Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.mft
File: BmNp4nBctDPbBlirZm0ItnsVUdw.mft (raw, json)
Hash identifier: mv+7nT+j5s+hUDfggjAleN8ss1LXXFrezPOYAVBnjXU=
Subject key identifier: 5C:40:C2:68:6D:F0:19:A9:7A:6E:BA:1F:A9:E2:A7:0E:AD:F5:67:4E
Authority key identifier: 06:63:69:E2:70:5C:B4:33:DB:06:58:AB:66:6D:08:B6:7B:15:51:DC
Certificate issuer: /CN=066369e2705cb433db0658ab666d08b67b1551dc
Certificate serial: 019D265F4E675FFBD7D887235866F01E3B07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.mft
Manifest number: 17AB
Signing time: Wed 25 Mar 2026 19:01:13 +0000
Manifest this update: Wed 25 Mar 2026 19:01:13 +0000
Manifest next update: Thu 26 Mar 2026 19:01:13 +0000
Files and hashes: 1: BmNp4nBctDPbBlirZm0ItnsVUdw.crl (hash: UKL2mNMgk4VVepWhorbNalWj7I+20saXlbDNvgqsTVc=)
2: M2182yhCWIp3Dr1q8N4Z80xWV3w.roa (hash: IY36SUnI5dTjS3K8jOcIn+WsAvHQBxCsJZS9oy5ygLI=)
3: jYy2uYNL4nb69qr5FWiz-y5I14g.roa (hash: uK2ZzVfws+izj4DF8qyLOr4woZd1HOHCjMW0FZXm+bY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:4e:67:5f:fb:d7:d8:87:23:58:66:f0:1e:3b:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=066369e2705cb433db0658ab666d08b67b1551dc
Validity
Not Before: Mar 25 19:01:13 2026 GMT
Not After : Mar 26 19:01:13 2026 GMT
Subject: CN=5c40c2686df019a97a6eba1fa9e2a70eadf5674e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cf:34:d1:9a:5e:5d:d0:39:43:ca:bb:c6:8c:
dd:f6:38:33:d9:d5:ed:0c:70:26:ce:3e:85:f2:47:
d0:c5:74:36:01:ed:b0:50:06:e2:b3:69:26:e2:29:
11:07:c0:16:7b:fe:4a:2b:c3:05:8f:5e:d3:0f:0e:
8b:c5:b9:c0:e1:fc:46:ce:7c:2e:b1:11:a8:e5:32:
a9:63:14:e0:71:bc:98:97:74:22:f2:ac:b6:e8:4e:
5c:b5:1f:8e:61:07:50:af:54:ef:e5:57:79:de:d1:
6c:57:05:fc:4c:a8:ab:72:b2:e5:ec:27:e9:55:8a:
40:cd:8d:8b:9b:97:8f:55:3a:6e:20:4c:9d:65:82:
86:01:7a:56:74:2e:3d:36:05:87:28:fd:84:cc:f0:
5f:fa:54:31:ed:ad:ce:8b:eb:ad:b4:0a:ee:e6:f1:
92:45:23:66:a0:2e:81:b2:c3:a0:ad:d3:f8:12:31:
bb:0a:a6:f1:48:76:16:b0:b0:8d:e9:04:be:2b:ec:
cc:ce:58:5f:d3:ed:7c:f9:54:31:e1:21:4f:8f:5e:
f5:60:26:05:ec:f3:e1:e0:89:28:7a:72:12:93:9d:
88:94:07:64:58:d2:bd:05:2c:5b:96:dd:ac:d7:85:
21:80:34:fc:9d:c3:61:9d:14:2a:97:49:11:05:a9:
0d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:40:C2:68:6D:F0:19:A9:7A:6E:BA:1F:A9:E2:A7:0E:AD:F5:67:4E
X509v3 Authority Key Identifier:
keyid:06:63:69:E2:70:5C:B4:33:DB:06:58:AB:66:6D:08:B6:7B:15:51:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:e1:b0:f0:f9:e4:a3:b1:11:66:c4:b8:a6:83:03:b1:6a:5b:
0b:32:d1:a2:ea:e7:03:03:c4:b5:1e:a9:d6:cd:14:ba:a3:66:
c0:9a:31:ec:57:1e:bf:98:70:e9:a5:da:55:d6:b8:92:ad:63:
d0:98:bf:8e:c3:80:38:91:3a:69:26:e5:50:c4:55:73:d5:a0:
8b:80:06:99:b7:db:40:42:ae:e3:f2:13:78:a5:20:6c:2c:44:
c2:a0:6a:66:01:84:c8:9d:c0:81:84:b9:9b:00:a3:35:cb:25:
e6:30:02:b1:16:0e:39:a6:db:dc:1c:56:65:40:48:d1:ce:c7:
c8:ef:6f:a0:30:9f:f1:a1:7e:ed:aa:ac:7a:dd:b6:dd:cb:5d:
25:85:ba:42:3c:c4:12:2d:80:c5:00:f1:27:2d:71:16:ab:4c:
06:72:5f:a2:64:89:f6:6e:53:d6:e5:ba:0f:38:19:b3:c0:4d:
7c:c0:c4:97:6c:bb:f9:31:1b:97:ea:12:17:42:05:2e:be:a6:
91:dc:b0:e8:2a:8d:ab:d2:1a:a9:1b:3f:33:5d:61:8d:1a:e1:
0e:2b:e6:54:63:63:ed:7f:9a:81:9f:0f:a1:60:20:8f:81:0b:
96:56:7c:04:fe:a2:7c:ff:51:56:aa:3a:58:9e:eb:af:7b:55:
56:9e:89:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX05nX/vX2IcjWGbwHjsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NjM2OWUyNzA1Y2I0MzNkYjA2NThhYjY2NmQwOGI2N2Ix
NTUxZGMwHhcNMjYwMzI1MTkwMTEzWhcNMjYwMzI2MTkwMTEzWjAzMTEwLwYDVQQD
Eyg1YzQwYzI2ODZkZjAxOWE5N2E2ZWJhMWZhOWUyYTcwZWFkZjU2NzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqM800ZpeXdA5Q8q7xozd9jgz2dXt
DHAmzj6F8kfQxXQ2Ae2wUAbis2km4ikRB8AWe/5KK8MFj17TDw6LxbnA4fxGznwu
sRGo5TKpYxTgcbyYl3Qi8qy26E5ctR+OYQdQr1Tv5Vd53tFsVwX8TKircrLl7Cfp
VYpAzY2Lm5ePVTpuIEydZYKGAXpWdC49NgWHKP2EzPBf+lQx7a3Oi+uttAru5vGS
RSNmoC6BssOgrdP4EjG7CqbxSHYWsLCN6QS+K+zMzlhf0+18+VQx4SFPj171YCYF
7PPh4IkoenISk52IlAdkWNK9BSxblt2s14UhgDT8ncNhnRQql0kRBakNQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxAwmht8Bmpem66H6nipw6t9WdOMB8GA1UdIwQY
MBaAFAZjaeJwXLQz2wZYq2ZtCLZ7FVHcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm1OcDRuQmN0RFBiQmxpclptMEl0bnNWVWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC82NGU0OWEtNWZlMS00NWMyLTgzMTAt
MzRhOWU5OGE1Zjg2LzEvQm1OcDRuQmN0RFBiQmxpclptMEl0bnNWVWR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC82NGU0OWEtNWZlMS00NWMyLTgzMTAtMzRhOWU5OGE1Zjg2
LzEvQm1OcDRuQmN0RFBiQmxpclptMEl0bnNWVWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHOGw8Pnk
o7ERZsS4poMDsWpbCzLRournAwPEtR6p1s0UuqNmwJox7Fcev5hw6aXaVda4kq1j
0Ji/jsOAOJE6aSblUMRVc9Wgi4AGmbfbQEKu4/ITeKUgbCxEwqBqZgGEyJ3AgYS5
mwCjNcsl5jACsRYOOabb3BxWZUBI0c7HyO9voDCf8aF+7aqset223ctdJYW6QjzE
Ei2AxQDxJy1xFqtMBnJfomSJ9m5T1uW6DzgZs8BNfMDEl2y7+TEbl+oSF0IFLr6m
kdyw6CqNq9IaqRs/M11hjRrhDivmVGNj7X+agZ8PoWAgj4ELllZ8BP6ifP9RVqo6
WJ7rr3tVVp6JkA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:23:23 2026 by rpki-client