Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/245e1a-0612-4596-a95a-9df72530b669/1/bdLO01LwH3613HYZ7XFMa2pceR4.mft
File: bdLO01LwH3613HYZ7XFMa2pceR4.mft (raw, json)
Hash identifier: yo/3KSmXXXCwouWcJTduTKubSujzHOXvEB3ESWq5CDg=
Subject key identifier: 89:9F:E1:7C:EF:C8:D0:CC:DC:99:1B:C0:C8:96:22:E3:32:B3:DA:54
Authority key identifier: 6D:D2:CE:D3:52:F0:1F:7E:B5:DC:76:19:ED:71:4C:6B:6A:5C:79:1E
Certificate issuer: /CN=6dd2ced352f01f7eb5dc7619ed714c6b6a5c791e
Certificate serial: 0199FBEC08BD01CBB58B534C44DE89A98453
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bdLO01LwH3613HYZ7XFMa2pceR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/245e1a-0612-4596-a95a-9df72530b669/1/bdLO01LwH3613HYZ7XFMa2pceR4.mft
Manifest number: 02DF
Signing time: Sun 19 Oct 2025 10:02:53 +0000
Manifest this update: Sun 19 Oct 2025 10:02:53 +0000
Manifest next update: Mon 20 Oct 2025 10:02:53 +0000
Files and hashes: 1: bdLO01LwH3613HYZ7XFMa2pceR4.crl (hash: qb/g412QuslW1UTkcDOyZpm3czA32H20xWpo1KmwcRM=)
2: ldaG2ZtwFXa0D8MT2zJfF9j3gsg.roa (hash: Iho31engw2p2ICkoCri0OTvpMAFdFfQ9ZJ+brUIBG2M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/245e1a-0612-4596-a95a-9df72530b669/1/bdLO01LwH3613HYZ7XFMa2pceR4.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/245e1a-0612-4596-a95a-9df72530b669/1/bdLO01LwH3613HYZ7XFMa2pceR4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bdLO01LwH3613HYZ7XFMa2pceR4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:02:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:ec:08:bd:01:cb:b5:8b:53:4c:44:de:89:a9:84:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dd2ced352f01f7eb5dc7619ed714c6b6a5c791e
Validity
Not Before: Oct 19 10:02:53 2025 GMT
Not After : Oct 20 10:02:53 2025 GMT
Subject: CN=899fe17cefc8d0ccdc991bc0c89622e332b3da54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:be:e0:4a:7c:8c:ca:f2:15:ff:0b:c0:cb:a6:
a9:85:92:4d:30:72:a1:e4:08:5c:e9:f9:8f:9d:ed:
91:75:1a:bf:8a:59:72:e1:3a:b1:18:30:1c:e9:43:
2b:6c:a7:74:c2:82:4f:7a:7e:bb:a0:93:62:fe:f4:
6f:cc:af:ec:9e:81:8d:1d:1a:76:7b:d0:3d:97:f1:
d4:75:ea:ff:6a:e6:58:50:ce:7d:4c:3a:0b:91:45:
f4:c1:5e:b2:0e:fe:6c:62:0b:be:69:5e:1f:1b:de:
fd:f0:60:fe:86:3f:96:a6:e8:e5:87:d6:21:22:1a:
bd:74:48:8a:32:b4:9f:e1:d5:d2:f2:80:79:84:6f:
d4:0c:bf:15:64:57:81:50:de:74:42:da:92:71:ea:
85:79:60:d5:d6:ec:0c:f5:c6:8d:d2:b4:d7:3c:09:
5c:42:26:b5:17:ca:22:a0:fb:ff:5d:d3:df:c6:d5:
d6:ed:db:58:e9:69:df:c6:bb:66:62:24:ec:c9:2c:
8a:dc:11:90:39:47:63:28:2f:04:d1:c7:09:78:83:
ab:9b:6b:06:a2:4e:a6:c8:c2:ef:6c:9b:7e:d2:f1:
ab:8c:a5:c9:35:f9:7a:f6:32:05:cd:95:ed:79:28:
fd:f2:e4:6d:b0:97:a6:86:17:6b:20:fb:d7:26:97:
f9:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:9F:E1:7C:EF:C8:D0:CC:DC:99:1B:C0:C8:96:22:E3:32:B3:DA:54
X509v3 Authority Key Identifier:
keyid:6D:D2:CE:D3:52:F0:1F:7E:B5:DC:76:19:ED:71:4C:6B:6A:5C:79:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdLO01LwH3613HYZ7XFMa2pceR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/245e1a-0612-4596-a95a-9df72530b669/1/bdLO01LwH3613HYZ7XFMa2pceR4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/245e1a-0612-4596-a95a-9df72530b669/1/bdLO01LwH3613HYZ7XFMa2pceR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:86:b7:bf:58:c2:d8:ab:60:71:d0:94:c8:4a:81:56:db:ce:
fa:18:ad:b4:0c:e1:6b:1a:2a:80:f3:39:f3:d8:44:01:63:f4:
84:59:54:ef:28:bb:89:56:d3:fb:0c:63:00:5e:6d:5b:ec:e3:
69:5e:02:1f:88:e8:66:41:aa:86:11:10:2d:0f:c6:fc:98:fb:
4d:ac:d4:ac:b8:2d:6b:4c:56:d0:6e:63:cd:37:db:37:cf:95:
56:a2:11:9b:3f:4f:7d:3d:23:93:09:7f:a1:07:01:7a:8a:08:
12:97:9a:3b:5f:7b:8b:51:77:7b:62:00:e1:16:93:8c:c6:45:
58:40:dd:2b:64:94:6f:1e:57:14:1a:67:a3:a5:bf:c3:89:ee:
82:55:49:db:f6:53:d1:c3:3d:31:2d:3e:d8:04:e3:56:2c:77:
7d:5c:56:24:98:6b:bd:4b:10:78:39:68:14:50:ad:8e:6d:e0:
c1:63:86:0c:c9:54:34:c2:a2:a6:56:2e:3b:cd:38:4d:80:61:
97:f9:06:a3:91:f5:0d:bb:83:e0:2c:7b:8b:fe:9a:fb:e9:0f:
0d:5a:09:e9:5d:42:56:a9:fc:29:cc:2e:98:b8:1d:83:9f:32:
0e:b6:66:80:e0:2a:af:a2:33:a6:c8:01:d6:60:ad:6c:80:4a:
51:db:2e:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77Ai9Acu1i1NMRN6JqYRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZDJjZWQzNTJmMDFmN2ViNWRjNzYxOWVkNzE0YzZiNmE1
Yzc5MWUwHhcNMjUxMDE5MTAwMjUzWhcNMjUxMDIwMTAwMjUzWjAzMTEwLwYDVQQD
Eyg4OTlmZTE3Y2VmYzhkMGNjZGM5OTFiYzBjODk2MjJlMzMyYjNkYTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2r7gSnyMyvIV/wvAy6aphZJNMHKh
5Ahc6fmPne2RdRq/illy4TqxGDAc6UMrbKd0woJPen67oJNi/vRvzK/snoGNHRp2
e9A9l/HUder/auZYUM59TDoLkUX0wV6yDv5sYgu+aV4fG9798GD+hj+Wpujlh9Yh
Ihq9dEiKMrSf4dXS8oB5hG/UDL8VZFeBUN50QtqSceqFeWDV1uwM9caN0rTXPAlc
Qia1F8oioPv/XdPfxtXW7dtY6WnfxrtmYiTsySyK3BGQOUdjKC8E0ccJeIOrm2sG
ok6myMLvbJt+0vGrjKXJNfl69jIFzZXteSj98uRtsJemhhdrIPvXJpf5UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFImf4XzvyNDM3JkbwMiWIuMys9pUMB8GA1UdIwQY
MBaAFG3SztNS8B9+tdx2Ge1xTGtqXHkeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRMTzAxTHdIMzYxM0hZWjdYRk1hMnBjZVI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8yNDVlMWEtMDYxMi00NTk2LWE5NWEt
OWRmNzI1MzBiNjY5LzEvYmRMTzAxTHdIMzYxM0hZWjdYRk1hMnBjZVI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8yNDVlMWEtMDYxMi00NTk2LWE5NWEtOWRmNzI1MzBiNjY5
LzEvYmRMTzAxTHdIMzYxM0hZWjdYRk1hMnBjZVI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACYa3v1jC
2KtgcdCUyEqBVtvO+hittAzhaxoqgPM589hEAWP0hFlU7yi7iVbT+wxjAF5tW+zj
aV4CH4joZkGqhhEQLQ/G/Jj7TazUrLgta0xW0G5jzTfbN8+VVqIRmz9PfT0jkwl/
oQcBeooIEpeaO197i1F3e2IA4RaTjMZFWEDdK2SUbx5XFBpno6W/w4nuglVJ2/ZT
0cM9MS0+2ATjVix3fVxWJJhrvUsQeDloFFCtjm3gwWOGDMlUNMKiplYuO804TYBh
l/kGo5H1DbuD4Cx7i/6a++kPDVoJ6V1CVqn8KcwumLgdg58yDrZmgOAqr6IzpsgB
1mCtbIBKUdsukg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:39:43 2025 by rpki-client