Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
File: BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft (raw, json)
Hash identifier: n+M2wnV+kZ9jsmIsbRh2U1Tg699iEmMrybrRRMmrd40=
Subject key identifier: AF:DF:01:75:11:0E:F6:DB:ED:5D:EA:F9:D5:A6:39:15:A9:B0:0D:44
Authority key identifier: 04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
Certificate issuer: /CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Certificate serial: 019D27A85ED7C8BAA67D4A5E01328B511A44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
Manifest number: 025B
Signing time: Thu 26 Mar 2026 01:00:38 +0000
Manifest this update: Thu 26 Mar 2026 01:00:38 +0000
Manifest next update: Fri 27 Mar 2026 01:00:38 +0000
Files and hashes: 1: BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl (hash: ajzgViuKHop67FAAjCY+9ZmY+mss9AuWNQwfGvJRftw=)
2: eTOwOWQzkIQMSFcd7XvHaxwHhHg.roa (hash: wPtbDFR3QsqzxzI7/DNrIndvuS59lQkNZu8MuJSmfaE=)
3: hebM_59_tHRwgwIXMubQjV7ZKnA.roa (hash: 67WRXgG1YYYSINNxV4jZ+taQ8P62HynuQpfE/cUxzG0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:a8:5e:d7:c8:ba:a6:7d:4a:5e:01:32:8b:51:1a:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Validity
Not Before: Mar 26 01:00:38 2026 GMT
Not After : Mar 27 01:00:38 2026 GMT
Subject: CN=afdf0175110ef6dbed5deaf9d5a63915a9b00d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:89:e9:9e:0b:df:59:29:83:12:a0:05:17:0b:
df:1c:d0:73:5b:11:da:ac:8e:5b:f7:c0:4e:3f:b0:
cf:64:56:9e:ca:22:b5:f9:ad:20:82:d9:26:49:30:
08:9e:b4:fc:29:ed:73:ff:d9:33:1e:fa:b9:d1:ee:
6c:a2:94:3a:14:dd:28:98:a3:89:41:24:ca:48:66:
6e:cd:77:e9:44:97:ef:ec:87:99:e9:74:c9:05:db:
03:57:6a:5f:78:63:9f:54:a4:38:37:0d:e2:c2:c8:
5a:f6:45:8e:3f:0b:39:73:aa:61:5a:e1:cb:f9:7a:
05:17:ef:1c:40:89:cc:60:0d:6b:b6:ff:75:1c:35:
26:f9:d7:a6:c9:64:97:d0:45:4d:ce:59:77:89:05:
28:3e:05:ab:84:64:b7:4d:e1:4d:ae:73:b9:b4:9a:
cd:63:ac:a0:55:0f:ad:f4:10:88:69:19:c8:fe:af:
46:92:b3:1f:c8:37:57:c6:6c:c2:cb:35:83:9a:13:
2f:e5:9f:46:84:c0:88:bd:a3:b6:cc:70:b0:e8:b9:
1d:ec:e8:f6:7b:54:b9:a4:3b:63:0e:f0:e3:85:41:
b0:22:78:a6:03:a0:a2:ec:7a:da:14:1f:2d:50:d4:
40:0f:85:67:6c:8c:13:ec:e9:46:50:cf:35:07:c2:
a8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:DF:01:75:11:0E:F6:DB:ED:5D:EA:F9:D5:A6:39:15:A9:B0:0D:44
X509v3 Authority Key Identifier:
keyid:04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bf:e8:18:77:86:ff:a6:14:66:40:25:6b:42:1e:84:4f:b9:62:
5a:25:2a:01:f5:38:df:07:4f:0b:89:e1:b0:9e:5a:40:e8:c1:
a2:6f:2d:a4:6a:3e:1c:1d:4e:92:c6:59:0e:dd:8c:76:76:4e:
e3:60:78:f8:94:42:ab:d0:2b:1b:62:df:0d:c7:d9:36:07:0c:
35:ff:8c:ff:0c:2f:a3:26:40:8b:37:5c:e4:88:e9:5f:be:d4:
9a:13:ad:21:3b:e8:2b:a2:d6:6f:bb:e6:1a:ee:1b:05:c4:dc:
5c:62:98:f3:ef:49:34:e2:81:3d:63:1c:5d:ff:01:a6:3d:dc:
1b:47:02:0b:eb:70:ff:24:f4:97:24:19:4b:10:b9:f5:3b:d9:
99:ca:d8:d0:9c:a6:6d:89:ee:d7:ce:05:2c:04:8a:d1:3e:f8:
30:9b:cd:dd:5f:1c:a8:9e:b3:5e:79:07:de:30:a0:8f:6c:99:
ed:7e:68:29:c9:94:18:4f:40:5f:b5:7e:ef:22:bb:cd:fb:fc:
3f:82:66:ce:c0:83:f6:1f:b8:25:44:20:03:dc:57:f3:65:b7:
5f:f6:44:b2:db:3d:b4:cd:ee:21:54:cf:40:c9:70:8e:a1:25:
26:86:45:39:56:47:b5:80:66:c7:f6:9f:86:52:6f:12:ad:76:
0f:35:0f:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqF7XyLqmfUpeATKLURpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NzE4ODE3NzhhMWUxMmY2ZDk3YzUyODhlZmQ0Y2I5NTYz
ZDFkNDkwHhcNMjYwMzI2MDEwMDM4WhcNMjYwMzI3MDEwMDM4WjAzMTEwLwYDVQQD
EyhhZmRmMDE3NTExMGVmNmRiZWQ1ZGVhZjlkNWE2MzkxNWE5YjAwZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4npngvfWSmDEqAFFwvfHNBzWxHa
rI5b98BOP7DPZFaeyiK1+a0ggtkmSTAInrT8Ke1z/9kzHvq50e5sopQ6FN0omKOJ
QSTKSGZuzXfpRJfv7IeZ6XTJBdsDV2pfeGOfVKQ4Nw3iwsha9kWOPws5c6phWuHL
+XoFF+8cQInMYA1rtv91HDUm+demyWSX0EVNzll3iQUoPgWrhGS3TeFNrnO5tJrN
Y6ygVQ+t9BCIaRnI/q9GkrMfyDdXxmzCyzWDmhMv5Z9GhMCIvaO2zHCw6Lkd7Oj2
e1S5pDtjDvDjhUGwInimA6Ci7HraFB8tUNRAD4VnbIwT7OlGUM81B8KomQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/fAXURDvbb7V3q+dWmORWpsA1EMB8GA1UdIwQY
MBaAFARxiBd4oeEvbZfFKI79TLlWPR1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgt
NDJlYTQ3YjEyNTM3LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgtNDJlYTQ3YjEyNTM3
LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv+gYd4b/
phRmQCVrQh6ET7liWiUqAfU43wdPC4nhsJ5aQOjBom8tpGo+HB1OksZZDt2MdnZO
42B4+JRCq9ArG2LfDcfZNgcMNf+M/wwvoyZAizdc5IjpX77UmhOtITvoK6LWb7vm
Gu4bBcTcXGKY8+9JNOKBPWMcXf8Bpj3cG0cCC+tw/yT0lyQZSxC59TvZmcrY0Jym
bYnu184FLASK0T74MJvN3V8cqJ6zXnkH3jCgj2yZ7X5oKcmUGE9AX7V+7yK7zfv8
P4JmzsCD9h+4JUQgA9xX82W3X/ZEsts9tM3uIVTPQMlwjqElJoZFOVZHtYBmx/af
hlJvEq12DzUP0g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:56:39 2026 by rpki-client