Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
File: BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft (raw, json)
Hash identifier: KeuxQdSKz8/MbvPm6134C9KiTA2LvGpuNpNCPRHysjY=
Subject key identifier: 99:48:99:BD:81:F8:21:37:49:A3:E9:DB:1D:92:FE:D1:DB:72:A8:B9
Authority key identifier: 04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
Certificate issuer: /CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Certificate serial: 0199FF5984AB2FE00C5528588CB65C8203A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
Manifest number: B8
Signing time: Mon 20 Oct 2025 02:01:20 +0000
Manifest this update: Mon 20 Oct 2025 02:01:20 +0000
Manifest next update: Tue 21 Oct 2025 02:01:20 +0000
Files and hashes: 1: BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl (hash: zyz5XBCSQjxNbJDBBLGcZ6M9qZ9cYUm7IR+JjP08Wuo=)
2: SKma3lJH_nMIY0Jk_dGXIETBqnk.roa (hash: UvrsRqXxi0T7Fu2Z9LEfglN30LChbDf1sZ63pwOaTP8=)
3: YDrJUaM078njYLujsFOLBuJi-Ak.roa (hash: ynnnM4zonEkcKprGHH1eGlvVH9BFKbrOufYcESLz12A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:59:84:ab:2f:e0:0c:55:28:58:8c:b6:5c:82:03:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Validity
Not Before: Oct 20 02:01:20 2025 GMT
Not After : Oct 21 02:01:20 2025 GMT
Subject: CN=994899bd81f8213749a3e9db1d92fed1db72a8b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:4f:a4:d2:35:47:cc:a2:62:cb:00:1a:a3:35:
7c:e8:fb:f5:2e:98:62:4b:ff:95:ca:67:3f:5d:09:
c3:15:6d:24:a2:86:99:c2:30:e2:b4:92:c7:f7:20:
fc:6c:3d:99:c5:52:1f:6e:65:5c:be:f6:f2:43:4c:
dd:b0:de:29:84:a8:0e:7f:60:e0:91:f8:71:52:1d:
90:59:7a:a8:6e:80:87:3a:a5:19:cf:41:81:9f:f7:
6e:49:6a:37:fd:4a:51:4b:9f:82:2a:cb:c7:63:73:
ba:bb:6c:29:3d:e6:27:0b:71:5d:e8:a5:fd:e4:62:
9b:6a:54:94:80:7c:7d:de:29:21:60:e4:f9:0c:4c:
7c:3f:85:35:a8:91:5d:74:97:97:34:71:00:b7:65:
7d:55:b9:41:0e:db:97:f2:15:57:d0:b0:35:3f:de:
46:54:ca:98:28:30:4c:1a:da:b4:71:20:2b:a3:a5:
59:7d:98:cc:73:39:d6:15:9b:a8:57:57:5f:c8:91:
26:a5:6b:c8:8a:a9:81:02:84:2f:aa:8c:15:14:0b:
02:8f:00:ab:21:75:bd:0f:ab:ae:e5:9f:07:e3:c8:
97:2e:b6:f4:6b:26:01:1b:47:c7:30:b3:57:04:c5:
16:7b:49:e6:d0:9c:29:56:c0:1d:5f:bb:99:e2:f8:
94:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:48:99:BD:81:F8:21:37:49:A3:E9:DB:1D:92:FE:D1:DB:72:A8:B9
X509v3 Authority Key Identifier:
keyid:04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c4:c1:42:e5:b8:f6:d1:ac:7d:59:48:41:e3:80:85:4a:5e:a7:
b2:09:fa:61:96:52:16:e3:0f:a9:13:d9:49:6b:93:d5:70:8b:
30:b4:20:6a:7c:d3:4c:b9:46:f4:04:f9:e9:92:25:ec:f5:50:
83:bb:db:9d:02:99:ba:5a:f1:b5:33:72:0f:f0:66:35:e8:39:
cd:76:87:57:58:18:24:04:4b:79:e1:dd:8a:c3:f7:72:b3:cb:
9e:37:10:19:84:6c:0c:26:9a:18:fa:9a:4b:e3:ca:bc:e6:b7:
d8:fc:e4:f1:1a:9f:db:78:f0:34:04:dd:3b:76:86:ed:07:db:
8a:52:e1:36:fe:e8:78:e2:ee:85:76:cb:c9:41:b5:d5:2a:06:
7f:93:72:76:ad:45:6d:b1:d1:8c:48:3e:9d:e4:76:a6:0b:e7:
ea:c8:6e:6e:63:52:89:3f:3f:a0:58:10:53:72:69:a3:a1:bd:
fd:bd:c0:70:09:c7:4d:ee:af:b1:57:ff:6a:0b:b7:ff:54:48:
13:5b:dc:bc:b7:ce:04:82:95:3d:0e:22:fe:80:9f:b4:63:6c:
ee:1a:0f:30:88:ec:17:d9:e0:d1:30:cc:71:37:39:35:12:d9:
3b:01:f9:ae:2c:5c:71:70:fa:b3:f6:f7:24:6c:2a:08:35:86:
bf:d3:f7:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/WYSrL+AMVShYjLZcggOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NzE4ODE3NzhhMWUxMmY2ZDk3YzUyODhlZmQ0Y2I5NTYz
ZDFkNDkwHhcNMjUxMDIwMDIwMTIwWhcNMjUxMDIxMDIwMTIwWjAzMTEwLwYDVQQD
Eyg5OTQ4OTliZDgxZjgyMTM3NDlhM2U5ZGIxZDkyZmVkMWRiNzJhOGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6k+k0jVHzKJiywAaozV86Pv1Lphi
S/+Vymc/XQnDFW0kooaZwjDitJLH9yD8bD2ZxVIfbmVcvvbyQ0zdsN4phKgOf2Dg
kfhxUh2QWXqoboCHOqUZz0GBn/duSWo3/UpRS5+CKsvHY3O6u2wpPeYnC3Fd6KX9
5GKbalSUgHx93ikhYOT5DEx8P4U1qJFddJeXNHEAt2V9VblBDtuX8hVX0LA1P95G
VMqYKDBMGtq0cSAro6VZfZjMcznWFZuoV1dfyJEmpWvIiqmBAoQvqowVFAsCjwCr
IXW9D6uu5Z8H48iXLrb0ayYBG0fHMLNXBMUWe0nm0JwpVsAdX7uZ4viUtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJlImb2B+CE3SaPp2x2S/tHbcqi5MB8GA1UdIwQY
MBaAFARxiBd4oeEvbZfFKI79TLlWPR1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgt
NDJlYTQ3YjEyNTM3LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgtNDJlYTQ3YjEyNTM3
LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxMFC5bj2
0ax9WUhB44CFSl6nsgn6YZZSFuMPqRPZSWuT1XCLMLQganzTTLlG9AT56ZIl7PVQ
g7vbnQKZulrxtTNyD/BmNeg5zXaHV1gYJARLeeHdisP3crPLnjcQGYRsDCaaGPqa
S+PKvOa32Pzk8Rqf23jwNATdO3aG7QfbilLhNv7oeOLuhXbLyUG11SoGf5Nydq1F
bbHRjEg+neR2pgvn6shubmNSiT8/oFgQU3Jpo6G9/b3AcAnHTe6vsVf/agu3/1RI
E1vcvLfOBIKVPQ4i/oCftGNs7hoPMIjsF9ng0TDMcTc5NRLZOwH5rixccXD6s/b3
JGwqCDWGv9P3jg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:27:30 2025 by rpki-client