Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/bf7PoOZpJZXPvqUmYHbo5T79lGE.mft
File: bf7PoOZpJZXPvqUmYHbo5T79lGE.mft (raw, json)
Hash identifier: 4l4VKHliNrYoyeg2oRMN8qHnyqHWjpCpPTuVc57uXv4=
Subject key identifier: 21:26:81:73:38:2E:0E:76:60:CB:E2:67:45:4C:D5:BB:FF:D3:50:85
Authority key identifier: 6D:FE:CF:A0:E6:69:25:95:CF:BE:A5:26:60:76:E8:E5:3E:FD:94:61
Certificate issuer: /CN=6dfecfa0e6692595cfbea5266076e8e53efd9461
Certificate serial: 019A258A3BCACBF5B8848F65EA4C346DC91D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bf7PoOZpJZXPvqUmYHbo5T79lGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/bf7PoOZpJZXPvqUmYHbo5T79lGE.mft
Manifest number: 0F93
Signing time: Mon 27 Oct 2025 12:00:07 +0000
Manifest this update: Mon 27 Oct 2025 12:00:07 +0000
Manifest next update: Tue 28 Oct 2025 12:00:07 +0000
Files and hashes: 1: 3nKPvfyefhBBthk-LrRdD-jfvW0.roa (hash: 1vR7bznA03xVBTq7D8itXQ6xNZUvjtjklTS5nPcHTr0=)
2: 8JVtNiH742v8cd9f6HB8HsLnHqc.roa (hash: en+F0ICvUKwr0qrq9ILAxUcATJZUAoxaoEpiR8+7A9M=)
3: GzE_PF4lRurN113fXZhaZRzDRYM.roa (hash: b8RRWDnlm3gv9H+fLurnrwDRk5Rn7Ig722jB2SuqPOg=)
4: O1rsJf608w55c6uzax6qELf-V10.roa (hash: eTLBCFWFUORcPgLfQZK3GxMskhs+vxERoSr/SRYqzwQ=)
5: W0ytEpzp3PGLQgQDEe1kmGvhrx8.roa (hash: Rx2fPbh4hFdhpWyNIm7FiwaS49uoStv5r5BjlCfRWrA=)
6: bf7PoOZpJZXPvqUmYHbo5T79lGE.crl (hash: imtcx9GuFy3kfYpMfU1BV0RYsph+K6wmyJ/rVm176js=)
7: gnZzs6ma6bupZv_QFfeHC2w5vfs.roa (hash: tmmh6VOJ4XQ6zqxdY06hmFVr0WRGDB+DoX6nJefrwl4=)
8: qfLtpL022R2vNSfmfA6qR_jq_6k.roa (hash: 99hvsDHWBX451/OxAu/FvLR5vG5KLyjpmEGTCKGnQ6c=)
9: s5XW1sPa3LVHkVbaHF8KM4lyi3k.roa (hash: kYlioc7r4tkKKuXQwZeSGnhgTGO7wN8mLbsZJSv0XnU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/bf7PoOZpJZXPvqUmYHbo5T79lGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/bf7PoOZpJZXPvqUmYHbo5T79lGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/bf7PoOZpJZXPvqUmYHbo5T79lGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 12:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:8a:3b:ca:cb:f5:b8:84:8f:65:ea:4c:34:6d:c9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dfecfa0e6692595cfbea5266076e8e53efd9461
Validity
Not Before: Oct 27 12:00:07 2025 GMT
Not After : Oct 28 12:00:07 2025 GMT
Subject: CN=21268173382e0e7660cbe267454cd5bbffd35085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e3:33:80:63:d4:b9:dd:e4:29:b5:43:e5:f7:
af:29:a7:92:ec:6b:8b:62:8d:77:c7:9d:89:ff:4f:
17:df:ff:73:74:26:bb:22:e1:7d:fc:28:4d:d5:c7:
e0:89:34:fc:9d:b5:2b:8e:13:43:ce:95:e3:f3:89:
54:26:36:bb:e6:b4:1b:04:a7:b5:5e:1f:ed:4f:98:
34:af:79:e9:cf:9b:12:ca:e7:fd:ef:24:46:9e:b2:
36:d0:40:ca:4b:81:a1:4f:8b:aa:0c:70:87:c0:61:
82:b0:f5:97:34:03:c6:f1:8e:b4:df:75:c7:72:82:
9f:94:5f:7b:da:45:3c:32:84:76:90:d4:86:44:70:
4e:3a:1f:64:8d:56:42:c5:eb:e6:e5:c8:9b:87:7c:
2a:f6:68:18:fb:fd:30:a0:47:13:45:b3:bc:22:80:
ff:d6:61:ab:7f:b7:fb:12:1c:3c:37:8b:ed:5c:3f:
ff:3d:9f:fd:80:de:41:41:62:e3:ad:87:ed:45:d1:
a5:51:39:c1:c2:69:71:03:91:13:00:2b:8e:a5:5c:
bc:60:12:c2:a0:7a:75:64:da:2a:6a:9c:b0:33:b5:
98:54:a1:f7:e5:33:41:35:d2:97:e6:1c:a5:ca:e8:
68:bd:6c:2e:07:80:8b:e0:c8:93:43:b5:d5:d0:fd:
b4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:26:81:73:38:2E:0E:76:60:CB:E2:67:45:4C:D5:BB:FF:D3:50:85
X509v3 Authority Key Identifier:
keyid:6D:FE:CF:A0:E6:69:25:95:CF:BE:A5:26:60:76:E8:E5:3E:FD:94:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf7PoOZpJZXPvqUmYHbo5T79lGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/bf7PoOZpJZXPvqUmYHbo5T79lGE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/bf7PoOZpJZXPvqUmYHbo5T79lGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:dc:0c:88:72:8c:9b:7e:51:4b:54:26:db:92:e2:7b:8d:96:
4f:23:93:48:79:91:a9:80:6b:b9:03:59:32:76:e0:3e:0e:c9:
a3:de:c3:5b:78:7d:6d:88:45:fd:5e:49:41:cb:8b:48:66:de:
6b:aa:eb:30:e2:ac:4c:7a:60:ef:81:ff:e0:f9:62:ae:d8:0d:
32:37:f0:78:d8:f6:1c:7a:e4:0e:dd:81:4a:b9:41:b3:ef:38:
ac:80:d1:49:51:a1:ea:ed:c4:7b:fe:b6:2e:81:63:1f:8d:78:
88:37:d6:0b:7a:32:07:fb:58:e6:61:00:63:58:22:cc:0e:12:
a6:1e:a4:72:f1:1b:cd:a5:d6:0a:2e:54:b8:ac:93:28:93:da:
e6:c5:e8:02:72:ea:b2:0f:35:4e:ac:19:e9:db:56:79:2b:75:
1b:77:68:f0:54:13:06:82:ee:0a:fa:89:0a:76:43:41:4d:2e:
01:6e:a3:02:5e:2c:44:48:af:bd:7b:1e:50:90:16:72:8d:1f:
23:aa:01:12:26:8b:e4:9e:0f:1a:54:27:e4:81:ca:6d:b3:a8:
6c:97:30:06:a0:76:97:ad:de:28:89:62:6a:f6:06:de:f8:8c:
f5:b1:df:d9:3e:2a:63:ca:8c:5e:c5:33:3d:11:6a:50:b2:77:
a0:8f:0c:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZolijvKy/W4hI9l6kw0bckdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZmVjZmEwZTY2OTI1OTVjZmJlYTUyNjYwNzZlOGU1M2Vm
ZDk0NjEwHhcNMjUxMDI3MTIwMDA3WhcNMjUxMDI4MTIwMDA3WjAzMTEwLwYDVQQD
EygyMTI2ODE3MzM4MmUwZTc2NjBjYmUyNjc0NTRjZDViYmZmZDM1MDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+MzgGPUud3kKbVD5fevKaeS7GuL
Yo13x52J/08X3/9zdCa7IuF9/ChN1cfgiTT8nbUrjhNDzpXj84lUJja75rQbBKe1
Xh/tT5g0r3npz5sSyuf97yRGnrI20EDKS4GhT4uqDHCHwGGCsPWXNAPG8Y6033XH
coKflF972kU8MoR2kNSGRHBOOh9kjVZCxevm5cibh3wq9mgY+/0woEcTRbO8IoD/
1mGrf7f7Ehw8N4vtXD//PZ/9gN5BQWLjrYftRdGlUTnBwmlxA5ETACuOpVy8YBLC
oHp1ZNoqapywM7WYVKH35TNBNdKX5hylyuhovWwuB4CL4MiTQ7XV0P20kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCEmgXM4Lg52YMviZ0VM1bv/01CFMB8GA1UdIwQY
MBaAFG3+z6DmaSWVz76lJmB26OU+/ZRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmY3UG9PWnBKWlhQdnFVbVlIYm81VDc5bEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9mY2ZlYzctZDZjMy00YjQwLWJhMmMt
Zjk4OGQ0OGU1MWU4LzEvYmY3UG9PWnBKWlhQdnFVbVlIYm81VDc5bEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9mY2ZlYzctZDZjMy00YjQwLWJhMmMtZjk4OGQ0OGU1MWU4
LzEvYmY3UG9PWnBKWlhQdnFVbVlIYm81VDc5bEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARNwMiHKM
m35RS1Qm25Lie42WTyOTSHmRqYBruQNZMnbgPg7Jo97DW3h9bYhF/V5JQcuLSGbe
a6rrMOKsTHpg74H/4PlirtgNMjfweNj2HHrkDt2BSrlBs+84rIDRSVGh6u3Ee/62
LoFjH414iDfWC3oyB/tY5mEAY1gizA4Sph6kcvEbzaXWCi5UuKyTKJPa5sXoAnLq
sg81TqwZ6dtWeSt1G3do8FQTBoLuCvqJCnZDQU0uAW6jAl4sREivvXseUJAWco0f
I6oBEiaL5J4PGlQn5IHKbbOobJcwBqB2l63eKIliavYG3viM9bHf2T4qY8qMXsUz
PRFqULJ3oI8MfQ==
-----END CERTIFICATE-----
Generated at Mon Oct 27 20:35:25 2025 by rpki-client