Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.mft
File: BGelYhGyHprHzcj7Y58xCpLCEEw.mft (raw, json)
Hash identifier: 1e4VP32pcccer2M+VNkGMcA1tJ1JEoVVaR3/p28CSpw=
Subject key identifier: 85:69:DA:7E:7B:C8:BD:4D:DC:E8:21:BE:9F:80:A2:FD:CE:E8:25:4C
Authority key identifier: 04:67:A5:62:11:B2:1E:9A:C7:CD:C8:FB:63:9F:31:0A:92:C2:10:4C
Certificate issuer: /CN=0467a56211b21e9ac7cdc8fb639f310a92c2104c
Certificate serial: 019A4D3CCB5A9493FB3B4053C952B17B92C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.mft
Manifest number: 0DED
Signing time: Tue 04 Nov 2025 05:00:21 +0000
Manifest this update: Tue 04 Nov 2025 05:00:21 +0000
Manifest next update: Wed 05 Nov 2025 05:00:21 +0000
Files and hashes: 1: BGelYhGyHprHzcj7Y58xCpLCEEw.crl (hash: KsIPeKG84HycBKJAc1mMMskhSIu5cd87BkGaO++M0ZM=)
2: vBbw-4MxcReP3ao6MqHjBCu3GcI.roa (hash: W28uSnDMlGVkrCQsXwIvXwkvC/TrS+441MfK9XqL5Zo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 05:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:3c:cb:5a:94:93:fb:3b:40:53:c9:52:b1:7b:92:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0467a56211b21e9ac7cdc8fb639f310a92c2104c
Validity
Not Before: Nov 4 05:00:21 2025 GMT
Not After : Nov 5 05:00:21 2025 GMT
Subject: CN=8569da7e7bc8bd4ddce821be9f80a2fdcee8254c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f2:a9:c2:8d:83:bf:39:4a:50:f7:48:10:c7:
49:89:d9:f4:29:87:da:e7:f1:5a:4a:4f:6a:1e:21:
49:95:87:3d:72:5c:d5:72:80:47:e8:0e:60:a5:27:
77:14:b1:23:50:2b:df:a9:65:87:14:bb:bb:fb:5f:
2a:ef:c9:f6:e4:cb:da:b1:81:91:b5:a0:0c:d2:d3:
19:ac:00:bc:c8:d7:68:4e:10:51:31:d1:6d:b8:bb:
9c:0c:a9:3a:a2:69:fc:e3:7b:2f:1f:78:41:31:65:
c2:bb:10:5c:dd:b2:06:1a:b4:87:11:56:0a:b5:01:
59:98:34:4a:0f:61:06:97:f7:96:b9:6f:ab:99:76:
26:fd:84:11:d7:c3:07:ed:df:e7:e9:69:ae:80:fe:
6a:83:9a:99:88:54:01:40:03:36:ad:16:4c:d9:91:
8f:d5:31:90:da:db:50:70:c8:c9:e3:b2:be:4a:77:
9d:73:ed:24:be:df:9a:a4:99:30:56:04:ca:29:f6:
ac:61:aa:48:44:7f:fb:1b:fd:a6:df:d7:12:a6:6e:
d2:1e:f5:8f:3a:cb:6e:59:e6:d1:09:a3:47:bf:a8:
8f:58:1d:36:9e:96:f1:c7:69:a6:ff:a6:e4:59:1f:
61:de:2c:1f:d4:9b:ce:d4:84:83:40:4b:17:b7:60:
9d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:69:DA:7E:7B:C8:BD:4D:DC:E8:21:BE:9F:80:A2:FD:CE:E8:25:4C
X509v3 Authority Key Identifier:
keyid:04:67:A5:62:11:B2:1E:9A:C7:CD:C8:FB:63:9F:31:0A:92:C2:10:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cb:5d:de:76:c3:3e:16:e8:48:4c:ea:f5:1b:56:05:56:09:67:
4f:14:48:c5:93:4d:e3:03:94:52:ae:94:63:d4:0d:10:44:f6:
60:cc:0c:c4:d3:4e:0a:6f:88:26:b8:65:12:d0:35:49:7c:9c:
a2:7c:f4:8f:47:f1:ee:bc:e0:a6:1c:ca:1c:da:a0:f5:26:a8:
08:90:da:93:7c:03:52:0f:97:98:78:b0:9f:73:87:6b:ad:e1:
f4:8b:8c:75:8f:14:04:74:8d:bd:84:8e:02:46:c4:3c:e3:c8:
d6:19:98:6d:09:81:3d:c7:77:c1:f9:e2:97:cc:5d:ed:ff:17:
ab:15:ed:81:ce:4a:62:1c:3c:29:7b:ad:bf:fa:18:a4:32:43:
cb:a4:5d:18:76:a8:57:48:b8:9a:cc:05:f8:c0:47:5c:27:b5:
99:70:bd:06:85:43:ea:c3:3b:17:b4:4b:4c:62:59:7a:62:a7:
0c:6f:93:c2:41:90:9c:d6:6a:ef:13:0d:89:ef:7c:f7:ab:6a:
b2:57:aa:58:60:83:da:0e:c7:d0:f6:e1:ee:f6:6d:04:98:06:
c5:16:d2:d0:d3:fb:01:ae:d5:f0:7d:ef:09:e8:72:65:69:5b:
54:82:61:ad:6a:45:38:fb:ab:ca:20:c6:b2:3b:56:c7:c1:c3:
80:7b:e9:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNPMtalJP7O0BTyVKxe5LFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NjdhNTYyMTFiMjFlOWFjN2NkYzhmYjYzOWYzMTBhOTJj
MjEwNGMwHhcNMjUxMTA0MDUwMDIxWhcNMjUxMTA1MDUwMDIxWjAzMTEwLwYDVQQD
Eyg4NTY5ZGE3ZTdiYzhiZDRkZGNlODIxYmU5ZjgwYTJmZGNlZTgyNTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfKpwo2DvzlKUPdIEMdJidn0KYfa
5/FaSk9qHiFJlYc9clzVcoBH6A5gpSd3FLEjUCvfqWWHFLu7+18q78n25MvasYGR
taAM0tMZrAC8yNdoThBRMdFtuLucDKk6omn843svH3hBMWXCuxBc3bIGGrSHEVYK
tQFZmDRKD2EGl/eWuW+rmXYm/YQR18MH7d/n6WmugP5qg5qZiFQBQAM2rRZM2ZGP
1TGQ2ttQcMjJ47K+Snedc+0kvt+apJkwVgTKKfasYapIRH/7G/2m39cSpm7SHvWP
OstuWebRCaNHv6iPWB02npbxx2mm/6bkWR9h3iwf1JvO1ISDQEsXt2Cd6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVp2n57yL1N3Oghvp+Aov3O6CVMMB8GA1UdIwQY
MBaAFARnpWIRsh6ax83I+2OfMQqSwhBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkdlbFloR3lIcHJIemNqN1k1OHhDcExDRUV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wNDVjNGItYzBkNy00Nzc4LTlmNDQt
ODIzYWQyYzJmNWYxLzEvQkdlbFloR3lIcHJIemNqN1k1OHhDcExDRUV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wNDVjNGItYzBkNy00Nzc4LTlmNDQtODIzYWQyYzJmNWYx
LzEvQkdlbFloR3lIcHJIemNqN1k1OHhDcExDRUV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAy13edsM+
FuhITOr1G1YFVglnTxRIxZNN4wOUUq6UY9QNEET2YMwMxNNOCm+IJrhlEtA1SXyc
onz0j0fx7rzgphzKHNqg9SaoCJDak3wDUg+XmHiwn3OHa63h9IuMdY8UBHSNvYSO
AkbEPOPI1hmYbQmBPcd3wfnil8xd7f8XqxXtgc5KYhw8KXutv/oYpDJDy6RdGHao
V0i4mswF+MBHXCe1mXC9BoVD6sM7F7RLTGJZemKnDG+TwkGQnNZq7xMNie9896tq
sleqWGCD2g7H0Pbh7vZtBJgGxRbS0NP7Aa7V8H3vCehyZWlbVIJhrWpFOPuryiDG
sjtWx8HDgHvpeg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:42:03 2025 by rpki-client