Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
File: BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft (raw, json)
Hash identifier: MDdnWejejL+H4PcR7WNPypZL2El/MQ8FPM8RM+SRPRM=
Subject key identifier: E0:AE:70:74:6B:70:02:0D:71:57:20:C4:7B:CD:B8:E7:B0:20:02:5F
Authority key identifier: 04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
Certificate issuer: /CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Certificate serial: 019D9998D3D49BCB26D8AC2C0CF5B7B8D05C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
Manifest number: 0296
Signing time: Fri 17 Apr 2026 04:00:22 +0000
Manifest this update: Fri 17 Apr 2026 04:00:22 +0000
Manifest next update: Sat 18 Apr 2026 04:00:22 +0000
Files and hashes: 1: BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl (hash: tDztMozxiWuM4JKJ2Ltf55z660w0fyqzxuWU5OAOyvI=)
2: eTOwOWQzkIQMSFcd7XvHaxwHhHg.roa (hash: wPtbDFR3QsqzxzI7/DNrIndvuS59lQkNZu8MuJSmfaE=)
3: hebM_59_tHRwgwIXMubQjV7ZKnA.roa (hash: 67WRXgG1YYYSINNxV4jZ+taQ8P62HynuQpfE/cUxzG0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 04:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:98:d3:d4:9b:cb:26:d8:ac:2c:0c:f5:b7:b8:d0:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Validity
Not Before: Apr 17 04:00:22 2026 GMT
Not After : Apr 18 04:00:22 2026 GMT
Subject: CN=e0ae70746b70020d715720c47bcdb8e7b020025f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a7:d5:fb:8a:76:fe:94:a8:4f:d7:cc:73:c6:
5a:4f:e0:21:f4:54:66:41:70:b0:ed:4a:93:a4:36:
ed:db:a7:05:7e:f9:07:9a:5a:95:ae:fb:08:32:6e:
8e:f3:0c:50:81:8d:f8:2a:7c:ab:70:66:c5:70:8f:
69:21:6f:47:f5:5c:b8:71:0a:f3:b1:8c:19:2c:8b:
03:3a:88:7a:0c:e4:b1:3e:b1:fa:89:d3:0b:dd:54:
fc:15:be:34:dc:61:d3:ab:1b:64:d7:74:85:2a:fa:
fb:45:4d:0d:d5:eb:74:4a:56:b0:4f:63:9a:d7:bf:
94:e9:02:b3:b9:85:51:75:1f:25:d5:91:28:bb:9e:
8a:60:64:be:9e:27:82:6e:24:8e:d8:b6:6b:ae:ee:
1a:62:f2:46:10:f5:ed:cf:04:79:d0:9c:6a:fc:c1:
6b:b9:86:08:3c:d0:a7:49:40:cf:b5:4a:48:59:ba:
5b:e8:e0:b1:b9:8a:33:6a:40:a9:ff:29:66:e8:c7:
1a:2d:b7:1e:38:32:18:18:5a:7b:b6:ab:7a:35:78:
ee:f5:19:ab:b9:71:b7:3a:5a:a9:14:b2:87:3e:9e:
62:9d:fb:27:d4:02:1b:e6:fe:36:bb:4a:35:28:38:
bc:c2:91:ac:53:9c:98:87:13:57:d3:27:4a:36:0c:
2d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:AE:70:74:6B:70:02:0D:71:57:20:C4:7B:CD:B8:E7:B0:20:02:5F
X509v3 Authority Key Identifier:
keyid:04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:a9:5b:bc:1b:38:9f:ee:dc:7b:71:4d:7f:ee:b9:84:c4:a1:
4a:73:69:90:15:9d:ae:7c:99:c3:de:da:a3:78:ee:e2:b6:e3:
8d:aa:76:90:a7:07:c2:19:1f:eb:be:aa:d2:57:1b:0c:b9:9d:
87:fd:1b:ec:a2:7c:08:12:dc:e5:68:c7:1a:bb:86:85:f6:43:
81:f1:35:bb:71:ec:95:6d:fd:47:3c:61:ea:11:c8:2a:78:d0:
7f:e2:fa:80:aa:45:94:02:2b:99:c8:f3:ba:8e:cc:c1:12:f9:
57:12:eb:c8:b1:40:d0:0e:e9:48:41:f1:ae:f3:84:16:25:b3:
c8:69:01:3d:d8:55:f2:42:72:34:7f:38:47:2e:73:de:35:14:
57:fc:25:c7:21:a0:3a:89:bc:ba:f3:b7:f7:2a:e4:11:41:bf:
62:a5:b1:9c:9d:1c:b0:82:9a:bd:46:85:44:4c:9f:32:c0:f1:
26:bb:6a:21:72:cf:e8:f8:f9:81:89:22:15:36:d3:ec:67:b5:
cd:69:7a:38:ac:51:48:ae:2d:6a:3c:79:be:7d:92:85:e3:a2:
e5:68:c6:88:62:47:96:89:9a:1b:57:6c:42:27:6b:e8:60:f6:
70:17:af:2f:f3:61:7d:8b:13:81:77:af:19:a1:e7:bf:28:00:
94:5e:75:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmNPUm8sm2KwsDPW3uNBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NzE4ODE3NzhhMWUxMmY2ZDk3YzUyODhlZmQ0Y2I5NTYz
ZDFkNDkwHhcNMjYwNDE3MDQwMDIyWhcNMjYwNDE4MDQwMDIyWjAzMTEwLwYDVQQD
EyhlMGFlNzA3NDZiNzAwMjBkNzE1NzIwYzQ3YmNkYjhlN2IwMjAwMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKfV+4p2/pSoT9fMc8ZaT+Ah9FRm
QXCw7UqTpDbt26cFfvkHmlqVrvsIMm6O8wxQgY34KnyrcGbFcI9pIW9H9Vy4cQrz
sYwZLIsDOoh6DOSxPrH6idML3VT8Fb403GHTqxtk13SFKvr7RU0N1et0SlawT2Oa
17+U6QKzuYVRdR8l1ZEou56KYGS+nieCbiSO2LZrru4aYvJGEPXtzwR50Jxq/MFr
uYYIPNCnSUDPtUpIWbpb6OCxuYozakCp/ylm6McaLbceODIYGFp7tqt6NXju9Rmr
uXG3OlqpFLKHPp5infsn1AIb5v42u0o1KDi8wpGsU5yYhxNX0ydKNgwtawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOCucHRrcAINcVcgxHvNuOewIAJfMB8GA1UdIwQY
MBaAFARxiBd4oeEvbZfFKI79TLlWPR1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgt
NDJlYTQ3YjEyNTM3LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgtNDJlYTQ3YjEyNTM3
LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANalbvBs4
n+7ce3FNf+65hMShSnNpkBWdrnyZw97ao3ju4rbjjap2kKcHwhkf676q0lcbDLmd
h/0b7KJ8CBLc5WjHGruGhfZDgfE1u3HslW39Rzxh6hHIKnjQf+L6gKpFlAIrmcjz
uo7MwRL5VxLryLFA0A7pSEHxrvOEFiWzyGkBPdhV8kJyNH84Ry5z3jUUV/wlxyGg
Oom8uvO39yrkEUG/YqWxnJ0csIKavUaFREyfMsDxJrtqIXLP6Pj5gYkiFTbT7Ge1
zWl6OKxRSK4tajx5vn2SheOi5WjGiGJHlomaG1dsQidr6GD2cBevL/NhfYsTgXev
GaHnvygAlF51JQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:50:34 2026 by rpki-client