Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft
File: bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft (raw, json)
Hash identifier: Yd5xzjRdMY/o7s1+NFcAbL/M1+/axeSop6OKI8E/Zzo=
Subject key identifier: 23:5E:4E:A2:FE:46:9D:D2:C0:24:BB:80:42:FA:3C:A4:88:C9:06:CC
Authority key identifier: 6E:99:CC:CD:6F:0F:F2:6D:E8:ED:39:36:F4:A6:4B:EE:98:D9:DC:66
Certificate issuer: /CN=6e99cccd6f0ff26de8ed3936f4a64bee98d9dc66
Certificate serial: 019A725CC2CD4BBD39DBFFF1780D7FEAB042
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft
Manifest number: 16D1
Signing time: Tue 11 Nov 2025 10:01:13 +0000
Manifest this update: Tue 11 Nov 2025 10:01:13 +0000
Manifest next update: Wed 12 Nov 2025 10:01:13 +0000
Files and hashes: 1: bpnMzW8P8m3o7Tk29KZL7pjZ3GY.crl (hash: bjfC3hrVMllvSogOnd0kJM+ZX1mJfqdrLLZqMkmSb+U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft
rsync://rpki.ripe.net/repository/DEFAULT/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:c2:cd:4b:bd:39:db:ff:f1:78:0d:7f:ea:b0:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e99cccd6f0ff26de8ed3936f4a64bee98d9dc66
Validity
Not Before: Nov 11 10:01:13 2025 GMT
Not After : Nov 12 10:01:13 2025 GMT
Subject: CN=235e4ea2fe469dd2c024bb8042fa3ca488c906cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f8:24:e5:7d:63:a3:27:5b:75:25:8f:39:0a:
f2:82:d1:e5:c7:78:a9:35:55:9b:70:fc:8f:9f:40:
0a:18:03:ee:6a:83:42:96:e5:76:7a:25:2d:88:8c:
b0:1b:aa:c0:bd:c3:d4:8b:56:35:bc:e6:4e:52:1d:
c6:97:79:96:05:b5:dc:44:d9:31:b8:5e:02:54:85:
a0:a1:3c:48:8f:2a:32:63:d3:c5:aa:e1:96:50:f3:
7e:49:ab:a4:16:31:ae:fa:88:b9:9b:d5:3b:1f:de:
84:6f:3e:68:e4:ee:52:54:d5:09:75:fe:47:85:e4:
71:5a:a3:5a:f0:f1:4c:b0:c5:92:64:d7:99:0b:22:
a3:20:82:2d:7f:43:c7:76:19:34:4b:d9:c9:a0:75:
28:4c:d0:07:b9:2b:7a:d4:ab:98:03:9a:ba:71:bc:
ae:89:6e:97:93:92:f9:8d:66:98:f7:3d:02:27:7c:
4f:22:1a:b2:ee:66:ac:7a:cf:43:e3:56:cb:67:ad:
17:e4:b9:82:c7:9e:9b:fa:de:33:8a:f7:f3:c0:0c:
8c:59:be:f5:0c:e8:14:e9:b0:3e:bf:f9:29:52:df:
0e:e3:43:92:97:24:8c:78:d9:05:af:a6:8b:80:84:
50:5d:e4:7d:75:65:99:65:6f:ba:75:ab:9d:35:1a:
38:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:5E:4E:A2:FE:46:9D:D2:C0:24:BB:80:42:FA:3C:A4:88:C9:06:CC
X509v3 Authority Key Identifier:
keyid:6E:99:CC:CD:6F:0F:F2:6D:E8:ED:39:36:F4:A6:4B:EE:98:D9:DC:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:d7:0d:e6:c2:69:fa:8a:e3:c9:37:fe:eb:b9:ac:d2:1f:f6:
ef:df:1a:60:aa:fb:fc:32:26:94:53:df:d6:4c:6d:10:56:26:
8a:2c:a4:a0:1f:4e:d7:01:11:e8:04:d7:7c:2c:4e:12:1f:2d:
58:a8:da:ee:01:f8:79:ef:6c:aa:7d:fa:99:ef:5d:db:8b:b1:
0c:6c:38:a3:e7:6c:46:79:93:5a:71:05:8b:80:10:c7:e2:e2:
c5:0a:8a:60:42:b6:fa:7c:f4:8a:9e:c0:ee:c3:44:3f:f3:8a:
73:d8:bc:63:53:7e:ca:b8:be:c1:b2:d7:f3:c6:5a:e3:3d:b5:
4c:53:f9:9a:94:d7:91:97:fd:c8:fd:05:43:a1:3f:5b:b1:55:
c3:3e:88:8e:4d:79:2d:72:ff:a2:b6:16:ee:71:ca:32:d3:af:
ff:f9:0b:49:4a:e6:e3:98:2a:13:e3:ac:de:45:69:47:4e:37:
cf:f6:65:d2:82:a0:e3:cf:ba:fe:c6:8b:de:14:7c:98:60:26:
3a:99:4a:50:1f:96:5d:96:30:c9:a9:07:4d:32:a3:b2:31:11:
56:fd:cb:94:8f:01:9e:80:99:a5:26:f4:9e:b2:1d:d4:69:cf:
b8:67:1f:ff:27:05:62:85:c4:b4:07:d2:2d:25:36:cb:ab:5f:
6b:e6:52:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXMLNS7052//xeA1/6rBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlOTljY2NkNmYwZmYyNmRlOGVkMzkzNmY0YTY0YmVlOThk
OWRjNjYwHhcNMjUxMTExMTAwMTEzWhcNMjUxMTEyMTAwMTEzWjAzMTEwLwYDVQQD
EygyMzVlNGVhMmZlNDY5ZGQyYzAyNGJiODA0MmZhM2NhNDg4YzkwNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Pgk5X1joydbdSWPOQrygtHlx3ip
NVWbcPyPn0AKGAPuaoNCluV2eiUtiIywG6rAvcPUi1Y1vOZOUh3Gl3mWBbXcRNkx
uF4CVIWgoTxIjyoyY9PFquGWUPN+SaukFjGu+oi5m9U7H96Ebz5o5O5SVNUJdf5H
heRxWqNa8PFMsMWSZNeZCyKjIIItf0PHdhk0S9nJoHUoTNAHuSt61KuYA5q6cbyu
iW6Xk5L5jWaY9z0CJ3xPIhqy7mases9D41bLZ60X5LmCx56b+t4zivfzwAyMWb71
DOgU6bA+v/kpUt8O40OSlySMeNkFr6aLgIRQXeR9dWWZZW+6daudNRo48QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNeTqL+Rp3SwCS7gEL6PKSIyQbMMB8GA1UdIwQY
MBaAFG6ZzM1vD/Jt6O05NvSmS+6Y2dxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnBuTXpXOFA4bTNvN1RrMjlLWkw3cGpaM0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8wYmU4MWEtYTQ5YS00NjgyLTgwZWUt
ZTdmMGI3ODliYzczLzEvYnBuTXpXOFA4bTNvN1RrMjlLWkw3cGpaM0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8wYmU4MWEtYTQ5YS00NjgyLTgwZWUtZTdmMGI3ODliYzcz
LzEvYnBuTXpXOFA4bTNvN1RrMjlLWkw3cGpaM0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHtcN5sJp
+orjyTf+67ms0h/2798aYKr7/DImlFPf1kxtEFYmiiykoB9O1wER6ATXfCxOEh8t
WKja7gH4ee9sqn36me9d24uxDGw4o+dsRnmTWnEFi4AQx+LixQqKYEK2+nz0ip7A
7sNEP/OKc9i8Y1N+yri+wbLX88Za4z21TFP5mpTXkZf9yP0FQ6E/W7FVwz6Ijk15
LXL/orYW7nHKMtOv//kLSUrm45gqE+Os3kVpR043z/Zl0oKg48+6/saL3hR8mGAm
OplKUB+WXZYwyakHTTKjsjERVv3LlI8BnoCZpSb0nrId1GnPuGcf/ycFYoXEtAfS
LSU2y6tfa+ZSwg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:52:32 2025 by rpki-client