Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft
File: bfhqH1cK4xUpAiqk9h79nsK5fQU.mft (raw, json)
Hash identifier: OhZewu31kDGdxWu/n9hHkl4NdUl0tJOeK2ViXaVzFNA=
Subject key identifier: B8:F0:A1:C6:34:43:BA:35:9A:EA:C1:CE:63:DE:54:E1:68:E3:D9:1C
Authority key identifier: 6D:F8:6A:1F:57:0A:E3:15:29:02:2A:A4:F6:1E:FD:9E:C2:B9:7D:05
Certificate issuer: /CN=6df86a1f570ae31529022aa4f61efd9ec2b97d05
Certificate serial: 019CABD9C0E845034D1243832D8D9C8A180B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfhqH1cK4xUpAiqk9h79nsK5fQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft
Manifest number: 16C2
Signing time: Mon 02 Mar 2026 00:01:40 +0000
Manifest this update: Mon 02 Mar 2026 00:01:40 +0000
Manifest next update: Tue 03 Mar 2026 00:01:40 +0000
Files and hashes: 1: Nx4WUGOdHpNQN9XS38e-AsCcPVw.roa (hash: 34pVZ/V8QJHpQ0HgHgjAh/BvMJod9h4SmiBh4ahKV2A=)
2: bfhqH1cK4xUpAiqk9h79nsK5fQU.crl (hash: OBjELJ+k1M1qCPn1F3kQ/Vb5rWyV3yeFBOXV9KfJhgM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bfhqH1cK4xUpAiqk9h79nsK5fQU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:c0:e8:45:03:4d:12:43:83:2d:8d:9c:8a:18:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6df86a1f570ae31529022aa4f61efd9ec2b97d05
Validity
Not Before: Mar 2 00:01:40 2026 GMT
Not After : Mar 3 00:01:40 2026 GMT
Subject: CN=b8f0a1c63443ba359aeac1ce63de54e168e3d91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:65:cf:3f:ba:ce:24:98:df:cf:ae:99:a2:3f:
fe:d4:d2:20:10:51:f2:16:ea:36:05:d0:d0:b8:91:
16:dc:4b:37:94:ff:e8:2c:ca:4d:6a:84:4e:4e:81:
71:da:15:aa:0e:3e:a1:31:c7:77:6d:6e:15:27:37:
94:51:bb:78:20:ac:56:50:c1:05:65:5c:d6:cd:ef:
a0:9e:de:ad:1e:e4:a2:be:0f:a0:ba:ce:09:39:4a:
08:94:6a:24:bd:d1:2f:96:be:a4:5c:0e:d6:77:b7:
49:92:e9:39:b9:6e:03:79:12:8e:7d:64:6a:57:2a:
6b:a4:ef:07:41:24:80:8a:df:f8:a0:f4:d6:cb:b7:
63:57:83:ef:2f:85:0c:95:17:02:db:a8:8e:98:60:
fc:ba:0c:c9:6b:03:89:45:aa:f3:9f:b8:cf:76:db:
4a:8f:07:f0:da:6d:ce:fa:d2:08:02:d1:40:51:bb:
36:21:1f:54:14:a3:dc:5a:24:68:c8:e3:83:2f:d9:
a8:c3:c0:81:64:ed:c3:7f:3d:6a:10:7e:7f:4f:16:
8d:b9:1c:fe:fe:20:31:53:b8:13:2b:e1:d4:f1:b7:
cd:a4:0c:db:bb:54:34:42:e3:fc:82:ee:90:21:76:
18:f7:52:21:63:fa:ab:61:39:7b:bd:d9:08:e2:de:
54:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F0:A1:C6:34:43:BA:35:9A:EA:C1:CE:63:DE:54:E1:68:E3:D9:1C
X509v3 Authority Key Identifier:
keyid:6D:F8:6A:1F:57:0A:E3:15:29:02:2A:A4:F6:1E:FD:9E:C2:B9:7D:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfhqH1cK4xUpAiqk9h79nsK5fQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:45:d5:01:ee:4e:d1:8d:31:a6:23:32:c6:29:0e:b2:73:e7:
4a:4e:8b:60:ae:09:7c:f8:44:81:35:25:1e:d1:2a:34:b2:2a:
8e:e0:0e:a8:89:13:09:c2:c9:aa:0b:ea:b3:07:19:f2:8c:79:
e4:5f:6e:7b:65:39:d0:51:3f:a9:fd:95:5f:0f:80:ec:bd:6c:
08:1d:6c:7b:7c:fe:d8:5d:20:01:cb:2b:90:aa:69:e4:a1:54:
b1:55:cf:5c:ce:d6:41:0a:3a:9a:e3:56:28:87:09:87:bd:90:
64:fa:a2:3b:72:47:9c:59:c8:50:d9:3c:ab:f6:b8:f3:d0:d5:
49:30:95:6d:dc:9a:56:84:38:e9:53:ce:9d:21:94:f3:0f:e2:
da:05:15:0e:f4:01:47:6c:dc:b7:eb:3b:79:07:a7:8b:3f:32:
5d:f1:9b:54:2f:e6:d2:9b:fa:18:f4:d9:e6:2f:7a:0c:96:b7:
b2:a5:50:00:b9:89:0a:96:28:1b:7c:9a:f2:74:91:47:a6:5e:
a4:a2:88:6c:2f:7b:37:70:49:83:20:6c:8f:56:fd:7a:f7:02:
dd:cb:a0:c1:7a:b4:cd:c1:be:01:e7:83:88:28:c4:fa:54:36:
06:11:e4:45:67:17:3f:de:4d:dd:45:41:54:20:43:82:f7:e4:
40:bb:b6:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2cDoRQNNEkODLY2cihgLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZjg2YTFmNTcwYWUzMTUyOTAyMmFhNGY2MWVmZDllYzJi
OTdkMDUwHhcNMjYwMzAyMDAwMTQwWhcNMjYwMzAzMDAwMTQwWjAzMTEwLwYDVQQD
EyhiOGYwYTFjNjM0NDNiYTM1OWFlYWMxY2U2M2RlNTRlMTY4ZTNkOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmXPP7rOJJjfz66Zoj/+1NIgEFHy
Fuo2BdDQuJEW3Es3lP/oLMpNaoROToFx2hWqDj6hMcd3bW4VJzeUUbt4IKxWUMEF
ZVzWze+gnt6tHuSivg+gus4JOUoIlGokvdEvlr6kXA7Wd7dJkuk5uW4DeRKOfWRq
VyprpO8HQSSAit/4oPTWy7djV4PvL4UMlRcC26iOmGD8ugzJawOJRarzn7jPdttK
jwfw2m3O+tIIAtFAUbs2IR9UFKPcWiRoyOODL9mow8CBZO3Dfz1qEH5/TxaNuRz+
/iAxU7gTK+HU8bfNpAzbu1Q0QuP8gu6QIXYY91IhY/qrYTl7vdkI4t5UQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLjwocY0Q7o1murBzmPeVOFo49kcMB8GA1UdIwQY
MBaAFG34ah9XCuMVKQIqpPYe/Z7CuX0FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZocUgxY0s0eFVwQWlxazloNzluc0s1ZlFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS82YWRkMzUtYTk4My00MDExLWFmOGEt
N2FhYzJkODQ3OTU1LzEvYmZocUgxY0s0eFVwQWlxazloNzluc0s1ZlFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS82YWRkMzUtYTk4My00MDExLWFmOGEtN2FhYzJkODQ3OTU1
LzEvYmZocUgxY0s0eFVwQWlxazloNzluc0s1ZlFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACUXVAe5O
0Y0xpiMyxikOsnPnSk6LYK4JfPhEgTUlHtEqNLIqjuAOqIkTCcLJqgvqswcZ8ox5
5F9ue2U50FE/qf2VXw+A7L1sCB1se3z+2F0gAcsrkKpp5KFUsVXPXM7WQQo6muNW
KIcJh72QZPqiO3JHnFnIUNk8q/a489DVSTCVbdyaVoQ46VPOnSGU8w/i2gUVDvQB
R2zct+s7eQeniz8yXfGbVC/m0pv6GPTZ5i96DJa3sqVQALmJCpYoG3ya8nSRR6Ze
pKKIbC97N3BJgyBsj1b9evcC3cugwXq0zcG+AeeDiCjE+lQ2BhHkRWcXP95N3UVB
VCBDgvfkQLu2Iw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:42:49 2026 by rpki-client