Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/BDqcNdnhovTTSnVPom0gNleEchg.mft
File: BDqcNdnhovTTSnVPom0gNleEchg.mft (raw, json)
Hash identifier: e0PNZ6K7Ql2Bs4U+Au+9aItwYDYM8owKo+f+T5uRGEc=
Subject key identifier: BE:3A:E0:1E:31:32:F9:35:EC:15:F2:2B:32:C3:EB:D8:D1:45:2A:15
Authority key identifier: 04:3A:9C:35:D9:E1:A2:F4:D3:4A:75:4F:A2:6D:20:36:57:84:72:18
Certificate issuer: /CN=043a9c35d9e1a2f4d34a754fa26d203657847218
Certificate serial: 019D28BBBEF6B49AB6016AAA99BA225D830F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BDqcNdnhovTTSnVPom0gNleEchg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/BDqcNdnhovTTSnVPom0gNleEchg.mft
Manifest number: 16C0
Signing time: Thu 26 Mar 2026 06:01:25 +0000
Manifest this update: Thu 26 Mar 2026 06:01:25 +0000
Manifest next update: Fri 27 Mar 2026 06:01:25 +0000
Files and hashes: 1: BDqcNdnhovTTSnVPom0gNleEchg.crl (hash: TC13dsJfNkMYJsuZjXEuATscFYK4qvPTjG98SVd3eK8=)
2: lTfd7GgHfFfG-NrFVv4P-oURL84.roa (hash: flnE10R0DAa5/66iQpSm47J0K/6sHRptDOR5dGtHv+k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/BDqcNdnhovTTSnVPom0gNleEchg.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/BDqcNdnhovTTSnVPom0gNleEchg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BDqcNdnhovTTSnVPom0gNleEchg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:be:f6:b4:9a:b6:01:6a:aa:99:ba:22:5d:83:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=043a9c35d9e1a2f4d34a754fa26d203657847218
Validity
Not Before: Mar 26 06:01:25 2026 GMT
Not After : Mar 27 06:01:25 2026 GMT
Subject: CN=be3ae01e3132f935ec15f22b32c3ebd8d1452a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:b5:ff:5d:b8:bc:67:0b:5e:40:70:68:81:4b:
a6:b2:7c:6b:4a:cd:88:0e:49:21:91:33:b3:83:01:
46:ab:3f:a5:fb:86:32:ec:a5:00:47:08:31:f8:38:
82:33:c8:e2:79:92:ab:16:73:8f:d3:8d:0f:ed:5c:
45:63:af:bb:2d:58:15:69:cb:b7:79:74:23:d5:6c:
3d:b0:34:01:e3:ce:cd:c0:7a:c2:f9:eb:cf:91:e0:
57:91:46:56:c7:dc:63:9b:db:6a:c9:4b:9d:a8:48:
b7:e4:74:5a:b2:f9:b7:13:b5:88:b2:db:1f:ca:4e:
e7:ba:42:22:2c:e3:8c:8a:5b:e6:ba:81:bc:65:68:
9d:72:4a:18:4c:6f:c9:df:26:31:dc:bd:77:54:95:
77:18:59:5f:92:f4:68:54:98:d0:21:31:86:a0:dc:
63:4e:05:b9:23:96:f2:99:e2:9d:c4:b4:d3:11:a0:
e2:4a:cb:e4:27:07:05:ab:d5:33:a8:de:eb:35:68:
cf:74:e9:bb:aa:5d:2b:71:ae:7f:96:4f:13:f5:de:
64:60:16:6a:dc:67:cb:65:8f:7a:c8:d9:2d:7b:1e:
6b:8b:52:97:f5:7d:1f:7c:72:06:c8:5c:49:b4:fe:
d7:a3:e1:44:74:06:de:99:60:54:7e:a4:5d:ed:46:
17:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:3A:E0:1E:31:32:F9:35:EC:15:F2:2B:32:C3:EB:D8:D1:45:2A:15
X509v3 Authority Key Identifier:
keyid:04:3A:9C:35:D9:E1:A2:F4:D3:4A:75:4F:A2:6D:20:36:57:84:72:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BDqcNdnhovTTSnVPom0gNleEchg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/BDqcNdnhovTTSnVPom0gNleEchg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/BDqcNdnhovTTSnVPom0gNleEchg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:09:53:28:78:5c:1c:9c:11:49:b1:07:ce:c3:36:50:b4:fd:
8e:52:9c:77:10:48:37:19:e3:8c:c6:0c:46:f3:8a:d5:0c:06:
8e:79:35:04:f5:9f:19:33:d9:76:4f:89:9d:73:8f:bb:2e:d1:
6e:34:7e:e2:19:15:68:fe:ea:ca:90:25:11:85:9d:6b:fe:c2:
43:9d:9d:dc:4d:75:b4:72:e4:0e:b5:cd:b0:41:06:32:23:c7:
fd:49:ae:dd:8b:72:38:f0:52:d5:29:50:07:47:a2:7a:59:33:
62:30:61:0f:e2:51:71:d6:bd:b2:e3:1d:e1:43:63:e8:7a:4a:
d8:cb:31:e9:6f:64:a3:9a:88:62:e4:67:61:8d:7b:ed:e3:25:
5d:2b:4f:57:21:b2:02:d2:32:66:e1:c6:0c:4a:cf:2b:a0:c8:
59:4d:fc:21:65:7f:6b:1e:be:a1:4e:51:57:c0:7c:88:eb:5f:
ad:a1:08:1e:0b:2f:04:4e:56:e7:cc:01:c3:36:ad:29:3b:ce:
03:8d:a1:31:18:05:93:67:2f:20:53:4f:f8:13:ff:2d:cc:d9:
b8:2c:a8:9f:d8:93:ca:ca:7f:a1:f9:e0:5c:b5:37:4d:0f:44:
dd:51:44:14:f3:2c:80:de:2a:96:45:d3:2d:2f:c0:fd:95:fa:
ed:d9:03:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou772tJq2AWqqmboiXYMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0M2E5YzM1ZDllMWEyZjRkMzRhNzU0ZmEyNmQyMDM2NTc4
NDcyMTgwHhcNMjYwMzI2MDYwMTI1WhcNMjYwMzI3MDYwMTI1WjAzMTEwLwYDVQQD
EyhiZTNhZTAxZTMxMzJmOTM1ZWMxNWYyMmIzMmMzZWJkOGQxNDUyYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7rX/Xbi8ZwteQHBogUumsnxrSs2I
DkkhkTOzgwFGqz+l+4Yy7KUARwgx+DiCM8jieZKrFnOP040P7VxFY6+7LVgVacu3
eXQj1Ww9sDQB487NwHrC+evPkeBXkUZWx9xjm9tqyUudqEi35HRasvm3E7WIstsf
yk7nukIiLOOMilvmuoG8ZWidckoYTG/J3yYx3L13VJV3GFlfkvRoVJjQITGGoNxj
TgW5I5bymeKdxLTTEaDiSsvkJwcFq9UzqN7rNWjPdOm7ql0rca5/lk8T9d5kYBZq
3GfLZY96yNktex5ri1KX9X0ffHIGyFxJtP7Xo+FEdAbemWBUfqRd7UYXgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL464B4xMvk17BXyKzLD69jRRSoVMB8GA1UdIwQY
MBaAFAQ6nDXZ4aL000p1T6JtIDZXhHIYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkRxY05kbmhvdlRUU25WUG9tMGdObGVFY2hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zYjEwNGEtYzAzOS00MmMyLTlmZjEt
ODVjYmQyMDY4ZThmLzEvQkRxY05kbmhvdlRUU25WUG9tMGdObGVFY2hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zYjEwNGEtYzAzOS00MmMyLTlmZjEtODVjYmQyMDY4ZThm
LzEvQkRxY05kbmhvdlRUU25WUG9tMGdObGVFY2hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWwlTKHhc
HJwRSbEHzsM2ULT9jlKcdxBINxnjjMYMRvOK1QwGjnk1BPWfGTPZdk+JnXOPuy7R
bjR+4hkVaP7qypAlEYWda/7CQ52d3E11tHLkDrXNsEEGMiPH/Umu3YtyOPBS1SlQ
B0eielkzYjBhD+JRcda9suMd4UNj6HpK2Msx6W9ko5qIYuRnYY177eMlXStPVyGy
AtIyZuHGDErPK6DIWU38IWV/ax6+oU5RV8B8iOtfraEIHgsvBE5W58wBwzatKTvO
A42hMRgFk2cvIFNP+BP/LczZuCyon9iTysp/ofngXLU3TQ9E3VFEFPMsgN4qlkXT
LS/A/ZX67dkDNg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:51:43 2026 by rpki-client