Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft
File: bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft (raw, json)
Hash identifier: UcvPue3f2IDlmfB8iSvVQ6CdY8H0Xq+t+kCBv8yppqY=
Subject key identifier: 22:BE:8C:B4:94:21:FF:2E:50:23:E3:A1:F9:C4:94:4A:3A:0A:9E:CF
Authority key identifier: 6C:B8:50:DE:B2:8B:DB:2F:65:5E:2F:1B:02:D3:7C:13:C6:D4:34:52
Certificate issuer: /CN=6cb850deb28bdb2f655e2f1b02d37c13c6d43452
Certificate serial: 019A025A0EC2FD5D773E660EBEFB047509F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft
Manifest number: 0472
Signing time: Mon 20 Oct 2025 16:00:47 +0000
Manifest this update: Mon 20 Oct 2025 16:00:47 +0000
Manifest next update: Tue 21 Oct 2025 16:00:47 +0000
Files and hashes: 1: bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl (hash: 146scWWLHCABe4Vmnq/kb1OOTnj1rk2lb1NS29lz5wk=)
2: xfuYQjKIwNsH8n8qNl-5nn5swlA.roa (hash: EURGAPm/xAIC/hIpJIK0VPaCfzGhmdAUIaI/It3KKIY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft
rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:5a:0e:c2:fd:5d:77:3e:66:0e:be:fb:04:75:09:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb850deb28bdb2f655e2f1b02d37c13c6d43452
Validity
Not Before: Oct 20 16:00:47 2025 GMT
Not After : Oct 21 16:00:47 2025 GMT
Subject: CN=22be8cb49421ff2e5023e3a1f9c4944a3a0a9ecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d4:dc:d8:d8:d9:f2:44:e6:99:a6:3c:32:85:
90:18:3b:81:89:53:94:56:0a:d8:d0:42:bd:a9:cb:
15:48:7a:5d:54:3f:f3:73:37:e8:7c:0b:e4:c8:57:
15:5e:50:92:da:0d:63:67:66:17:ac:0f:80:60:66:
d0:a0:fa:2e:29:9e:b6:7b:7a:76:fb:d7:83:e9:b4:
5c:95:0b:1b:f8:b8:64:fb:61:eb:0a:fd:f9:90:c5:
11:65:dd:6e:73:1a:aa:b1:e6:57:68:d3:57:d2:3b:
24:ab:73:df:27:bb:69:2e:95:1d:05:a1:72:df:af:
71:e8:89:6e:a5:4d:75:95:6d:e1:ae:ee:a1:23:d1:
41:25:0e:38:8b:21:cc:8e:65:49:95:b6:c2:a7:75:
02:45:ef:50:69:fb:e0:4c:86:4c:37:37:b3:35:4e:
fa:f6:85:ff:f5:6f:35:92:bb:8a:33:49:88:94:b8:
c7:2f:69:ea:81:d8:39:e1:82:72:3c:59:09:12:37:
bc:64:97:e4:1b:b7:41:48:6f:f8:8a:96:5a:75:be:
0d:31:33:4f:e3:5b:50:e0:d2:74:fd:94:93:2d:f8:
46:89:32:cd:97:ee:67:93:ae:08:b8:7a:e4:8c:22:
55:43:d9:7e:35:b5:f4:0b:66:80:71:3f:0f:d9:6d:
95:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:BE:8C:B4:94:21:FF:2E:50:23:E3:A1:F9:C4:94:4A:3A:0A:9E:CF
X509v3 Authority Key Identifier:
keyid:6C:B8:50:DE:B2:8B:DB:2F:65:5E:2F:1B:02:D3:7C:13:C6:D4:34:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:97:11:fb:69:ba:48:32:77:5c:c7:5d:ca:b2:94:73:7f:e7:
b1:0e:d3:8a:ed:cb:c2:fd:c4:ff:89:e3:1e:fb:db:ac:78:35:
e2:d9:fe:3f:0f:c6:5c:9c:bf:39:8e:1a:1a:b3:2f:0e:8c:b5:
29:59:a2:27:ea:2b:68:85:f1:02:98:b9:cf:5f:11:02:cf:13:
4a:fc:1a:4c:d8:39:ae:17:1f:c0:15:27:09:c9:06:0c:6e:19:
c5:86:6a:d5:fb:cf:1e:fc:cc:49:46:1b:9a:fb:d8:89:ab:1e:
e7:66:90:b7:11:16:26:dc:a0:bf:dc:0a:6d:43:61:57:a4:35:
c9:47:4a:bf:19:b4:92:af:bb:fd:ec:76:09:e2:3f:95:c8:c6:
9e:b8:d8:2b:3a:49:c6:05:01:58:00:65:d3:70:a9:bb:55:06:
2f:6f:13:8a:f5:ee:0f:90:e0:ec:0f:d2:89:8b:86:2e:5d:78:
df:28:38:30:f6:96:87:9b:fa:c2:c2:db:4a:ea:d0:3f:79:0e:
55:b8:4d:ab:77:c7:1a:7b:9a:8f:d0:ac:ff:5e:3d:fc:6a:f3:
cd:a5:8d:88:86:36:6c:8e:02:0d:5e:63:0e:ec:d3:25:25:24:
b8:86:73:86:46:08:dd:89:05:c7:74:5c:3c:41:db:6f:67:3f:
25:4b:23:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCWg7C/V13PmYOvvsEdQn1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjg1MGRlYjI4YmRiMmY2NTVlMmYxYjAyZDM3YzEzYzZk
NDM0NTIwHhcNMjUxMDIwMTYwMDQ3WhcNMjUxMDIxMTYwMDQ3WjAzMTEwLwYDVQQD
EygyMmJlOGNiNDk0MjFmZjJlNTAyM2UzYTFmOWM0OTQ0YTNhMGE5ZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtTc2NjZ8kTmmaY8MoWQGDuBiVOU
VgrY0EK9qcsVSHpdVD/zczfofAvkyFcVXlCS2g1jZ2YXrA+AYGbQoPouKZ62e3p2
+9eD6bRclQsb+Lhk+2HrCv35kMURZd1ucxqqseZXaNNX0jskq3PfJ7tpLpUdBaFy
369x6IlupU11lW3hru6hI9FBJQ44iyHMjmVJlbbCp3UCRe9QafvgTIZMNzezNU76
9oX/9W81kruKM0mIlLjHL2nqgdg54YJyPFkJEje8ZJfkG7dBSG/4ipZadb4NMTNP
41tQ4NJ0/ZSTLfhGiTLNl+5nk64IuHrkjCJVQ9l+NbX0C2aAcT8P2W2VUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCK+jLSUIf8uUCPjofnElEo6Cp7PMB8GA1UdIwQY
MBaAFGy4UN6yi9svZV4vGwLTfBPG1DRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iMmQ3MGQtNDk1My00ZDYxLWI4Yzkt
ODhiMmQyY2Y3YzMxLzEvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9iMmQ3MGQtNDk1My00ZDYxLWI4YzktODhiMmQyY2Y3YzMx
LzEvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo5cR+2m6
SDJ3XMddyrKUc3/nsQ7Tiu3Lwv3E/4njHvvbrHg14tn+Pw/GXJy/OY4aGrMvDoy1
KVmiJ+oraIXxApi5z18RAs8TSvwaTNg5rhcfwBUnCckGDG4ZxYZq1fvPHvzMSUYb
mvvYiase52aQtxEWJtygv9wKbUNhV6Q1yUdKvxm0kq+7/ex2CeI/lcjGnrjYKzpJ
xgUBWABl03Cpu1UGL28TivXuD5Dg7A/SiYuGLl143yg4MPaWh5v6wsLbSurQP3kO
VbhNq3fHGnuaj9Cs/149/GrzzaWNiIY2bI4CDV5jDuzTJSUkuIZzhkYI3YkFx3Rc
PEHbb2c/JUsjGQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:53:29 2025 by rpki-client