Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
File: BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft (raw, json)
Hash identifier: 5kpc2Un5+DB8NC3db6+D9MuC42fidc+GqYRSl62ZD3c=
Subject key identifier: 7E:68:93:17:28:2A:12:D3:8C:9D:24:31:E7:95:BB:B2:01:C7:59:E2
Authority key identifier: 04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
Certificate issuer: /CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Certificate serial: 0198D6297D453CAF62F2D699B1B39D7B0398
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
Manifest number: 1E
Signing time: Sat 23 Aug 2025 09:01:39 +0000
Manifest this update: Sat 23 Aug 2025 09:01:39 +0000
Manifest next update: Sun 24 Aug 2025 09:01:39 +0000
Files and hashes: 1: BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl (hash: TEN8RTF8rRIdwKjZHw0rsIHXaO6CkcrIRwUCB/QF9KE=)
2: SKma3lJH_nMIY0Jk_dGXIETBqnk.roa (hash: UvrsRqXxi0T7Fu2Z9LEfglN30LChbDf1sZ63pwOaTP8=)
3: YDrJUaM078njYLujsFOLBuJi-Ak.roa (hash: ynnnM4zonEkcKprGHH1eGlvVH9BFKbrOufYcESLz12A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:29:7d:45:3c:af:62:f2:d6:99:b1:b3:9d:7b:03:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Validity
Not Before: Aug 23 09:01:39 2025 GMT
Not After : Aug 24 09:01:39 2025 GMT
Subject: CN=7e689317282a12d38c9d2431e795bbb201c759e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:98:87:5f:3f:22:45:74:5f:52:30:f0:28:96:
62:18:a7:71:8f:b2:24:97:60:c5:ca:87:4d:da:7e:
46:2e:a8:b9:71:2d:8c:f1:cf:53:6a:0a:1a:e1:c9:
07:15:5a:24:36:5f:d6:6f:d5:9f:77:32:36:1a:fc:
2c:36:75:9e:1c:cb:b6:24:ff:6b:0e:69:9d:5f:25:
e3:ae:38:f6:ed:21:8c:6d:57:8a:b2:91:c7:8b:87:
39:30:4d:a8:51:0c:db:a1:1e:72:be:c7:75:ec:68:
80:a3:44:3d:af:aa:fe:1f:e3:a9:f4:72:dd:e9:20:
9d:26:16:e2:f0:3f:64:02:61:a9:ad:4c:1f:86:b6:
da:42:fe:da:28:3d:6f:71:53:65:34:74:4c:eb:98:
a8:d5:14:2b:2d:c5:47:5c:e0:86:39:f6:94:6a:d1:
5e:95:fa:65:82:a0:97:83:9c:c2:b0:14:b0:32:3d:
98:12:6f:a4:3e:5c:4a:68:7f:1b:b9:8d:08:ea:3c:
42:96:0e:69:db:36:0d:49:0a:c1:be:ec:0e:e0:92:
f5:af:94:77:8b:ed:90:81:18:d1:24:69:b5:4b:e9:
32:3a:9f:c6:67:8a:fb:08:4a:2a:a1:e1:8a:b8:e9:
b4:4a:cb:20:9d:55:c9:17:a5:26:4a:e1:f7:a3:17:
ad:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:68:93:17:28:2A:12:D3:8C:9D:24:31:E7:95:BB:B2:01:C7:59:E2
X509v3 Authority Key Identifier:
keyid:04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:b3:96:cb:df:08:15:c8:e7:d0:22:e6:fd:8f:28:04:19:05:
81:e4:d9:ea:34:69:22:03:91:8a:ff:59:51:ad:7e:d1:72:dd:
cf:e5:b3:34:b6:a0:a0:80:c6:a9:97:29:58:a6:4d:d8:3a:86:
0d:41:5c:d3:f0:c0:c3:79:d2:52:40:ba:e9:be:c6:15:cd:0a:
85:20:23:46:81:f1:ce:ba:11:1d:03:dc:18:c9:3e:95:5f:06:
59:ba:65:f5:79:d6:76:48:ea:3d:d2:29:a4:81:f2:4d:11:2a:
8b:38:ea:71:0a:d4:75:52:10:fd:9d:10:df:26:89:09:2e:22:
96:19:50:71:3e:a5:e8:b2:c8:cd:b3:5f:7f:e3:dc:53:b0:96:
33:03:49:c0:27:75:86:b5:ed:7b:c0:7d:33:7a:c4:05:86:b6:
b7:89:46:cd:21:6f:ea:ef:04:bd:eb:89:d4:e9:8c:1a:44:b6:
dc:07:80:3f:ae:d9:16:d3:8c:78:f1:3a:4f:2f:b5:35:52:45:
d1:ef:8e:ba:73:22:7f:44:02:f1:c7:80:48:4f:3e:f1:8b:d3:
d6:47:0a:93:66:ff:73:90:f9:8b:6b:56:8d:db:e5:e8:51:21:
4d:13:b3:7d:1f:4b:3d:c4:f4:33:3c:2b:ca:53:70:e2:98:13:
09:09:58:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWKX1FPK9i8taZsbOdewOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NzE4ODE3NzhhMWUxMmY2ZDk3YzUyODhlZmQ0Y2I5NTYz
ZDFkNDkwHhcNMjUwODIzMDkwMTM5WhcNMjUwODI0MDkwMTM5WjAzMTEwLwYDVQQD
Eyg3ZTY4OTMxNzI4MmExMmQzOGM5ZDI0MzFlNzk1YmJiMjAxYzc1OWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5iHXz8iRXRfUjDwKJZiGKdxj7Ik
l2DFyodN2n5GLqi5cS2M8c9Tagoa4ckHFVokNl/Wb9WfdzI2GvwsNnWeHMu2JP9r
DmmdXyXjrjj27SGMbVeKspHHi4c5ME2oUQzboR5yvsd17GiAo0Q9r6r+H+Op9HLd
6SCdJhbi8D9kAmGprUwfhrbaQv7aKD1vcVNlNHRM65io1RQrLcVHXOCGOfaUatFe
lfplgqCXg5zCsBSwMj2YEm+kPlxKaH8buY0I6jxClg5p2zYNSQrBvuwO4JL1r5R3
i+2QgRjRJGm1S+kyOp/GZ4r7CEoqoeGKuOm0SssgnVXJF6UmSuH3oxetSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH5okxcoKhLTjJ0kMeeVu7IBx1niMB8GA1UdIwQY
MBaAFARxiBd4oeEvbZfFKI79TLlWPR1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgt
NDJlYTQ3YjEyNTM3LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgtNDJlYTQ3YjEyNTM3
LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlbOWy98I
Fcjn0CLm/Y8oBBkFgeTZ6jRpIgORiv9ZUa1+0XLdz+WzNLagoIDGqZcpWKZN2DqG
DUFc0/DAw3nSUkC66b7GFc0KhSAjRoHxzroRHQPcGMk+lV8GWbpl9XnWdkjqPdIp
pIHyTREqizjqcQrUdVIQ/Z0Q3yaJCS4ilhlQcT6l6LLIzbNff+PcU7CWMwNJwCd1
hrXte8B9M3rEBYa2t4lGzSFv6u8EveuJ1OmMGkS23AeAP67ZFtOMePE6Ty+1NVJF
0e+OunMif0QC8ceASE8+8YvT1kcKk2b/c5D5i2tWjdvl6FEhTROzfR9LPcT0Mzwr
ylNw4pgTCQlYqg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:07:27 2025 by rpki-client