Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft
File: bdEoKnfiVmUBaNLlZWrvzprWouw.mft (raw, json)
Hash identifier: SJCoVKmS4mszX+1t/hAE6bBk+VifriEYuKitAgfNFHw=
Subject key identifier: A9:CF:07:42:B4:EB:60:91:B1:32:00:C4:42:54:A9:AB:94:23:C6:39
Authority key identifier: 6D:D1:28:2A:77:E2:56:65:01:68:D2:E5:65:6A:EF:CE:9A:D6:A2:EC
Certificate issuer: /CN=6dd1282a77e256650168d2e5656aefce9ad6a2ec
Certificate serial: 019A71EEC29A3E35E0D0FA8D8D05A23DD3B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft
Manifest number: 0553
Signing time: Tue 11 Nov 2025 08:01:03 +0000
Manifest this update: Tue 11 Nov 2025 08:01:03 +0000
Manifest next update: Wed 12 Nov 2025 08:01:03 +0000
Files and hashes: 1: bdEoKnfiVmUBaNLlZWrvzprWouw.crl (hash: lmPJZklPEbn3NtSHZZYrQNFy8KLIt49n0RVZxhoDyuM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft
rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:c2:9a:3e:35:e0:d0:fa:8d:8d:05:a2:3d:d3:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dd1282a77e256650168d2e5656aefce9ad6a2ec
Validity
Not Before: Nov 11 08:01:03 2025 GMT
Not After : Nov 12 08:01:03 2025 GMT
Subject: CN=a9cf0742b4eb6091b13200c44254a9ab9423c639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5d:b2:33:6b:5d:40:06:ae:6d:ed:6c:f4:52:
20:37:63:c5:95:07:d2:45:6d:bf:70:50:cd:8a:8e:
80:f6:b0:84:1a:b3:94:3a:94:82:63:39:e5:41:67:
3b:02:20:78:7a:51:bb:58:f2:3a:f6:d1:2c:c9:13:
15:81:6c:40:3f:dc:55:7b:ac:81:59:ad:ce:9f:0a:
e6:65:fb:29:fc:1e:df:ce:47:f2:f8:b0:18:ef:a3:
2d:ec:82:a9:e1:a9:61:59:82:10:b9:83:e1:8e:75:
ae:a4:77:ce:ea:4d:a8:5e:3e:4c:30:67:d2:d1:4a:
5b:b4:28:e8:c7:d3:53:6e:f5:bb:03:76:d2:14:69:
6f:0a:a1:aa:30:a9:2a:ac:3c:f2:f9:55:9d:56:67:
f4:3b:58:0f:42:5b:37:52:ab:60:73:77:2f:9d:c1:
85:01:d2:53:63:b5:9f:f8:11:68:1c:47:5c:9e:6b:
a4:15:54:a7:6b:4e:aa:13:7d:29:46:b2:5a:aa:5c:
64:09:c8:2c:eb:92:4c:64:99:22:96:fd:d2:0a:09:
60:8f:d7:aa:8d:af:fe:df:42:ef:38:84:16:da:46:
57:6b:4a:c2:2c:84:3f:d1:83:8f:6e:d3:2d:0f:a7:
24:59:e8:63:47:0d:f1:a4:6d:ae:3e:37:ec:57:25:
50:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:CF:07:42:B4:EB:60:91:B1:32:00:C4:42:54:A9:AB:94:23:C6:39
X509v3 Authority Key Identifier:
keyid:6D:D1:28:2A:77:E2:56:65:01:68:D2:E5:65:6A:EF:CE:9A:D6:A2:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:ca:f3:e4:91:10:63:9e:27:fa:2c:3b:e8:d3:b0:27:a4:90:
59:69:c4:97:30:16:d4:c4:0e:ae:8d:a2:fe:99:56:fd:10:67:
23:c4:39:6f:0f:b9:f6:cd:29:40:8e:bd:25:b3:d3:e9:8c:68:
f8:dc:1a:76:39:f8:d3:56:15:86:f8:9f:63:74:73:2d:7d:1a:
08:b2:f3:d8:f9:1b:b8:a5:86:e7:88:0c:1e:59:0e:e0:eb:a1:
6b:49:4a:b0:3d:38:19:6f:f6:e5:62:ce:ed:8d:e0:6c:2a:78:
3d:80:4b:f0:a7:da:b5:ff:ab:ba:d1:86:b0:bb:37:54:83:2d:
67:0a:bd:de:9d:88:35:ac:38:b4:09:6e:cf:51:f2:88:eb:10:
17:3b:15:87:3d:5b:42:11:2b:01:e4:5d:c0:34:6f:98:3a:e4:
64:f3:0e:83:e8:ed:7c:5e:6d:bc:a3:e6:ca:6d:b0:8e:64:65:
e6:ba:10:4c:8b:55:96:f8:be:4b:b4:ed:4a:be:97:6b:3e:db:
40:ca:c8:29:40:22:ad:7b:2e:b3:d8:d5:05:4c:b4:46:3c:c8:
c2:2a:d2:fd:42:39:fb:40:5b:bd:d0:e7:a0:91:fd:21:55:df:
c0:55:a1:d4:94:5f:c5:14:16:00:24:9d:ac:e1:56:bc:65:ea:
d0:4e:02:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7sKaPjXg0PqNjQWiPdO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZDEyODJhNzdlMjU2NjUwMTY4ZDJlNTY1NmFlZmNlOWFk
NmEyZWMwHhcNMjUxMTExMDgwMTAzWhcNMjUxMTEyMDgwMTAzWjAzMTEwLwYDVQQD
EyhhOWNmMDc0MmI0ZWI2MDkxYjEzMjAwYzQ0MjU0YTlhYjk0MjNjNjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn12yM2tdQAaube1s9FIgN2PFlQfS
RW2/cFDNio6A9rCEGrOUOpSCYznlQWc7AiB4elG7WPI69tEsyRMVgWxAP9xVe6yB
Wa3OnwrmZfsp/B7fzkfy+LAY76Mt7IKp4alhWYIQuYPhjnWupHfO6k2oXj5MMGfS
0UpbtCjox9NTbvW7A3bSFGlvCqGqMKkqrDzy+VWdVmf0O1gPQls3Uqtgc3cvncGF
AdJTY7Wf+BFoHEdcnmukFVSna06qE30pRrJaqlxkCcgs65JMZJkilv3SCglgj9eq
ja/+30LvOIQW2kZXa0rCLIQ/0YOPbtMtD6ckWehjRw3xpG2uPjfsVyVQ/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKnPB0K062CRsTIAxEJUqauUI8Y5MB8GA1UdIwQY
MBaAFG3RKCp34lZlAWjS5WVq786a1qLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hNzczYjEtNWYzNi00ZTgwLWEzOTgt
ZTAyMzNiN2M2MGFhLzEvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hNzczYjEtNWYzNi00ZTgwLWEzOTgtZTAyMzNiN2M2MGFh
LzEvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADcrz5JEQ
Y54n+iw76NOwJ6SQWWnElzAW1MQOro2i/plW/RBnI8Q5bw+59s0pQI69JbPT6Yxo
+Nwadjn401YVhvifY3RzLX0aCLLz2PkbuKWG54gMHlkO4Ouha0lKsD04GW/25WLO
7Y3gbCp4PYBL8Kfatf+rutGGsLs3VIMtZwq93p2INaw4tAluz1HyiOsQFzsVhz1b
QhErAeRdwDRvmDrkZPMOg+jtfF5tvKPmym2wjmRl5roQTItVlvi+S7TtSr6Xaz7b
QMrIKUAirXsus9jVBUy0RjzIwirS/UI5+0BbvdDnoJH9IVXfwFWh1JRfxRQWACSd
rOFWvGXq0E4CGA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:47 2025 by rpki-client