Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
File: BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft (raw, json)
Hash identifier: h8+aH+5afMKqgp4lRjbz0j8EH99UK9KD4qYozcZuagA=
Subject key identifier: CB:1E:8F:47:AC:78:C6:68:45:F0:BF:2F:2E:CF:FE:23:79:FC:5B:8D
Authority key identifier: 04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
Certificate issuer: /CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Certificate serial: 019CADFE679E65D2CA9303877AEF420F99F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
Manifest number: 021C
Signing time: Mon 02 Mar 2026 10:00:56 +0000
Manifest this update: Mon 02 Mar 2026 10:00:56 +0000
Manifest next update: Tue 03 Mar 2026 10:00:56 +0000
Files and hashes: 1: BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl (hash: KuvqbMqgJ3N0mT462+Og+kDCnZ3/HCWCHJbolwrhpSo=)
2: eTOwOWQzkIQMSFcd7XvHaxwHhHg.roa (hash: wPtbDFR3QsqzxzI7/DNrIndvuS59lQkNZu8MuJSmfaE=)
3: hebM_59_tHRwgwIXMubQjV7ZKnA.roa (hash: 67WRXgG1YYYSINNxV4jZ+taQ8P62HynuQpfE/cUxzG0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 10:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:fe:67:9e:65:d2:ca:93:03:87:7a:ef:42:0f:99:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Validity
Not Before: Mar 2 10:00:56 2026 GMT
Not After : Mar 3 10:00:56 2026 GMT
Subject: CN=cb1e8f47ac78c66845f0bf2f2ecffe2379fc5b8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:bc:69:85:8e:fb:a7:8d:16:9b:5c:f4:fc:04:
ea:f2:d4:76:62:3e:f3:e2:7a:20:1f:72:80:de:6a:
68:a4:ab:8f:09:2f:50:a6:f3:d1:1d:dc:c6:cc:bd:
3b:cf:88:0d:e1:83:24:fe:37:77:c5:c3:75:5e:08:
55:c6:e2:6d:fd:61:a5:4e:ca:6f:e4:17:a3:f0:e3:
4a:29:d3:33:a7:6d:b7:6d:69:77:2c:43:9d:7e:0d:
a0:34:fc:02:66:8f:a9:a4:f1:53:9c:d0:73:6e:ae:
42:28:f8:0f:57:1e:ff:a7:60:ae:77:dc:5c:41:91:
b9:5a:ab:84:9b:5a:92:af:5b:f9:6d:66:fc:95:e3:
25:8e:3c:7a:d2:02:ed:d4:42:81:5f:27:f3:ba:3c:
a8:02:63:5a:72:1b:18:7d:ec:e0:c4:14:dd:06:c4:
ac:e3:6e:4c:9a:3f:b9:28:03:57:33:50:e7:e7:da:
a5:c1:e2:c5:e4:9f:a2:5f:86:47:e8:7f:e2:3c:90:
c5:d0:05:a5:c2:ed:64:9d:2d:54:10:56:77:61:93:
50:f5:c2:21:42:fe:35:32:56:df:c9:b9:fa:16:ad:
ae:56:ec:9b:3d:73:6b:24:ed:5b:91:a2:5c:90:d2:
4d:2c:a6:52:79:ee:18:c9:17:7c:9b:21:bd:9e:d2:
e1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:1E:8F:47:AC:78:C6:68:45:F0:BF:2F:2E:CF:FE:23:79:FC:5B:8D
X509v3 Authority Key Identifier:
keyid:04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:4a:e4:3c:35:af:5a:cc:ff:22:3f:d9:fd:37:c3:93:4f:40:
c6:0f:c4:24:33:b9:b1:4a:cd:80:3a:77:c3:a9:6b:4f:bf:67:
75:65:b4:1c:66:5f:86:14:ce:cf:41:d3:d7:b3:f3:d7:15:d5:
17:81:b6:bd:98:af:d6:9f:cc:c9:de:d5:58:d0:02:a2:eb:a6:
e6:cc:d0:fc:9f:71:46:94:67:8a:be:a4:42:0d:13:02:0b:c4:
65:62:63:6b:8f:ce:1f:d2:0e:ee:a2:64:b4:aa:58:a7:f9:8c:
ee:58:88:43:fe:84:21:cd:7d:b7:84:51:26:5c:e0:91:d1:d7:
cd:60:b8:2a:b5:8e:90:03:c4:a5:b7:b8:e1:e3:73:0e:e3:85:
13:a0:1e:60:b6:4a:b0:95:57:ad:ed:ad:f7:b0:26:5b:76:26:
01:ad:83:2b:3b:2a:83:ce:69:fd:70:23:d6:0d:08:ab:7d:68:
9b:19:25:d2:ce:26:a9:85:88:18:cd:b2:12:69:ea:88:d0:c8:
a9:90:9b:fa:91:1d:25:96:4d:19:90:77:d2:b8:d2:89:69:48:
d9:44:60:c6:50:94:39:89:8e:fc:97:07:c9:03:da:22:8f:02:
f8:c8:5e:b4:eb:cf:18:f4:82:5a:c8:54:af:7c:44:d0:6b:4e:
96:8f:b9:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/meeZdLKkwOHeu9CD5n5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NzE4ODE3NzhhMWUxMmY2ZDk3YzUyODhlZmQ0Y2I5NTYz
ZDFkNDkwHhcNMjYwMzAyMTAwMDU2WhcNMjYwMzAzMTAwMDU2WjAzMTEwLwYDVQQD
EyhjYjFlOGY0N2FjNzhjNjY4NDVmMGJmMmYyZWNmZmUyMzc5ZmM1YjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bxphY77p40Wm1z0/ATq8tR2Yj7z
4nogH3KA3mpopKuPCS9QpvPRHdzGzL07z4gN4YMk/jd3xcN1XghVxuJt/WGlTspv
5Bej8ONKKdMzp223bWl3LEOdfg2gNPwCZo+ppPFTnNBzbq5CKPgPVx7/p2Cud9xc
QZG5WquEm1qSr1v5bWb8leMljjx60gLt1EKBXyfzujyoAmNachsYfezgxBTdBsSs
425Mmj+5KANXM1Dn59qlweLF5J+iX4ZH6H/iPJDF0AWlwu1knS1UEFZ3YZNQ9cIh
Qv41Mlbfybn6Fq2uVuybPXNrJO1bkaJckNJNLKZSee4YyRd8myG9ntLhowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMsej0eseMZoRfC/Ly7P/iN5/FuNMB8GA1UdIwQY
MBaAFARxiBd4oeEvbZfFKI79TLlWPR1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgt
NDJlYTQ3YjEyNTM3LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgtNDJlYTQ3YjEyNTM3
LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa0rkPDWv
Wsz/Ij/Z/TfDk09Axg/EJDO5sUrNgDp3w6lrT79ndWW0HGZfhhTOz0HT17Pz1xXV
F4G2vZiv1p/Myd7VWNACouum5szQ/J9xRpRnir6kQg0TAgvEZWJja4/OH9IO7qJk
tKpYp/mM7liIQ/6EIc19t4RRJlzgkdHXzWC4KrWOkAPEpbe44eNzDuOFE6AeYLZK
sJVXre2t97AmW3YmAa2DKzsqg85p/XAj1g0Iq31omxkl0s4mqYWIGM2yEmnqiNDI
qZCb+pEdJZZNGZB30rjSiWlI2URgxlCUOYmO/JcHyQPaIo8C+MhetOvPGPSCWshU
r3xE0GtOlo+5xQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:15:18 2026 by rpki-client