Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/BB0F8437DE6BB251821A7A5FB8111376F1709023.mft
File: BB0F8437DE6BB251821A7A5FB8111376F1709023.mft (raw, json)
Hash identifier: 7HzvTeJTrfeL/tcjWH4dC0nUV62Vc23uW+Vs+lWWOmA=
Subject key identifier: D0:24:E3:99:6C:43:20:BC:06:B3:92:A1:24:DF:AA:40:02:95:8E:F3
Authority key identifier: BB:0F:84:37:DE:6B:B2:51:82:1A:7A:5F:B8:11:13:76:F1:70:90:23
Certificate issuer: /CN=bb0f8437de6bb251821a7a5fb8111376f1709023
Certificate serial: 4739CC67E7812E19B7EB20D3FE0C339F233E99DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw-EN95rslGCGnpfuBETdvFwkCM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/BB0F8437DE6BB251821A7A5FB8111376F1709023.mft
Manifest number: 0543
Signing time: Sun 01 Mar 2026 15:15:39 +0000
Manifest this update: Sun 01 Mar 2026 15:10:39 +0000
Manifest next update: Mon 02 Mar 2026 18:56:39 +0000
Files and hashes: 1: BB0F8437DE6BB251821A7A5FB8111376F1709023.crl (hash: nOSgpl8X4Pz0Wh//EjbmDZBiIrhlo7iPjReZbdZ/6YM=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/BB0F8437DE6BB251821A7A5FB8111376F1709023.crl
rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/BB0F8437DE6BB251821A7A5FB8111376F1709023.mft
rsync://rpki.ripe.net/repository/DEFAULT/uw-EN95rslGCGnpfuBETdvFwkCM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:56:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:39:cc:67:e7:81:2e:19:b7:eb:20:d3:fe:0c:33:9f:23:3e:99:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0f8437de6bb251821a7a5fb8111376f1709023
Validity
Not Before: Mar 1 15:10:39 2026 GMT
Not After : Mar 2 18:56:39 2026 GMT
Subject: CN=D024E3996C4320BC06B392A124DFAA4002958EF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b3:66:df:30:56:f2:80:4b:b9:98:cf:97:14:
e2:78:91:a0:fa:24:52:44:0e:46:b0:f2:dd:e2:9e:
28:e5:2c:59:95:a1:1e:65:87:a1:13:8f:9f:f6:21:
9c:b7:47:18:e3:f1:33:11:3d:dc:74:78:ee:58:c4:
e3:df:d1:ed:58:31:d4:34:89:31:60:22:c2:f4:ff:
64:bf:6e:3e:cf:b8:05:10:b3:b0:ac:18:1c:cb:46:
af:3f:df:81:c5:87:7a:7f:f9:96:d7:49:50:9d:c0:
fb:06:14:ca:88:23:21:aa:f1:c3:c2:6d:80:42:1e:
25:89:6d:96:60:b0:70:fa:7a:dd:f0:51:1b:f7:29:
a3:d3:d7:34:c5:1b:34:00:b1:ef:29:7d:a2:d1:91:
07:57:c2:15:2c:89:a3:fc:ff:cd:94:f5:ed:c1:b5:
83:00:74:e0:32:8d:c7:3b:0c:f4:e5:59:cb:a8:f5:
3e:5f:91:3b:68:64:0f:1c:85:a9:62:2a:f1:b8:2b:
14:aa:81:51:a3:16:8b:21:28:83:dc:a0:53:64:78:
94:61:e8:17:96:99:d1:5d:f3:f6:7e:45:09:1a:f3:
d9:fd:99:13:e2:a4:43:d4:2a:b6:90:bc:11:1f:9f:
77:74:72:e1:2f:27:00:49:2f:74:63:d2:9a:6f:79:
3d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:24:E3:99:6C:43:20:BC:06:B3:92:A1:24:DF:AA:40:02:95:8E:F3
X509v3 Authority Key Identifier:
keyid:BB:0F:84:37:DE:6B:B2:51:82:1A:7A:5F:B8:11:13:76:F1:70:90:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/BB0F8437DE6BB251821A7A5FB8111376F1709023.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw-EN95rslGCGnpfuBETdvFwkCM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/0/BB0F8437DE6BB251821A7A5FB8111376F1709023.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:05:3b:bc:a6:ad:95:27:df:ba:a5:ff:e2:63:45:5a:4d:8a:
2d:25:80:b5:3c:da:32:f2:fb:7c:86:c3:c3:6d:c4:fd:7f:69:
83:6a:59:0f:8a:66:03:3c:1c:f0:07:7a:1b:53:b1:68:c1:8f:
b6:80:a4:47:df:5a:72:7a:56:b2:eb:01:6a:22:fb:86:4f:14:
16:4f:93:7e:b5:0e:3e:51:5a:23:67:fc:93:52:f2:b1:89:45:
c5:8e:8e:b0:c0:07:e9:61:ef:64:c9:ad:88:a0:c7:2a:22:0c:
f3:e8:9b:cf:b4:6f:56:06:6f:5d:fb:c1:9d:bd:20:a7:7b:91:
65:ca:b5:0d:eb:60:30:ad:89:d4:c7:0b:08:c5:1e:52:62:bf:
75:42:aa:1a:f7:fc:4d:f4:79:51:27:87:2b:11:ec:1a:1b:e3:
2b:86:46:0e:57:6f:a0:d2:a4:b9:ce:4a:fb:d3:f1:5d:ab:c4:
3f:e9:e2:a4:fc:80:03:ef:f3:96:eb:2a:fc:f2:e2:31:1a:b4:
16:dc:6d:c1:8e:ce:43:d9:b5:7b:6a:c0:dd:77:55:cd:e0:f3:
ce:0e:74:c9:24:67:bb:d7:20:1a:b0:1d:e8:6d:de:b2:ba:fa:
da:1e:81:01:76:bc:b0:fe:a4:cc:6a:83:4b:14:6d:d4:9f:db:
3f:98:c1:5b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIURznMZ+eBLhm36yDT/gwznyM+mdswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmIwZjg0MzdkZTZiYjI1MTgyMWE3YTVmYjgxMTEzNzZm
MTcwOTAyMzAeFw0yNjAzMDExNTEwMzlaFw0yNjAzMDIxODU2MzlaMDMxMTAvBgNV
BAMTKEQwMjRFMzk5NkM0MzIwQkMwNkIzOTJBMTI0REZBQTQwMDI5NThFRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzs2bfMFbygEu5mM+XFOJ4kaD6
JFJEDkaw8t3inijlLFmVoR5lh6ETj5/2IZy3Rxjj8TMRPdx0eO5YxOPf0e1YMdQ0
iTFgIsL0/2S/bj7PuAUQs7CsGBzLRq8/34HFh3p/+ZbXSVCdwPsGFMqIIyGq8cPC
bYBCHiWJbZZgsHD6et3wURv3KaPT1zTFGzQAse8pfaLRkQdXwhUsiaP8/82U9e3B
tYMAdOAyjcc7DPTlWcuo9T5fkTtoZA8chaliKvG4KxSqgVGjFoshKIPcoFNkeJRh
6BeWmdFd8/Z+RQka89n9mRPipEPUKraQvBEfn3d0cuEvJwBJL3Rj0ppveT1zAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQU0CTjmWxDILwGs5KhJN+qQAKVjvMwHwYDVR0j
BBgwFoAUuw+EN95rslGCGnpfuBETdvFwkCMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzAvQkIwRjg0MzdERTZCQjI1MTgyMUE3QTVGQjgxMTEzNzZGMTcwOTAyMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3V3LUVOOTVyc2xHQ0ducGZ1QkVUZHZG
d2tDTS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yM2Q1ZjY4Mi1i
NTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMC9CQjBGODQzN0RFNkJCMjUxODIx
QTdBNUZCODExMTM3NkYxNzA5MDIzLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGQU7vKatlSffuqX/4mNF
Wk2KLSWAtTzaMvL7fIbDw23E/X9pg2pZD4pmAzwc8Ad6G1OxaMGPtoCkR99acnpW
susBaiL7hk8UFk+TfrUOPlFaI2f8k1LysYlFxY6OsMAH6WHvZMmtiKDHKiIM8+ib
z7RvVgZvXfvBnb0gp3uRZcq1DetgMK2J1McLCMUeUmK/dUKqGvf8TfR5USeHKxHs
GhvjK4ZGDldvoNKkuc5K+9PxXavEP+nipPyAA+/zlusq/PLiMRq0FtxtwY7OQ9m1
e2rA3XdVzeDzzg50ySRnu9cgGrAd6G3esrr62h6BAXa8sP6kzGqDSxRt1J/bP5jB
Ww==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:06:34 2026 by rpki-client