Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/bxS5AO_2EKQYf2-9ReO4V9CJagA.mft
File: bxS5AO_2EKQYf2-9ReO4V9CJagA.mft (raw, json)
Hash identifier: YbXsWmHB+9nfd8SXVkRAx3JE185FdvX3vSHOTM9USj0=
Subject key identifier: 37:F8:CC:63:DB:54:FB:80:FD:00:B0:21:D3:B5:DD:7E:1C:4E:BB:D2
Authority key identifier: 6F:14:B9:00:EF:F6:10:A4:18:7F:6F:BD:45:E3:B8:57:D0:89:6A:00
Certificate issuer: /CN=6f14b900eff610a4187f6fbd45e3b857d0896a00
Certificate serial: 019A73017F8CD4B8103E260A2BCA4667E21E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxS5AO_2EKQYf2-9ReO4V9CJagA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/bxS5AO_2EKQYf2-9ReO4V9CJagA.mft
Manifest number: 12F2
Signing time: Tue 11 Nov 2025 13:01:09 +0000
Manifest this update: Tue 11 Nov 2025 13:01:09 +0000
Manifest next update: Wed 12 Nov 2025 13:01:09 +0000
Files and hashes: 1: SypHcS2TCeSzWsz9z2kBBl8vAYI.roa (hash: BOfV4yJp6FkVF9lKaxd4Gzr149eV94r4oonhHz+9iv4=)
2: bxS5AO_2EKQYf2-9ReO4V9CJagA.crl (hash: lrcr3Z9DcGnwzDCVXD5LieZiJpqDjhLAwNQGOzG0oHc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/bxS5AO_2EKQYf2-9ReO4V9CJagA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/bxS5AO_2EKQYf2-9ReO4V9CJagA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bxS5AO_2EKQYf2-9ReO4V9CJagA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:7f:8c:d4:b8:10:3e:26:0a:2b:ca:46:67:e2:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f14b900eff610a4187f6fbd45e3b857d0896a00
Validity
Not Before: Nov 11 13:01:09 2025 GMT
Not After : Nov 12 13:01:09 2025 GMT
Subject: CN=37f8cc63db54fb80fd00b021d3b5dd7e1c4ebbd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:1c:86:2f:bc:f2:97:80:ab:84:9f:eb:38:94:
a5:30:e7:bf:f1:11:4c:b1:bb:81:97:75:74:55:83:
cb:4a:d1:bb:04:ec:07:0a:a4:83:de:58:00:75:fd:
32:e2:48:ed:b6:5a:94:a7:a8:8e:85:45:6c:70:50:
92:f7:cb:33:f4:5e:6c:0f:86:d2:7e:32:7f:48:3e:
76:b0:20:d4:06:75:df:bf:d9:d8:8d:49:e7:f4:ac:
2e:bc:cc:df:66:1d:ee:4f:3e:1c:a0:d5:e2:35:55:
65:ae:db:41:eb:81:c7:e4:ba:c3:0c:4a:ff:68:a5:
0d:34:cb:07:2d:3f:43:d1:31:f2:dc:13:93:f4:e7:
e8:27:58:11:99:f4:26:dc:33:0f:98:14:b1:9d:15:
f4:7c:35:67:21:3b:8a:25:fb:ee:0b:24:67:fb:85:
fc:a4:dd:4c:34:cf:86:d0:57:93:80:e8:b1:5c:4a:
7b:8b:19:5d:d8:ee:02:ad:db:98:32:10:dc:67:d0:
b0:91:de:b8:bc:f9:f0:f7:1c:22:97:43:8e:83:d8:
46:98:b9:22:61:b3:9c:f9:0b:3e:b1:0b:64:6b:33:
80:b9:92:a8:1c:25:6f:00:a0:9e:21:94:2e:ff:4a:
72:70:ee:d4:e4:55:e2:d4:70:4c:53:e0:f0:06:89:
a7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F8:CC:63:DB:54:FB:80:FD:00:B0:21:D3:B5:DD:7E:1C:4E:BB:D2
X509v3 Authority Key Identifier:
keyid:6F:14:B9:00:EF:F6:10:A4:18:7F:6F:BD:45:E3:B8:57:D0:89:6A:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxS5AO_2EKQYf2-9ReO4V9CJagA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/bxS5AO_2EKQYf2-9ReO4V9CJagA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/bxS5AO_2EKQYf2-9ReO4V9CJagA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:f5:40:51:02:47:52:53:8a:0c:22:a2:34:53:92:16:26:17:
54:1e:cd:0e:0b:80:bb:7d:43:bd:3a:42:59:bb:fa:d9:4d:68:
a3:c2:58:e4:a4:7f:d9:79:95:b9:4b:24:65:09:12:8b:7a:61:
7f:8e:01:c9:6f:29:22:76:f1:51:a3:86:e6:c3:72:ee:42:e3:
89:1e:93:e3:09:db:fa:af:49:33:1b:e6:de:91:81:31:73:33:
50:92:c8:be:35:92:50:ab:d7:38:b6:5c:a0:d1:73:48:e2:9d:
25:4c:61:0c:8a:2d:aa:25:6e:58:b9:33:58:cf:bd:62:b9:12:
26:7b:7a:0e:e6:c7:28:f3:18:1d:43:6e:64:d6:39:39:a0:13:
18:67:a9:29:bb:be:7d:4f:06:3a:4f:e0:7e:e1:1b:ad:46:bb:
8d:31:e2:7f:55:b4:37:9f:73:43:e4:50:29:08:97:6f:81:5f:
3a:ad:f7:2a:3d:78:46:89:79:9a:b0:eb:00:3f:64:37:60:9a:
cb:11:7c:82:63:ae:32:e6:cd:3f:03:6e:0d:43:9b:8d:a8:49:
3d:b2:c8:92:3d:6a:8f:a6:f0:ad:c8:db:a4:26:27:d2:8c:70:
63:aa:f5:cf:90:b3:6c:5a:62:09:e3:63:1a:ef:96:e9:61:4c:
65:cb:22:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAX+M1LgQPiYKK8pGZ+IeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTRiOTAwZWZmNjEwYTQxODdmNmZiZDQ1ZTNiODU3ZDA4
OTZhMDAwHhcNMjUxMTExMTMwMTA5WhcNMjUxMTEyMTMwMTA5WjAzMTEwLwYDVQQD
EygzN2Y4Y2M2M2RiNTRmYjgwZmQwMGIwMjFkM2I1ZGQ3ZTFjNGViYmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RyGL7zyl4CrhJ/rOJSlMOe/8RFM
sbuBl3V0VYPLStG7BOwHCqSD3lgAdf0y4kjttlqUp6iOhUVscFCS98sz9F5sD4bS
fjJ/SD52sCDUBnXfv9nYjUnn9KwuvMzfZh3uTz4coNXiNVVlrttB64HH5LrDDEr/
aKUNNMsHLT9D0THy3BOT9OfoJ1gRmfQm3DMPmBSxnRX0fDVnITuKJfvuCyRn+4X8
pN1MNM+G0FeTgOixXEp7ixld2O4CrduYMhDcZ9Cwkd64vPnw9xwil0OOg9hGmLki
YbOc+Qs+sQtkazOAuZKoHCVvAKCeIZQu/0pycO7U5FXi1HBMU+DwBomn7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDf4zGPbVPuA/QCwIdO13X4cTrvSMB8GA1UdIwQY
MBaAFG8UuQDv9hCkGH9vvUXjuFfQiWoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhTNUFPXzJFS1FZZjItOVJlTzRWOUNKYWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS83YjE4MjYtYTZhZi00NzA0LThmODUt
NTE4MWEyZjBkMTk3LzEvYnhTNUFPXzJFS1FZZjItOVJlTzRWOUNKYWdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS83YjE4MjYtYTZhZi00NzA0LThmODUtNTE4MWEyZjBkMTk3
LzEvYnhTNUFPXzJFS1FZZjItOVJlTzRWOUNKYWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG/VAUQJH
UlOKDCKiNFOSFiYXVB7NDguAu31DvTpCWbv62U1oo8JY5KR/2XmVuUskZQkSi3ph
f44ByW8pInbxUaOG5sNy7kLjiR6T4wnb+q9JMxvm3pGBMXMzUJLIvjWSUKvXOLZc
oNFzSOKdJUxhDIotqiVuWLkzWM+9YrkSJnt6DubHKPMYHUNuZNY5OaATGGepKbu+
fU8GOk/gfuEbrUa7jTHif1W0N59zQ+RQKQiXb4FfOq33Kj14Rol5mrDrAD9kN2Ca
yxF8gmOuMubNPwNuDUObjahJPbLIkj1qj6bwrcjbpCYn0oxwY6r1z5CzbFpiCeNj
Gu+W6WFMZcsi0A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:48:56 2025 by rpki-client