Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/BB0F8437DE6BB251821A7A5FB8111376F1709023.mft
File: BB0F8437DE6BB251821A7A5FB8111376F1709023.mft (raw, json)
Hash identifier: Rn2kffeIBH8nUxzI+yGZF0kQeu/xTQz3tYfbMgCNWzY=
Subject key identifier: D2:2D:8B:93:59:67:95:45:8B:15:42:BC:DA:27:A3:DA:AD:0E:2A:75
Authority key identifier: BB:0F:84:37:DE:6B:B2:51:82:1A:7A:5F:B8:11:13:76:F1:70:90:23
Certificate issuer: /CN=bb0f8437de6bb251821a7a5fb8111376f1709023
Certificate serial: 11BBB9487B35FE064F8BD0396FE7477007A622BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw-EN95rslGCGnpfuBETdvFwkCM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/BB0F8437DE6BB251821A7A5FB8111376F1709023.mft
Manifest number: 04A6
Signing time: Tue 11 Nov 2025 06:53:04 +0000
Manifest this update: Tue 11 Nov 2025 06:48:04 +0000
Manifest next update: Wed 12 Nov 2025 07:15:04 +0000
Files and hashes: 1: BB0F8437DE6BB251821A7A5FB8111376F1709023.crl (hash: /fuAUiZmPkZ7q4riZwBsn4TGRGZB3QabHegAE6Y6RIg=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/BB0F8437DE6BB251821A7A5FB8111376F1709023.crl
rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/BB0F8437DE6BB251821A7A5FB8111376F1709023.mft
rsync://rpki.ripe.net/repository/DEFAULT/uw-EN95rslGCGnpfuBETdvFwkCM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:bb:b9:48:7b:35:fe:06:4f:8b:d0:39:6f:e7:47:70:07:a6:22:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0f8437de6bb251821a7a5fb8111376f1709023
Validity
Not Before: Nov 11 06:48:04 2025 GMT
Not After : Nov 12 07:15:04 2025 GMT
Subject: CN=D22D8B93596795458B1542BCDA27A3DAAD0E2A75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:2d:4e:c5:f8:d6:bc:fe:46:47:d5:66:4f:4f:
ee:ad:59:6a:03:90:fd:1a:be:cd:8c:6e:be:bb:f4:
13:16:e0:dd:ba:7a:e3:81:e2:1e:41:eb:de:7c:98:
8d:ae:4e:80:6d:7b:f5:53:ba:24:a2:b8:97:f3:92:
05:d6:fc:95:d8:b3:b8:4e:3d:c7:c2:c3:45:0b:cc:
9d:0d:23:61:e4:84:f2:64:e0:be:fc:fa:7f:ee:ab:
9d:9b:46:42:09:46:ba:56:3c:e7:07:f2:b2:b0:7f:
3d:9d:ae:85:0a:7e:4d:cc:ab:2d:c8:19:85:45:75:
3e:11:e6:8a:23:b5:df:88:bc:95:59:67:57:d7:9e:
43:65:43:f2:00:d4:71:d0:c8:38:5d:33:d8:a8:83:
82:11:b3:36:56:2d:af:db:d8:a2:f1:f7:5f:59:12:
3b:ec:9a:98:16:4d:b1:31:35:28:aa:0a:51:b4:8e:
f8:0f:fd:dd:5c:f3:3e:39:3b:44:b7:9f:ca:ac:85:
ee:32:0c:c5:7f:31:cb:22:4b:17:2b:75:50:04:75:
18:bb:97:b0:b9:18:21:5a:7f:05:73:ae:27:48:21:
8a:43:f8:99:5f:59:cd:68:8c:46:02:05:b0:7c:c2:
27:82:a0:4f:b6:df:21:7a:30:b7:6b:45:e0:0e:b8:
bd:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:2D:8B:93:59:67:95:45:8B:15:42:BC:DA:27:A3:DA:AD:0E:2A:75
X509v3 Authority Key Identifier:
keyid:BB:0F:84:37:DE:6B:B2:51:82:1A:7A:5F:B8:11:13:76:F1:70:90:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/BB0F8437DE6BB251821A7A5FB8111376F1709023.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw-EN95rslGCGnpfuBETdvFwkCM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/BB0F8437DE6BB251821A7A5FB8111376F1709023.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:e2:20:e2:a5:b5:85:5b:bc:68:e8:be:06:7a:07:a7:89:9d:
5b:16:87:1b:68:51:f7:94:0a:d0:c9:5d:cc:3a:94:5a:b7:42:
78:f7:b8:bf:60:e3:6a:6e:25:40:73:74:50:01:6f:56:b7:2e:
c3:db:4b:b6:ac:e8:4b:d4:04:03:20:a9:90:ea:a3:fe:f5:4b:
40:0d:2a:49:50:12:96:4c:cf:42:8f:4e:bc:04:89:4b:84:f3:
53:77:9e:83:6e:27:44:1f:5d:42:78:d4:85:b4:62:48:a6:5c:
c9:c4:da:08:f7:e4:7c:5e:58:6c:fc:25:c3:a7:e8:ed:6e:bd:
18:70:03:b1:5b:d1:47:b9:b8:0f:72:09:78:cf:da:15:e3:b9:
82:17:b2:24:82:74:95:5e:bc:16:ae:f7:f0:71:23:3b:fd:fd:
c8:34:c7:65:3a:ba:38:b6:cb:c8:61:56:09:a7:92:a7:e9:07:
05:0b:49:47:da:ed:98:14:26:fa:a1:f9:e6:10:2d:db:d0:96:
e8:b5:98:c3:87:b7:c7:8d:94:91:48:3e:1c:07:e8:e4:81:79:
8e:35:87:3d:77:a1:39:8e:7d:2d:6a:0f:9f:53:90:8d:27:fd:
0e:42:e1:54:8d:c7:a8:24:56:a8:98:bd:89:ae:be:78:98:3f:
f1:21:1b:f4
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUEbu5SHs1/gZPi9A5b+dHcAemIrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmIwZjg0MzdkZTZiYjI1MTgyMWE3YTVmYjgxMTEzNzZm
MTcwOTAyMzAeFw0yNTExMTEwNjQ4MDRaFw0yNTExMTIwNzE1MDRaMDMxMTAvBgNV
BAMTKEQyMkQ4QjkzNTk2Nzk1NDU4QjE1NDJCQ0RBMjdBM0RBQUQwRTJBNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfLU7F+Na8/kZH1WZPT+6tWWoD
kP0avs2Mbr679BMW4N26euOB4h5B6958mI2uToBte/VTuiSiuJfzkgXW/JXYs7hO
PcfCw0ULzJ0NI2HkhPJk4L78+n/uq52bRkIJRrpWPOcH8rKwfz2droUKfk3Mqy3I
GYVFdT4R5oojtd+IvJVZZ1fXnkNlQ/IA1HHQyDhdM9iog4IRszZWLa/b2KLx919Z
EjvsmpgWTbExNSiqClG0jvgP/d1c8z45O0S3n8qshe4yDMV/McsiSxcrdVAEdRi7
l7C5GCFafwVzridIIYpD+JlfWc1ojEYCBbB8wieCoE+23yF6MLdrReAOuL07AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQU0i2Lk1lnlUWLFUK82iej2q0OKnUwHwYDVR0j
BBgwFoAUuw+EN95rslGCGnpfuBETdvFwkCMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzAvQkIwRjg0MzdERTZCQjI1MTgyMUE3QTVGQjgxMTEzNzZGMTcwOTAyMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3V3LUVOOTVyc2xHQ0ducGZ1QkVUZHZG
d2tDTS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yM2Q1ZjY4Mi1i
NTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMC9CQjBGODQzN0RFNkJCMjUxODIx
QTdBNUZCODExMTM3NkYxNzA5MDIzLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgOIg4qW1hVu8aOi+BnoH
p4mdWxaHG2hR95QK0MldzDqUWrdCePe4v2Djam4lQHN0UAFvVrcuw9tLtqzoS9QE
AyCpkOqj/vVLQA0qSVASlkzPQo9OvASJS4TzU3eeg24nRB9dQnjUhbRiSKZcycTa
CPfkfF5YbPwlw6fo7W69GHADsVvRR7m4D3IJeM/aFeO5gheyJIJ0lV68Fq738HEj
O/39yDTHZTq6OLbLyGFWCaeSp+kHBQtJR9rtmBQm+qH55hAt29CW6LWYw4e3x42U
kUg+HAfo5IF5jjWHPXehOY59LWoPn1OQjSf9DkLhVI3HqCRWqJi9ia6+eJg/8SEb
9A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:54:05 2025 by rpki-client