Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/3d2894-32e9-4f02-a8b9-532ed2567e9b/1/BqTBjS4g22T_nbUpKzefU4t2oVE.mft
File: BqTBjS4g22T_nbUpKzefU4t2oVE.mft (raw, json)
Hash identifier: YWbPWY9RQ5QYVUSDIUpTfVEfJH/xRz1f6qHMlbri5p4=
Subject key identifier: DE:6D:7C:FE:DF:93:33:DD:15:9F:21:8E:7B:60:50:74:BA:97:F1:4B
Authority key identifier: 06:A4:C1:8D:2E:20:DB:64:FF:9D:B5:29:2B:37:9F:53:8B:76:A1:51
Certificate issuer: /CN=06a4c18d2e20db64ff9db5292b379f538b76a151
Certificate serial: 019CADC7DEBA36FCA03E1F4A3A2468D0B7F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BqTBjS4g22T_nbUpKzefU4t2oVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/3d2894-32e9-4f02-a8b9-532ed2567e9b/1/BqTBjS4g22T_nbUpKzefU4t2oVE.mft
Manifest number: 0F45
Signing time: Mon 02 Mar 2026 09:01:22 +0000
Manifest this update: Mon 02 Mar 2026 09:01:22 +0000
Manifest next update: Tue 03 Mar 2026 09:01:22 +0000
Files and hashes: 1: BqTBjS4g22T_nbUpKzefU4t2oVE.crl (hash: dCtml79mpDUH6lBHjIUu4YHtM4RnKZAbkXIDQd8MP6M=)
2: zv32VZMT2QpjwCNJQuKZWRRffIQ.roa (hash: kObmfO3vi0I5D4zj8YBTzKwtPE3NArat9hAGR+jsK8A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/3d2894-32e9-4f02-a8b9-532ed2567e9b/1/BqTBjS4g22T_nbUpKzefU4t2oVE.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/3d2894-32e9-4f02-a8b9-532ed2567e9b/1/BqTBjS4g22T_nbUpKzefU4t2oVE.mft
rsync://rpki.ripe.net/repository/DEFAULT/BqTBjS4g22T_nbUpKzefU4t2oVE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:c7:de:ba:36:fc:a0:3e:1f:4a:3a:24:68:d0:b7:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06a4c18d2e20db64ff9db5292b379f538b76a151
Validity
Not Before: Mar 2 09:01:22 2026 GMT
Not After : Mar 3 09:01:22 2026 GMT
Subject: CN=de6d7cfedf9333dd159f218e7b605074ba97f14b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7b:06:79:61:f5:77:21:0d:24:73:e2:43:ff:
d6:aa:5c:e4:12:03:f0:59:ee:be:76:31:0e:21:b5:
45:32:01:db:79:ba:63:6c:75:55:85:49:e4:5c:00:
84:09:d9:b3:e1:f4:32:06:f4:9c:26:7d:9b:9f:cf:
7a:16:2a:9c:e6:c3:41:23:5d:44:1f:28:d0:a6:30:
ef:f4:cd:a7:1d:04:ae:89:39:15:86:4c:7f:f0:65:
80:7e:8b:e5:54:3e:58:94:9f:12:53:75:86:71:88:
c1:01:7c:48:d9:31:e0:af:23:ab:a7:6b:9e:ed:89:
92:7f:fb:f0:86:11:b2:ad:4a:79:62:98:26:ba:9a:
70:8f:8a:ef:38:77:dd:e5:c9:41:14:20:ad:fe:be:
b1:e0:dd:c5:4d:23:e5:a8:6f:e9:4d:07:15:7b:93:
93:58:0f:06:74:40:51:52:29:70:e9:64:b7:f6:01:
41:a0:bc:c0:bf:65:2f:40:54:a3:db:74:f1:07:9c:
92:32:96:da:56:02:36:44:b1:36:3a:9d:d2:ff:0a:
01:ec:43:99:98:06:93:6e:ff:31:63:ac:18:70:86:
2a:8a:64:c1:95:15:b5:3c:6d:d0:0e:de:e4:1f:2b:
05:d2:d2:ec:ca:bd:88:73:28:ee:aa:90:6c:f0:af:
dd:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:6D:7C:FE:DF:93:33:DD:15:9F:21:8E:7B:60:50:74:BA:97:F1:4B
X509v3 Authority Key Identifier:
keyid:06:A4:C1:8D:2E:20:DB:64:FF:9D:B5:29:2B:37:9F:53:8B:76:A1:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BqTBjS4g22T_nbUpKzefU4t2oVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/3d2894-32e9-4f02-a8b9-532ed2567e9b/1/BqTBjS4g22T_nbUpKzefU4t2oVE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/3d2894-32e9-4f02-a8b9-532ed2567e9b/1/BqTBjS4g22T_nbUpKzefU4t2oVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:1a:0f:ce:00:31:07:b4:a0:00:14:0f:f4:8b:a3:8b:83:2a:
18:28:17:b9:fb:4e:71:72:7f:a7:04:86:a5:45:a1:e3:bf:fd:
0b:34:63:8b:c5:14:2a:7e:02:5c:41:bc:1e:b0:55:d3:27:8f:
39:29:ae:e8:b6:ca:d0:41:2d:a2:71:1b:84:ff:1c:af:f9:39:
22:7e:66:57:26:15:b8:7e:a1:99:2a:6c:81:59:dc:1c:a2:dc:
ec:4c:73:a4:ba:4f:3f:0c:a4:ca:59:0f:2e:26:3b:d5:a5:00:
e6:82:83:77:d5:cb:cb:cf:eb:55:ab:87:6c:c6:48:3d:38:a4:
45:cc:1c:c5:0f:8b:7d:67:43:6e:f9:3a:e1:aa:b9:52:54:4c:
ec:2d:cd:3f:67:13:38:70:83:38:5e:27:51:5d:c7:28:e6:a2:
18:28:7a:3c:7c:42:35:9f:e2:df:98:7a:13:0a:8a:ec:8d:ee:
7f:d9:b5:f1:03:bd:fd:54:ad:c5:af:65:b4:89:2d:4a:7c:d6:
3a:1b:c0:00:8d:41:02:99:79:aa:0b:5f:ab:ef:b6:a9:61:13:
ad:23:91:18:1b:f3:03:85:19:c4:21:17:45:95:59:b5:85:88:
23:59:ee:c3:21:9c:7f:c7:0f:0a:42:cd:48:c6:b0:88:e9:d2:
f2:da:28:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx966NvygPh9KOiRo0LfxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YTRjMThkMmUyMGRiNjRmZjlkYjUyOTJiMzc5ZjUzOGI3
NmExNTEwHhcNMjYwMzAyMDkwMTIyWhcNMjYwMzAzMDkwMTIyWjAzMTEwLwYDVQQD
EyhkZTZkN2NmZWRmOTMzM2RkMTU5ZjIxOGU3YjYwNTA3NGJhOTdmMTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnsGeWH1dyENJHPiQ//WqlzkEgPw
We6+djEOIbVFMgHbebpjbHVVhUnkXACECdmz4fQyBvScJn2bn896Fiqc5sNBI11E
HyjQpjDv9M2nHQSuiTkVhkx/8GWAfovlVD5YlJ8SU3WGcYjBAXxI2THgryOrp2ue
7YmSf/vwhhGyrUp5Ypgmuppwj4rvOHfd5clBFCCt/r6x4N3FTSPlqG/pTQcVe5OT
WA8GdEBRUilw6WS39gFBoLzAv2UvQFSj23TxB5ySMpbaVgI2RLE2Op3S/woB7EOZ
mAaTbv8xY6wYcIYqimTBlRW1PG3QDt7kHysF0tLsyr2IcyjuqpBs8K/d1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5tfP7fkzPdFZ8hjntgUHS6l/FLMB8GA1UdIwQY
MBaAFAakwY0uINtk/521KSs3n1OLdqFRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnFUQmpTNGcyMlRfbmJVcEt6ZWZVNHQyb1ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8zZDI4OTQtMzJlOS00ZjAyLWE4Yjkt
NTMyZWQyNTY3ZTliLzEvQnFUQmpTNGcyMlRfbmJVcEt6ZWZVNHQyb1ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8zZDI4OTQtMzJlOS00ZjAyLWE4YjktNTMyZWQyNTY3ZTli
LzEvQnFUQmpTNGcyMlRfbmJVcEt6ZWZVNHQyb1ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALRoPzgAx
B7SgABQP9Iuji4MqGCgXuftOcXJ/pwSGpUWh47/9CzRji8UUKn4CXEG8HrBV0yeP
OSmu6LbK0EEtonEbhP8cr/k5In5mVyYVuH6hmSpsgVncHKLc7ExzpLpPPwykylkP
LiY71aUA5oKDd9XLy8/rVauHbMZIPTikRcwcxQ+LfWdDbvk64aq5UlRM7C3NP2cT
OHCDOF4nUV3HKOaiGCh6PHxCNZ/i35h6EwqK7I3uf9m18QO9/VStxa9ltIktSnzW
OhvAAI1BApl5qgtfq++2qWETrSORGBvzA4UZxCEXRZVZtYWII1nuwyGcf8cPCkLN
SMawiOnS8too4Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:27:49 2026 by rpki-client