Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
File: BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft (raw, json)
Hash identifier: Vv5Zhk196c6t/R2LS9n22aNKR3uoGoAQSz0P5tqn1Jw=
Subject key identifier: 4C:2D:25:67:C3:D4:BB:4E:72:08:72:CF:05:7D:97:BB:64:C8:B1:95
Authority key identifier: 04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
Certificate issuer: /CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Certificate serial: 019A50749C65B7554E56813D2BF684672F0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
Manifest number: E2
Signing time: Tue 04 Nov 2025 20:00:10 +0000
Manifest this update: Tue 04 Nov 2025 20:00:10 +0000
Manifest next update: Wed 05 Nov 2025 20:00:10 +0000
Files and hashes: 1: BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl (hash: vVftpgRzr89pFfBXgSBrsj5S8VwwThya7KkfXgFBFQo=)
2: SKma3lJH_nMIY0Jk_dGXIETBqnk.roa (hash: UvrsRqXxi0T7Fu2Z9LEfglN30LChbDf1sZ63pwOaTP8=)
3: YDrJUaM078njYLujsFOLBuJi-Ak.roa (hash: ynnnM4zonEkcKprGHH1eGlvVH9BFKbrOufYcESLz12A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:74:9c:65:b7:55:4e:56:81:3d:2b:f6:84:67:2f:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Validity
Not Before: Nov 4 20:00:10 2025 GMT
Not After : Nov 5 20:00:10 2025 GMT
Subject: CN=4c2d2567c3d4bb4e720872cf057d97bb64c8b195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f6:5a:22:46:d7:d7:80:00:41:03:2f:15:b6:
03:0f:0c:6c:22:93:4f:33:66:30:aa:70:3c:b6:cc:
93:4b:c6:fd:2b:58:5e:40:75:c9:34:5f:27:49:9b:
d5:2f:49:94:ed:80:25:5a:13:77:bc:29:c0:3c:e9:
1b:f9:72:aa:ac:17:84:0e:e2:1a:cf:97:df:9b:c7:
32:b2:0b:fa:78:17:9e:f4:25:4f:53:02:2b:ec:00:
49:4b:ff:30:6b:d2:ef:fe:43:f3:d7:32:b7:d3:78:
d6:46:16:6b:8c:01:cc:67:a3:c3:ad:0d:40:a0:a8:
8b:44:8b:b6:9e:18:5a:6c:b5:d3:2a:91:e8:06:db:
43:bb:04:cb:df:ed:77:6b:f3:80:c0:5d:10:5b:74:
0f:56:c6:18:9a:61:5f:e5:b8:c4:c0:ce:ef:d8:45:
df:1d:2d:bd:b8:73:7c:d5:00:6d:6d:cc:bb:d0:73:
49:7d:d1:32:ec:91:e4:b5:de:83:5c:c6:5a:23:5b:
24:f5:6b:3b:48:82:18:12:06:4d:ca:1d:bb:e3:c4:
12:46:e8:ea:46:6e:a5:d9:d7:0d:5f:5f:6d:6b:d3:
dc:28:3d:72:93:ef:17:25:e7:32:37:48:a2:f7:5e:
cd:89:08:58:92:dc:b6:c9:fd:14:76:87:c8:48:9f:
b6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:2D:25:67:C3:D4:BB:4E:72:08:72:CF:05:7D:97:BB:64:C8:B1:95
X509v3 Authority Key Identifier:
keyid:04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:11:43:10:d8:1b:cb:d9:6d:60:da:c6:a0:e4:c4:e0:0f:e5:
0f:d2:af:24:7d:a9:42:e5:02:35:58:41:c0:c3:6e:9b:98:fa:
23:60:ba:c8:35:fe:4e:81:79:5d:86:13:e2:fb:e4:55:c4:af:
60:57:ea:69:a1:ba:d7:2b:06:da:82:d6:b3:96:3c:fc:d9:b0:
85:49:80:99:d6:b9:6e:ac:a2:0d:75:32:a9:c9:a9:e0:5c:65:
72:9b:b0:d5:51:d8:ad:bc:14:43:c7:4d:5f:45:c8:86:55:5d:
a3:c0:83:56:05:fe:19:58:23:c8:68:af:ce:5d:4a:a8:2b:f7:
b9:b6:80:d0:3e:9f:79:9e:23:63:c5:05:87:40:65:5e:ef:25:
42:52:e6:40:b2:fd:1a:63:33:25:e2:34:ed:e8:5e:6f:6d:c0:
1b:e4:8d:c2:80:ba:dc:b6:b9:8b:ca:95:8a:1d:01:0f:db:78:
bd:69:95:3d:ae:2f:7e:ef:ae:6c:37:47:4f:b2:fa:89:d0:49:
12:57:0e:bf:1c:52:bd:d3:f9:74:b8:86:5b:75:34:36:1e:44:
d0:8f:6b:47:eb:b7:d5:4c:48:30:d7:51:cb:30:3f:c4:3d:6f:
f7:f8:8b:27:f6:0c:28:ec:23:fb:af:d1:46:64:68:8a:c4:a6:
b3:8e:ed:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQdJxlt1VOVoE9K/aEZy8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NzE4ODE3NzhhMWUxMmY2ZDk3YzUyODhlZmQ0Y2I5NTYz
ZDFkNDkwHhcNMjUxMTA0MjAwMDEwWhcNMjUxMTA1MjAwMDEwWjAzMTEwLwYDVQQD
Eyg0YzJkMjU2N2MzZDRiYjRlNzIwODcyY2YwNTdkOTdiYjY0YzhiMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/ZaIkbX14AAQQMvFbYDDwxsIpNP
M2YwqnA8tsyTS8b9K1heQHXJNF8nSZvVL0mU7YAlWhN3vCnAPOkb+XKqrBeEDuIa
z5ffm8cysgv6eBee9CVPUwIr7ABJS/8wa9Lv/kPz1zK303jWRhZrjAHMZ6PDrQ1A
oKiLRIu2nhhabLXTKpHoBttDuwTL3+13a/OAwF0QW3QPVsYYmmFf5bjEwM7v2EXf
HS29uHN81QBtbcy70HNJfdEy7JHktd6DXMZaI1sk9Ws7SIIYEgZNyh2748QSRujq
Rm6l2dcNX19ta9PcKD1yk+8XJecyN0ii917NiQhYkty2yf0UdofISJ+27wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwtJWfD1LtOcghyzwV9l7tkyLGVMB8GA1UdIwQY
MBaAFARxiBd4oeEvbZfFKI79TLlWPR1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgt
NDJlYTQ3YjEyNTM3LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgtNDJlYTQ3YjEyNTM3
LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdRFDENgb
y9ltYNrGoOTE4A/lD9KvJH2pQuUCNVhBwMNum5j6I2C6yDX+ToF5XYYT4vvkVcSv
YFfqaaG61ysG2oLWs5Y8/NmwhUmAmda5bqyiDXUyqcmp4Fxlcpuw1VHYrbwUQ8dN
X0XIhlVdo8CDVgX+GVgjyGivzl1KqCv3ubaA0D6feZ4jY8UFh0BlXu8lQlLmQLL9
GmMzJeI07eheb23AG+SNwoC63La5i8qVih0BD9t4vWmVPa4vfu+ubDdHT7L6idBJ
ElcOvxxSvdP5dLiGW3U0Nh5E0I9rR+u31UxIMNdRyzA/xD1v9/iLJ/YMKOwj+6/R
RmRoisSms47tjw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:07:55 2025 by rpki-client