Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.mft
File: bfHIcky70DS6t6Da3wq0uZ_2b_8.mft (raw, json)
Hash identifier: 6wo5Ddm92wxeXPYkq7kfm423MlbI5nTGZ1kL+ELJZBc=
Subject key identifier: 87:BD:C7:FD:83:6A:AB:2D:14:C1:ED:BB:D8:CC:C0:A4:18:C8:5E:22
Authority key identifier: 6D:F1:C8:72:4C:BB:D0:34:BA:B7:A0:DA:DF:0A:B4:B9:9F:F6:6F:FF
Certificate issuer: /CN=6df1c8724cbbd034bab7a0dadf0ab4b99ff66fff
Certificate serial: 019CAE6C7AC138396CABCF5AFC96EA6CC2CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfHIcky70DS6t6Da3wq0uZ_2b_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.mft
Manifest number: 1849
Signing time: Mon 02 Mar 2026 12:01:10 +0000
Manifest this update: Mon 02 Mar 2026 12:01:10 +0000
Manifest next update: Tue 03 Mar 2026 12:01:10 +0000
Files and hashes: 1: QfIo87XsCuJzTUYuuoqKD3WaLb0.roa (hash: 3OJrGr0r+PmdJst/a4vFJ2BEBu96S/fI6q0nYYtF9LQ=)
2: bfHIcky70DS6t6Da3wq0uZ_2b_8.crl (hash: /Aj99yuQvg+o25tcOtglrrVf7qH1Dw4NjharPMbufew=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bfHIcky70DS6t6Da3wq0uZ_2b_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:6c:7a:c1:38:39:6c:ab:cf:5a:fc:96:ea:6c:c2:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6df1c8724cbbd034bab7a0dadf0ab4b99ff66fff
Validity
Not Before: Mar 2 12:01:10 2026 GMT
Not After : Mar 3 12:01:10 2026 GMT
Subject: CN=87bdc7fd836aab2d14c1edbbd8ccc0a418c85e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:22:e7:31:a8:30:c2:5b:8f:50:67:84:56:0b:
07:25:5a:33:d8:b6:52:60:5c:f7:75:b3:f5:4c:48:
e3:b0:4b:04:0e:99:69:98:6d:72:ad:69:c0:3b:1c:
25:5b:80:d1:95:91:04:6e:9b:8c:62:47:dd:a0:6d:
ca:03:b2:c6:b1:e0:80:45:80:91:a5:e8:cd:33:d3:
97:d4:07:ce:91:1f:20:be:1c:db:58:c1:e2:85:a3:
58:8b:fc:34:b7:51:3d:99:ee:69:b5:b9:8d:9c:00:
55:6b:45:f1:9a:81:64:8f:44:db:3d:f5:7b:d3:e1:
ad:8a:4a:8c:e9:0d:d8:33:9b:13:13:4f:64:56:0c:
e8:5b:4e:6a:3d:58:49:3b:f6:74:f6:bf:0c:c7:a9:
63:4d:4e:c5:87:45:d2:88:55:3f:f0:58:01:1d:cb:
07:59:87:4c:f4:8c:ff:74:d7:77:52:76:93:b3:6a:
d4:3b:d5:68:c6:4e:0a:62:26:67:82:5c:38:62:7b:
9d:b4:35:62:3b:b9:8d:de:a6:11:35:d3:48:9b:27:
18:9c:fe:0e:4a:10:1b:c7:19:6e:7e:1c:82:c9:b9:
4b:8e:e0:a6:a8:1d:3c:76:c1:6e:f6:96:de:90:c1:
77:a6:da:2d:69:4b:51:52:16:09:c9:0d:ad:75:82:
14:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:BD:C7:FD:83:6A:AB:2D:14:C1:ED:BB:D8:CC:C0:A4:18:C8:5E:22
X509v3 Authority Key Identifier:
keyid:6D:F1:C8:72:4C:BB:D0:34:BA:B7:A0:DA:DF:0A:B4:B9:9F:F6:6F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfHIcky70DS6t6Da3wq0uZ_2b_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:15:3a:ca:63:d3:3c:4c:74:7e:38:b9:5f:8b:33:75:a5:7e:
48:4c:8b:55:68:f8:00:4b:46:c5:34:10:74:d7:ac:f7:95:9b:
8e:08:b3:38:45:d0:b5:13:36:3c:cc:93:86:00:65:69:81:2f:
32:ff:2d:24:60:a7:8d:b9:72:fc:f5:b8:31:ea:a6:78:42:20:
12:e4:72:0f:72:89:d1:97:a7:34:2b:5d:b3:3d:fa:27:18:62:
e5:43:b6:d1:90:a3:db:6b:84:d9:c8:e7:6a:3f:a4:a8:da:b2:
11:d6:2b:ab:38:33:93:08:e2:34:b1:b8:1e:e7:05:17:c1:a4:
7f:ec:1d:4a:9d:31:37:cb:e8:21:9e:22:7e:5f:77:02:e1:c3:
f9:5d:b5:29:bb:97:32:e3:85:6e:3a:32:b7:19:56:6c:e0:f0:
4b:26:6e:48:e0:2e:83:5b:d0:ad:25:82:89:84:a4:00:ad:2e:
76:40:3d:f0:1c:85:00:12:1b:d6:2b:26:0c:23:08:e8:ea:22:
39:d0:fe:48:16:be:af:68:ef:3e:5e:01:6c:5b:1d:6b:c8:04:
33:19:83:a2:87:71:cd:f2:41:12:0e:cd:ad:0c:31:85:17:67:
0b:4c:8a:91:15:7f:71:34:37:a3:e3:cf:cd:e9:b4:09:bb:0b:
0b:8e:f0:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyubHrBODlsq89a/JbqbMLPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZjFjODcyNGNiYmQwMzRiYWI3YTBkYWRmMGFiNGI5OWZm
NjZmZmYwHhcNMjYwMzAyMTIwMTEwWhcNMjYwMzAzMTIwMTEwWjAzMTEwLwYDVQQD
Eyg4N2JkYzdmZDgzNmFhYjJkMTRjMWVkYmJkOGNjYzBhNDE4Yzg1ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCLnMagwwluPUGeEVgsHJVoz2LZS
YFz3dbP1TEjjsEsEDplpmG1yrWnAOxwlW4DRlZEEbpuMYkfdoG3KA7LGseCARYCR
pejNM9OX1AfOkR8gvhzbWMHihaNYi/w0t1E9me5ptbmNnABVa0XxmoFkj0TbPfV7
0+GtikqM6Q3YM5sTE09kVgzoW05qPVhJO/Z09r8Mx6ljTU7Fh0XSiFU/8FgBHcsH
WYdM9Iz/dNd3UnaTs2rUO9Voxk4KYiZnglw4YnudtDViO7mN3qYRNdNImycYnP4O
ShAbxxlufhyCyblLjuCmqB08dsFu9pbekMF3ptotaUtRUhYJyQ2tdYIUywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIe9x/2DaqstFMHtu9jMwKQYyF4iMB8GA1UdIwQY
MBaAFG3xyHJMu9A0ureg2t8KtLmf9m//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZISWNreTcwRFM2dDZEYTN3cTB1Wl8yYl84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9lMDc4MWYtNmU2NC00NmFhLThhZjAt
ZjkyNGQ2ZjZhNTk1LzEvYmZISWNreTcwRFM2dDZEYTN3cTB1Wl8yYl84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9lMDc4MWYtNmU2NC00NmFhLThhZjAtZjkyNGQ2ZjZhNTk1
LzEvYmZISWNreTcwRFM2dDZEYTN3cTB1Wl8yYl84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbhU6ymPT
PEx0fji5X4szdaV+SEyLVWj4AEtGxTQQdNes95WbjgizOEXQtRM2PMyThgBlaYEv
Mv8tJGCnjbly/PW4MeqmeEIgEuRyD3KJ0ZenNCtdsz36Jxhi5UO20ZCj22uE2cjn
aj+kqNqyEdYrqzgzkwjiNLG4HucFF8Gkf+wdSp0xN8voIZ4ifl93AuHD+V21KbuX
MuOFbjoytxlWbODwSyZuSOAug1vQrSWCiYSkAK0udkA98ByFABIb1ismDCMI6Ooi
OdD+SBa+r2jvPl4BbFsda8gEMxmDoodxzfJBEg7NrQwxhRdnC0yKkRV/cTQ3o+PP
zem0CbsLC47wfw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:33:46 2026 by rpki-client