvOE
wxYg0eCbjZ+coBnjttUcI8I27fIS83pBTA1tXmMBBmLauq0+HvpTgnXxtvCKUKP3
MNLf6M8lPgyGlmc3CZMUaX6JBZbBjCLO22T37SuHWDonSZOn4MB3UqFVbOeUlMsY
y/AimdjtT6XDzA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:48:45 2025 by rpki-client