Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.mft
File: BfWa7cKCluKRck95N954jichZAg.mft (raw, json)
Hash identifier: mWR+KAu+w8ePneWudqNIjnl5s08dy91exCCuIdLTa1M=
Subject key identifier: 55:0F:16:8F:D4:BF:E6:AB:82:2F:C7:82:2D:C5:0C:39:7F:61:00:2B
Authority key identifier: 05:F5:9A:ED:C2:82:96:E2:91:72:4F:79:37:DE:78:8E:27:21:64:08
Certificate issuer: /CN=05f59aedc28296e291724f7937de788e27216408
Certificate serial: 019D3940B32B3AEC7A24C0F2A76690436465
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfWa7cKCluKRck95N954jichZAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.mft
Manifest number: 17AD
Signing time: Sun 29 Mar 2026 11:00:34 +0000
Manifest this update: Sun 29 Mar 2026 11:00:34 +0000
Manifest next update: Mon 30 Mar 2026 11:00:34 +0000
Files and hashes: 1: 6NLwB5WjlcBTVRx7lvLg-PZn5HQ.roa (hash: dWeJDKFFNOPJVpAu+kJb2B3xAofZRJV/6yg2uCUW2mY=)
2: BfWa7cKCluKRck95N954jichZAg.crl (hash: bYR/QVsX9mbKieC60o4SeJerr8i0nzH+b53fBfq4AdA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BfWa7cKCluKRck95N954jichZAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:b3:2b:3a:ec:7a:24:c0:f2:a7:66:90:43:64:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f59aedc28296e291724f7937de788e27216408
Validity
Not Before: Mar 29 11:00:34 2026 GMT
Not After : Mar 30 11:00:34 2026 GMT
Subject: CN=550f168fd4bfe6ab822fc7822dc50c397f61002b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bf:45:da:44:12:85:9e:ce:7b:0a:e5:c9:28:
14:38:f6:f6:ba:67:65:f3:96:f2:f7:c9:8a:ee:ef:
30:ec:4e:d3:84:04:d0:2b:f4:84:98:60:03:e2:d0:
5d:b1:2f:4f:26:38:1a:38:af:5c:87:3c:bd:ff:d0:
a5:ef:6d:59:39:34:c6:64:d0:14:52:7e:7a:f9:6e:
48:1a:cb:3d:82:5e:48:32:df:07:df:19:cc:28:24:
25:61:55:e6:78:5b:ab:c7:66:a3:12:af:8e:44:97:
85:61:b6:03:04:3f:01:fe:eb:0a:f0:3d:e9:0a:a5:
49:f3:7b:ca:1f:28:c7:91:13:a8:e2:8d:57:f7:cd:
76:93:30:4a:9e:9e:c0:5c:cd:6b:76:d2:67:9c:f3:
d8:b0:08:e0:3d:ad:33:97:bb:c2:ef:6a:c0:aa:a9:
27:69:43:fd:89:8e:98:d3:0c:ba:f5:ca:66:5c:e1:
58:fe:37:7b:64:05:41:bc:c5:fb:e2:0c:79:bf:2d:
cc:6e:0d:38:90:26:f1:73:9d:9b:e1:e0:56:81:50:
93:a1:97:c1:11:53:b4:9d:4e:9e:f0:23:df:92:1f:
e2:40:0c:90:f9:2e:35:9b:ec:a6:31:f1:97:01:3a:
1a:12:1d:1c:73:23:e5:3e:1e:3f:c2:a4:09:0b:6c:
03:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:0F:16:8F:D4:BF:E6:AB:82:2F:C7:82:2D:C5:0C:39:7F:61:00:2B
X509v3 Authority Key Identifier:
keyid:05:F5:9A:ED:C2:82:96:E2:91:72:4F:79:37:DE:78:8E:27:21:64:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfWa7cKCluKRck95N954jichZAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:7f:2b:2d:24:0c:0e:8b:28:b6:a7:5c:9a:35:f4:74:b2:ac:
8b:53:b0:6b:5b:80:e0:ce:88:9c:a0:dd:79:61:7c:8f:a6:a7:
fd:68:27:00:9f:33:25:88:8b:7d:71:a9:a7:70:38:96:ab:27:
02:ea:a8:49:90:6e:09:de:24:fb:97:8f:54:71:66:03:6b:24:
ad:e0:62:e1:e4:24:88:aa:e0:5d:ea:e7:7d:3e:7f:06:69:9f:
40:9a:41:36:2c:58:b0:ce:56:b9:fd:94:ec:da:19:20:fe:e1:
3f:aa:06:fe:f8:e8:d6:a3:dc:4e:cb:5a:ac:f1:32:8a:d9:aa:
fe:e9:60:aa:9a:ec:65:fa:64:45:b1:4a:30:1a:e7:11:28:3a:
b4:f1:42:c5:9a:7a:ce:bd:fb:48:d2:11:f5:63:55:7f:3e:dd:
57:5b:e2:0b:10:7f:77:6b:f4:92:3d:49:90:57:30:c2:d8:d3:
c7:09:b1:7d:3a:85:ae:36:2b:80:43:b0:fb:3b:a8:0a:31:50:
bc:30:76:89:af:96:cf:88:a2:b3:a8:60:1d:58:e1:8e:ab:e2:
e2:97:4c:d8:cf:64:da:1d:94:f1:e3:2d:d9:fd:67:33:63:f4:
3c:06:80:dc:77:e8:7b:07:8e:e5:7f:68:1a:b6:c3:11:79:87:
6d:49:c5:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QLMrOux6JMDyp2aQQ2RlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjU5YWVkYzI4Mjk2ZTI5MTcyNGY3OTM3ZGU3ODhlMjcy
MTY0MDgwHhcNMjYwMzI5MTEwMDM0WhcNMjYwMzMwMTEwMDM0WjAzMTEwLwYDVQQD
Eyg1NTBmMTY4ZmQ0YmZlNmFiODIyZmM3ODIyZGM1MGMzOTdmNjEwMDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArb9F2kQShZ7OewrlySgUOPb2umdl
85by98mK7u8w7E7ThATQK/SEmGAD4tBdsS9PJjgaOK9chzy9/9Cl721ZOTTGZNAU
Un56+W5IGss9gl5IMt8H3xnMKCQlYVXmeFurx2ajEq+ORJeFYbYDBD8B/usK8D3p
CqVJ83vKHyjHkROo4o1X9812kzBKnp7AXM1rdtJnnPPYsAjgPa0zl7vC72rAqqkn
aUP9iY6Y0wy69cpmXOFY/jd7ZAVBvMX74gx5vy3Mbg04kCbxc52b4eBWgVCToZfB
EVO0nU6e8CPfkh/iQAyQ+S41m+ymMfGXAToaEh0ccyPlPh4/wqQJC2wDkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFUPFo/Uv+argi/Hgi3FDDl/YQArMB8GA1UdIwQY
MBaAFAX1mu3CgpbikXJPeTfeeI4nIWQIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZXYTdjS0NsdUtSY2s5NU45NTRqaWNoWkFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81ZTFkNDItMzU3NS00ZWMxLWJjN2Mt
ZDY0MzY4MjA4MTMxLzEvQmZXYTdjS0NsdUtSY2s5NU45NTRqaWNoWkFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81ZTFkNDItMzU3NS00ZWMxLWJjN2MtZDY0MzY4MjA4MTMx
LzEvQmZXYTdjS0NsdUtSY2s5NU45NTRqaWNoWkFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXn8rLSQM
DosotqdcmjX0dLKsi1Owa1uA4M6InKDdeWF8j6an/WgnAJ8zJYiLfXGpp3A4lqsn
AuqoSZBuCd4k+5ePVHFmA2skreBi4eQkiKrgXernfT5/BmmfQJpBNixYsM5Wuf2U
7NoZIP7hP6oG/vjo1qPcTstarPEyitmq/ulgqprsZfpkRbFKMBrnESg6tPFCxZp6
zr37SNIR9WNVfz7dV1viCxB/d2v0kj1JkFcwwtjTxwmxfTqFrjYrgEOw+zuoCjFQ
vDB2ia+Wz4iis6hgHVjhjqvi4pdM2M9k2h2U8eMt2f1nM2P0PAaA3HfoeweO5X9o
GrbDEXmHbUnFdA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:04:19 2026 by rpki-client